Discussion: "Securing Health Care Information Systems"
Please respond to the following:
• From the e-Activity, give your opinion as to whether or not the new procedures that the hospital implemented efficiently resolve the issues in this case. Next, suggest an additional procedure that the hospital could utilize in order to secure patient privacy regarding medical condition and treatment plan. Justify your response.
• Identify the key threats (e.g., internal, external, intentional, and unintentional, etc.) to the security of health care information. Select the single most significant threat, and suggest one way to minimize the threat that you have chosen. Provide a rationale to support your suggestion.
Following HIPPA laws can be very simple yet complex. You can't release any private information or give information to the families in an emergency situation. At my last practice there was many occasions that a family member called and we could not release any medical information, unless a HIPPA formed was signed. It also had to have the specific person's name on the list to release the information.
The hospital put into place procedures that would protect the privacy of the patient. I do believe that these measure should have already been in place, but they do help maintain HIPPA and its measures.
The challenge that many health professionals encounter is trying to get a hold of a patient if a specimen or pathology comes back with questionable results. If the patient needs to see a specialist rather quickly, then the medical staff has to try their best to convey that without violating HIPPA. It can be frustrating and difficult at times.
Internal threats to privacy and computer information are employees and other staff that have access to it. You have to entrust your staff to keep it private and safe.
External threats are hackers and other individuals or companies that want to gain access to medical information. They can do harmful things to an individual or a company should they gain this access.
Intentional can come from external or internal sources. These are the individuals that want to obtain the information for harmful purposes.
Unintentional threats are when an employee accidentally leaves a computer screen on and another patient is able to look at it. This can also be when two employees are speaking with each other and a unintended party overhears the medical information.
The single most threat to an organization that stores medical information are external individuals. These are the hackers that are attempting to do harm. The best way to combat this challenge is to always make sure the computers utilize firewalls, passwords and encryption to help prevent any obtaining of information. At a health care facility level always hide passwords and only allow those who need it to gain access to certain information.
Health Information Privacy, (2017), "Hospital Implements New Minimum Necessary Policies for Telephone Messages".