1. TRAINING MANUAL PRIVACY, AND SECURITY ISSUESFOR HEALTH CARE ORGAIZATION PRIVACY AND CONFIDENTIALITY OF PATIENTS INFORMATION Chris Daferede
2. Confidentiality: Prevent private information from being inappropriately released or handled and to ensure that the personal information of the organization is kept confidential.
3. Health Insurance Portability and Accountability Act 1996 Handling of health information Information resources Management Healthcare facilities (private/public) Health professionals Private insurance companies Individual caregivers Nurses Physicians- The HIPPA was instituted to protect the freedom, security, privacy, and confidentiality of individual The Act was designed to set new guidelines, standards, key principles for handling electronic healthcare transactions The HIPPA is a federal mandate that covers the protection of any information in an individual’s personal records, including diagnosis and treatment reports, progress notes, recommendations with caregiver The Act stipulates that all persons who have access to health information must comply with the regulations, to include any written, verbal communication that deals with a particular patients’ current condition.
4. How to Protect Patient Health Information Create high security firewall Access logged computer Restrict the movement of information Lock down computer in which personnel are working on Restrict email access All removable drives of the computer must be disabled No downloadable application allowed Constant training sessions regarding privacy and confidentiality of patients’ information
5. Levels of Security Controls Physical facilities Controls Procedural Controls Physical Protection Computer failure Controls Telecommunications Controls Insurance Separation of Duties Standard Procedures Documentation Authorization Requirements Auditing
6. Penalty for non-compliance Security is essential to every aspect of life; which is vital in developing trust between patients and their care givers For failure to comply with any aspect of this law, the penalty could range from $100 per violation and up to $25,000 per year for an indvertent misuse of patients information And up $50,000 and 1 year of prison term or $25,000 and 10 years prison term for delibrate misuse of patient’s record