Significantly all nurses are responsible for ensure the protection of patient information. As a nurse, maintaining a patient's confidentiality, human dignity and privacy is expected at all times. Nurses are faced with maintaining patient confidentiality on a daily basis. Nurses are to be accountable for their actions and are expected to advocate and strive to protect the rights, health and safety of patients (American Nurses Association, 2011). Nurses have the opportunity to defend and protect patient rights, to promote compassionate care, and to enhance the dignity and the autonomy of their patients. Furthermore, nurses are faced with ethical issues every day in the healthcare setting and dealing with these challenges which may be difficult. According to the ANA (American Nurses Association), it is the duty of nurse to protect the patient's rights, safety, health and advocate for the patient. By treating the patient in an open area, invades their privacy, can cause embarrassment and most of all jeopardize trust between the patient and care giver. This negligent care could also lead to legal ramifications in the future against the hospital. At our facility, the most common security requirement is entering user-name and password to access patient information. Snooping in unauthorized area or inappropriate employee access to sensitive information is a major issue. Unsecured record is another major issue at facility.
The increase of health information technology used to store and access patient information has increase security breaches over the years. In recent years, the U.S. Department of Health and Human Services' Office for Civil Rights has severely punished healthcare entities that have been lax at securing patient data and violated HIPAA privacy and security rules. Example, in August 2015, Cancer Care Group, P.C., based in Indianapolis, agreed to pay $750,000 to settle potential HIPAA violations that occurred three years earlier when someone stole a laptop bag from an employee's car. The bag contained the employee's computer, which held unencrypted backup media containing the names, addresses, dates of birth, Social Security numbers, insurance information and clinical data of approximately 55,000 current and former Cancer Care patients. Another incident in July 2015 highlighted security lapses at St. Elizabeth's Medical Center in Boston, which agreed to pay $218,400 to settle potential HIPAA violations that occurred in 2012 when workers used a Web-based document sharing application to store files containing the electronic protected health information (PHI) of at least 498 individuals. In a separate incident, another breach was uncovered when it was revealed that unsecured PHI was stored on a former employee's personal laptop and USB flash drive, affecting 595 individuals.
Given the frequent rotation of people logging onto the network and the tendency to bring their own devices to work, which increases the risk of a healthcare data breach develop a software with a network access control application. (Bharadwaj, 2016). To better secure its network, the medical facility developed first-of-its-kind solution at a health system by creating middleware that links facilities' mobile device management software with a network access control application (Bharadwaj, 2016). However, when users bring their own devices, and attempt to connect onto the network, they must receive service activation from both the software and network access app before they can gain access to the hospital system's network. To ensure HIPPA laws are being followed, individuals who collect and transmit medial information must implement reasonable administrative, and physical safeguards to maintain patient integrity, confidentiality as well as prevent inappropriate or unauthorized access to records (Brown, 2009). Encrypting health devices is one way of preventingand decreasing the possibility of security breaches. Sometimes technical safeguards are vital in warding off physical threats. When a device such as a laptop or tablet is encrypted, a thief will have a difficult time making sense of any of the information potentially stored on the device should the device get stolen. In addition, not every healthcare organization encrypts their employee devices, and this unfortunately often leads to the disclosure of patient information.