Recent orders
Privacy of Personal Health Information
Case Study 3: Privacy of Personal Health Information
Insert NameCSIA 412 6381
In 2008, a document entitled “Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identified Health Information” was released by the Office of National Coordinator for Health Information Technology (ONC) providing eight principles by which health providers could operate their practices in order to ensure compliance with HIPAA standards as it relates to electronic health records (EHR) and the privacy of personal health information (PHI) (Brown, 2009). These eight guiding principles have been enacted by various health practices around the United States and have prevented various practices from coming under review for failure to protect patient privacy. Specifically, the two principles the physician has neglected to ensure compliance with and that will be addressed by the suggestions for improvement in this case study are the principles of safeguards and accountability.
What I would do
A patient’s confidence in and sense of comfortability with their health professional is often in direct correlation to the management of their health records and the professionalism of the employees of the practice; both of these entities came into question in the recent case study and in order to stay in practice, it will be necessary that both of these issues be resolved. The first action that I would take in order to assess the situation and begin remediation would be to evaluate the current security standards and practices in place as it pertains to patient records. According to Wilkina (2014), a large majority of health data breaches are the result of human error either in management or transference; therefore, I would assess not only the written policy but also take into account how that policy translates into the physical layout of the office and the use of EHRs in the presence of patients. Secondly, I would review the quality, frequency, and content of staff/office trainings and the orientation of temporary employees. Next, I would assess the use of technology in examination rooms and at vitals stations as well as conduct a risk assessment of the network used to transmit this information. Finally, I would engage in a conversation with the physician outlining in detail the weak points in his systems and network, identifying programs in need of updates or upgrades, and provide considerations as it pertains to the physical layout of the office and staff communication with patients.
PHI Security Policy Advisement
The most efficient way to safeguard against health data breaches are to ensure proper management of PHI, ensure the security of location of the EHRs, and to ensure that an accountability system is in place. Avancha, Baxi, and Kotz (2012) provide an extensive overlook into the strengths and weaknesses of PHI legislation as enforced globally. The standards outlined in the article make it very clear that healthcare providers are responsible for safeguarding against PHI data breaches and also point out that most often a breach occurs due to a lack of implementation of administrative safeguards, as can be seen in the case of the physician.
The first advisement to the physician would be to ensure that all conversations take place in private areas and, if possible, behind closed doors. This first advisement has little to do with technology and is a somewhat easier fix as it simply requires that the staff member employ the use of discretionary practices to ensure the privacy of the patient. By requiring that all conversations that surround a patient’s care, test procedures or results, and/or health history take place behind closed doors, the physician ensures that PHI is kept confidential as it verbally communicated. This also allows the physician to ensure HIPAA compliance as it creates a policy that requires personnel to abide by privacy guidelines and implements administrative safeguards as it pertains to patient treatment (Avancha, Baxi, & Kotz, 2012).
The second advisement surrounds the record keeping and review of the office staff. Staging a data breach in a health office can be as simple as looking over the shoulder of a nurse or other staff member as they update the health information of another patient. The data breach is much easier to perform when the computer screen can be seen from the waiting area as is the case in this scenario. To ensure the safeguarding of information, the advisement would be to take into consideration moving all computer screens to the back portion of the front desk against a wall and using privacy screens in order to ensure that information is not compromised as it is uploaded into the system. Another consideration would be to invest in privacy screens only allow the user to view the information being displayed. In terms of accountability, which this evaluator feels is the true issue, the physician needs to take into account how often an internal audit or other technical processes are performed. As Brown (2009) states, there is no formal sanction provided when the standards of ONC are not adhered to, however by performing internal audits and ensuring compliance with these standards practices set themselves apart and provide a quality level of service to their patients. Performing internal audits will not only allow for quality service to be provided but it will also allow the physician to evaluate the performance of his employees and provide comprehensive feedback as it pertains to all processes within the office.
