💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋
C. Gibbs MHA 690 week 1 discussion 2
1. General Hospital: Protecting Patient
Privacy and Confidentiality
Cassandra Gibbs
MHA: 690
Week 1 Discussion 2
1/7/2015
2. Defining the Issues
• Patient Privacy – Keeping all personal information
[as outlined in federal law] safe in conversation,
HIE, messaging, and security of EHRs
• Confidentiality – Limiting disclosure of when or
how private information is shared; especially
without prior permission from the patient
• Breach – Accessing, utilizing, disclosing, or
acquiring protected health information that
threatens its security [intentional or not]
3. Who it Involves
• Health care management
• All staff employed by the facility
• Employers
• Insurers and other third parties
• Patients
• Providers
• Medical researchers
4. Positive Promotions
• Compliance with Federal laws
• Patient trust and satisfaction
• Accountability
• Patient safety
• Enhanced reputation
• Due diligence
• Reduction in medical error
5. Federal Laws
• Privacy Act of 1974 – access of records, limiting
disclosure of private information
• Health Insurance Portability and Accountability
Act of 1996; Privacy Rule of 2000 – guidelines for
privacy rights and rule violations
• HIPAA Security Rule – technical, physical, and
administrative security compliance
• Federal Trade Commission: Health Breach
Notification Rule – prompt notification to victims
of a breach
• HITECH Act of 2009- HIT meaningful use adoption
6. Current Violations/Penalties [per
incident]
Civil
• Unintentional: $100 (min);
$25,000 (repeat); $50,000 (max)
• Reasonable cause: $1,000 (min);
$100,000 (repeat); $50,000 -
$1.5 mil (max)
• Willful neglect [corrected]:
$10,000 (min); $250,000 (repeat);
$50,000 – $1.5 mil (max)
• Willful neglect [uncorrected]:
$50,000 (min); $1.5 mil (annual
max)
Criminal
• Imprisonment from one to
10 years depending on the
prior knowledge and
severity of the violation
7. Quick Facts
• Employees commit the majority of data
breaches
• Up to 37% search for medical information on
fellow employees
• More than 25% research PHI of family
members or friends without authorization
• Viruses and outdated security account for
other major areas of data breach
8. What We Can Do:
Confidentiality/Privacy
Secure
usernames
and
passwords
Protect other
online
accessible
devices
Log out of all
servers
Encrypt all
files and
block
personal
identifiers
Never send
more than
what is
needed
9. What We Can Do: Security
• Shred and destroy all unused or outdated
documents
• Make sure antivirus software and definitions are
up to date
• Do not reveal computer screens to the public
• Store hardware not in use in a secure location
• Ask for identification from unfamiliar personnel
• Report! Report! Report! (any suspicious activity)
10. What We Can Do: Electronic
Information
• Do not alter or delete information in PHI
unless authorized
• Never share, save, or store passwords for any
reason
• Do not give work computer access to non
employees
• Do not open unknown emails or attachments
• Only use approved servers for email and other
communications containing PHI
11. Monitoring
• Should be continuous
• Abide by Security Management Process (per
HIPAA & HITECH)
• Continue education and training of staff to
remain current
• Create internal policies and provisions for
disciplinary action if needed
12. References
• American Medical Association (2015). HIPAA violations and enforcement.
Retrieved from http://www.ama-assn.org/ama/pub/physician-
resources/solutions-managing-your-practice/coding-billing-
insurance/hipaahealth-insurance-portability-accountability-
act/hipaa-violations-enforcement.page?
• Chadwick, A. (2012). A dignified approach to improving the patient
experience: Promoting privacy, dignity and respect through
collaborative training. Nurse Education in Practice, 12(4), 187-91.
• Health IT (2010). Summary of selected federal laws and regulations
addressing confidentiality, privacy, and security. Retrieved from
https://www.healthit.gov/sites/default/files/privacy-security/federal-
privacy-laws-table2-26-10-final.pdf
• HIPAA Survival Guide (2015). HIPAA definition of breach. Retrieved from
http://www.hipaasurvivalguide.com/hipaaregulations/164-
402.php
• Huang, C., Lee, H., & Lee, D. (2012). A privacy-strengthened scheme for E-
Healthcare monitoring system. Journal of Medical Systems, 36(5), 2959