The Hippa privacy rule provides protection of personal health information held by covered entities and gives patients an array of rights with respect to that information (DHS, 2012)
Health information cannot be used or disclosed without proper authorization by the patient or legal guardian for minors
There is need to have the necessary training for the issue to do with the confidentiality in the workplace. This training will help to avoid the occurrence of unauthorized access to confidential information that relates to clients and other important data.
For these case where workers at Los Angeles have reportedly been accessing celebrities medical records without permission, the necessary training would be on health care policy and laws that govern confidentiality
There are some state laws that bar the medical and health workers to access the information about patient record unless authorized. The ones authorized to manage the records should have the knowledge on this laws since they need to live to the standard of ethics.
This will equip them with the ethical responsibility and knowledge to be able to put up with the laws, which then will help them to protect the usage as well as the access of the information
Since the technology is so dynamic, it is also necessary to train the data handlers on how to put up with the challenges on the access of the data, control and authentication.
Thus, this training is simply the emphasis on the health insurance portability and accountability Act that regulates the access and sharing of the patient’s health records. With the understanding on the Act, the health organizations will equip the employees with the necessary knowledge on privacy and confidentiality.
Educate healthcare personnel on confidentiality and data security requirements. Confirm that confidentiality and security policies and guidelines are coherent to HIPAA laws and regulations. Implement periodic data security audits and risk assessments
Review and modify privacy and security policies. Updating employee training programs Establish breach notification protocols Assure authorized access of patient information Monitor the access and disclosure of PHI Develop an information protection strategy and framework
These are steps every manager must take to ensure compliance and adherence to privacy, security, and confidentiality protocol. Managers must also implement disciplinary measures for staff members who violate these guidelines. The protection of patient information is a requirement in health care; ethically and legally
3. HIPPA Privacy RuleHIPPA Privacy Rule
• The Hippa privacy rule provides protection ofThe Hippa privacy rule provides protection of
personal health information held by covered entitiespersonal health information held by covered entities
and gives patients an array of rights with respect toand gives patients an array of rights with respect to
that information (DHS, 2012)that information (DHS, 2012)
• Health information cannot be used or disclosedHealth information cannot be used or disclosed
without proper authorization by the patient or legalwithout proper authorization by the patient or legal
guardian for minorsguardian for minors
4. • There is need to have the necessary training for the issueThere is need to have the necessary training for the issue
to do with the confidentiality in the workplace. Thisto do with the confidentiality in the workplace. This
training will help to avoid the occurrence of unauthorizedtraining will help to avoid the occurrence of unauthorized
access to confidential information that relates to clientsaccess to confidential information that relates to clients
and other important data.and other important data.
• For these case where workers at Los Angeles haveFor these case where workers at Los Angeles have
reportedly been accessing celebrities medical recordsreportedly been accessing celebrities medical records
without permission, the necessary training would be onwithout permission, the necessary training would be on
health care policy and laws that govern confidentialityhealth care policy and laws that govern confidentiality
5.
6. Laws and policiesLaws and policies
• There are some state laws that bar the medical andThere are some state laws that bar the medical and
health workers to access the information abouthealth workers to access the information about
patient record unless authorized. The onespatient record unless authorized. The ones
authorized to manage the records should have theauthorized to manage the records should have the
knowledge on this laws since they need to live to theknowledge on this laws since they need to live to the
standard of ethics.standard of ethics.
• This will equip them with the ethical responsibilityThis will equip them with the ethical responsibility
and knowledge to be able to put up with the laws,and knowledge to be able to put up with the laws,
which then will help them to protect the usage aswhich then will help them to protect the usage as
well as the access of the informationwell as the access of the information
7. Technology, Health ActTechnology, Health Act
• Since the technology is so dynamic, it is alsoSince the technology is so dynamic, it is also
necessary to train the data handlers on how to putnecessary to train the data handlers on how to put
up with the challenges on the access of the data,up with the challenges on the access of the data,
control and authentication.control and authentication.
• Thus, this training is simply the emphasis on theThus, this training is simply the emphasis on the
health insurance portability and accountability Acthealth insurance portability and accountability Act
that regulates the access and sharing of the patientthat regulates the access and sharing of the patient’s’s
health records. With the understanding on the Act,health records. With the understanding on the Act,
the health organizations will equip the employeesthe health organizations will equip the employees
with the necessary knowledge on privacy andwith the necessary knowledge on privacy and
confidentiality.confidentiality.
8. Training managers could putTraining managers could put
into place to avoid this situationinto place to avoid this situation
Educate healthcare personnel on confidentiality andEducate healthcare personnel on confidentiality and
data security requirements. Confirm thatdata security requirements. Confirm that
confidentiality and security policies and guidelinesconfidentiality and security policies and guidelines
are coherent to HIPAA laws and regulations.are coherent to HIPAA laws and regulations.
Implement periodic data security audits and riskImplement periodic data security audits and risk
assessmentsassessments
Review and modify privacy and security policies.Review and modify privacy and security policies.
Updating employee training programs EstablishUpdating employee training programs Establish
breach notification protocols Assure authorizedbreach notification protocols Assure authorized
access of patient information Monitor the access andaccess of patient information Monitor the access and
disclosure of PHI Develop an informationdisclosure of PHI Develop an information
protection strategy and frameworkprotection strategy and framework
9. Training managers could putTraining managers could put
into place to avoid thisinto place to avoid this
situation(cont)situation(cont)
These are steps every manager must take to ensureThese are steps every manager must take to ensure
compliance and adherence to privacy, security, andcompliance and adherence to privacy, security, and
confidentiality protocol. Managers must alsoconfidentiality protocol. Managers must also
implement disciplinary measures for staff membersimplement disciplinary measures for staff members
who violate these guidelines. The protection ofwho violate these guidelines. The protection of
patient information is a requirement in health care;patient information is a requirement in health care;
ethically and legallyethically and legally
10. ReferenceReference
Wu, S. S., & American Bar Association. (2007).Wu, S. S., & American Bar Association. (2007). GuideGuide
to HIPAA security and the lawto HIPAA security and the law. Chicago: ABA Section. Chicago: ABA Section
of Science & Technology Law.of Science & Technology Law.