Reserved for Hifsa

NurseyNurse77
Responsetopeerdiscussionboad5.docx

19 hours ago

Steven Trudel 

Privacy, Security, and Quality Standards in Informatics

COLLAPSE

Top of Form

Discussion 5: Privacy, Security, and Quality Standards in Informatics

 

Patient Privacy is a key feature in today’s electronic age.  Everyone wants to receive High quality health care without having their information shared too just anyone.  The problem is there is not just one set of laws governing health care.  Laws such as the Health Insurance Portability and Accountability Act (HIPAA), the Medicare Conditions of Participation, and the Privacy Act of 1974 all govern patients’ rights but there are instances when these rules and regulations conflict (Shanholtzer, 2016, pg. 233).  These laws set national standards when it comes to privacy and sharing patient data.  These are not the only three laws when it comes to health care privacy.  In a study done by Dimitropoulos and Rizk they noted that “some organizations understood the basic provisions of the Privacy Rule but did not understand how and when state law applied (2009, pg. 30.)”  Each state has its own set of health care laws.  State and Federal laws can be different making it hard for organizations to share information.  This can create problems for Health Information Exchanges (HIE).

                HIE's are organizations that allow the sharing of information.  Privacy laws and security problems can cause issues with HIE communication and may cause delays in patients receiving the care they need.   “These delays are especially problematic if they prevent timely access to health care, subject people to the stress and hazards of unnecessary tests, and in general, negatively impact people’s health and wellbeing (Florida, 2007, pg. 7).”  These are problems that the Health Care field wants to avoid.  That is where Health Information Security and Privacy Collaboration (HISPC) come into play.  There goal is to promote interoperability among different organizations.  “Interoperability implies that diverse systems from different sources can seamlessly share data almost as if they were all part of a single system (Braustein, 2016, pg. 29).”  They were created to open lines of communication between major players and to promote interoperability when it comes to privacy and security for health care.

                The reason they are important is the inability to share information can have negative impacts for the patient.  As mentioned above it can cause delays and repeat tests.  Taking a look at multiple studies an article by Shapiro found that 40% of patients with ED visits during a 3-year study period had data at multiple institutions and looking at all visit types found that 41% of patients had visits at multiple facilities during a 23-month study period (2015, pg. 2).  That is almost half of the patients visiting an emergency department.  If the emergency department doctor could look into a patient’s electronic health record and see labs done a day ago or imaging done recently, it enables them to make better decisions.  This can save money, time, and ultimately a life.  This applies to providers of all types.  “Coordinated care models including the use of coordinated medical homes, have improved care and lowered costs associated with the complex care required for those children with complex and chronic conditions (Cook, 2014, pg. 3).”  The ability to coordinate care is important for patients and providers.  Privacy and security are important issues however they can be overcome through communication.  That is why HISPC’s are important, they are designed to communicate issues and overcome barriers to interoperability. 

The State of Florida has been a part of the Harmonizing State Privacy Law Health Information Security and Privacy Collaboration.  The goal of the Harmonizing State Privacy Law Collaborative is to advance the ability of states and territories to analyze and reform, if appropriate, their existing laws to facilitate interoperable health information exchange (Harmonizing, 2008, pg. 3).  This particular HISPC has seven states involved.  Each state has a different level of commitment but they are working towards one common goal interoperability between health care systems. 

                Genesis 11:6 says and the Lord said, “Behold, they are one people, and they have one language, and this is only the beginning of what they will do.  And nothing they propose to do will now be impossible for them (English Standard Version).”  This verse shows the importance of interoperability.  If our health care system is able to share data across all health care systems while maintaining a patient’s privacy and the overall security of the system it is a win for the patient.  Data sharing across systems is a complex issue but it can be overcome.

                 

References

Shanholtzer, M. & Ozanich, G., (2016). Health Information Management and Technology. (1st, Ed.) New York, NY: McGraw Hill.

Dimitropoulos, L., & Rizk, S. (2009). A State-Based Approach to Privacy and Security For Interoperable Health Information Exchange. Health Affairs, 28(2), 428-34.                                              http://dx.doi.org.ezproxy.liberty.edu/10.1377/hlthaff.28.2.428

Florida Center for Health Information and Policy Analysis Florida’s Agency for Health Care Administration. (2007). Florida’s Final Assessment of Variation and Analysis of   Solutions                 Report.  http://www.fhin.net/privacyRegulations/docs/FinalAssessmentReport.pdf

Braustein, M.L. (2014). Contemporary Health Informatics. Chicago, IL: American Health Information Managment Association.

