Discuss why protection of the privacy of health information is important
Assignment 2: Appropriate Use of Health Information (Essay Paper)
Assignment 2: Appropriate Use of Health Information (Paper)
30% of Total Grade
The introduction of the electronic health record and the use of other information and communication technologies have provided nurses and other healthcare professionals a more effective way of maintaining and communicating personal health information. However, this increased access to information at the point-of-care increases the nurse’s responsibility to maintain confidentiality of health information. There are several ways that a nurse using information technology may inadvertently breach confidentiality. What are the safeguards that need to be in place to support nurses in the appropriate use of health information? Accordingly, the purpose of this assignment is to support your critical thinking regarding the appropriate use and access to a person’s health information. Assignment 2: Appropriate Use of Health Information (Essay Paper).
BUY A PLAGIARISM-FREE PAPER HERE
Your manager, knowing that you are completing a course on nursing informatics asks that you share with her information on practices that support protection of patient information.
In this assignment, you will:
Discuss why protection of the privacy of health information is important.
Discuss the legislation governing protection of health information in Alberta OR your home province/territory (Cite ALBERTA HEALTH CARE LEGISLATURE ACT).
Reflect on the practices in place regarding protection of health information in a healthcare setting in which you have experience (e.g., currently practice or have practiced previously in an employed or student capacity).
Make recommendations on actions that can be taken in the practice setting to strengthen the practices to support protection of health information. Assignment 2: Appropriate Use of Health Information (Essay Paper).
Evaluation Criteria for Assignment 2
Articulate why privacy of health information is important (3 marks)
Describe the legal requirements set out in the legislation to protect privacy (3 marks)
Discuss practices established in your practice setting to protect privacy of health information (3 marks)
Articulate and provide rationale for 4 actions that can be taken by nurses to strengthen practices that support protection of health information (8 marks)
Provide evidence of application of course concepts from Units 4 to 7 and include references to sources (e.g., journal articles, web-based materials) beyond those offered in the course materials (3 marks)
Demonstrate scholarly format including:
5-6 pages in length excluding title page and Reference list (1 mark)
Scholarly language and professional tone (2 marks)
Correct grammar, spelling and punctuation (2 marks)
Effective introduction and conclusion (2 marks)
Include accurate APA (6th edition) formatting including:
Title page, headings, and subheadings (1 mark)
Reference citations and reference list (2 marks) Assignment 2: Appropriate Use of Health Information (Essay Paper)
Total possible marks = 30.
Assignment 2: Appropriate Use of Health Information (Paper)
In recent years, health records and use of other information and communication technologies has been heightened in health care institutions and by healthcare professionals, including nurses. As a result, the need for maintaining patients’ privacy, while storing and communicating patient information becomes a necessity. Various safeguards can be put in place to ensure confidentiality of information. The following discussion is aimed at identifying why there is a need for maintaining privacy of patients’ information by identifying the various legislative measures governing health information in Alberta. It will also focus on a reflection of practices experienced in ensuring patient information confidentiality and safety, and recommendations for improvement in guaranteeing there is no breach of confidentiality of patients’ information.
Why Privacy of Health Information Is Important
Privacy of medical information is vitally important. If it is maintained, many lives are likely to be saved because; people may have a tendency to avoid life- saving and life- enhancing treatments (McGraw, 2009).
In addition, whether it is right or wrong, many illnesses come along with a form of stigma (McGraw, 2009). Consequently, many people may be reluctant to seek medical attention if they are not guaranteed of their privacy. To some extent, some insured patients may fail to seek medical attention until their condition worsens while at the same time they may fail to reveal their health condition to care givers and medical staffs if they are not certain of privacy of their information (Born, 2013). Assignment 2: Appropriate Use of Health Information (Essay Paper)
Finally, some patients in search of medical attention may withhold crucial information, which could otherwise aid in their treatment, for fear of lack of privacy. As a result, they may not receive full and/or appropriate form of treatment (Born, 2013).
