SlideShare a Scribd company logo

Hm300 week 1 part 1 of 2

Download as PPTX, PDF
B
BealCollegeOnline

Hm300 week 1 part 1 of 2

Education
1 of 29
© 2017 American Health Information Management Association© 2017 American Health Information Management Association Chapter 1: Introduction to the Fundamentals of Law Fundamentals of Law for Health Informatics and Information Management, Third Edition
© 2017 American Health Information Management Association Defining Law • Law – Represents a set of governing rules designed to protect citizens living in a civilized society – Establishes order, provides parameters for conduct, and defines rights and obligations of government and its citizens – Controls behavior that threatens public safety and sets penalties for disobedience
© 2017 American Health Information Management Association Two Types of Law • Public law – Involves federal, state, and local governments – Defines, regulates, and enforces rights and duties among individuals and businesses as related to government. • Private law – Involves rules and principles that defines rights and duties among individuals and private businesses
© 2017 American Health Information Management Association Law and Healthcare • US healthcare is a trillion-dollar business regulated by federal and state laws, accrediting bodies, practice standards, and codes of ethics • Serves to protect consumers and providers by requiring accountability for services and privacy, confidentiality, and security of health information
© 2017 American Health Information Management Association Law and Health Information • Health information – Data generated and collected as a result of delivering care to a patient • Uses of health information – Primary use—clinical care – Secondary uses—public health reporting, population health management, third-party reimbursement, quality improvement, and patient safety – Used as evidence in legal cases in which conflict arises and resolutions is sought through the court system
© 2017 American Health Information Management Association Health Information • Protected under federal law—HIPAA, defines health information as: – “It is any information, whether oral or recorded in any form or medium, that: (1) is created or received by a health care provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse; and (2) relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual” (45 CFR 160.103).
© 2017 American Health Information Management Association Health Information Technology • Push to decrease healthcare costs and improve quality and safety of healthcare through use of health information technology (HIT) • Movement from paper to electronic health records (EHRs) and health information exchanges (HIE) that enable the sharing of information with multiple parties and across multiple boundaries
© 2017 American Health Information Management Association Law and HIT • Public and private collaborations are working together to eliminate legal barriers for sharing electronically stored health information – Example: National Governors Association— roadmap to help states improve health information flow
© 2017 American Health Information Management Association Health Records • Health information comprises a health record which is defined as: – “Individually identifiable data, in any medium, that are collected, processed, stored, displayed, and used by healthcare professionals” (AHIMA 2010)
© 2017 American Health Information Management Association Types of Health Records • Hybrid health record • Electronic health record • Electronic medical record • Personal health record
© 2017 American Health Information Management Association Hybrid Health Record • Record that consists of both paper and electronic records and media (for example, film, video, or imaging system) and uses both manual and electronic processes • Data in the record may be handwritten, direct voice entry captured in a word-processing system, or from provider wireless devices such as handheld personal computers
© 2017 American Health Information Management Association Electronic Health Record • “An electronic record of health-related information on an individual that conforms to nationally recognized interoperability standards and that can be created, managed, and consulted by authorized clinicians and staff across more than one healthcare organization.” The National Alliance for Health Information Technology (NAHIT) definition
© 2017 American Health Information Management Association Electronic Medical Record • “An electronic record of health-related information on an individual that can be created, gathered, managed, and consulted by authorized clinicians and staff within one healthcare organization” The National Alliance for Health Information Technology definition
© 2017 American Health Information Management Association Personal Health Record • “An electronic record of health-related information on an individual that conforms to nationally recognized interoperability standards and that can be drawn from multiple sources while being managed, shared, and controlled by the individual” The National Alliance for Health Information Technology definition
© 2017 American Health Information Management Association Protection of Health Information and Health Records • Health Insurance Portability and Accountability Act of 1996 (HIPAA) – Privacy Rule in effect 2002 – Security Rule in effect 2003 • Health Information Technology for Economic and Clinical Health Act (HITECH) of the American Reinvestment and Recovery Act of 2009 (ARRA)
© 2017 American Health Information Management Association Privacy and Confidentiality of Health Information • Historically key components of the patient- provider relationship. • Inherent trust that patient information will be kept private and protected from unauthorized access. • It is important to understand differences between privacy, confidentiality, and security and how the concepts relate to law
