case 2-20

.docx

School

Palm Beach State College *

*We aren’t endorsed by this school

Course

1012C-1

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

5

Uploaded by SargentGuanacoPerson960

Report
1 Lesson 16 - Case 2-20 Investigating Potential Privacy Violations Lisette Gonella Palm Beach State College HIM1012C Health Information Law, Ethics, and Compliance March 31, 2024
2 Lesson 16 - Case 2-20 Investigating Potential Privacy Violations 1. Some alcohol and drug abuse health records were inadvertently left accessible via the internet. Fifty patients were affected. Yes, there is a violation. Either the healthcare provider or the business associate of the healthcare provider must provide notice to the patients of the breach. Such notice must be given within 60 days after the discovery of the beach. Additionally, the healthcare provider must notify the Secretary of Health and Human Services so it can go into the annual basis. (McWay, 2021, p. 73). 2. A patient overheard a physician telling another patient’s family that the cancer had spread to the surrounding lymph nodes. The physician was talking in a low voice in a corner of the hallway. No violation. 3. A hacker accessed the lab information system and viewed multiple health records. Yes, there is a violation. Because we don’t know how many health records were viewed, a risk assessment has to be made. if there are less than 500, it should be reported in an annual report to the Secretary of Health and Human. Patients should be notified within sixty days of the discovery of the breach (McWay, 2021, p. 284).
3 4. A single form from a different patient was sent to the requesting patient. Yes, there is a violation. This has to only be notified in an annual report to the Secretary of Health and Human Services. The patient needs to be notified within sixty days of the breach (McWay, 2021, p. 73). 5. A computer was not logged off and a visitor looked up his mother’s PHI. No, there is no violation. 6. A monitor is turned towards the reception desk so that anyone who walks by can see it. No, there is no violation. 7. A patient complained that his ex-wife looked at his record and told his girlfriends that he had human immunodeficiency virus (HIV). Yes, there is a violation. How did she get access to his records? The incident should be reported to the facility's privacy officer. The patient should be advised to take legal action if necessary, and steps should be taken to strengthen security measures to prevent unauthorized access to patient records. (McWay, 2021, pp. 73, 170). 8. A patient’s lab test was left lying out on the counter of the staff workroom. Staff were in and out of the room all day. Yes, This is a privacy violation as the lab test was accessible to unauthorized individuals. The incident should be reported to the facility's privacy officer. Staff members should be reminded of the importance of safeguarding patient, only one
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help