Legislation Governing Protection of Health Information in Alberta
Alberta health legislature provides the health information Act, whose provision with regard to protection of health information includes:
First, The Health Information Act involved in the establishment of the rules followed by custodians of information in their collection, disclosure, protection and use (Alberta Queen’s Printer, 2010). Individuals are also provided with a right to access their health information, as well as the right to make a request for amendment or correction of this information (Alberta Queen’s Printer, 2010). The act also provides the individual’s right to oversight over the legislation (Alberta Queen’s Printer, 2010). Assignment 2: Appropriate Use of Health Information (Essay Paper)
Secondly, Health Information Regulation helps in the provision of additional rules to the custodians of health information with reference to use, collection and disclosure (Alberta Queen’s Printer, 2010).
Thirdly, Alberta Electronic Health Record Regulation also referred to as Alberta Netcare and gives all details pertaining Alberta Electronic Health Record (Alberta Queen’s Printer, 2010).
In addition, Designation Regulation designates ethics to be followed in research in line with health information act’s division 3 provisions (Alberta Queen’s Printer, 2010).
Finally is the Alberta’s Queen’s Printer that entails the official sources of Alberta legislation copies as well as regulation and Health Information Act (Alberta Queen’s Printer, 2010)
A Reflection of Practices Experienced In Ensuring Patient Information Privacy
Since data breaches in health care come in different ways, many organisations have embarked on ways to protect health information. Here are some of these methods I experienced in a student capacity: Assignment 2: Appropriate Use of Health Information (Essay Paper)
Network protection where the Health Information Technology Department used different tools to try and keep out intruders, e.g. antivirus software and firewalls, network segregation (which was meant for reducing damage in case of an attack limiting ability of an intruder accessibility of information in a different area from the one he/she has intruded).
Additionally, Staff education on Information Technology Security Programs incorporated employees through training them on practices that could lead to violation of the health care information Act provisions. Besides, employees were advised on how to use secure passwords as well as training on phishing protection techniques including social engineering among others.
Moreover, Encryption of portable device where the health cares facility emphasized on the need to encrypt portable devices that contained health care information. The devices encrypted, included laptops, smart phones, USB drivers, as well as tablets. There was an effort to acculturate employee’s tendencies of carrying data on encrypted personal devices.
Lastly is the physical security controls. In as much as there was a lot of paperless storage of data, paper storage was still in use in the organisation. As a result, physical control mechanisms were still practiced, e.g. locking of file cabinets and ensuring secure doors. Assignment 2: Appropriate Use of Health Information (Essay Paper)
Actions That Can Be Taken By Nurses to Strengthen Practices That Support Protection of Health Information
In their everyday operations, nurses deal with private information belonging to the patients; whether in their nursing stations, exam rooms, in offices or in patients’ bedsides (Health Information Technology, 2007). As a result, they may become desensitized to how important it is to maintain patients’ information privacy (Health Information Technology, 2007). However, there are different practices that can be applied by nurses in ensuring protection of health information. These practices and the rationale behind them include:
The most important thing that nurses can do to ensure that patient’s information privacy is guaranteed is creating a means for authentication. This is where; anybody accessing the information can only do so upon entry of a password to an already created nurse portal from which he or she can be able to access any information they want (Borten, 2016). The portal serves as a ‘gate’ in accessing electronic health records and the user name and password as the ‘key’. Consequently, anybody who does not have the necessary authentication means cannot be able to access the information (Borten, 2016).
However, there is need for the users of the information to be inducted on the best methods of creating strong passwords that cannot be hacked by unauthorised persons (Borten, 2016). It is the role of the information communication technology to install and teach the nurses on the appropriate use of the electronic records. Similarly, there is need for cautioning the nurses on the best way to use the authentication tools (Borten, 2016). For example, they should be constantly reminded that they should log-out from their portal after they are done so as to prevent unauthorised access to the electronic rerecords by unauthorised persons using the already opened portal (Borten, 2016).
In addition to the use of passwords and usernames, the institutions can institute biometric means such as finger prints, voice and face recognition systems and/or iris scanning systems to increase enhanced identification of individual access into the records (Borten, 2016). The use of these more advanced means (biometrics) are more secure because they require the physical presence of a an individual as compared to the password and username authentication means of prohibiting access which can be used even in the absence of a nurse (Borten, 2016).
