Confidentiality, health, MHA 690, Week 1, discussion 2

1. Confindentiality
MHA 690
GLENDA S. DAVIS
WEEK 1 ASSIGNMENT

2. Hospital Policy
 Hospitals policies have had to change to keep up
with the changing laws.
 No longer can you give out addresses, birthdates,
and photographs.
 Any information that can identify a particular patient
in any form is prohibited under federal and state
laws. Hospitals policies need to be written in very
plain simple English and all hospital staff have to
read and sign that they have read and understood
the presented information.

3. Hospital Policy
 Hospitals policies have had to change to keep up
with the changing laws.
 No longer can you give out addresses, birth dates,
and photographs.
 Any information that can identify a particular patient
in any form is prohibited under federal and state
laws. Hospitals policies need to be written in very
plain simple English and all hospital staff have to
read and sign that they have read and understood
the presented information.

4. Hospital Policy
 Medical staff in any facility even in a private doctor’s office cannot
mail out birthday cards to pediatric patients, or reminders for
appointments.
 Hospital Policy on Computers
 If your computer has been hacked into it means you have failed to
upgrade you firewalls, IT department is required to keep records on
this information as to do the upgrades when needed. This means
the facility failed to safeguard patient’s privacy data.
 It is even against regulations for a person standing at the desk if
they should happen to see the computer screen with patient data
that is a failed safeguard.
 Patients in the doctors office have to stand behind a line so as not to
hear or see the patient data being discussed at the desk.
 If a staff member has not anticipated and protected against
potential risks to this information it is interpreted as a violation of
law.

5. Disciplinary Action
Staff can be reprimanded for breaching confidentiality
severely.
Loss of job.
Patient may suffer embarrassment and/or emotional
distress.
Irreversible damage to the nurse or caretaker.
The patient may file charges against the facility, nurse
and other staff involved. The patient may be able to
sue and win compensation.

6. Electronic Records and Faxes
 Make sure you are faxing to the correct fax number,
or best not to fax patients medical information.
 There is a chance that hackers can get medical
information from your computer emails and
networks.
 Stolen PDA’s can put confidentiality information out
to public sources.

7. Federal and State Government Actions
 The passing of the HIPAA Law.
 Patient Bill of Rights
 JCAHO accredits health care facilities that meet
standards for confidentiality.
 When a breach of confidentiality has been noted if a
state law is more protective of the patient, then it
takes precedence over HIPAA regulations. Every
state has their own privacy acts.

8. Training for staff
 All staff will attend meetings that will go over the do’s and don’ts of protecting
patient confidentiality.
 Stations will be set up that you will view and write what the wrongs are in the
situation, example, a person will be working at the computer and get up and go
away. The wrong is that they did not log off.
 There will be many stations to visit in a one day mandatory class, that you will be
paid for. There will be tests given on the units from time to time to make sure each
staffer is up to date on the information they need to know to keep our facility and all
our personnel and patients secure , safe, and their data confidential.
 Staff will have the HIPAA rules posted on their boards in the lounge.
 State regulations will be tested on.
 Staff meetings will be conducted to discuss our progress and if the employees think
that what has been implemented is sufficient, and make suggestions as to what else
could be done to make our facility the most secure, safe, and confidential facility in
the state.
 As new laws and regulations are forthcoming we will convey these to all personnel
that will need to become familiar with new implementations.
 Never share your password with anyone.

9. Training for Staff
 Do not discuss patient medical information in public
places.
 Do not ever release medical information to the news
media or police without first alerting your supervisor.
Refer them to the appropriate manager.
 Do not throw papers in trash that contain patient
medical information. Shred them.
 When using a computer never leave without first logging
off.
 Do not keep or make copies of patient information.
 Shred all end of shift reports.

10. References
 Khushf, George. (2011). The Case for Managed Care:
Reappraising Medical and Socio-Political Ideals.
Journal of Medicine and Philosophy. Vol.24. Issue 5,
p 415-433
http://jmp.oxfordjournals.org/content/24/5/415.ab
stract
 HIPAA Confidentiality and Privacy Training.
 Department of Organization Development Human
Resource Management.
 http://www6.miami.edu/nursing/Clinical_Informat