© 2017 American Health Information Management Association Privacy • Privacy is an important social value; it means “a right to be left alone.” • Definitions – “Privacy is a right of individuals to be let [sic] alone and to be protected against physical or psychological invasion or the misuse of their property. It includes freedom from intrusion or observation into one's private affairs, the right to maintain control over certain personal information, and the freedom to act without outside interference” (ASTM 2010) – “Right to limit the disclosure of personal information” (Joint Commission 2016)
© 2017 American Health Information Management Association Confidentiality • Results from sharing private thoughts with someone else in confidence • Definitions – “Status accorded to data or information indicating that it is sensitive for some reason, and therefore it needs to be protected against theft, disclosure, or improper use, or both, and must be disseminated only to authorized individuals or organizations with a need to know” (ASTM 2010) – “Protection of data or information from being made available or disclosed to an unauthorized person(s) or process(es)” (The Joint Commission 2016)
© 2017 American Health Information Management Association Confidentiality (continued) • Privileged communication – Confidentiality, as recognized by law, stems from a relationship where information is shared between two parties such as attorney and client, clergy and parishioner, husband and wife, or physician and patient. The information or communication shared in these relationships is considered “privileged.” • Confidentiality obligates healthcare providers (individuals and organizations) to protect patient information
© 2017 American Health Information Management Association Security • Relates to privacy and confidentiality – Pertains to the physical and electronic protection of information that preserves these concepts • Definition – “Prevent unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system” (Joint Commission 2016)
© 2017 American Health Information Management Association Security (continued) • ASTM E 31 offers two perspectives – Data security – Systems security
© 2017 American Health Information Management Association ASTM E 31—Data Security • Data security is defined as – “The result of effective data protection measures; the sum of measures that safeguard data and computer programs from undesired occurrences and exposure to accidental or intentional access or disclosure to unauthorized persons, or a combination thereof; accidental or malicious alteration; unauthorized copying; or loss by theft or destruction by hardware failures, software deficiencies, operating mistakes; physical damage by fire, water, smoke, excessive temperature, electrical failure or sabotage; or a combination thereof. Data security exists when data are protected from accidental or intentional disclosure to unauthorized persons and from unauthorized or accidental alteration” (ASTM 2010).
© 2017 American Health Information Management Association ASTM E 31—System Security • System security is defined as – The totality of safeguards including hardware, software, personnel policies, information practice policies, disaster preparedness, and oversight of these components. Security protects both the system and the information contained within from unauthorized access from without and from misuse from within. Security enables the entity or system to protect the confidential information it stores from unauthorized access, disclosure, or misuse, thereby protecting the privacy of the individuals who are the subjects of the stored information” (ASTM 2010).
© 2017 American Health Information Management Association US Code on Information Security • Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide – Integrity, which means guarding against improper information modifications or destruction, and includes ensuring information non-repudiation and authenticity – Confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and propriety information – Availability, which means ensuring timely and reliable access to and use of information
© 2017 American Health Information Management Association Ownership of Health Record • Ownership of the health record – Traditionally granted to healthcare provider who generates the record. However, state and federal laws have long upheld the right of the patient to control the information within the record – The HIPAA Privacy Rule (45 CFR 164.524–526) grants a patient the right to access, view, copy, or amend the record. – Ownership does not permit providers to share or sell patient-identifiable medical information as they wish.
© 2017 American Health Information Management Association Custodian of Health Records • “Individual who has been designated as having responsibility for the care, custody, control, and proper safekeeping and disclosure of health records for such persons or institutions that prepare and maintain records of healthcare” (AHIMA 2010) • Role of custodian = gatekeeper
© 2017 American Health Information Management Association Stewardship • Similar to role of custodianship • Goes beyond physical record to include – “Responsibilities for ensuring integrity (accuracy, completeness, timeliness) and security (protection of privacy as well as from tampering, loss or destruction) within the context of electronic information and records management” (Davidson 2010)
© 2017 American Health Information Management Association Information Governance • Stewardship as a component of information governance which is the “strategic management of enterprise electronic information including the standards, policies, and procedures for access, use, and control of that information” (Johns 2015)
© 2017 American Health Information Management Association Stewardship and Governance • Role of steward requires leadership, responsibility and governance to ensure consistent application of, and compliance with policies across organization-wide distributed information systems.

