Health information management, also known as HIM, has been acknowledged as an allied health profession since 1928. HIM is a profession dedicated to the effective management of patient information and healthcare data needed to deliver quality treatment and care to the public. The original objective was to elevate the standards of clinical recordkeeping in hospitals, dispensaries, and other healthcare facilities (Sayles, 2014). Today HIM is known as the American Health Information Management Association or AHIMA. It still holds similar underlying purposes: to ensure the quality, confidentiality, and availability of health information across diverse organizations, settings, and disciplines (Sayles, 2014). HIM plays a critical role in the successful implementation of electronic health records and ensures that providers, healthcare organizations, and patients have access to the right health information when and where it is needed while maintaining the highest standards of data integrity, confidentiality, and security. It ensures compliance with legal mandates, but it has proven to be a challenge with the constant change in legislation and regulatory environment. Past surveys suggest that HIM plays some type of importance in accordance to HIPAA privacy and security compliance. In a 2006 AHIMA survey, members were asked about the progress of their organizations’ privacy and security compliance efforts. Margret Amatayakul & Mitch Work discuss those results in a 2007 journal article
Health information is a fundamental piece of data which represents a person, business, organization, or a community. This data is vital in monitoring and coordination of care for individuals and communities. It not only monitors and coordinates patient care, but reduces costly mistakes and prevent duplication of treatments as well as taking a pivotal role in preserving, securing, and protecting personal health information. Since, this information is extremely essential and sensitive, it must remain secure and safe to prevent frauds and cyber-attacks. First of all, this paper discusses vitality of the health information in regards to individuals, professionals, and organizations along with its benefits to improve overall quality of life. Secondly, it discusses the role of information technology in various aspects of the industry and the what the future holds within IT.
There is no doubt in that technology has multifaceted benefits but, at the same time, it has forced mankind to feel insecure. Every industry depends upon the data of the customers and the health industry is no more an exception here. The data of each patient is shared to facilitate health itself and for more rigorous and authentic research. Hence, protecting patient data is very important. It is so important that in 1996, the federal government introduced the Health Insurance
Although the EHR is still in a transitional state, this major shift that electronic medical records are taking is bringing many concerns to the table. Two concerns at the top of the list are privacy and standardization issues. In 1996, U.S. Congress enacted a non-for-profit organization called Health Insurance Portability and Accountability Act (HIPAA). This law establishes national standards for privacy and security of health information. HIPAA deals with information standards, data integrity, confidentiality, accessing and handling your medical information. They also were designed to guarantee transferred information be protected from one facility to the next (Meridan, 2007). But even with the HIPAA privacy rules, they too have their shortcomings. HIPAA can’t fully safeguard the limitations of who’s accessible to your information. A short stay at your local
There were concerns related to risks of hackers, malware attacks, password changes which can be disruptive to the clinical workflow and can lead to inefficiency. Human errors, inadequate knowledge and ability to use PHR (health literacy). Are the patients aware of the HIPAA regulations? Some patients of a particular age group refrain from using PHR. Interoperability which is the core purpose of electronic health records is also one of the primary concerns. The use of unauthorized USB drives can lead to the malware attack which may interoperability. The other questions that needs to be answered is despite encryption, firewalls which have been initiated to maintain security, there are still concerns about data security
Some health institutions believe that all the patients have the powers to control the use of their records and before any file is accessed, the patient must be consulted by the personnel responsible. To others, however, some of the patients may not know the needs of the health industry, and therefore, at least 200 people can be allowed to access their records. According to this group, the only way to improve the patient’s privacy is by reducing the number of people who access the records. Thus, despite the fact that digital files save on cost and time, there is need to focus on some of the issues affecting the privacy of records in the health sector. Therefore, as much as the current law allows sharing of patient information during payments and treatment, caution must be taken to reduce data mining and marketing using the same
Hospitals have put in place widespread security and privacy measures to protect patient health information. However, there are still errors being made in data security through the IT standpoint. Some of these errors or issues include:
There are many problems that could arise from a patient’s information landing into the hands of a stranger, a boss, an enemy, or any other individual that does not have permission to view that information.
In a large service-related Healthcare organization with the staff to patient ratio approximately 1:100, there is a greater threat by technology of breaching security records. Medical records include information about ones physical and mental being. They may contain information about ones relationship with family members, sexual behavior, drug or alcohol problems and HIV status ( Burke & Weill, 2005). The confidentiality is threatened when the medical records information is put on the Internet, by use of telemedicine, and by the use of e-mail by healthcare workers. Although this is the fastest way to store and share
There are three major ethical priorities for electronic health records: privacy and confidentiality, security, and data integrity and availability. The key to preserving confidentiality is making sure that only authorized individuals have access to information. The process of controlling access begins with authorizing users. The user’s access is based on pre-established, role-based privileges. Hence, designating user privileges is a critical aspect of medical record security: all users have access to the information they need to fulfill their roles and responsibilities, and they must know that they are accountable for use or misuse of the information they view and change.
Another downfall or disadvantage of using this software is the concerns of client’s security. Most individuals think a disadvantage would be the security vulnerability for the client’s medical records. The ultimate concern is that hackers are still out there and may steal client’s personal information and possible compromise their identity. It does not matter how many password encryptions, security features added, and firewalls are put up, hackers can get in there. However, there are also companies that specialize in security measures for the maintenance of Electronic Health Records software.
As has been true with the transition from paper to electronic medical records, health care providers will need to adapt their privacy and security practices in response to the specific privacy risks and compliance challenges associated with various forms of telemedicine. Depending on the nature of the telemedicine services being provided, this may require updating policies and security risk
With the proliferation of small personal and business computers in the 1990s, records were moving more and more from paper based records that were in the doctor’s offices to digital records stored on hard drives on computers. Many of these computers were also becoming connected to networks and to the internet by this time also. With these new technologies being mixed in with medical records that were previously locked in file cabinets it all of a sudden became much easier for a patients information to be transmitted out of the doctor’s office. (HIPAA Privacy Rule and Public Health, 2003) Of course, this was not a bad thing today we all depend on the ability of our records to be easily transmitted when needed from all sorts of agencies and
In a world full of electronics it would only seem logical to have health records electronic. Not only are medical records efficient, reliable, and quick to access, new technology allow patients to access their own personal medical records with a simple to use login and password. “People are asking whether any kind of electronic records can be made safe. If one is looking for a 100% privacy guarantee, the answer is no”(Thede, 2010). At my hospital, upon every admission we ask the patient for a password for friends and family to have to have if they would like an update on the patient 's condition. We do not let visitors come up and see the patient without the patient 's consent. In doing these things, we help to ensure the safety and protection of the patient 's health information and privacy.
In light of available security measures and their widespread acceptance within the information security community, there is no excuse for healthcare organizations to fail in fulfilling their duty to protect personal patient information. Guaranteeing the confidentiality and privacy of data in healthcare information is crucial in safeguarding the data of patients as there should be a legal responsibility to protect medical records from unauthorized access.