Finally, it is the advisement of this evaluator that the physician takes into account how EHRs are managed and stored. Keeping in mind that a large majority of data breach is a result of human error (Wilkina, 2014), the physician would need to consider the encryption level of the network that hosts the EHRs, the time limit on passwords used to access the system, how authorization is granted and revoked, as well as the level of access that temporary employees are granted. The use of a quick key command on the keyboard and/or a time out display on the computer screen would be one of the most efficient ways to ensure that one patient’s PHI is not viewed by an unauthorized party. In addition, requiring a change of passwords and authorization procedures would ensure that access is granted only to identified, authorized users who have up-to-date security clearance and that even if their passwords have been compromised, the level of damage that can be done is minimal.
Future Prevention
In addition to the aforementioned advisements, the greatest way to ensure that something of this nature does not occur again is through staff training. According to Wilkina’s study (2014), 44% of data breaches could be attributed to x-ray films, CDs, flash drives, etc. while desktop computers alone accounted for the data breach in 16% of the cases. Effective training and accountability processes as it pertains to file management and storage, use of computers in the presence of patients, communicating procedures and health considerations to patients, and securing confidential information can address approximately 60% of data breaches as identified by Wilkina (2014). In addition to addressing the areas of breach, it will also enhance patient confidence and ensure patient privacy as information will not be easily accessible.
Conclusion
Security policies pertaining to personal health information of patients is a critical area of operation for any modern day physician’s office and is an area in which many new private practices struggle due to lack of information (Brown, 2009). However, there are various ways to ensure compliance with HIPAA and patient satisfaction while also ensuring business efficiency and staff accountability. Effective use of office space allows for personal information to stay personal when the physician sets aside a room to be used specifically for the explanation of procedures and summation of services to be provided, strategic office layout and the use of privacy technology allows staff to complete required documentation without compromising privacy, and well drawn out policy as it pertains to the use of office technology allows for data security and efficient software management. In addition, staff trainings and internal audits allow for reminders of office policy and a review of day-to-day operations. The physician’s practice is still very new and will continue to encounter various obstacles, however, if the physician effectively addresses all of these components now, the obstacles will be much less daunting in the future.
References
Avancha, S., Baxi, A., & Kotz, D. (2012). Privacy in Mobile Technology for Personal Healthcare. ACM Computing Surveys, 45(1), 3:1-3:54. doi:10.1145/2379776.2379779
Brown, B. (2009). Improving the Privacy and Security of Personal Health Records. Journal Of Health Care Compliance, 11(2), 39-68.
Wikina, S. B. (2014). What Caused the Breach? An Examination of Use of Information Technology and Health Data Breaches. Perspectives In Health Information Management, 1-16.
The female executive who was denied a promotion in representing the American cosmetic company
Discussion 2.1
Student’s Name
Institutional Affiliation
Course Tittle
Professor’s Name
Date
Question 1
The female executive who was denied a promotion in representing the American cosmetic company in its marketing in the Middle East buyers since she was a woman has a case. Her being a woman should have never been the reason for her denial and discrimination. The lady needs to file for a case in the court of all for discrimination against her sex or gender. The American Cosmetic company was required to produce admissible evidence which could permit them to conclude that the denial of her promotion decision had not been motivated by discriminatory animus. The discrimination based on her sex would be valid only when the essence of the business operation between the cosmetic company and the Middle East buyers would have been undermined by hiring members of her sex or gender. Consequently, the burden that moves to the perpetrator is to refute the assumption of discrimination by generating evidence that the executive lady was denied, or another person was preferred, for a genuine, nondiscriminatory reason.
Question 2
The gay male executive who was supposed to represent his American fashion company as a chief Marketing executive for Latin America but got denied for the reason that he was gay has a case of discrimination against LGBTQ. The gay individual should not have been discriminated against in that way. The court ruling closed part of the long and tortured struggle to end legal discrimination against LGBTQ individuals. There should be a provision that prevents discrimination depending on several characteristics, including sex which applies to discrimination based on sexual orientation and gender identity. In a momentous verdict, the United States Supreme Court ruled Monday that the 1964 Civil Rights Act safeguards gay, lesbian, and transgender individuals from discrimination based on their sex.
