Order ready-to-submit essays. No Plagiarism Guarantee!
Note: All our papers are written from scratch by human writers to ensure authenticity and originality.
HIPAA was created in 1996. While some updates have been made to the law, is it adequate to protect health data in the current electronic age? What can health care organizations do to ensure protection of PHI and protect themselves against liability? Be sure to support your answer with reliable sources.
Get an Official Turnitin Report for Just $8.99!
Check your paper with the same Turnitin report your professor uses. AI detection + similarity score without storing your work. Pay once, no subscription
Check My Assignment!After completion must respond to 3 classmates. Will send you their answers.
- studentresponsesMHM522.docx
Shakira Watford posted Feb 21, 2019 8:06 PM
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was created to protect certain health information. The Privacy Rule and Security Rule are standards that were also originated to protect electronic personal health information (e-PHI) and individually identifiable information as well. With an ever-evolving digital world, the risk of health information getting into the wrong hands is a major concern amongst health care providers and patients everywhere. HHS.gov (2013) states that whenever security measures are being implemented, size and complexity, digital infrastructure, costs and possible impact of potential risks to e-PHI should always be considered.
Health care organizations can and should always take every precautionary measure when trying to safeguard health information. First, just as there are many other professionals who assist in operating a facility, a designated security official is also essential in initially maintaining an adequate system. Accessibility is also fundamental because sensitive and confidential information should only be capable of retrieval on a “need-to-know” basis. Training is also key in developing and maintaining an air-tight system to allow people to be made aware of malware, phishing, spam, etc. Garrubba’s (2014) suggestions were to review the overall risk management program to test effectivity, assess logical and physical access controls and monitor security controls. One of the most effective ways is also simply using passwords and encryptions. Health IT & CIO Report (2015) stated in March 2014, more than 1 million patient records, including Social Security numbers, were compromised following the theft of two unencrypted laptops. This event was nothing short of a very lacking security program created by this facility. It is never wise to have sensitive information laying around in unencrypted tech devices.
There is no limit to the depths that processes and systems should go to protect patient privacy. Although it is becoming more difficult as technology continues to advance and breaches become more prevalent, it is still very possible to combat them. These occurrences can literally result in life or death situation. Garrubba (2014) also mentioned that in 2013, 44 percent of all breaches were healthcare related, leading all industry breaches. These statistics further prove just how much more appealing accessing patients’ records are to criminals and scammers and how much precaution the health care industry should continue to take.
References
15 of the biggest data breach settlements and HIPAA fines. (2015, October 14). Health IT & CIO Report: Health Information Technology. Retrieved from https://www.beckershospitalreview.com/healthcare-information-technology/15-of-the-biggest-data-breach-settlements-hipaa-fines.html
Garrubba, T. (2014, November 10). 5 way health data breaches are worse than financial ones. Healthcare IT News. Retrieved from https://www.healthcareitnews.com/news/5-ways-health-data-breaches-are-far-worse-financial-ones
HHS Office for Civil Rights. (2013, July 26). Summary of the HIPAA Security Rule. Retrieved from https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html
Gloribel Torres posted Feb 19, 2019 7:20 PM
Health care organizations have an enormous part to ensuring and safeguarding patient health information (PHI). According to Cohen & Mello (2018). The Health Insurance Portability and Accountability Act (HIPAA) was formed with the resolution of safeguarding health privacy by keeping the individuality, respect, dignity, and worth of human beings. Therefore, HIPPA required of healthcare practices handling patient records to ensure they have access and control of the medical records safely. The HIPAA Privacy Rule also implicates entities to guard all identifiable health information (e.g., demographic data, the patient’s past, present or future medical record, medical condition, medical bill, and payments). Although HIPAA is limited in scope and is not adequate to protect health information, the responsibility relies on Healthcare facilities and their associates to develop measures to ensure the security of patient data is not breach. Specific to safeguard the information stored in Electronic Healthcare Records, HIPAA Security Rule involves that health care providers and the medical team set up some safety measures such as:
· Passwords and PINs, to help control access to your information;
· “Encrypting” stored data.
· Frequent “audit trail,” which archives who retrieved the patient information, what changes were made and when.
· Firewalls allow health care providers and affiliated institutions to prevent unauthorized access.
Although there is a lot of non-covered entities that generate and share patient information online, which is beyond the reach of HIPAA, healthcare facilities should focus on continue to improve to protect Patient Health Information. It is critical for Healthcare Administration Stakeholder and other members of the medical team to stay educated and in compliance with HIPPA requirements. It is also crucial to devoted and educated new members of the medical team to remain in compliance with HIPPA requirements as well and promote the discretion of their personnel when handling patient data.
Reference
Cohen, G., & Mello, M. M. (2018). HIPAA and Protecting Health Information in the 21st Century. JAMA, 320(3), 231-232. doi:10.1001/jama.2018.5630
Summary Of The HIPAA Privacy Rule | Hhs.gov. (n.d.). Retrieved from https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html
Elizabeth Lowe posted Feb 19, 2019 7:29 AM
The Health Insurance Portability and Accountability Act (HIPAA) was created with the aim of ensuring the protection of health privacy by upholding the personal autonomy, individuality, respect, and the dignity and worth of human beings. Cohen & Mello (2018) give some of the popular reservations against HIPAA in its ability to protect patient information. They mention that it only applies to a limited set of covered entities and is troublesome in its requirement to ensure patient authorization for releasing protected information, yet they mention that it has achieved the aim of making patients feel safe and allowing information flow for treatment, operations, research, and public health purposes (Cohen & Mello, 2018). However, in this century, there are a lot of non-covered entities that generate and share patient information online, which is beyond the reach of HIPAA. Therefore, Cohen & Mello (2018) agree that as it presently is, HIPAA is limited in scope and is not adequate to protect the 21st century data protection needs. I agree with the conclusion and suggest a rethinking of the act’s scope, regulations, and personal consumer efforts to protect their information.
Health care organizations, therefore, have a huge role to play to ensure the protection of patient health information (PHI). The organizations should create policies that govern the process of sharing health information for the purposes of treatment, research, operations, and public health as well as their interactions with entities that HIPAA does not traditionally cover. As long as such organizations do not engage in unethical sharing and use of patient information, ensure the security of the PHI that they already have through various data protection infrastructures, and promote the discretion of their personnel when handling patient data, they can go a long way in ensuring the protection of PHI.
