The purpose of this training module is to inform staff the importance of privacy and confidentiality in patient care, types of privacy breaches, the impact it has on the organization and present different case scenarios to drive home the point of practicing compliance as it relates to HIPAA laws and organizational rules and regulations regarding patient privacy and confidentiality

1. A BASIC HUMAN RIGHT…
PATIENT PRIVACY AND CONFIDENTIALITY
Tasha Renfroe-Johnson
MHA690 Health Care Capstone
Instructor: Alexa Schmitt
September 20, 2018

2. OVERVIEW FOR PRIVACY AND
CONFIDENTIALITY TRAINING
 Between January 2004 and June 2006, over 120 workers at a Los Angeles hospital looked at celebrity’s medical
records and other personal information without permission which led to several firings, suspensions and
warnings (Fox News, 2008)
 Patient confidentiality is one of the most important pillars of medicine. Protecting the private details of a patient
is not just a matter of moral respect, it is essential in retaining the important bond of trust between the doctor
and the individual
 The purpose of this training module is to inform staff the importance of privacy and confidentiality in patient
care, types of privacy breaches, the impact it has on the organization and present different case scenarios to
drive home the point of practicing compliance as it relates to HIPAA laws and organizational rules and
regulations regarding patient privacy and confidentiality

3. WHAT IS PRIVACY?
 The right of individuals to be left alone and
to be protected against physical or
psychological invasion or the misuse of their
property
 It includes freedom from intrusion or
invasion into one’s private affairs, the right
to maintain control over certain personal
information, and the freedom to act without
outside interference (Demirsoy &
Kirimlioglu, 2016)

4. CASES OF PRIVACY AND CONFIDENTIALITY
BREACHES
 In 2009 Kaiser Permanente fined $250,000 for privacy Breach for failing to keep employees from snooping in
the medical records of Nadya Suleman, the mother who set off a media frenzy after giving birth to octuplets
(Abram, 2014)
 In 2011, UCLA agreed to pay a penalty of $865,500 as part of a settlement with federal regulators after Farrah
Fawcett and another celebrity patient alleged that hospital employees reviewed their medical records without
authorization (Abram, 2014)
 Officials with Providence Holy Cross Medical Center in Mission Hills dismissed an employee hired from a
staffing agency for posting a patient’s medical information on his Facebook page, apparently to make fun of
the woman’s name and her medical condition (Abram, 2014)
 Two nurses were fired from the Nebraska Medical Center in Omaha after they allegedly looked at the medical
file of an American aid worker infected with Ebola. An audit of the hospital’s electronic medical records led to
the discovery that two employees had inappropriately accessed the medical record and that their actions
violated federal patient privacy regulations (Abram, 2014)

6. IMPACT OF PRIVACY AND CONFIDENTIALITY
BREACHES
 Breaches of privacy laws can expose individuals to risks such as
 Embarrassment
 Loss of employment opportunity
 Loss of business opportunity
 Physical risks to safety and identity theft
 Financial loss and identity theft

7. TYPES OF BREACHES TO PRIVACY AND
CONFIDENTIALITY
Intentional
• Consist of theft or an abuse or manipulation of the
technologies that are so often used to catalogue
and protect personal information
• Hacking, which consists of breaching computer
systems and electronic safeguards, is a serious
problem, and such breaches are often vicious in
nature and consist of a deliberate desire to access,
collect, use or disclose an individual’s personal
information with a view of causing a disturbance or
perpetrating a crime
l
Unintentional
• Typically consist of human error or
ignorance are often the most likely cause
of privacy breaches
• Privacy breaches based on human error or
ignorance typically arise in cases of
careless practices, mistaken disclosures, or
operational, technical or communication
breakdowns
• Damages caused by inadvertent privacy
breaches, though done without malice,
can be just as serious as those breaches
that occur intentionally
VS.

10. HIPAA PRIVACY AND CONFIDENTIALITY
STANDARDS
• Limit the non-consensual use and release of personal health
information
• Give patients new rights to access their medical records and to
know who else has accessed them
• Restrict most disclosure of health information to the minimum
needed for the intended purpose
• Establish new criminal and civil sanctions for improper use or
disclosure
• Establish new requirements for access to records by researchers
and others
l

11. HIPAA PRIVACY AND CONFIDENTIALITY
5 PRINCIPLES
• Consumer control – the regulation provides consumers with critical new rights
to control their medical information
• Boundaries – with few exceptions, an individual’s health care information should
be used for health purposes only, including treatment and payment
• Accountability – specific penalties if right to privacy is violated
• Public responsibility – balance privacy with national priorities such as public
health protection, medical research, improving quality of care, and fight health
care fraud and abuse
• Security – organizational responsibility (Naas, 2009)
l

12. NEED FOR PATIENT PRIVACY AND
CONFIDENTIALITY
• Medical industry has clear guidelines on how health professionals like
doctors, nurses, and clinicians should conduct themselves in managing the
privacy and confidentiality of patients’ personal health information
• HIPAA Privacy and Security laws teaches staff to collect only the relevant
health data of patients with their consent
• There are clear guidelines to patients on how their personal health
information will be used in the medical process

14. REFERENCES
Abram, S. (2014). Invasion of medical records, hospital privacy on rise. Los Angeles Daily Times.Retrieved from
https://www.dailynews.com/2014/11/15/invasion-of-medical-records-hospital-privacy-on-rise/
Demirsoy, N. & Kirimlioglu, N. (2016). Protection of privacy and confidentiality as a patient right: physicians’ and
nurses’ viewpoints. Biomedical Research, 27(4). Retrieved from
http://www.alliedacademies.org/articles/protection-of-privacy-and-confidentiality-as-a-patient-right-physicians-
and-nurses-viewpoints.pdf
Fox News. (2008). Report Over 120 UCLA hospital staff saw celebrity health records Retrieved from
http://www.foxnews.com/story/0,2933,398784,00.html
Naas, S.J. (2009). HIPAA, the Privacy Rule, and its Application to Health Research. National Center for
Biotechnology Information. Retrieved from https://www.ncbi.nlm.nih.gov/books/NBK9573/