For ethical, legal, and business reasons, the security of health care data must be a top priority in health care organizations. HIPAA, for example, requires that health care organizations safeguard patient data, and there are serious consequences for breaches of privacy. Yet organizations have many types of sensitive clinical or administrative information they need to protect. To make their systems secure, health care organizations put in place policies as well as technical safeguards such as encryption and passwords. There can be a tradeoff, however, between system security and ease of use by health care providers.
Prepare for this Application Assignment as follows:
- Select a type of health care organization, such as an outpatient clinic, nursing home, or hospital, and a specific department or function in this setting, such as a nursing unit, radiology department, or admissions, that would make use of sensitive health data. Bring to mind specific ways in which these data might be improperly accessed, lost, stolen, and so on.
- Review this week’s Learning Resources, and conduct online research, as needed, to clarify for yourself the ramifications for individuals and organizations of security breaches in this department, and the solutions that have been devised to protect these data. In what ways might these security measures interfere with the staff’s ease of use of the system? Consider how best to balance these competing interests of data security and convenience for staff.
Then write a 2-page paper that addresses the following:
- Describe key challenges for your selected health care department in ensuring that its sensitive data are secure. Illustrate with specific examples, and address not only technological issues but also human factors involved in ensuring its system security.
- What are some implications of security breaches of its health care data? Who might be impacted and how?
- Summarize security measures that might be taken as well as their potential impact on the staff’s ease of use of the information system.
- Explain what you believe is the appropriate balance between data security and ease of use.
This Application Assignment is due bymidnightof 12/07/2014.
Your written assignments must follow APA guidelines. Be sure to support your work with specific citations from this week’s Learning Resources and additional scholarly sources as appropriate. Refer to theEssential Guide to APA Style for Ashford Students to ensure your in-text citations and reference list are correct.
Resources:Course Text: Handbook of Informatics for Nurses & Healthcare Professionals
- Chapter 12, “Information Security and Confidentiality” This chapter reviews potential threats to the security of health information systems and the administrative safeguards that can be employed to protect against these threats.
- Chapter 13, “System Integration and Interoperability” This chapter examines important issues related to systems integration and interoperability. It identifies key points for consideration during the integration process, including factors that can impede the process. It also discusses the important role that standards play in the integration process as well as the long term operability of systems.
- Chapter 22, “Continuity Planning and Disaster Recovery” This chapter explains the nature and purpose of continuity planning, that is, ensuring an interrupted operation of critical services in spite of technological disruptions; it also describes methods for protecting against data loss and recovering data and restoring systems in the event that disasters of one sort or another occur.
- Course Text: Health Care Information Systems: A Practical Approach for Health Care Management
- Chapter 3, “Health Care Information Regulations, Laws, and Standards” ((pp. 81–96, “Legal Aspects of Managing Health Information”) This section outlines HIPAA and other laws and regulations involving the management of health information.
- Chapters 10, “Health Care Information System Standards” This chapter explains that information systems must follow established standards in order to allow for interoperability, that is, for communication among systems. This chapter describes the various standards in use in health care information systems and challenges to achieving interoperability.
- Chapter 11, “Security of Health Care Information Systems” This chapter reviews potential threats to the security of health information systems and the administrative safeguards that can be employed to protect against these threats.
- Article: Hammond, W. E. (2004). The role of standards in electronic prescribing. Health Affairs, 23, 325–327. Retrieved from http://ezp.waldenulibrary.org/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=sih&AN=15592361&site=ehost-live&scope=site This article defines the system functionalities that are required and desirable to ensure patient safety and quality of care. Health data standards are a prerequisite for the interoperability to support electronic prescribing. It also discusses some of the barriers and problems in producing and adopting those standards.
- Article: Pike, G. H. (2009). HIPAA gets new privacy rules. Information Today, 26(4), 13–1 5. Retrieved fromhttp://ezp.waldenulibrary.org/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=a9h&AN=37191466&site=ehost-live&scope=site
This article discusses security and privacy provisions of HIPAA that have been extended by ARRA, including a notification requirement in cases of data breaches.
- Website: American National Standards Institute–ANSI
http://www.ansi.org/ ANSI is the administrator and coordinator of the voluntary standardization system for the private sector in the U.S. ANSI accredits the procedures of standards developing organizations (SDOs) and facilitates the development of the American National Standards (ANS).
- Website: Health Level Seven International- Homepage
http://www.hl7.org/ HL7 provides standards for interoperability that improve care delivery, optimize workflow, and reduce ambiguity.
- Website: WHO: International Classification of Diseases (ICD)
WHO is the authority for health within the United Nations’ system. The ICD is the international standard diagnostic classification for all general epidemiology, many health management purposes, and clinical use. This site provides an overview of the program as well as access to the classification system itself.