Recommended

Hi103 week 1 chpt 1
Hi103 week 1 chpt 1Hi103 week 1 chpt 1
Hi103 week 1 chpt 1BealCollegeOnline
 
Hi103 week 1 chpt 2
Hi103 week 1 chpt 2Hi103 week 1 chpt 2
Hi103 week 1 chpt 2BealCollegeOnline
 
Totally
TotallyTotally
TotallyMEBYER4954
 
Perfect font
Perfect fontPerfect font
Perfect fontMEBYER4954
 
Power point project for submission.ppt
Power point project for submission.pptPower point project for submission.ppt
Power point project for submission.pptMEBYER4954
 
Hitech Act
Hitech ActHitech Act
Hitech ActISACA New England
 
Hi103 week 5 chpt 13
Hi103 week 5 chpt 13Hi103 week 5 chpt 13
Hi103 week 5 chpt 13BealCollegeOnline
 
Privacy, Confidentiality, and Security_lecture 1_slides
Privacy, Confidentiality, and Security_lecture 1_slidesPrivacy, Confidentiality, and Security_lecture 1_slides
Privacy, Confidentiality, and Security_lecture 1_slidesZakCooper1
 

Recommended

Hi103 week 1 chpt 1
Hi103 week 1 chpt 1Hi103 week 1 chpt 1
Hi103 week 1 chpt 1BealCollegeOnline
 
Hi103 week 1 chpt 2
Hi103 week 1 chpt 2Hi103 week 1 chpt 2
Hi103 week 1 chpt 2BealCollegeOnline
 
Totally
TotallyTotally
TotallyMEBYER4954
 
Perfect font
Perfect fontPerfect font
Perfect fontMEBYER4954
 
Power point project for submission.ppt
Power point project for submission.pptPower point project for submission.ppt
Power point project for submission.pptMEBYER4954
 
Hitech Act
Hitech ActHitech Act
Hitech ActISACA New England
 
Hi103 week 5 chpt 13
Hi103 week 5 chpt 13Hi103 week 5 chpt 13
Hi103 week 5 chpt 13BealCollegeOnline
 
Privacy, Confidentiality, and Security_lecture 1_slides
Privacy, Confidentiality, and Security_lecture 1_slidesPrivacy, Confidentiality, and Security_lecture 1_slides
Privacy, Confidentiality, and Security_lecture 1_slidesZakCooper1
 
Ethics & Professionalism Lecture 4_slides
Ethics & Professionalism Lecture 4_slidesEthics & Professionalism Lecture 4_slides
Ethics & Professionalism Lecture 4_slidesZakCooper1
 
Hi103 week 5 chpt 14
Hi103 week 5 chpt 14Hi103 week 5 chpt 14
Hi103 week 5 chpt 14BealCollegeOnline
 
HIPAA and FDCPA Compliance for Process Servers
HIPAA and FDCPA Compliance for Process ServersHIPAA and FDCPA Compliance for Process Servers
HIPAA and FDCPA Compliance for Process ServersLawgical
 
Legal implications of HIPAA, HITECH and BAAs
Legal implications of HIPAA, HITECH and BAAsLegal implications of HIPAA, HITECH and BAAs
Legal implications of HIPAA, HITECH and BAAsOnline Tech
 
DVHIMSS Ensuring Privacy and Security of HIEs in PA
DVHIMSS Ensuring Privacy and Security of HIEs in PADVHIMSS Ensuring Privacy and Security of HIEs in PA
DVHIMSS Ensuring Privacy and Security of HIEs in PAWilliam Buddy Gillespie ITIL Certified
 
Hitech Act
Hitech ActHitech Act
Hitech ActDeborah Obasogie
 
Intro to information governance booklet
Intro to information governance bookletIntro to information governance booklet
Intro to information governance bookletGerardo Medina
 
HIPAA | HITECH
HIPAA | HITECHHIPAA | HITECH
HIPAA | HITECHrcabarloc
 
HIPAA
HIPAAHIPAA
HIPAASal Lucido
 
HIPAA's Title II- Administrative Simplification Rules: The Three Basic Rules ...
HIPAA's Title II- Administrative Simplification Rules: The Three Basic Rules ...HIPAA's Title II- Administrative Simplification Rules: The Three Basic Rules ...
HIPAA's Title II- Administrative Simplification Rules: The Three Basic Rules ...Quinnipiac University
 
Broome
BroomeBroome
BroomeSal Lucido
 
Security Best Practices for Health Information Exchange
Security Best Practices for Health Information ExchangeSecurity Best Practices for Health Information Exchange
Security Best Practices for Health Information ExchangeTrend Micro
 
HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit ImplementationValency Networks
 
Sustainability of HIEs under CyberSecurity
Sustainability of HIEs under CyberSecuritySustainability of HIEs under CyberSecurity
Sustainability of HIEs under CyberSecurityWilliam Buddy Gillespie ITIL Certified
 
Hipaa
HipaaHipaa
Hipaabelziebub
 
HIPPA Security Presentation
HIPPA Security PresentationHIPPA Security Presentation
HIPPA Security PresentationRebecca Norman
 
Hi103 week 6 chpt 16
Hi103 week 6 chpt 16Hi103 week 6 chpt 16
Hi103 week 6 chpt 16BealCollegeOnline
 
Hi103 week 6 chpt 15
Hi103 week 6 chpt 15Hi103 week 6 chpt 15
Hi103 week 6 chpt 15BealCollegeOnline
 
Hi103 week 6 chpt 17
Hi103 week 6 chpt 17Hi103 week 6 chpt 17
Hi103 week 6 chpt 17BealCollegeOnline
 
