Unit 4 Discussion – Electronic Health Record Systems

What safeguards do you presently have in your professional practice to ensure protection of patient information?

When it comes to the adoption of electronic health records in the health care industry, the most imperative barrier entails stipulating and implementing measures of maintaining privacy of the health consumers and their health information. The Health Insurance Portability and Accountability Act stipulates that health information of patients should be handled with confidentiality, and any health care organization that violates this regulation is deemed to face legal consequences. Since the adoption of electronic health records has been one of the aspects that health organizations are embracing in order to enhance their competitive edge in the health industry, safeguarding patients` information is a necessity (Mehraeen, Ayatollahi & Ahmadi, 2016). For this reason, the health facilities and the Ministry of Health takes a bold step of training health care professionals concerning the protection of patients` health information as well as maintaining the privacy of patients.

In my professional practice, there are three safeguards that are highly emphasized in relation to ensuring the protection of patient information. These safeguards are not limited to administrative, physical and technical safeguards. The administrative safeguards entails techniques such as assigning a chief information security officer, conducting audits and designing contingency plans (Kruse et al., 2017). The safeguards that are included in this theme primarily focus on compliance of security procedures and policies. When it comes to security policies, aspects such as formal policies, confidentiality, policies to protect sensitive information and policies on research uses of health information are examined.

Physical safeguards includes the strategies mentioned in the administrative safeguards coupled with the aspect of focusing on protection of physical access to protected health information through software and hardware access. Breaches in physical safeguards are the second most cause of security breaches, and it entails techniques such as workstation security, assigned security responsibilities, and physical access controls. The last type of safeguards is the technical safeguards, which entails the protection of information and data systems that are within the health care organization (Kruse et al., 2017). This type of safeguard is crucial for a health organization to secure especially due to the fact that most security breaches takes place through the electronic media, especially through the involvement of the portable electronic devices and laptop computers. Security techniques with this theme include but not limited to aspects such as virus checking, firewalls, decryption and encryption, as well as the authentication measures. The three safeguard measures can be summarized as follows.

What safeguards are currently utilized at your healthcare organization to ensure privacy?

In our health care facility there are a number of safeguards that are being utilized in order to ensure the privacy of the patients` information. For example, an information technology officer has been employed in order to maintain the electronic health records, install and update anti-virus and firewall protections as well as ensuring that the network is strong in order to facilitate the retrieval and storage of health information by the nurses at will. in case the nurses or any other health care professionals experiences challenges in retrieving or storing or even access any health information from the electronic health records, he or she is mandated to consult the information technology officer (Mehraeen, Ayatollahi & Ahmadi, 2016). Additionally, the health facility has also established rules and regulations concerning the handling of health information, and these rules has been placed at strategic points as circulars. Additionally, the computers in the facility are password protected, in order to ensure that only the authorized individuals can access the health information.

What types of ethical concerns could an organization incur if a data breach were to occur?

There are numerous ethical concerns that an organization can incur if a data breach were to occur. For example, if data breach happens to occur, the health care organization will be in a dilemma on whether to inform its clients concerning the breach or not. If it informs the clients, the latter can take a legal action against the former, and this will have adverse consequences to the facility (Liu, Musen & Chou, 2015). Additionally, the health care organization may face a dilemma on whether to make a satisfactory agreement with the unauthorized party or individuals who had gained the confidential information or whether to let it go or forget about it with the hope that the third party will not use the health information of the patients.

References

Kruse C., Smith B., Nealand A., and Vanderlinden H., (2017). Security Techniques for the Electronic Health Records. J Med Syst. 2017; 41(8): 127. Published online 2017 Jul 21. doi: 10.1007/s10916-017-0778-4

Liu V, Musen MA, & Chou T. (2015). Data breaches of protected health information in the United States. JAMA. 2015;313(14):1471–1473. doi: 10.1001/jama.2015.2252.

Mehraeen E., Ayatollahi H., and Ahmadi M., (2016). Health Information Security in Hospitals: the Application of Security Safeguards. Acta Inform Med. 2016 Feb; 24(1): 47–50. Published online 2016 Feb 2. doi: 10.5455/aim.2016.24.47-50

Order your Copy Today