Login Signup
Verified Document

Ethics And Health Information Term Paper

Related Topics:
Open Document Cite Document

Managing Medical Records and the Implementation of Tools and Safeguards Required within HIS Introduction

Few practices are more important in managing health information systems than managing medical records, safeguarding patients’ medical history, and ensuring that all end users of medical information technology are approved and trained. Some of the biggest factors in security breaches are end users themselves (Rhee, Kim & Ryu, 2009). This is why training of staff on how to use equipment and the importance of protecting passwords is so important (Jackson, 2018). However, the system itself should have system protections built-in that can protect against end user mistakes—protections such as double security via multi-factor authentication (Crossler & Posey, 2017). This paper will discuss the programming language and relational databases that should be used to accommodate security needs for the HIS, the information tools and safeguards required to protect it, the security needed for electronic health records, an applicable code of ethics, and proposals for training staff.

HIS Programming Language and Relational Databases to Accommodate the Task

As Prince (2013) notes, “some programming languages are more susceptible to specific security flaws than others”—which means that some programming languages need to be avoided when it comes to HIS. Those languages include C and C , even though they are commonly used elsewhere. Their commonality is actually part of the problem. Because so many people are familiar with them, it is easier to hack one’s way into systems written in those languages. The issue with them systematically is that they are not type safe languages. In other words, the programmer is responsible for where the type and data go, how information is compiled and arranged, and so on. This makes it far more likely that errors will creep into the programming, errors that can then be exploited by hackers (Prince, 2013). For HIS, a type safe language should be used that reduces the likelihood of such errors occurring. A type safe language is one in which the language itself tracks integers, strings and space amount allotted to information inputs. Languages like .Net are much more preferable for HIS than C because .Net is type safe and thus provides buffers for programmers (Prince, 2013). If HIS security is going to be improved, the programming language has to be one that has improved since C was first unveiled, and that is the case with .Net. The language itself will not solve all the problems—developers will still bear some responsibility in developing a program that is secure; but starting with a language that can help minimize the risk of human error is preferable.

As for databases, the most common database used in health care is the relational database (Campbell, 2004). These are the most commonly used because they allow for the tracking of patient care, such as treatments, outcomes, heart rate, and so on. The relational database can connect to various other systems already in place—i.e., they are compatible with other systems—so, for example, patient information entered into the system in the emergency department can be linked to billing and so on. Or the registration system can be linked to it so that immediately upon registering a patient’s information is available to the nurses in the department he or she will be accessing at the facility (Campbell, 2004). The good thing about relational databases is that it means data only has to be entered in once.

Information Tools and Security Safeguards Needed for...

While end user training is really the first line of defense against data breaches, there are other ways that the system can be developed to ensure protection. One of the most important ways is through multi-factor authentication, which offers at least two layers of protection of data whenever it is being accessed by end users. However, even this level of protection is not 100% guaranteed, as there are other ways for hackers to steal data. Data breaches can occur by hacking into the centralized identity repository; surveillance can be conducted of all data and patients’ privacy can be compromised (Crossler & Posey, 2017). Denial of service attacks can occur, eavesdropping, spoofing and tampering can all be ways that hackers meddle, and there are virtually myriad other ways that hackers can penetrate a system—and most of them rely upon end user negligence or upon the end user not being trained to recognize suspicious activity (Vanguard Communications, 2015).
That is why training employees on how to...…with passwords written on them for everyone to see.

Building a security culture is important of course, and one way to do that is through interesting training exercises like a weekly security trivia, in which workers can earn points for their team. Points could be redeemed for a pizza party or some other prize. The trivia would focus on understanding security issues and increasing workers’ security intelligence. The weekly trivia contest could be like the trivia games played in restaurants and pubs, only here it would focus on security questions. This type of training is more interesting, generally, to workers—and more meaningful and effective ultimately—than mundane Power Point presentations or computer-animated videos that are watched for five minutes and then forgotten about. The goal here is to get the workers thinking about what matters in terms of security and then using that energy to keep them engaged and knowledgeable.