ELECTRONIC HEALTH RECORD SYSTEMS:
ELECTRONIC HEALTH RECORD SYSTEMS:ELECTRONIC HEALTH RECORD SYSTEMS:
ELECTRONIC HEALTH RECORD SYSTEMS:Mirasolmanginyog
 
Health Data Sharing Scene Setting
Health Data Sharing Scene Setting Health Data Sharing Scene Setting
Health Data Sharing Scene Setting ipposi
 
Confidentiality power point
Confidentiality power pointConfidentiality power point
Confidentiality power pointDoug Miller
 

More Related Content

What's hot

Ethics & Professionalism Lecture 4_slides
Ethics & Professionalism Lecture 4_slidesEthics & Professionalism Lecture 4_slides
Ethics & Professionalism Lecture 4_slidesZakCooper1
 
HIPAA and FDCPA Compliance for Process Servers
HIPAA and FDCPA Compliance for Process ServersHIPAA and FDCPA Compliance for Process Servers
HIPAA and FDCPA Compliance for Process ServersLawgical
 
Legal implications of HIPAA, HITECH and BAAs
Legal implications of HIPAA, HITECH and BAAsLegal implications of HIPAA, HITECH and BAAs
Legal implications of HIPAA, HITECH and BAAsOnline Tech
 
Intro to information governance booklet
Intro to information governance bookletIntro to information governance booklet
Intro to information governance bookletGerardo Medina
 
HIPAA | HITECH
HIPAA | HITECHHIPAA | HITECH
HIPAA | HITECHrcabarloc
 
HIPAA's Title II- Administrative Simplification Rules: The Three Basic Rules ...
HIPAA's Title II- Administrative Simplification Rules: The Three Basic Rules ...HIPAA's Title II- Administrative Simplification Rules: The Three Basic Rules ...
HIPAA's Title II- Administrative Simplification Rules: The Three Basic Rules ...Quinnipiac University
 
Security Best Practices for Health Information Exchange
Security Best Practices for Health Information ExchangeSecurity Best Practices for Health Information Exchange
Security Best Practices for Health Information ExchangeTrend Micro
 
HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit ImplementationValency Networks
 
HIPPA Security Presentation
HIPPA Security PresentationHIPPA Security Presentation
HIPPA Security PresentationRebecca Norman
 

What's hot (19)

Ethics & Professionalism Lecture 4_slides
Ethics & Professionalism Lecture 4_slidesEthics & Professionalism Lecture 4_slides
Ethics & Professionalism Lecture 4_slides
 
Hi103 week 5 chpt 14
Hi103 week 5 chpt 14Hi103 week 5 chpt 14
Hi103 week 5 chpt 14
 
HIPAA and FDCPA Compliance for Process Servers
HIPAA and FDCPA Compliance for Process ServersHIPAA and FDCPA Compliance for Process Servers
HIPAA and FDCPA Compliance for Process Servers
 
Legal implications of HIPAA, HITECH and BAAs
Legal implications of HIPAA, HITECH and BAAsLegal implications of HIPAA, HITECH and BAAs
Legal implications of HIPAA, HITECH and BAAs
 
DVHIMSS Ensuring Privacy and Security of HIEs in PA
DVHIMSS Ensuring Privacy and Security of HIEs in PADVHIMSS Ensuring Privacy and Security of HIEs in PA
DVHIMSS Ensuring Privacy and Security of HIEs in PA
 
Hitech Act
Hitech ActHitech Act
Hitech Act
 
Intro to information governance booklet
Intro to information governance bookletIntro to information governance booklet
Intro to information governance booklet
 
HIPAA | HITECH
HIPAA | HITECHHIPAA | HITECH
HIPAA | HITECH
 
HIPAA
HIPAAHIPAA
HIPAA
 
HIPAA's Title II- Administrative Simplification Rules: The Three Basic Rules ...
HIPAA's Title II- Administrative Simplification Rules: The Three Basic Rules ...HIPAA's Title II- Administrative Simplification Rules: The Three Basic Rules ...
HIPAA's Title II- Administrative Simplification Rules: The Three Basic Rules ...
 
