Confidentiality and privacy standards need to a component of the organization’s Standards of Behavior, Code of Conduct, Federal and State laws, and JCAHO standards for patient care.
Patients are entitled to dictate who has access to their protects, identifiable health information because of confidentiality and privacy regulations.
This applies to ALL form of communication: verbal, written, and electronic communication.
University of Miami, Mercy Hospital
HIPAA- Health Insurance Portability and Accountability Act
The HIPAA enforces standards which protect patient medical records, allows more patient governance and control of how their protected health information is used and who may access it. Lastly, HIPAA offer recourse if confidentiality or privacy are violated (unintentionally or intentionally)
Examples of protected health information: email address, phone number, zip code, history and physical information, inpatient and outpatient progress notes, and discharge summary plans.
Technological advances are the biggest driver of privacy issues in the healthcare industry.
Privacy issues exist not just with patient information, but with employee information and privacy. This ranges from employee background checks to surveillance and monitoring employee communication.
Critical point for employers and managers: It is critical to make both the employee’s privacy and the management (employers) interest equal priorities (a delicate balance) while balancing legitimate business interests ( Wolper, 2011).
There are Federal and State laws that offer certain protections to employees, like the Electronic Communications Privacy Act (ECPA)
Technological advances enhance patient care, but also add to an employers list of responsibilities- to monitor the activities of their employees.
“Monitoring” can take the form of camera surveillance ( in common areas) and monitoring the electronic communication of employees
The ECPA offers some protections (previously mentioned ) to employees. It bars employers from “intentional interception, use, disclosure, of oral, electronic, and wire communication” (Wolper, 2011).
Communicating Expectations to Employees
Employers must communicate to administration and management the importance of getting written consent from employees prior to monitoring and surveying. This should be done at the point of hire (preferred)
It is critical that employers clearly and consistently communicate the organization’s internet and email policies to employees to combat misunderstanding and employee accusations of privacy violation (Wolper, 2011).
These policies should be posted and clearly communicated to ALL employees
It is critical that employer incorporate privacy and confidentiality standards into the organizations most critical standards and regulations: Standards of Behavior, Code of Conduct, Federal and State laws, and JCAHO standards for patient care.
HIPAA makes protecting health information a law, beyond that of an ethical obligation.
Technological advancement have increased the need for employer surveillance and monitoring of employee activities.
Balancing business interest and employee rights is critical but challenging.
Clearly, communicating privacy and confidentiality is a MUST
References University of Miami: Mercy Hospital (2004). HIPAA Confidentiality and Privacy Training. Retrieved from http://www6.miami.edu/nursing/Clinical_Information/new/mercy_hospital/IPPA_Confidentiality_and_Privacy_Training.pdf on June 8 2011 Wolper, Lawrence F. (2011). Health Care Administration: Managing Organized Delivery Systems 5th edition. Jones and Bartlett, Sudbury, MA