1. Reading the Report: Over 120 UCLA Hospital Staff Saw Celebrity Health Records article, what
training could you as a manager put into place to avoid this situation? Present your training
idea using any Web 2.0 tools. How can this training on confidentiality be effective for the
employees? Respond to at least two of your classmates’ postings.
Examples of Web 2.0 tools: I used from DOC to PDF, and Slideshare. A little difficult at first but
both was easier to access information. I like the slideshare was a little quicker than running
power point, however less detail, animation, and slide transition. The DOC to PDF just allowed
me to view my document in a different format. Once the document is in a PDF format, none of
the information can be changed. The main reason I like the DOC to PDF is not all of my
computer accesses have DOC and PDF is a free download, so I can view the information and
not have to have Microsoft word.
First thing is first hospitals must define the HIPAA privacy and security rules.
According to Upstate Medical University (2011), "refers to what is protected;
information about and individual who permits the use, disclose or access his or her
personal information. Whereas security refers how information is safeguarded.
Ensuring privacy by controlling the access to information and protecting it from
inappropriate disclosure and accidental or intentional destruction or loss." Health
information that is protected can be past, present or future medical condition,
treatments, payments, name, address, phone number, social security number or any
information that is used to identify the patient.
Hospital should follow the procedures below to safeguard patient's information to the
highest quality:
During orientation each employee, staff, doctor, or anyone who is able to access
patient information must have a list of rules and regulations about confidentiality,
privacy, and security. Confidential health information can be shared in two ways;
1) Use: the sharing of confidential information within the organization only
2) Disclose; The sharing of confidential information with other outside the
organization
However, depending on the level will depend on the amount of access to patient
files. Patients information can only be disclosed with a onetime signed consent;
1) Treatment of patient
2) Payment for healthcare
3) Health care operations
There are situations where confident information is permitted without written
consent, but must be disclosed on patients' health record include;
1) Public health and oversight activities,
2) when required by law

2. 3) to carry out special government functions
4) For other organizations that perform services for its hospital.
All information is subjected by each user to have a username and password
No employee, staff, doctor, nurses or any other individual within the organization
is allowed to search for information regarding patient that he or she is not caring
for.
1) Protect ones access by not sharing username/passwords
2) Do not write username and passwords down where others can see
3) Never leave your station signed in or unattended with confidential
information
4) Access information only when one needs the information
5) Never disable or remove antivirus software
6) Disclose minimum information necessary to carry out the purpose
To help reduce hospital employees, staff, doctors, nurses or other individuals from
peeking, supervisor, administrator assigns hospital individuals to his or her patients
only. Meaning, Nurse A is caring for 10 different patients on his/her floor.
Administrator/supervisor assigns these 10 different patients to Nurse A. All in all,
Nurse A is only able to access the patients' information that was assigned to. The same
goes for all. Of course each department will have a different level of accessibility to
patients records. Since everything is computerized an audit will be in place once a
month to record all of one's activity, each user who accesses information leaves a trail
that the computer picks up and shows where is person goes and what he or she did. For
instance a person access many files within minutes of each other. Have blocks in the
computer system that no one can change, disable, or update software at any time unless
a person has access to that information.
Safeguarding patients' confidentiality is a vital part of patient care. And ensure that all
staff is aware of the policies and privacy procedures to protect patient confidentiality.
Manage all patient records whether paper or electronic, the use and disclosure of patient
information, explaining to patient how he or she can exercise their privacy rights, and
explain the complaint an grievance process. All parties will be required to sign and
accept the confidentiality agreement before beginning to work. In the end patients trust
that his or her information is confidential. If any information is leaked then the trust is
broken and the hospital can lose not only a patient but can have a lawsuit brought
against it especially since the law protects the privacy and security of patients
information under HIPPA
Upstate Medical University. (03/2011). Protecting patient confidentiality and security.

3. Revised from; http://www.upstate.edu/forms/pdf/F84037.pdf