Broome
BroomeBroome
Broome
 
Security Best Practices for Health Information Exchange
Security Best Practices for Health Information ExchangeSecurity Best Practices for Health Information Exchange
Security Best Practices for Health Information Exchange
 
HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit Implementation
 
Sustainability of HIEs under CyberSecurity
Sustainability of HIEs under CyberSecuritySustainability of HIEs under CyberSecurity
Sustainability of HIEs under CyberSecurity
 
Hipaa
HipaaHipaa
Hipaa
 
HIPPA Security Presentation
HIPPA Security PresentationHIPPA Security Presentation
HIPPA Security Presentation
 
Hi103 week 6 chpt 16
Hi103 week 6 chpt 16Hi103 week 6 chpt 16
Hi103 week 6 chpt 16
 
Hi103 week 6 chpt 15
Hi103 week 6 chpt 15Hi103 week 6 chpt 15
Hi103 week 6 chpt 15
 
Hi103 week 6 chpt 17
Hi103 week 6 chpt 17Hi103 week 6 chpt 17
Hi103 week 6 chpt 17
 

Similar to Hm300 week 1 part 1 of 2

ELECTRONIC HEALTH RECORD SYSTEMS:
ELECTRONIC HEALTH RECORD SYSTEMS:ELECTRONIC HEALTH RECORD SYSTEMS:
ELECTRONIC HEALTH RECORD SYSTEMS:Mirasolmanginyog
 
Health Data Sharing Scene Setting
Health Data Sharing Scene Setting Health Data Sharing Scene Setting
Health Data Sharing Scene Setting ipposi
 
Confidentiality power point
Confidentiality power pointConfidentiality power point
Confidentiality power pointDoug Miller
 
Standards and Best Practices for Confidentiality of Electronic Health Records
Standards and Best Practices for Confidentiality of Electronic Health RecordsStandards and Best Practices for Confidentiality of Electronic Health Records
Standards and Best Practices for Confidentiality of Electronic Health RecordsMEASURE Evaluation
 
The challenges to clinical system adoption
The challenges to clinical system adoptionThe challenges to clinical system adoption
The challenges to clinical system adoptionrain2bow
 
Putting Patients First
Putting Patients FirstPutting Patients First
Putting Patients FirstBrian Ahier
 
1)Health data is sensitive and confidential; hence, it should .docx
1)Health data is sensitive and confidential; hence, it should .docx1)Health data is sensitive and confidential; hence, it should .docx
1)Health data is sensitive and confidential; hence, it should .docxteresehearn
 
Lecture 3 complet.pptx
Lecture 3 complet.pptxLecture 3 complet.pptx
Lecture 3 complet.pptxErickNdenga1
 
HIPAA-HITECH-MU Simplified
HIPAA-HITECH-MU SimplifiedHIPAA-HITECH-MU Simplified
HIPAA-HITECH-MU SimplifiedGretchen Husted
 
Legal and ethical considerations in nursing informatics
Legal and ethical considerations in nursing informaticsLegal and ethical considerations in nursing informatics
Legal and ethical considerations in nursing informaticsAHMED ZINHOM
 
Emerose galvez
Emerose galvezEmerose galvez
Emerose galvezemerosegal
 
HIPAA and HITECH : What you need to know
HIPAA and HITECH : What you need to knowHIPAA and HITECH : What you need to know
HIPAA and HITECH : What you need to knowShred-it
 
Medical device data protection and security
Medical device data protection and security Medical device data protection and security
Medical device data protection and security Erik Vollebregt
 
Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Mark Merrill
 

Similar to Hm300 week 1 part 1 of 2 (20)

ELECTRONIC HEALTH RECORD SYSTEMS:
ELECTRONIC HEALTH RECORD SYSTEMS:ELECTRONIC HEALTH RECORD SYSTEMS:
ELECTRONIC HEALTH RECORD SYSTEMS:
 
Health Data Sharing Scene Setting
Health Data Sharing Scene Setting Health Data Sharing Scene Setting
Health Data Sharing Scene Setting
 
Confidentiality power point
Confidentiality power pointConfidentiality power point
Confidentiality power point
 
Standards and Best Practices for Confidentiality of Electronic Health Records
Standards and Best Practices for Confidentiality of Electronic Health RecordsStandards and Best Practices for Confidentiality of Electronic Health Records
Standards and Best Practices for Confidentiality of Electronic Health Records
 
Hm300 week 1 part 2of 2
Hm300 week 1 part 2of 2Hm300 week 1 part 2of 2
Hm300 week 1 part 2of 2
 
Hm300 week 1 part 2of 2
Hm300 week 1 part 2of 2Hm300 week 1 part 2of 2
Hm300 week 1 part 2of 2
 
The challenges to clinical system adoption
The challenges to clinical system adoptionThe challenges to clinical system adoption
The challenges to clinical system adoption
 
Nursing Informatics
Nursing InformaticsNursing Informatics
Nursing Informatics
 
Putting Patients First
Putting Patients FirstPutting Patients First
Putting Patients First
 
1)Health data is sensitive and confidential; hence, it should .docx
1)Health data is sensitive and confidential; hence, it should .docx1)Health data is sensitive and confidential; hence, it should .docx
1)Health data is sensitive and confidential; hence, it should .docx
 
Lecture 3 complet.pptx
Lecture 3 complet.pptxLecture 3 complet.pptx
Lecture 3 complet.pptx
 
