Assignment: Protecting Patient Data You are tasked to analyze the use of information technology...

Question

Assignment: Protecting Patient Data

You are tasked to analyze the use of information technology resources and assess the applicability to United General Hospital and the video scenario presented in this week’s Discussion. Your response to this assessment will be to write policy statements that address specific issues related to patient health care records and align with HIPAA regulations. Assess threats related to issues presented in the case study that United General Hospital must address.

Part I: Policy Manual Introduction (1 page)

United General’s hospital administrator reviews the hospital’s policy manual and discovers that it inadequately addresses the area of patient records. The hospital administrator tasks you with reviewing the hospital policy manual and reporting on the thoroughness of its coverage of patient records. After a review of the policy manual, you report that the coverage of patient records is sparse and outdated. The hospital administrator then asks you to update the policy manual.

The policy manual introduction should include:

An update to the manual’s introduction to include more depth in the area of patient records. As you write this section, describe the purpose of patient record protection and its importance to the organization.
An explanation of the legal requirements for protecting patient health records.

Part II: Risk Assessment (3 pages)

Because Pete compromised Winnie’s patient records, the hospital administrator tasks you with identifying other potential risks that the hospital and the primary care physicians may need to address to protect patient records.

Your risk assessment should:

Identify risks to both electronic and paper patient records and recommend remedies United General can put in place to protect the records from compromise.
Create policy statements that comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulations addressing access to and disclosure of electronic and paper patient records.
Describe relevant training topics that will educate the staff on accessing and disclosing patient records.

Part III: Alignment with Regulatory Requirements (3 pages)

Winnie’s lawsuit refers to United General’s violation of patient record protection and privacy regulations as the prime cause of the problem. This has now opened United General to governmental inquiries as well as to federal lawsuits.

Write a 3 page APA style paper addressing the following:

Review the requirements of the HIPAA regulations and identify areas in the case study that breached HIPAA regulations, remembering your analysis of the hospital’s policy manual—the policies applicable to patient record handling and disposal require an update to align with HIPAA regulations.
Create policy statements that align with HIPAA regulations that address patient health care record handling and disposal.
Describe relevant training topics for staff in order to educate them on the handling and disposal of patient records.

Part IV: Managerial Oversight (3pages)

During Pete’s exit interview he states that he did not receive managerial direction or training in regard to accessing computer systems and online patient records. The hospital administrator reviews the management training manual and finds that the area detailing instructions that management needs to give to staff is sparse. The hospital administrator asks that you write a section of the management training manual to provide clear instructions for management oversight in the area of handling and accessing patient records. As part of managerial oversight of hospital staff, access to patient records should be restricted and only available to appropriate staff members. For instance, in this case study, Pete should not have had access to Winnie’s patient record.

This section of the management training manual should:

Include clear instructions for management oversight in the area of handling and accessing patient records.
Include policy statements for role-based security level access to patient records.
Describe methods to set security levels for accessing patient records to support the policy statements.

qfile_636758755509289905_122780_1.zip

Anju Lata · Accepted Answer

Running Head: Protecting Patient Data
Protecting Patient Data                                                                                                                 
Assignment
Protecting Patient Data 
Student Name:
Submitted to:
University:
Part 1: Policy Manual Introduction
It is important for the healthcare organizations to protect the patient records. In hospitals large amount of personally identifiable data (such as medications, lab test results, radiographic images and other similar information) is collected, stored and transferred in large amount on daily basis, out of which most of the information is potentially embarrassing and sensitive (Radiological Society of North America, 2018). Most of the data is viewed and shared between different entities through computers. The secure management and record keeping through electronic means influences the patient care, rights, and current practices of healthcare professionals. Having access to patient medical history helps the doctors and physicians make better decisions. Inability to access the data may delay or prolong the decisions and thus may adversely affect the health of the patients. The Organisations must protect this information from unauthorized access. Data security also involves maintaining the integrity of patient records and to make the records available only to those who need it. The Organisations need to handle their electronic media securely and protect the health information as per the Health Insurance Portability and Accountability Act (HIPAA). The policy of the Hospital protects the sensitive data records from malicious access, maintains confidentiality and shares protected health information only with researchers and healthcare professionals who need to access it to care for the patient.
There are no certain requirements to obtain the choice of the patient whether he wants to participate in the electronic Health Information exchange. However informing the patients about the policies help them make informed choice. Certain Federal and State privacy Laws like Title 10 and 42 CFR Part 2, need patient’s consent in written form prior to disclosing the information to others. Such laws protect the disclosure of sensitive information (US Department of Health and Human Services,2018).
	Part II-Risk Assessment
The potential risk to electronic patient records can be security breaches, risk of transferring data to unauthorized access, successfully estimating the password to get into the electronic health records and sharing the information over internet (Ozair et al,2015). Through portable devices, anyone may connect to the wireless network of the Organisation, if he could access the password or encryption key. There may be interface issues and their failure may lead to unintended consequences lowering down the time efficiency, elevating the threat to patient safety and reducing the quality of care. The electronic health records enhance the safety of patients by minimizing the healthcare errors and disparities. There may occur loss of data during the transfer and may influence the decisions which are based on altered data. The implementation of electronic health records also requires proper funding and guidance of experts of information technology, clinicians, consultants and educators. Multiple security measures can be applied to the electronic data records like firewall, malware, intrusion detection software and antivirus. The Electronic Health Record (EHR) is cost effective and improves the quality of healthcare (Ozair et al, 2015). However, in this system there are chances of revelation of health information through theft or breach. Through the EHR better health care services may be provided to the patients.
The EHR provides improved care coordination, increased cost savings and high efficiency, enhanced accuracy of the diagnosis and the results, and increased patient participation in the care.
The paper based patient records may have redundant entries in different departments, the records may be inaccurate and inconsistent. The files may get damaged due to natural calamities or disrupting incidents like rodents, fire or bugs. In such cases the precious patient record is also lost. The maintenance and organization of these files is also very difficult and requires lot of space.  Retrieving the specific data record from big heap of files is not an easy task.  Sharing the data or patient information is not possible through the paper records, so it makes the system delayed and isolated, compromising the treatment of the patients.
The United General Hospital may propose relevant steps to the healthcare professionals to protect their data on the EHRs.

Assignment: Protecting Patient Data You are tasked to analyze the use of information technology resources and assess the applicability to United General Hospital and the video scenario presented in...

Solution

Answer To This Question Is Available To Download

Related Questions & Answers

Submit New Assignment