hi

HI-TECH PRESENTATION

Step 5

Step 3

How can patient privacy br protected with the use of electronic records?

What type of security must be established to ensure confidentiality of the electronic health record?

Step 1

The The Health Insurance Portability and Accountability Act (HIPAA) Security Rule requires specific measures to safeguard your electronic protected health information to ensure its confidentiality, integrity, and security.

A few of the safety measures built in to electronic health record (EHR) systems to protect your medical record may include:

“Access control” tools like passwords and PIN numbers, to limit access to patient information to authorized individuals, like the patient's doctors or nurses.

"Encrypting" stored information. That means health information cannot be read or understood except by someone who can “decrypt” it, using a special “key” made available only to authorized individuals.

EHR systems are backed up like most computer systems, so if you are in an area affected by a disaster, like a hurricane, your health information can be retrieved.

The federal government put in place the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule to ensure you have rights over your own health information, no matter what form it is in.

HITECH and HIPAA impact

Security refers directly to protection and specificaly to the means used to protect the privacy of health information and support professionals in holding that information in confidence. The concept of security has long applied to health records in paper form; locked file cabinets are simple example. As use of electronic health record systems grew, and transmission of health data support billing became the norm, the need for regulatory guidelines specific to electronic health information became more apparent. The HIPAA Security Rule provided the first national standards for protection of health information. Addressing technical and administative safeguards the HIPAA Security Rule stated goal covered by the Privacy Rule while allowing healthcare providers appropriate access to information and flexibility in adoption of technology.

When Congress passed the HIPAA Privacy Rule in 1996, it presented challenges for healthcare organizations when working with patient information. However, these organizations have also seen benefits from HIPAA. For healthcare organizations, meeting the provisions regarding this privacy rule can be tricky and they are advised to find guidance from an experienced law firm they can trust.

The HITECH Act strengthens the enforcement of HIPAA privacy rules.

Addresses the security of electronic health records (EHR).

EHRs are intended to improve the security and storage of healthcare information

it presented challenges for healthcare organizations when working with patient information.

One of the provisions of the Act (Section II) severely restricts the ability of healthcare organizations to share patient information.

Each organization must get a signed form from a patient indicating to whom the organization may share the patient’s medical information.

Without that written permission, the information cannot be shared in any way that would allow an employee to identify the patient from the medical information shared.

cannot freely do studies based on patient chart data, unless the patient releases that information to them.

inability to research freely has caused the cost of recruitment for studies and surveys to rise considerably.

Healthcare providers cannot freely share patient information between them.

Each client and patient must give implicit permission for a healthcare provider to share information.

Without being able to share patient information between providers, it takes more time to obtain critical information that can affect patient care.

Healthcare organizations face additional legal costs if they violate HIPAA privacy provisions.

Costs have risen because of the complexity of implementing HIPAA privacy provisions.

Healthcare organizations regularly bring in consultants to ensure they are meeting all the provisions of the Act.

These organizations also need to provide training and certification for employees on the provisions of the Act.

Implementing HIPAA privacy provisions has also created extra paperwork and administrative activities for maintaining compliance.

MADDY

ASHLEY

RENDIEALISHA

CESAR