The Federalists vs. the Republicans
The Federalists vs. the Republicans
Name
History 231 Assessment cycle 2019-2022
Instructor
Date
The Federalists vs. the Republicans
Although the first president of the United States, George Washington, advised against the nation dividing based on political affiliations and the creation of political factions, two groups emerged with different views on the constitution. One was the federalists led by Alexander Hamilton, and the others were republicans under the leadership of Thomas Jefferson. The fight for the ratification of the constitution was long and difficult as support was sought from the nine states required to ratify it. States were, however, reluctant to ratify it as they were interested in retaining power, which a strong central government would undermine. Those that supported the ratification of the constitution were federalists and those that did not were Democratic-Republicans or anti-federalists. This paper discusses the similarities and differences between the federalists and the republicans based on philosophies, the reason for the emergence of each faction, the section of society that supported each faction, and their view on pertinent issues such as slavery.
The Republicans did not understand why the Bill of rights was not included in the constitution and could only ratify it unless there was a guarantee that the Bill of rights would be included later. The Federalists, on their part, did not think the listing of rights was a good idea. They argued that if the national government was given a list of rights, it was supposed to protect, it meant that it was not bound from violating rights that were not listed. Because it was virtually impossible to list all rights, the Federalists argued that it was better to list none at all.2 Thomas Jefferson and the Republicans were skeptical of the powers the constitution was giving the national government at the expense of States. On this view, Federalists suggested the separation of powers between three branches of government, each independent of the other. Each branch represented a specific aspect of the people, and the equality between them ensured none could assume control of the other. The Republicans did not see it this way as the “necessary and proper clause” gave Congress too much power. The executive branch was also given too much power.
Thomas Jefferson and the Republicans were in support of a nation whose economy was based on agriculture, while Alexander Hamilton supported the creation of a national bank that could support industrial development.1 The Federalists wanted an economy supported by manufacturing, overseas trade, commerce, and finance. The Republicans, on the other hand, were of the idea of a pure agrarian economy and favored the yeoman farmer. This meant the small farmers and not the big plantation owners. They wanted the government to support the common man and his interests.
These two factions emerged after the revolutionary war, and the founding fathers had to create a nation from the ground up. It was no surprise that they relied heavily on the constitution of their colonizers as the foundation, as they were familiar with it. Because of the different backgrounds of the founding fathers, some being humble while others coming from Affluent backgrounds, the idea of what the nation was supposed to be differed. Each group wanted to push its interests, which led to the emergence of Federalist and Republican parties.
Federalists were merchants bankers and manufacturers and large plantation owners who were significantly educated. In simpler terms, the Federalists included the wealthy class that lived along the coast and in New England. The republicans drew support from the common man, artisans, frontier settlers, shopkeepers, small poor farmers who were not well educated. Majority of them were from the South and the interior.
Slavery was one of the key elements in deciding whether to ratify the constitution. Although the constitution abolished the importation of slaves after 1808, there was no restriction on the continued ownership or the commercial exchange of slaves in the South. The federalists argued that the protection of slavery by the constitution ensured that this protection did not interfere with the rights of those that did not own slaves. The Republicans were of the opinion that any system that puts a value on a person was not fair. It considered slaves property as opposed to people, which was wrong in every measure. Thomas Jefferson was a consistent opponent of slavery and contested it publicly, claiming that it was the greatest threat to the new American Nation. He believed that it was immoral and against the laws of nature, which provide that every human being has a right to personal liberty. It is important to mention, however, that Thomas Jefferson was quite hypocritical in his sentiments as he owned over 600 slaves in his lifetime being a wealthy plantation owner.
The views of anti-slavery cannot be considered a strong precursor to abolition calls in the Antebellum Period. The Missouri Compromise and the arguments around it had died down, and there were other issues that raised the debate and were more pertinent to the time. However, the debate between the Federalists and the Republic did create the basis and a significant reference in this debate.
Works Cited
Annals of Congress, ed. Joseph Gales, (Washington, DC: Government Printing Office, 1834), I: 448–459, 467–468; available online from A Century of Lawmaking for a New Nation: U.S. Congressional Documents and Debates, 1774–1875. Library of Congress.George W. Carey and James McClellan, eds., The Federalist: The Gideon Edition, (Indianapolis: Liberty Fund, 2001), 1-4.