HIPAA-HITECH-MU Simplified
HIPAA-HITECH-MU SimplifiedHIPAA-HITECH-MU Simplified
HIPAA-HITECH-MU Simplified
 
HIPAA
HIPAAHIPAA
HIPAA
 
Legal and ethical considerations in nursing informatics
Legal and ethical considerations in nursing informaticsLegal and ethical considerations in nursing informatics
Legal and ethical considerations in nursing informatics
 
Emerose galvez
Emerose galvezEmerose galvez
Emerose galvez
 
Nicolas Terry, "Big Data, Regulatory Disruption, and Arbitrage in Health Care"
Nicolas Terry, "Big Data, Regulatory Disruption, and Arbitrage in Health Care"Nicolas Terry, "Big Data, Regulatory Disruption, and Arbitrage in Health Care"
Nicolas Terry, "Big Data, Regulatory Disruption, and Arbitrage in Health Care"
 
EHR - A Consumer Perspective
EHR - A Consumer PerspectiveEHR - A Consumer Perspective
EHR - A Consumer Perspective
 
HIPAA and HITECH : What you need to know
HIPAA and HITECH : What you need to knowHIPAA and HITECH : What you need to know
HIPAA and HITECH : What you need to know
 
Medical device data protection and security
Medical device data protection and security Medical device data protection and security
Medical device data protection and security
 
Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected?
 

More from BealCollegeOnline

BA650 Week 3 Chapter 3 "Why Change? contemporary drivers and pressures
BA650 Week 3 Chapter 3 "Why Change? contemporary drivers and pressuresBA650 Week 3 Chapter 3 "Why Change? contemporary drivers and pressures
BA650 Week 3 Chapter 3 "Why Change? contemporary drivers and pressuresBealCollegeOnline
 
BA350 Katz esb 6e_chap018_ppt
BA350 Katz esb 6e_chap018_pptBA350 Katz esb 6e_chap018_ppt
BA350 Katz esb 6e_chap018_pptBealCollegeOnline
 
BA350 Katz esb 6e_chap017_ppt
BA350 Katz esb 6e_chap017_pptBA350 Katz esb 6e_chap017_ppt
BA350 Katz esb 6e_chap017_pptBealCollegeOnline
 
BA350 Katz esb 6e_chap016_ppt
BA350 Katz esb 6e_chap016_pptBA350 Katz esb 6e_chap016_ppt
BA350 Katz esb 6e_chap016_pptBealCollegeOnline
 

More from BealCollegeOnline (20)

BA650 Week 3 Chapter 3 "Why Change? contemporary drivers and pressures
BA650 Week 3 Chapter 3 "Why Change? contemporary drivers and pressuresBA650 Week 3 Chapter 3 "Why Change? contemporary drivers and pressures
BA650 Week 3 Chapter 3 "Why Change? contemporary drivers and pressures
 
BIO420 Chapter 25
BIO420 Chapter 25BIO420 Chapter 25
BIO420 Chapter 25
 
BIO420 Chapter 24
BIO420 Chapter 24BIO420 Chapter 24
BIO420 Chapter 24
 
BIO420 Chapter 23
BIO420 Chapter 23BIO420 Chapter 23
BIO420 Chapter 23
 
BIO420 Chapter 20
BIO420 Chapter 20BIO420 Chapter 20
BIO420 Chapter 20
 
BIO420 Chapter 18
BIO420 Chapter 18BIO420 Chapter 18
BIO420 Chapter 18
 
BIO420 Chapter 17
BIO420 Chapter 17BIO420 Chapter 17
BIO420 Chapter 17
 
BIO420 Chapter 16
BIO420 Chapter 16BIO420 Chapter 16
BIO420 Chapter 16
 
BIO420 Chapter 13
BIO420 Chapter 13BIO420 Chapter 13
BIO420 Chapter 13
 
BIO420 Chapter 12
BIO420 Chapter 12BIO420 Chapter 12
BIO420 Chapter 12
 
BIO420 Chapter 09
BIO420 Chapter 09BIO420 Chapter 09
BIO420 Chapter 09
 
BIO420 Chapter 08
BIO420 Chapter 08BIO420 Chapter 08
BIO420 Chapter 08
 
BIO420 Chapter 06
BIO420 Chapter 06BIO420 Chapter 06
BIO420 Chapter 06
 
BIO420 Chapter 05
BIO420 Chapter 05BIO420 Chapter 05
BIO420 Chapter 05
 
BIO420 Chapter 04
BIO420 Chapter 04BIO420 Chapter 04
BIO420 Chapter 04
 
BIO420 Chapter 03
BIO420 Chapter 03BIO420 Chapter 03
BIO420 Chapter 03
 
BIO420 Chapter 01
BIO420 Chapter 01BIO420 Chapter 01
BIO420 Chapter 01
 
BA350 Katz esb 6e_chap018_ppt
BA350 Katz esb 6e_chap018_pptBA350 Katz esb 6e_chap018_ppt
BA350 Katz esb 6e_chap018_ppt
 
