3. TYPES OF SENSITIVE INFORMATION
Personal Information
Patient’s name
Address
Social Security number
Age
Medical Information
• Diagnosis
• Treatment
4. When to share
Confidential/Sensitive Information
Information is shared when it is needed to assist in
treatment, payment, or healthcare operations without
a patient’s express written authorization.
In each case disclose minimal information necessary
to achieve its purpose
5. Handling the Media
Inquires must be directed to the designated
Administrative staff
Seek the consent of the patient to disclosure of
information
Anonymise data where unidentifiable data will serve
the purpose
Keep disclosure to the minimum necessary
6. HIPAA
Health Insurance Portability and Accountability Act
Title II, part 2 of the HIPAA regulates the use and
the disclosure of Protected Health Information.
Privacy Rule
Creates a barrier to restrict the flow of PHI through the uses of
Electronic Health Records (EHR).
Security Rule
Directly addresses the means used by a covered entity to safeguard PHI
against unauthorized uses or disclosures.
7. ACCOUNTABILITY
Confidentiality between the healthcare provider and
the patient provides the foundation to build a
relationship of trust.
All health care providers and health care personnel
must uphold this confidence.
There are Penalties for breaking confidence
8. Policy
Software has built in safeguards to protect sensitive
information, where staff will have access to the
information based on their responsibilities.
Software is set to periodically run system-wide checks
for misuse of patient information.
Employee recognition and incentive programs
9. REFERENCES
Health Insurance Portability Accountability Act of 1996, Public Law 104-191.
http://www.cms.gov/HIPAAGenInfo/Downloads/ HIPAALaw.pdf. Accessed 3/5/2015
Ludwig, M., Burke, W., 2014. Physician-Patient Relationship. Ethics in Medicine, University
of Washington School of Medicine.
McGowan , Claire, 2012., Patient’ Confidentiality. Critical Care Nurse vol 32. No. 5
Editor's Notes
IT should also be involved; the software system in the organization should have safe guards to protect sensitive information, where staff will have access to the information based on their position. All computers will be checked periodically for misuse. The computers should have screens that block visibility if you are not sitting directly in front of the screen and timeout after a period of non-use. Lastly, a reward system should be in place to recognize those that follow the guidelines for protecting patient privacy.
Reference