Вы находитесь на странице: 1из 15

Ensuring Patient

Privacy
in an Electronic World
Stevi Kurz, CCA
University of Cincinnati, Clermont College
Project Scope
This project will cover the difficulties and potential solutions in order
to maintain patient privacy in the electronic healthcare world. Our
healthcare settings, as we know them, are changing in a fast-paced
manner. All healthcare entities are moving towards an electronic
format for multiple components of healthcare. Some of these
components include electronic health records, electronic patient
portals, and even electronic and web based patient appointments. In
order to fulfill our role as HIM professionals we must ensure patient
privacy is ahead of this change and able to protect patients at all cost.
Project Goal Statement
My goals of this project are identify the security risks associated with
an electronic healthcare format as well as combat those risks with
solutions to keep protected health information safe and secure.
Project Deliverables
• Providing both the risks and benefits associated with electronic
healthcare
• Providing solutions to the risks associated with electronic
healthcare
• Providing Associates level research to showcase at the OHIMA
summit
Timeline
February 5, 2018:

1. Deliver notice of intent to participate to OHIMA and BlackBoard

February 12, 2018

1. Identify resources, highlight and prepare resources for research use

2. February 19, 2018

3. Complete PowerPoint

February 26, 2018

1. Submit to OHIMA

April 16, 2018:

1. Finish paperwork

2. Finish UC PowerPoint

3. Have portfolio professionally printed and bound

4. Submit portfolio

5. Present PowerPoint to class and Professor Foltz


Tasks
• Submit notification of intent to • Rough draft of PowerPoint
participate in OHIMA showcase to
OHIMA via link • Finalize PowerPoint
• Submit notification of intent to • Have PowerPoint viewed by HIM
participate to professor via BlackBoard professional before submitting
• Create a list of potential research topics • Submit to OHIMA
• Choose research topic • Finish up UC paperwork
• Locate resources • Have paperwork professionally printed
and bound
• Comb through resources, discarding
unreliable sources or outdated • Finish UC PowerPoint
information
• Turn in portfolio
• Highlight resources with pertinent
information regarding research topic • Present to class
Resources Used
• Computer
• Library work space
• Textbooks for searching
• Web based resources
• PowerPoint
Project Risks
• Shortened timeline
– Project due March 2nd vs April 20th

• Information must be fully accurate


– Research will be on display for prominent HIM professionals and many
potential future employers
– My name will easily be associated with the project if someone did a Google
search

• Not only representing myself, but the University of Cincinnati as a


whole
Progress Reports
Progress Report 1 Progress Report 2
Week of January 29, 2018 Week of January 5-12, 2018
Activities conducted this week Activities conducted this week
included: included:
1. Submit notice to OHIMA and 1. Finalize research topic
Professor Foltz
2. Begin researching and locating
2. Brainstorm research topics sources

Activities planned for next week Activities planned for next week
include: include:
1. Finalize research topic 1. Work on PowerPoint
2. Begin research
Progress Reports
Progress Report 3 Progress Report 4
Week of: February 19, 2018 Week of: February 26, 2018
Activities conducted this week Activities conducted this week
included: included:
Work on PowerPoint Submit to OHIMA
Have PowerPoint reviewed by HIM
professional – My mother, she is in
medical Reimbursement Activities planned for next week
include:
Finish paperwork
Activities planned for next week
include: Get project professionally printed and
bound
on paperwork and finish slides for UC
Finish UC PowerPoint
Submit to OHIMA
A few benefits of the EHR: Privacy Concerns
• Improved quality of care • Use of Private Health Information

• Less errors • Controlled Access to PHI

• More efficient • Software malfunction

• Reducing overall costs


• Safer medication prescribing

While EHR’s have many


benefits, they have faced
backlash since the
implementation in 2014.
While these are legitimate
concerns, there are ways to
combat these concerns. www.Medscape.com
Privacy Complaints • Pre EHR
2013 • 4464 Privacy Complaints
YEAR INVESTIGATED: INVESTIGATED: TOTAL
NO VIOLATION CORRECTIVE
ACTION

Partial Year 2003 79 260 339 • EHR Implementation


2004 360 1033 1393
2014 • 1956 Privacy Complaints
2005 642 1162 1804

2006 897 1574 2471

2007 727 1494 2221


• EHR
• 1089 Privacy Complaints
2008 1180 2221 3401
2015
2009 1211 2146 3357

2010 1529 2709 4238

2011 1302 2595 3897


Total number of investigations decreased by
2012 980 3361 4341 867 from 2014, the year the EHR was
2013 994 3470 4464 implemented, to 2015. Total number of
2014 668 1288 1956 investigations decreased by 3375 between
2015 359 730 1089
2013 and 2015.
www.hhs.go
Protecting Patient Privacy
Electronic
Assign a PHI should
HIPAA be restricted
compliance and
• Ensure compliance is being officer password
protected
met
• Use trusted software Conduct Address
regular
compliance Risks
• Encryption software analysis to and they
determine
issues arise
• Minimize traffic within PHI
– Only allow specific functions for
specific job requirements. Encryption Routine Audit
software trails to assess
should be used who has
to ensure access to what
controlled PHI and any
access changes made
HIPAA and the EHR
HIPAA Security Rule Who/what does it apply to?
• Developed in 2003 • Health plans
• Covers e-PHI • Healthcare clearing houses
• Developed to protect the • Healthcare providers
electronic exchange of PHI
• Business associates pertaining
to the healthcare providers

HIPAA Privacy Rule states that:

1.Ensure the Identify and protect


1.Protect against 1.Ensure compliance by
confidentiality, integrity, against reasonably
reasonably anticipated, their workforce.
and availability of all e- anticipated threats to the
impermissible uses or
PHI they create, receive, security or integrity of the
disclosures
maintain or transmit information

www.hhs.go
Works Cited
• December 12, 2011, 10:24 am / Leon Rodriguez / Former Director, HHS
Office for Civil Rights. (2017, January 27). Privacy, Security, and
Electronic Health Records. Retrieved February 27, 2018, from
https://www.healthit.gov/buzz-blog/privacy-and-security-of-ehrs/privacy-
security-electronic-health-records/
• Don't confuse EHR HIPAA compliance with total HIPAA compliance.
(2015, March 11). Retrieved February 27, 2018, from
http://www.healthcareitnews.com/blog/don%E2%80%99t-confuse-ehr-
hipaa-compliance-total-hipaa-compliance
• Medscape EHR Report 2014. (n.d.). Retrieved February 27, 2018, from
https://www.medscape.com/features/slideshow/public/ehr2014#1
• Secretary, H. O., & (OCR), O. F. (2013, July 26). Summary of the HIPAA
Security Rule. Retrieved February 27, 2018, from
https://www.hhs.gov/hipaa/for-professionals/security/laws-
regulations/index.html