BA350 Katz esb 6e_chap017_ppt
BA350 Katz esb 6e_chap017_pptBA350 Katz esb 6e_chap017_ppt
BA350 Katz esb 6e_chap017_ppt
 
BA350 Katz esb 6e_chap016_ppt
BA350 Katz esb 6e_chap016_pptBA350 Katz esb 6e_chap016_ppt
BA350 Katz esb 6e_chap016_ppt
 

Recently uploaded

social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 

Recently uploaded (20)

social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 

Hm300 week 1 part 1 of 2

  • 1. © 2017 American Health Information Management Association© 2017 American Health Information Management Association Chapter 1: Introduction to the Fundamentals of Law Fundamentals of Law for Health Informatics and Information Management, Third Edition
  • 2. © 2017 American Health Information Management Association Defining Law • Law – Represents a set of governing rules designed to protect citizens living in a civilized society – Establishes order, provides parameters for conduct, and defines rights and obligations of government and its citizens – Controls behavior that threatens public safety and sets penalties for disobedience
  • 3. © 2017 American Health Information Management Association Two Types of Law • Public law – Involves federal, state, and local governments – Defines, regulates, and enforces rights and duties among individuals and businesses as related to government. • Private law – Involves rules and principles that defines rights and duties among individuals and private businesses
  • 4. © 2017 American Health Information Management Association Law and Healthcare • US healthcare is a trillion-dollar business regulated by federal and state laws, accrediting bodies, practice standards, and codes of ethics • Serves to protect consumers and providers by requiring accountability for services and privacy, confidentiality, and security of health information
  • 5. © 2017 American Health Information Management Association Law and Health Information • Health information – Data generated and collected as a result of delivering care to a patient • Uses of health information – Primary use—clinical care – Secondary uses—public health reporting, population health management, third-party reimbursement, quality improvement, and patient safety – Used as evidence in legal cases in which conflict arises and resolutions is sought through the court system
  • 6. © 2017 American Health Information Management Association Health Information • Protected under federal law—HIPAA, defines health information as: – “It is any information, whether oral or recorded in any form or medium, that: (1) is created or received by a health care provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse; and (2) relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual” (45 CFR 160.103).
  • 7. © 2017 American Health Information Management Association Health Information Technology • Push to decrease healthcare costs and improve quality and safety of healthcare through use of health information technology (HIT) • Movement from paper to electronic health records (EHRs) and health information exchanges (HIE) that enable the sharing of information with multiple parties and across multiple boundaries
  • 8. © 2017 American Health Information Management Association Law and HIT • Public and private collaborations are working together to eliminate legal barriers for sharing electronically stored health information – Example: National Governors Association— roadmap to help states improve health information flow
  • 9. © 2017 American Health Information Management Association Health Records • Health information comprises a health record which is defined as: – “Individually identifiable data, in any medium, that are collected, processed, stored, displayed, and used by healthcare professionals” (AHIMA 2010)
  • 10. © 2017 American Health Information Management Association Types of Health Records • Hybrid health record • Electronic health record • Electronic medical record • Personal health record
  • 11. © 2017 American Health Information Management Association Hybrid Health Record • Record that consists of both paper and electronic records and media (for example, film, video, or imaging system) and uses both manual and electronic processes • Data in the record may be handwritten, direct voice entry captured in a word-processing system, or from provider wireless devices such as handheld personal computers
  • 12. © 2017 American Health Information Management Association Electronic Health Record • “An electronic record of health-related information on an individual that conforms to nationally recognized interoperability standards and that can be created, managed, and consulted by authorized clinicians and staff across more than one healthcare organization.” The National Alliance for Health Information Technology (NAHIT) definition
  • 13. © 2017 American Health Information Management Association Electronic Medical Record • “An electronic record of health-related information on an individual that can be created, gathered, managed, and consulted by authorized clinicians and staff within one healthcare organization” The National Alliance for Health Information Technology definition
  • 14. © 2017 American Health Information Management Association Personal Health Record • “An electronic record of health-related information on an individual that conforms to nationally recognized interoperability standards and that can be drawn from multiple sources while being managed, shared, and controlled by the individual” The National Alliance for Health Information Technology definition
  • 15. © 2017 American Health Information Management Association Protection of Health Information and Health Records • Health Insurance Portability and Accountability Act of 1996 (HIPAA) – Privacy Rule in effect 2002 – Security Rule in effect 2003 • Health Information Technology for Economic and Clinical Health Act (HITECH) of the American Reinvestment and Recovery Act of 2009 (ARRA)
  • 16. © 2017 American Health Information Management Association Privacy and Confidentiality of Health Information • Historically key components of the patient- provider relationship. • Inherent trust that patient information will be kept private and protected from unauthorized access. • It is important to understand differences between privacy, confidentiality, and security and how the concepts relate to law
