The health care professionals are often in the place where they have the access to a varied range of personal health related or even unrelated information shared by the patients (Gordon, Fairhall & Landman, 2017). Hence, it is the responsibility of the health care professionals to protect the personal information shared by the patient and protect the confidentiality of the information unless otherwise instruct ted by the patients themselves (Dehling et al., 2015). There are various legislations that protect the right of the patients to keep their personal information confidential and protected. Although, the most common cause of information breach in the health care information is the snooping committed by the employees themselves into the records of the patients. The HIPAA or health insurance portability and accountability act is the landmark piece of legislation that protects the rights of the patients and protecting the information shared by the patients and prevent the information breach scenarios (Hhs.gov, 2018). This project will consider prevention of most common form of HIPAA violation reported, the electronic hospital records accessibility misconduct carried out by the health care facility staff themselves.
Background information:
The choice of the health care issue that has been selected in this paper represents a broad picture which has given rise to various conflict situations. One prime example of a similar situation is the local public incident that has resulted in the tragic death and injuries. However, the incident had been escalated further when a few of the health care professionals had been suspended after being found to be looking up the hospital records of the driver that has been associated with the said incident (Johnstone, 2015). Hence, needless to mention, a very important issue in the present day scenario is the lack of awareness and concerns regarding following the information protection protocol. The gossiping tendencies among the staff had been reported as the most important contributor to the enhanced information breaching behaviours among the staff. It has to be mentioned that the issue of hospital record breach is not just limited to violation of government laws and legislations. It has to be mentioned that the laws and legislations including HIPAA, serves a fundamental purpose in the health care environment. It guides the health care professionals to ensure that the integrity and confidentiality of the information shared by the patients are protected against all anticipated threats or risks, and is guarded against unauthorized uses or disclosures. It is very important for the staff to respect and idealize the need for protecting the information and abide by the laws in properly managing the records. As discussed by Cannon and Caldwell (2016), the fundamental trust between a patient and their respective health care professional forms the foundation of a therapeutic relationship. The unauthorized and unlawful breach of the security of the information records of the patients jeopardizes the trust and reliability and in turn affects the therapeutic relationship. Along with that, the act can also affect the wellbeing of the patient can be affected by the inappropriate disclosure of identifiable patient information (Liss, 2016). As per the theoretical framework of ethical principles in nursing, confidentiality is a fundamental ethical construct. Hence, these preventable instances of HIPAA violation in the health care scenario that represents evasion of privacy had been chosen as the area of concern for this project.
The primary foundation of this project is to minimize the unauthorized access and misconduct of the electronic hospital records among the staff. The ideation based on which the project had been designed is to enhance the awareness and sensitivity among the staff regarding the invasion of privacy that the unauthorized access of the electronic hospital records causes (Calhoun, Kiel & Morgan, 2018). For instance, a university hospital situated in the Cleveland, Ohio had encountered many complaints that had been due to the employees accessing the personal data shared by the patients by inappropriately accessing the health facility’s electronic medical record system. It has to be mentioned that the issue of confidentiality breach is being reported all across the globe, a considerable percentage of the issue is due to the unintentional breach even. Most of the staff is not aware of what confidentiality breach or HIPAA violation entails. As discussed by the authors, Inappropriate access to patient names, Medical diagnosis, Health insurance numbers, DOB, Home address, Treatment data, SSI, Financial data, Credit card, and Driver’s license are all considered breach of HIPAA and violates rights to confidentiality (Martínez-Pérez et al., 2015). Along with that, the misconduct of the information by other employees is also a very important example of HIPAA violation, although it mostly is unnoticed. Hence, the need for enhancing the awareness among the staff regarding the use of health records appropriately and avoiding inappropriate access, even in the context of gossiping, is vital.