Shapiro, J. S., MD, Crowley, D., MPH, Hoxhaj, S., MD, Langabeer, J., PhD, Panik, B., DO, Taylor, T. B., MD, Weltge, A., MD, & Nielson, Jeffrey A., MD, MS. (2015;2016;).                                Health information exchange in emergency medicine. Annals of Emergency Medicine, 67(2), 216-226.  https://doi.org/10.1016/j.annemergmed.2015.06.018

Cook, J. E. (2014). The HITECH act and electronic health records' limitation in coordinating care for children with complex chronic conditions. Journal of Allied Health, 43(2), 117.                         https://search-proquestcom.ezproxy.liberty.edu/docview/1550880366/fulltextPDF/C7913 D14852B4D16PQ/1?accountid=12085

Harmonizing State Privacy Law Collaborative. (2008). Health Information Security and Privacy Collaboration Harmonizing State Privacy Law Collaborative.                                                            https://archive.healthit.gov/sites/default/files/hspl_1_leg_analysis508.pdf

English Standard Version Bible. (2016). Bible Gateway. http://www.biblegateway.com/

Bottom of Form

Molly Pryor 

Week 5

COLLAPSE

Top of Form

Shanhotlzer and Ozanich (2016, p. 231) share healthcare professionals have an obligation to respect the privacy of patients. In this instance, healthcare professionals are not specific to physicians, nurses, and other clinicians. Protecting the privacy of patients is an expectation of all those in the healthcare workforce. Philippians 2:4 reminds us, “Let each of you look not only to his own interests, but also to the interests of others”. Every day in healthcare individuals have access to a variety of information through technology and direct interactions with patients. While it could be self-benefiting to have access to certain information, one must also keep privacy and security top of mind. It has also been researched, that increased privacy concerns from patients “reduce the frequency of EMR use, positive attitudes towards HIE, and perceptions of patient care quality” (Kisekka & Giboney, 2018).

               In collaboration with the federal government, the Old Dominion has taken measures to have processes across the state to support security and privacy of healthcare information. Virginia joined the HISCP in 2009 through a multi-year agreement leveraging the National Governors Associates and Virginia HIT (Finnerty, 2009). The HISC is a national program that studies privacy and security issues and supports state through their efforts. As the use of data and health information exchange has increased, the formal initiative ensures the safety of confidential of patient’s personal information. It also shows the importance of the initiative through the leadership of the federal government.

In addition, the Virginia Department of Health, has taken a stance on privacy and security with their mission of “protecting the health and promoting the well-being of all people in Virginia” (Virginia Department of Health, 2021). To achieve this mission, there are 4 supporting goals. One of which is directly correlated to sharing timely reliable data to ensure a healthy community. There are several collaborative partners to help the state achieve their goals.  One being the Virginia Healthcare Hospital Association (VHHA), which is an alliance for health systems across the state. Through the VHHA, hospitals organized an approach to handling cybersecurity attacks. The focus is related to early education through onboarding of new employees, development of prevention plan protocols, and proactive response in the event of a cyber-attack (Walker, 2017).

Another focus area of privacy and security for the state of Virginia is through its HIE, ConnectVirginia. In 2018, Virginia was the first state to connect all Emergency Departments through this virtual platform (Krisberg, 2018). Care teams in the emergency department are securely able to see visits encounters at other emergency departments, prescription monitoring program, and advanced directives. This allows providers a robust lens into a patient’s journey but doing so in a protective format that remains compliance with other regulations. ConnectVirginia does require organizations to commit to legal requirements to maintain the security of the platform.

An interesting area related to privacy and security of health information is that of minors. The HISPC providers a 71-page document, appendix A-9, outlining how each individual state responds to minor consenting on care and what information parents can obtain(healthit.gov).  It is fascinating to see the variation amongst states on how they address minors. In Virginia a child is no longer considered a minor when they turn 18, are emancipated, marry, or have a court order. When this occurs, they have the authority to identify those they wish to grant access. Minors in Virginia can consistent to a variety of services such as surgery and outpatient treatments. However, if they consent, they must be prepared that their parents will also be able to retrieve the information related to their care. The only instances where this is kept private for minors is related to substance abuse situations. Speaking for parents, most want all information related to their child and having limited access to certain situations may cause frustrations and vulnerability. While to the child, these regulations are in place to empower their ability to act in their best interest.

 

References

Finnerty, Patrick (2009). Report of the Virginia Department of Medical Assistance Services.  https://rga.lis.virginia.gov/

Health information security & Privacy COLLABORATION (HISPC). (2018, September 06). Retrieved February 18, 2021, from  https://www.healthit.gov/topic/health-information-security-privacy-collaboration-hispc .

Kisekka, V., & Giboney, J. S. (2018). The effectiveness of health care information technologies: Evaluation of trust, security beliefs, and privacy as determinants of health care outcomes. Journal of Medical Internet Research, 20(4), e107-e107.  https://doi.org/10.2196/jmir.9014

Krisberg, K. (2018). Virginia is first state to connect all ERs. (STATES IN BRIEF). The Nation's Health (1971), 48(8), 13-13.

 

Virginia Department of Health. (2021). VDH Strategic Plan. Retrieved February 18,2021 from  https://www.vdh.virginia.gov/commissioner/core-of-the-strategic-plan/

 

Walker, Julian (2017). Virginia Hospital Community Develops Cybersecurity Guidelines.  https://www.vhha.com/communications/virginia-hospital-community-develops-cybersecurity-guidelines-to-help-protect-health-care-information-systems-in-the-face-of-cyber-attack-threats/

 

Bottom of Form