Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Healthcare IT
1. How safe do you think the “safe harbor” of HIPAA’s 18 fields is? Why?
There are two approaches towards HIPAA-compliant de-identification of PHI. These are expert determination and safe harbor (U.S. Department of Health and Human Services - HHS, 2018). In essence, safe harbor, which this section will concern itself with, has got to do with the removal of certain identifiers from the data set. In this case, a total of 18 “identifiers of the individual or of relatives, employers, or household members of the individual, are removed” (HHS, 2018). A key advantage of safe harbor is its simplicity. This is more so the case given that its implementation does not call for any technical or specialized knowhow. Its application is rather straightforward. It is important to note that even the removal of the said identifiers does not result in the total elimination or removal of the patient re-identification risk.
One of the key disadvantages of safe harbor is that except under very few circumstances, the safety of data is actually not guaranteed. This effectively means that the risk of re-identification happens to be rather high in some instances. For instance, assume a scenario whereby a public file has met the safe harbor standard but there is an ‘intruder’ who happens to know of a specific person in the data. All that the said intruder would have to do is retrieve the data set (which, by the way, satisfies the conditions of safe harbor) and fish for specific identifiers in relation to the person he is interested in. In this case, we could assume that the data set contains the first three ZIP code digits and ages (in years). All that the intruder has to do in this case is be certain of the age of his person of interest and perhaps where he resides to positively identify the record associated with the said person of interest. This is just one example of an instance whereby re-identification would happen with relative ease.
2. What do you think is the right balance between “patient’s privacy” and “public good”? Why?
It is important to note that some researchers have in the past argued that data protection laws could effectively impede the research process because in some instances they essentially make access to data a complex process for researchers (Steeves, 2007). A good example in this case, according to the author, would be the requirement to obtain consent. On this front, it becomes “difficult for researchers to access data that would otherwise be available to them”...…to enhance the safety of ePHI cannot be overstated.
To begin with, firewalls would come in handy in this regard. Firewalls seek to ensure that the network is cushioned against attacks by external parties. According to O’Dowd (2019), “firewalls are the first line of defense for securing healthcare network against the public internet.” As the author further points out, firewalls constantly monitor traffic (both outgoing and incoming) and thus only permit data that is pre-cleared to go through. Secondly, hard drives could also be encrypted. This move would effectively minimize data access by third parties if the said third parties were to gain physical access to hard drives used to store patient information and other related data. Thanks to the said encryption, the data contained therein cannot be read. Third, a two-factor authentication mechanism could be adopted with an intention of ensuring that security is extended beyond the basic combination of password and username. With two-factor authentication, the user can be verified via an additional method. A key component of this identification mechanism is the need for users to make use of a second factor, i.e. finger print scan or code set to phone, to identify themselves. This protects PHI from access by persons able to ‘beat’ the first line of defense, i.e. username and…
References
O’Dowd, E. (2019). Using Firewalls to Prevent Health Data Security Risks. Retrieved from https://hitinfrastructure.com/news/using-firewalls-to-prevent-health-data-security-risks
Safran, C., Bloomrosen, M., Hammond, W.E., Labkoff, S., Markel-Fox, S., Tang, P.C. & Datmer, D.E. (2007). Toward a National Framework for the Secondary Use of Health Data: An American Medical Informatics Association White Paper. J Am Med Inform Assoc., 14(1), 1-9.
Steeves, V. (2007). Data Protection and the Promotion of Health Research. Health Policy, 2(3), 26-38.
U.S. Department of Health and Human Services – HHS (2018). Guidance Regarding Methods for De-identification of Protected Health Information in Accordance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. Retrieved from https://www.hhs.gov/hipaa/for-professionals/privacy/special-topics/de-identification/index.html
Healthcare Information Technology Electronic Medical Record: User friendliness is among the significant factors- probably the most essential factor- hampering extensive usage of Electronic Medical Record EMRs in respiratory therapy within my organization. User friendliness features a powerful, usually direct connection with my organization's efficiency, error level, operator exhaustion and operator satisfaction- are all essential elements for EMR usage. Moreover, within my organization, it's been observed that efficient coaching and execution techniques impact
Health Care IT Health Care Information Technology The days of paper-based records in health care are fading. It is widely believed that the broad adoption of clinical applications such as computerized physician order entry (CPOE) can lead to major health care savings, help eliminate medical errors, and improve healthcare outcomes for patients (Lynn, 2011). Because of such benefits, the Obama administration included automated adoptions in health care as a part of its
Health Care Information Technology Changes in health information technology Healthcare and Information Technology Information Technology (IT) can be briefly defined as "the branch of engineering that deals with the use of computers and telecommunications to retrieve and store and transmit information." (Word Net, 2011). IT has evolved and still is evolving the way organizations communicate and carry on with their businesses. The office setting in the contemporary society is fully dependent on the
If healthcare information has been disclosed without consent of the patient, it is important to treat this as a breach of confidentiality contract and patient must be informed. Compliance with privacy clauses of AARA is very important because non-compliance can result in serious legal problems for physicians and hospitals. If HIPAA laws are not adhered too, the Act makes provision for legal action where violating party can face serious
healthcare information technology project failures and best practices recovery. It highlights factors that are responsible for such failures including lack of direction, clarity of goals, consistent system and application plans. It also investigates best practices that can mitigate these failures in the health care system. The paper lists the best interventions as; first, management's commitment to the goals and objectives of the projects, second, management's definition of a series
Health Care Information System The study looks into the importance of health care information system and its latest innovation system. In this paper, I also analyze various innovated health care system which improves the delivery of services to patients. IT further looks at the case study of hospital or clinic which already using the said system. In this case the study looked at Brigham and Women's Hospital, and its pros and