Reflective Essay One (RE1
Reflective Essay One (RE1): Week One (W1)
Technological advancements have taken a leap in the past few years making technology a part of everyday life. The advancements have had a major impact on the collection, storage, and use of information—especially personal information. One of the sectors that have been fast in adopting technology is the health care sector. Adoption of technology in healthcare, however, has come with information privacy and security issues in relation to patient information. Concern for privacy is especially important in healthcare, where different professionals have access to patient information. Concern for safety and security of patient information was the precursor to Health Insurance Portability and Accountability Act (HIPPA) of 1996, whose aim is to secure patient information, guaranteeing privacy and confidentiality of the information even in instances where the information requires sharing between healthcare providers (Nass, Levit & Gostin, 2009). Although HIPAA’s aim is to ensure privacy and security of patient information, the current era of socialized medicine requires information sharing between health professionals, planners, and researchers for various reasons (Papoutsi et al., 2015). Of concern, therefore, is whether restrictions on confidentiality, rights, safety, and security of patients in an era of increased socialized medicine have any pros and cons as this paper will discuss.
HIPPA’s passage and enforcement that came into effect in 1996 have had a major impact on patient information security and privacy, particularly in the age of health information technology and socialized medicine. Before its passage, matters concerning privacy and confidentiality in healthcare were under state common law, and in other instances, statutory law (Moore et al., 2017). HIPPA’s passage, therefore, brought sanity to access and distribution of patient information. To the effect of streamlining security of patient information, HIPPA’s most important of its three provisions was the administrative simplification provision (the other two were portability and tax provisions). Contained in the administrative simplification provision was the development of nationwide security standards and safeguards for electronic health care information use; development of health identifiers; and development of standards for the protection of personally identifiable medical information (Nass, Levit & Gostin, 2009).
One of the most significant concerns for patients is the privacy and security of their information. Implementing a safe and secure means of keeping and retrieving patient information builds confidence in the system among patients and healthcare providers. The absence of such technology and assurances had meant that patient information could be stolen, misplaced or released without patient authorization (Moore et al., 2017). Since HIPPA, however, patient confidence in the security of information has been on the rise, with many assured that their information is secure, even when sharing it with HIPPA compliant third parties.
HIPPA’s advantage lies in its concern for patient confidentiality, security, and privacy. By developing standards for protection of personally identifiable information and secure storage and transmission of patient information, HIPPA not only ensures that different health care providers, professionals, and researchers can gain access to patient information, but also enables health care providers to give out only the relevant information without breaching patient confidentiality (Nass, Levit & Gostin, 2009). Information security and privacy assurances, including strong anonymity and consent mechanisms, ensure that even in the current age of information sharing and record linkages (Moore et al., 2017), patient information remains secure, private, and confidential despite sharing the same information with other healthcare providers, planners, and researchers.
Under the new rules of confidentiality, rights, safety, and security of patients through laws such as HIPPA, rules on protection of data and protection of patient information covers all entities within health care privy to patient information. The new rules cover Electronic Health Records service providers, business associates, researchers, and planners, all of whom need to obtain assurances that any disclosures on the data they receive will remain confidential (Pasquale & Ragone, 2014). To ensure confidentiality and discourage third parties from misusing patient information, there are civil penalties and fines for health care providers that breach patient confidentiality. Such penalties and fines ensure that patients’ information remains secure and confidential.
An additional rule to HIPPA was HITECH (Health Information Technology for Economic and Clinical Health Act), whose passing gave patients access to their records and accounting for disclosures (Pasquale & Ragone, 2014). Before HITECH, patients’ comprehension of the nature and range of their accumulated health information was difficult. The difficulty arose due to the fact that there was no need for accounting for treatment, payment, and healthcare operations (Pasquale & Ragone, 2014). The absence of accounting meant that the patient did not have full access to their health information. HITECH requires accounting for any patient information, promoting patients’ rights to understand the use of their records.
However, despite the aforementioned advantages that accrue to patients, there are a number of cons to theconfidentiality, rights, safety, and security of patients as stipulated by the numerous laws. For instance, individuals can easily elect to hold back information and postpone treatment rather than disclose specific forms of health information (Papoutsi et al., 2015). Patients may choose to take such action especially when they observe they have little to no say over the information’s use. Moreover, even sharing information between health professionals may be alarming to the patient, especially in instances when the patient has a potentially stigmatizing health issue.