HealthIT.gov (2018) offers privacy and security training games that staff can play to build up their knowledge of how to ensure that systems are kept safe and secure. As Health IT.gov (2018) notes, “the use of gamification by ONC is an innovative approach aimed at educating health care providers to make more informed decisions regarding privacy and security of health information.” Training does not always have to seem like a chore or a bore. It can take the form of something fun that trainees actually enjoy. The more fun they have doing the exercises, the more likely they are to be engaged with the learning material. And the more engaged they are, the more likely they will acquire a deep down understanding of the essential information they need to keep the system safe and patient data secure.

Conclusion

Managing health information systems effectively is important for the successful usage and storage of patient information as well as for the linking of various departmental information needs throughout a facility. Patients have the right to expect that their health information is protected, and end users have a duty to ensure that they follow the ethical principles regarding electronic health records usage. Staff have to be trained, however, to know what best end user policies are—because they, ultimately, are the first line of defense.

References

Campbell, R. J. (2004). Database Design: What HIM Professionals…

Continue Reading...
Cite this Document:
Copy Bibliography Citation

Related Documents

Essay
Health Information and Confidentiality
Words: 1092 Length: 3 Document Type: Case Study

Mary have the right to reveal this information to others? Please justify your answer based on what you know about public health and ethics. Health information management ethics do not allow Mary to reveal the information. Medical records are used to aid decision making in clinical health circles. They are used for a range of other processes including service coordination, efficacy of health care, evaluation, legal security, research, accreditation supplications,

Read More
Essay
Health Information Technology Benefits
Words: 662 Length: 2 Document Type: Essay

Health Information Technology (HIT) is technology that is used to help make health care easier for all stakeholders—both patients and care providers. Examples of HIT include electronic health records, personal health records, e-prescribing, and online communities. HIT allows information to be communicated, stored and shared among people in the industry, whether they are patients providing care givers with access to information or care givers sharing information with other care givers.

Read More
Essay
Health Information Systems HIS and Nursing Informatics
Words: 4777 Length: 5 Document Type: Term Paper

A1. Advantages and Disadvantages of a System All health information systems (HIS) come with great advantages and some disadvantages that must be taken in account to keep patients safe. A HIS is a system that captures, retains information, and helps manage it. A HIS can be used to send health information within an organization and outside of the organization. Several items within a healthcare organization have interoperability with the HIS such

Read More
Essay
Protection of Digital Health Information With Increase
Words: 1333 Length: 4 Document Type: Essay

Protection of Digital Health Information With increase health information technology store access patient information, likelihood security breaches risen. In fact, Canadian Medical Association Journal (CMAJ): In United States, a whopping 97% increase number health records breached 2010-2011 Ensuring that patient information is protected at all times is vital for any health care institution. Patient information records contain sensitive information that can be used for malicious purposes like identity theft, credit card fraud,

Read More
Essay
Optimizing Health Information Systems
Words: 3717 Length: 12 Document Type: Research Paper

Optimizing Merged Health Information Systems Although the merger of two comparably sized companies competing in the same industry is a relatively commonplace business strategy, the process is fraught with obstacles and challenges and a significant percentage of merged entities fail outright because of these problems (Murphy, 2019). These types of problems are further compounded when there are sophisticated information systems involved that must also be merged successfully. The purpose of this

Read More
Essay
Primary Care Practice Upgrading to a Current Cutting Edge Health...
Words: 606 Length: 2 Document Type: Research Proposal

Medical Information System Upgrade Proposal The information system currently relied upon by this practice is extremely outdated; it is incapable of assuring information security, and highly inefficient. Current information management practices in this office are significantly outdated and will eventually have to be upgraded to maintain any capacity to coordinate with other offices and to process ordinary transaction because digital systems are already the standard throughout modern American healthcare and business

Read More

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now