Subject: Advanced Health Information Law & Ethics
Title: Celebrity Health Information-Requirements for Access vs Professional Ethics
Policies and procedures outlining access to patient information for a healthcare organization’s workforce needs to be clearly defined. Although all patients are equally protected by the HIPAA Privacy Rules as well as all applicable federal and state laws and regulations, celebrities seeking and obtaining healthcare, can often be vulnerable to “curious” healthcare workers, inappropriately accessing their health information. Even when there are existing policies unauthorized access can still occur. These can become high profile cases depending on both what the healthcare worker does with regards to disclosure of the information and what the facility does with regards to enforcing its policies and the law.
Research the situation of a workforce unauthorized access to patient records at Cedars-Sinai Medical Center, Los Angeles in June 2013, find at least two sources of information.
In a two page paper, using APA format and cited resources, summarize the issues of the case as you see them, keep in mind that this is not a legal case but a reporting by the hospital and press of what happened and the actions taken.
After you summarize the issue of the case, examine the situation from both the professional ethics perspective of those employees, what professional ethical standards did they violate, and what violation to the HIPAA Privacy Rule regarding access to information by an organization’s workforce occured. Outline additional measure the Cedars Sinai might have been able to take to prevent the unauthorized access.
Please see the Lesson Content and Rubric file for additional information to help you write the paper.
Save your assignment as a Microsoft Word document.
Module 09 Written Assignment- Celebrity Health Information-Requirements for Access vs Professional Ethics
|Criteria 1 Evidence of research of the case||10|
|Criteria 2 Issues of the case summarized||10|
|Criteria 3 Professional ethics aspect examined||15|
|Criteria 4 HIPAA Privacy Rule violation addressed||15|
|Criteria 5 Recommendation included on what could have prevented the unauthorized access||20|
|Criteria 6 Paper is a minimum of 2 pages in APA format with sources cited|
Health Information Uses and Requirements for Disclosure
Access, Requests and Disclosure of Health Information
Protection of the privacy and confidentiality of health information while allowing for the appropriate access, use and disclosure has become an increasingly complex process for healthcare providers and health information management professionals. The increasing amounts of available data collected, the electronic storage and manipulation of the data as well as the desire to use the available data in new ways adds to the complexity of situation. Where historically data relating to patient care was used for patient care, with the more easily accessible data, due to health information technology, we now see use growing in the areas of research, marketing, tracking compliance with laws and regulations, payment for care, safety of patients and the public. Consumers are also more keenly aware of both the type of data gathered about them during a health encounter and their rights regarding privacy which often leads to questions and debates regarding the “ownership” of the health record and health record information. It is essential that federal and state laws are followed, statutes are enforced, and policies and procedures are developed to ensure the patients’ rights are protected but access, use and disclosure are appropriately addressed both for the patient and for others. One of the areas which electronic health records have brought to the forefront is the issue of workforce member’s access rights to patient information. Organizations must be careful to identify who is their workforce by following the HIPAA Privacy Rule which broadly identifies the workforce as employees, volunteers, trainees and other persons, whether paid or not, who work for and under the direct control of the covered entity (CE) (45 CFR 160.103). Each of these workforce members may be granted different access, ability to use and disclosure rights and responsibilities based on their defined job description.
Required Reporting and Mandatory Disclosure Laws
As a health information management professional the reporting and mandatory state and federal disclosure laws which govern requests for information from certain agencies and organizations is important to be aware of. A healthcare organization should have policies and procedures relating to any mandatory reporting laws which relate to them, which covers how the data is gathered, maintained by the organization and reported under the laws and regulations. Some of the areas where mandatory reporting is required that impact a large majority of health care facilities are; abuse and neglect of children and the elderly, vital records, fetal deaths, communicable diseases, suspicious or unattended deaths, wounds indicative of crimes, medical device reporting, occupational fatalities, injuries or illnesses, and registries which are databases containing information about a disease or condition. To summarize, the mandatory disclosure laws address issues related to disease prevention and control and community health and safety. These laws require the disclosure of patient information without the patient’s authorization and offer protection from civil liability to those who disclose the information as a matter of regulation or law. The reporting laws usually stipulate that the information collected is not considered public information and that patient privacy and confidential information are protected. The laws will vary from state to state, so it is important to understand the importance of awareness of the federal laws as well as the laws and regulations of the individual statues in which one practices. The health information management professionals needs to be fully aware of the laws at the federal level and must know how to access state laws and regulations in order to review policies and procedures related to compliance.
The following PowerPoint presentations will guide your note taking as you explore the key concepts related to the Access, Use and Disclosure of Information and Mandatory Reporting.
Fundamentals of Laws for HI and IM, Chapter 12
Fundamentals of Laws for HI and IM, Chapter 13
“Redisclosure of Patient Health Information”
“Personal Genomic Information Management and Personalized Medicine: Challenges, Current Solutions, and Roles of HIM Professionals”