MHA 690 Week 1 Discussion 2 Amber Salina

1. AN EVALUATION OF THE REPORT: OVER 120 UCLA
HOSPITAL STAFF SAW CELEBRITY HEALTH RECORDS
BY: AMBER SALINA
MHA 690 HEALTHCARE CAPSTONE
INSTRUCTOR: DR. JERRY CROUCH
MAY 6, 2017
TRAINING IDEAS TO HELP KEEP CONFIDENTIAL INFORMATION
CONFIDENTIAL

2. The implementation of electronic health
records has caused an increase in concerns
of professional practice in regards to
privacy, confidentiality, and security
issues. Tan (2010) states The Health
Insurance Portability and Accountability
Act (HIPAA) require that health care
employers educate all their workforce on
the HIPAA privacy rule in 2003, and
security rule in 2005, (p.55). However, as
we read in the article the HIPAA privacy

3. Violations can cost the facility in
many ways, including (but not
limited to): Litigation fees, fines
imposed, loss of reputation, loss of
employment (for individual)

4. PATIENT CONFIDENTIALITY WORKSHOPS
These workshops on confidentiality that
I propose are designed to increase
awareness of patient’s and employee’s
responsibilities regarding privacy of
their medical records.
The GOAL of our training workshops
include steps that health care
professionals can do to improve their
practices in regards to preserving the
confidentiality of patients health care

5. Health care providers are those who store
healthcare records in electronic form,
healthcare clearing houses handle the
billing needs of the providers
(Wolper,2011). All Health care providers
must attend annual HIPPA training
sessions. Any healthcare provider that
electronically stores, processes or
transmits medical records, medical
claims, remittances, or certifications must
comply with HIPAA regulations

6. Staff will be trained on appropriate
measures required to review
patient files and maintain
confidentiality (Cascardo, 2012).
Staff will be trained with respect to
the reporting of breaches.
Reprimands will be imposed on any
staff that does not comply with
breach notification procedures.

7. Procedures will be discussed
on how to file a complaint
under the HHS rules.
Individuals are within their
rights to file a complaint under
HHS regulations. All staff will
be properly trained in HIPAA
compliance.

8. Educate healthcare personnel on
confidentiality and data security
requirements. Confirm that confidentiality
and security policies and guidelines are
coherent to HIPAA laws and regulations.
Implement periodic data security audits as
well as risk assessments. Review and modify
privacy and security policies. Be sure to
update employee training programs and
establish breach notification protocols.
Monitor the access and disclosure of PHI
Develop and information and disclosure of

9. A few best practice reminders:
• DO keep computer sign-on codes and passwords secret
• DO NOT allow unauthorized persons access to your computer
• DO keep notes, files, memory sticks, and computers in a secure place
• Be careful to NOT leave them in open areas outside your workplace,
such as a library, cafeteria, or airport.
• DO NOT place PHI or PII on a mobile device without required approval.
• DO encrypt mobile devices that contain PHI or PII.
• DO hold discussions of PHI in private areas and for job-related reasons
only.
• DO follow procedures for the proper disposal of sensitive information,
such as shredding documents or using locked recycling drop boxes.
• When sending an e-mail, DO NOT include PHI or other sensitive
information such as Social Security numbers, unless you have the proper
written approval to store the information and encrypted your computer
or e-mail.(UNC, 2013)

10. In conclusion, patient privacy and
confidentiality is everybody’s
responsibility. By keeping your staff
and employees familiar with current
privacy laws and offering mandatory
training sessions on confidentiality
your organization can help ensure
that there are no major breaches of
PHI.

11. References:
Cascardo, D. (2012). What to do before the office for civil rights comes
knocking: Part I. The Journal of Medical Practice Management: MPM, 27(6),
337-40. Retrieved from http://search
.proquest.com/docview/1242495446?accountid=32521
http://www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/ind
ex.htmlUniversity of North Carolina (UNC) (2013). HIPAA, privacy, & security.
Retrieved from website:
http://www.unc.edu/hipaa/Annual%20HIPAA%20Training%20current.p df
Tan, J. (2010). Adaptive health management information systems: Concepts,
cases, and practical applications (3rd ed.). Sudbury, MA: Jones and Bartlett.
Wolper, L.F. (2011). Health care administration: Managing organized
delivery systems (5th ed.). Boston: Jones and Bartlett.