The project will be completed in three phases, the first phase will be initiation, with the goal to gather information regarding the perception of the staff on information security and HIPAA. In this phase, the health care staff will be interviewed and their perception regarding the information security breach, HIPAA act, and electronic hospital records management will be evaluated. In many cases, the reason behind an employee accessing the records had been due to curiosity, spite, or even as a favour to a friend or a relative. Hence, this step will aid as a root-cause analysis discovering the exact reason that can act as contributors to the confidentiality breach (Cohen & Mello, 2018).
The second phase will be preparation, the goal of this phase will be to enhance the knowledge of the staff regarding confidentiality protection and HIPAA and related laws and legislations. The staff will be segregated based on their perception and performance in the second phase, and the at risk target group with maximum vulnerability to HIPAA violation practices due to lack of knowledge or awareness will participate in additional training. Training on the do’s and don’t regarding unauthorized users will be given and all the employees will be mandated to sign HIPAA and information breach contracts with strict penalties imposed on breach. This will help in changing the organizational culture on the scenario of information breach and casual snooping in to electronic hospital records.
The third phase of the project will be change implementation, the goal of this phase will be to implement two consecutive infrastructure changes to tackle the issue of information breach. The first change will be the implementation of a high-end software that will detect and monitor any violation or breach that the employees commit. The second change will be the implementation of a confidentiality protection committee which will carry out periodic monitoring and training of the staff so that they can easily accustomed to the change and abide by the laws and legislations for confidentiality protection (Huang, Behara & Goo, 2014).
|
1st week |
2nd week |
3rd week |
4th week |
5th to 7th week |
8th to 10th week |
|
|
Selection of the project topic |
Y |
|||||
|
Development of the project planning |
Y |
|||||
|
Gathering resources for the project |
Y |
Y |
||||
|
Phase one of the project |
Y |
Y |
||||
|
Phase two of the project |
Y |
|||||
|
Phase three of the project |
Y |
Conclusion:
On a concluding note, the context of information security is the need of the hour in the present day scenario in health care. There are more and more complaints being reported with respect to information security breach and HIPAA violation. The casual attitude among the health care professionals regarding the information accessibility is the main concern. Hence, there is need for change in the perception, awareness, and culture of such inappropriate activities. This project has aimed to address all three of the mentioned factors to bring forth a culture of change towards information security and abiding by HIPAA. It can be hoped that the actions taken will be beneficial in implementing will be the first step towards a changed perception regarding the information security and confidentiality among health care staff.
References:
Calhoun, B. C., Kiel, J. M., & Morgan, A. A. (2018). Health Insurance Portability and Accountability Act Violations by Physician Assistant Students: Applying Laws to Clinical Vignettes. The Journal of Physician Assistant Education, 29(3), 154-157.
Cannon, A. A., & Caldwell, H. (2016). HIPAA violations among nursing students: Teachable moment or terminal mistake-A case study. Journal of Nursing Education and Practice, 6(12), 41.
Cohen, I. G., & Mello, M. M. (2018). HIPAA and Protecting Health Information in the 21st Century. JAMA.
Dehling, T., Gao, F., Schneider, S., & Sunyaev, A. (2015). Exploring the far side of mobile health: information security and privacy of mobile health apps on iOS and Android. JMIR mHealth and uHealth, 3(1).
Gordon, W. J., Fairhall, A., & Landman, A. (2017). Threats to Information Security—Public Health Implications. New England Journal of Medicine, 377(8), 707-709.
Huang, C. D., Behara, R. S., & Goo, J. (2014). Optimal information security investment in a Healthcare Information Exchange: An economic analysis. Decision Support Systems, 61, 1-11.
Johnstone, M. J. (2015). Bioethics: a nursing perspective. Elsevier Health Sciences.
Liss, B. (2016). HIPAA and Mobile Health. NJ Law., 20.
Martínez-Pérez, B., De La Torre-Díez, I., & López-Coronado, M. (2015). Privacy and security in mobile health apps: a review and recommendations. Journal of medical systems, 39(1), 181.
Hhs.gov, (2018). Summary of the HIPAA Privacy Rule. [Online]. Retrieved from https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html [Accessed on 13th Nov]
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download