Re: Topic 7 DQ 2
The Health Insurance Portability and Accountability Act (HIPAA) requires that patient health information is protected and secure at all times. The regulations that are in place by HIPAA have an effect on healthcare institutions willingness to share data with other institutions (DeNisco & Baker, 2016). The Electronic Medical Record (EMR) is different from an Electronic Health Record (HER) because the information it contains is intended to be shared. While both the EMR and her contain protected health information (PHI), an EHRs purpose is to be shared among physicians and hospitals when needed. Unfortunately, sharing this PHI becomes a challenge. Hospitals in particular, “face a “catch-22” situation in responding to the conflicting mandates of developing electronic health records that information sharing across institutions versus ensuring absolute protection and security of patients’ individual health information” (Sarrico & Hauenstein, 2011).
An ethical issue related to HIPAA and the sharing of information through EHRs is sharing information in emergency situations. There are times in the ER when information is crucial for the care of critically ill patients. Is it ethically right to access and share information about patients during emergency situations if it means saving a life?
A legal issue related to the use of EHRs is when the breach of PHI occurs. Keeping PHI secure is imperative for patients, but unfortunately breaches do occur. Healthcare professionals must be held accountable for their access into EHRs at all times. One restriction which some healthcare systems use is “placing restritctions on which application and module within that application a user can access, despite the user’s having established his or her ID at login” (Sarrico & Hauenstein, 2011). It is also important for internal audits to take place as well to monitor the security of PHI. Of course there are always steps that the healthcare industry can enforce to maintain security of PHI. Regulators in the industry should specify standards and definitions regarding what constitutes a violation, create evels of severity, and devise a hierarchy of warnings and fines that are based on standards (Sarrico & Hauenstein, 2011). As far as healthcare providers, they should tighten internal compliance procedures, conduct extensive and regular training of all employees, train the employees of provider-partners, obtain signed privacy agreements with all employees and conduct regular audits to ensure compliance (Sarrico & Hauenstein, 2011). All of these are suggested and can be implemented in daily practice to maintain proper security of information.
References
DeNisco, S.M., & Barker, A.M. (2016). Advanced practice nursing: essential knowledge for the profession. Burlington, MA: Jones & Bartlett Learning.
Sarrico, C., & Hauenstein, J. (2011). Can EHRs get along with HIPAA security requirements? Hfm (Healthcare Financial Management), 65(2), 86-90.
Order this paper