  • 17. © 2017 American Health Information Management Association Privacy • Privacy is an important social value; it means “a right to be left alone.” • Definitions – “Privacy is a right of individuals to be let [sic] alone and to be protected against physical or psychological invasion or the misuse of their property. It includes freedom from intrusion or observation into one's private affairs, the right to maintain control over certain personal information, and the freedom to act without outside interference” (ASTM 2010) – “Right to limit the disclosure of personal information” (Joint Commission 2016)
  • 18. © 2017 American Health Information Management Association Confidentiality • Results from sharing private thoughts with someone else in confidence • Definitions – “Status accorded to data or information indicating that it is sensitive for some reason, and therefore it needs to be protected against theft, disclosure, or improper use, or both, and must be disseminated only to authorized individuals or organizations with a need to know” (ASTM 2010) – “Protection of data or information from being made available or disclosed to an unauthorized person(s) or process(es)” (The Joint Commission 2016)
  • 19. © 2017 American Health Information Management Association Confidentiality (continued) • Privileged communication – Confidentiality, as recognized by law, stems from a relationship where information is shared between two parties such as attorney and client, clergy and parishioner, husband and wife, or physician and patient. The information or communication shared in these relationships is considered “privileged.” • Confidentiality obligates healthcare providers (individuals and organizations) to protect patient information
  • 20. © 2017 American Health Information Management Association Security • Relates to privacy and confidentiality – Pertains to the physical and electronic protection of information that preserves these concepts • Definition – “Prevent unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system” (Joint Commission 2016)
  • 21. © 2017 American Health Information Management Association Security (continued) • ASTM E 31 offers two perspectives – Data security – Systems security
  • 22. © 2017 American Health Information Management Association ASTM E 31—Data Security • Data security is defined as – “The result of effective data protection measures; the sum of measures that safeguard data and computer programs from undesired occurrences and exposure to accidental or intentional access or disclosure to unauthorized persons, or a combination thereof; accidental or malicious alteration; unauthorized copying; or loss by theft or destruction by hardware failures, software deficiencies, operating mistakes; physical damage by fire, water, smoke, excessive temperature, electrical failure or sabotage; or a combination thereof. Data security exists when data are protected from accidental or intentional disclosure to unauthorized persons and from unauthorized or accidental alteration” (ASTM 2010).
  • 23. © 2017 American Health Information Management Association ASTM E 31—System Security • System security is defined as – The totality of safeguards including hardware, software, personnel policies, information practice policies, disaster preparedness, and oversight of these components. Security protects both the system and the information contained within from unauthorized access from without and from misuse from within. Security enables the entity or system to protect the confidential information it stores from unauthorized access, disclosure, or misuse, thereby protecting the privacy of the individuals who are the subjects of the stored information” (ASTM 2010).
  • 24. © 2017 American Health Information Management Association US Code on Information Security • Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide – Integrity, which means guarding against improper information modifications or destruction, and includes ensuring information non-repudiation and authenticity – Confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and propriety information – Availability, which means ensuring timely and reliable access to and use of information
  • 25. © 2017 American Health Information Management Association Ownership of Health Record • Ownership of the health record – Traditionally granted to healthcare provider who generates the record. However, state and federal laws have long upheld the right of the patient to control the information within the record – The HIPAA Privacy Rule (45 CFR 164.524–526) grants a patient the right to access, view, copy, or amend the record. – Ownership does not permit providers to share or sell patient-identifiable medical information as they wish.
  • 26. © 2017 American Health Information Management Association Custodian of Health Records • “Individual who has been designated as having responsibility for the care, custody, control, and proper safekeeping and disclosure of health records for such persons or institutions that prepare and maintain records of healthcare” (AHIMA 2010) • Role of custodian = gatekeeper
  • 27. © 2017 American Health Information Management Association Stewardship • Similar to role of custodianship • Goes beyond physical record to include – “Responsibilities for ensuring integrity (accuracy, completeness, timeliness) and security (protection of privacy as well as from tampering, loss or destruction) within the context of electronic information and records management” (Davidson 2010)
  • 28. © 2017 American Health Information Management Association Information Governance • Stewardship as a component of information governance which is the “strategic management of enterprise electronic information including the standards, policies, and procedures for access, use, and control of that information” (Johns 2015)
  • 29. © 2017 American Health Information Management Association Stewardship and Governance • Role of steward requires leadership, responsibility and governance to ensure consistent application of, and compliance with policies across organization-wide distributed information systems.