Part of patients’ confidence in sharing their information stems from their trust in the law and professionalism of healthcare professionals and providers. There have, however, been instances of HIPPA violations of patient confidentiality including disclosure of celebrity patient records by an Administrative Assistant at the University of California at Los Angeles (Aselton & Affenito, 2014). Perhaps even more of a con is privacy problems present during the transfer of health records from one practice to another. The process may not only lead to corruption of data, but there have also been cases of data breaches during the transfers as well as passing irrelevant information to the next practice.
The rules on confidentiality, rights, safety, and security of patients require that healthcare professionals should not disclose patient information without patient consent. The rule extends to non-disclosure of patient information to family members or even partners (Malin, Emam, & O’Keefe, 2013). While the rule safeguard’s the patient’s privacy and keeps doctor-patient confidentiality, it has the potential of putting family members and partners at risk, especially in cases of contagious diseases (Aselton & Affenito, 2014). Worse is an instance where the patient is terminally ill and requires palliative care. Informing family members becomes a breach of confidentiality, and while such a move may be beneficial to the patient and family members, it may potentially expose the healthcare professional to legal litigation over such a breach.
Conclusion
Confidentiality, rights, safety, and security of patients must remain a great concern for health care providers, researchers, planners, and health insurance providers. The right to privacy is guaranteed to the patients, even as patient-doctor confidentiality galvanizes the right. HIPPA and HITECH provide frameworks on which patient confidentiality, rights, safety, and security find their founding. While it may be necessary to share patient information in the current era of socialized medicine and interprofessional working teams in healthcare facilities, it is important to remember that patient confidentiality remains pivotal in gaining patient confidence. However, good judgment must also be part of the doctor-patient confidentiality, especially in instances where the patients’ condition may present a potential danger to others. Thus, while the patient has rights that guarantee his/her privacy, others have right to life and information: thus, the need for healthcare professionals to employ sound judgment in choosing the type and time of information dissemination to others, especially without the patient’s consent.
Recommendations
Patient confidentiality remains one of the fundamental tenets of a healthcare provider-patient relationship. To further safeguard patient information, it is important to provide audit trails that help in tracking individuals accessing patient information. Through such trails, it will be possible to identify the responsible individual in case of any breach.
HIPPA and HITECH only provide frameworks for the protection of patient information and rules on securely sharing and storing collected data. Such measures while commendable are not comprehensive. Granting states the leeway to develop and adopt more stringent standards for additional privacy regulation can go a long way in bolstering HIPPA and HITECH.
Given the possibility of access to patient information by for-profit business entities, data encryption should be a standard for all patient information. Such measures will ensure that health data is unreadable/unusable by unauthorized entities.
References
Aselton, P. & Affenito, S. (2014). Privacy issues with the electronic medical record. Ann Nurs Pract 1(2), 1-4
Malin, B., A., Emam, K., E., & O’Keefe, M., C. (2013). Biomedical data privacy: Problems, perspectives, and recent advances. J Am Med Inform Assoc., 20(1), 2-6. Retrieved from https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3555341/.
Moore, I., N. et al. (2017). Confidentiality and privacy in health care from the patient’s perspective: Does HIPPA help? Health Matrix: The Journal of Law-Medicine, 17(2), 215-272. Retrieved from https://pdfs.semanticscholar.org/cd4e/51b081694e1f6da582bfb51fea8244f5eae7.pdf.
Nass, S., J., Levit, L., A., & Gostin, L., O. (2009). Beyond the HIPAA Privacy Rule: Enhancing Privacy, Improving Health Through Research. Washington, DC: National Academies Press
Pasquale, F. & Ragine, T., A. (2014). Protecting health privacy in an era of big data processing and cloud computing. Stanford Technology Law Review, 17, 595-654. Retrieved from https://ncvhs.hhs.gov/wp-content/uploads/2017/11/Pasquale-Ragone-Protecting-Health-Privacy-in-an-Era-of-Big-Data-508.pdf.