Besides, accessibility to electronic systems for electronic health records is at risk of being exposed to unauthorised persons, especially for desktop, tablet, Smartphone sand laptop screens, whether on a working station, on mobile carts or in exam rooms (Angst, Block, D’Arcy, & Kelley, 2017). This has the potential of increasing the chances of visual hacking (Angst, Block, D’Arcy, & Kelley, 2017). As a result, there need to protect the electronic data from unauthorised intrusion or damage when environmental hazards arises (Health Information Technology, 2007). Nurses should ensure that they place these devices in such a way that they do not facilitate visual hacking, either through side-angle viewing or any other means (Health Information Technology, 2007). Besides, after using these devices, they should return them to the designated special rooms specifically built in such a way to protect data from external hazards such as fire (Borten, 2016).
Furthermore, there is need for constant administrative control measures to ensure that all the systems put in place for maintaining privacy are functional at all times. For example, it is the role of the administration to conduct periodic reviews of all the systems in order to identify areas that may create chances of the information being privy to unauthorised personnel (Borten, 2016). As a result, if any system is not working as expected, impromptu rectification measures should be undertaken. This will ensure that the electronic records do not get to the wrong hands (Borten, 2016).
Importantly, there is need for constant training and revision of security measures to deal with routine measure that can be traced by unauthorised persons. For example, the passwords should be changed at some point (Borten, 2016). Besides, constant training of nurses by the information communication technology on the best and accurate use of systems is important. The training should be thoroughly done at the implementation stage and conducted throughout the use of a system. This can be either through the use of screen savers or notices (at the walls). For example, the nurses should be constantly reminded that they are supposed to log-out of their portal after use (Borten, 2016).
Recommendations That Can Be Put In Place to Strengthen Protection Practices for Health Information
To ensure breach of patients’ information privacy is minimised, the following measures can be further undertaken (This is in addition to the already existing mechanisms): Assignment 2: Appropriate Use of Health Information (Essay Paper)
Conducting an annual security risk analysis
Due to the constant changes in a health environment, for instance, employee’s turnover, restructuring and information technology, infrastructure enhancement among others, privacy of patient information may be vulnerable with time (Angst, Block, D’Arcy, & Kelley, 2017). As a result, it is important to conduct a non-technical vulnerability check that identifies areas that need rectification. Remedies should be administered instantly (Angst, Block, D’Arcy, & Kelley, 2017).
Besides, investing in protection awareness to the workforce since lack of protection awareness by the workforce is one of the worst risks that can be experienced in an organisation (Health Information Technology, 2017). As a result, it is important to conduct situational training, as well as tracking of what people normally do while in their respective stations in order to identify vulnerable areas. Duty indicators, posters, monthly tips, screen-saver reminders among others, should be introduced to ensure that workers remember of their role in privacy protection. Assignment 2: Appropriate Use of Health Information (Essay Paper)
In a recap, even though many health care institutions have embarked on measures to protect both electronic and paper documented patient information, breach of this information still happens in daily operations; whether as a result of negligent or accidental. However, it is very important to introduce policies that complement the provisions of different legislative provisions on privacy of information. Besides, strict adherence to these policies is important to ensure effectiveness and efficiency in healthcare provision. It is important to always bear in mind the importance of patient information confidentiality in order to safeguard them from the vulnerabilities of disclosure.
Angst, C. M., Block, E. S., D’Arcy, J., & Kelley, K. (2017). WHEN DO IT SECURITY INVESTMENTS MATTER? ACCOUNTING FOR THE INFLUENCE OF INSTITUTIONAL FACTORS IN THE CONTEXT OF HEALTHCARE DATA BREACHES. MIS Quarterly, 41(3), 893-A8.
Alberta Queen’s Printer (2010) ALBERTA HEALTH ACT: Statutes of Alberta, 2010. Chapter A-19.5, Province o f Alberta
BORN, J. (2013). PROTECTING THE PRIVACY AND SECURITY OF HEALTH INFORMATION. South Carolina Business, 34(2), 18.
Borten, K. (2016) The Role of Nurses in HIPAA Compliance, Healthcare Security
Health Information Technology: Early Efforts Initiated but Comprehensive Privacy Approach Needed for National Strategy: GAO-07-238. (2007). GAO Reports, 1McGraw, D. (2009). Privacy and Health Information Technology. Journal Of Law, Medicine & Ethics, 37121-149. doi:10.1111/j.1748-720X.2009.00424.x
Assignment 2: Appropriate Use of Health Information (Essay Paper)