Legal and Ethical Aspects of Health Information Management

Electronic health records are increasingly scrutinized because of the content of sensitive information such as security, confidentiality and privacy concerns with the emergence of electronic health records systems.  As health care changes new laws are becoming prevalent with regards to the ethical and legal rights of employees, patient’s, and facilities abilities to handle this information appropriately.

The Health Insurance Portability and Accountability Act (HIPAA) established on August 21, 1996 provided guidelines how private health information should be protected in paper and electronic format.  Although HIPAA was originally intended for paper records it has adopted the Privacy and Security rules to deal with the protection of electronic records.  The Privacy Rules regulates private health information (PHI) in oral, written, or electronic format for the purpose of “[meeting] the pressing need for national standards to control the flow of sensitive health information and to establish real penalties for the misuse or improper disclosure of this information” (Choi, 2006, Sec. Privacy Rule, para. 1).  The Security Rule however regulates only the protection of the electronic format.  The Security Rule addresses “PHI electronically stored or transmitted, must be kept confidential and protected against unauthorized users and threats to its security or integrity” (Choi, 2006, Sec. Security Rule, para. 1).  This establishes a minimum requirement of security that entities must meet. 

 

HIPAA Privacy Rule

HIPAA Security Rule

  

The development of HIPAA was not just for patient protection but also involved the billing and administrative procedures.  HIPAA was approved by congress in part to battle fraud and abuse; because of this approval it strengthened programs to fight the fraud and abuse in aggresive billing practices (McWay, 2010).

          Ethical issues related to health information arise from the pressures of releasing information, accidental system and employee HIPAA violations, and reimbursement issues.  It is the health information manager’s responsibility to understand and implement the appropriate security measures.  Federal and state laws determine the rules for the security and policy protocols but health information managers are bound by the American Health Information Management Association (AHIMA) code of ethics concerning electronic health records.  According to AHIMA health information managers are to advocate and uphold patients’ rights to privacy, uphold the security of the contents and information taking into account the applicable statutes and regulations, and most importantly ‘not to participate in or conceal unethical practices or procedures’. (McWay, 2010).  A popular trend today is risk management to assess the vulnerability of the organization.

Risk management trends are using information from databases to ‘predict’ and ‘avoid’ unforeseen circumstances; however today’s risk management includes not only direct patient care and safety but also reporting trends, database storage, and daily operations of facilities to ensure proper safety and guidance of associated risks while decreasing loss and liability (McWay, 2010). 

Improving patient care is one of the main focuses of confidentiality, privacy, security, and informed consent measures.  Federal, and state regulations as well as statutes guide the practice of these measures use in facilities.  The need for laws regarding their use has become a priority because of the increased use of electronic health records.  Confidentiality policies and improved security measures will provide patients the necessary information to access private care and treatment.

Thanks Chelley

 

References

Choi, Y. B., Capitan, K. E., Krause, J. S., & Streeper, M. M. (2006). Challenges associated with privacy in health care industry: Implementation of HIPAA and the security rules. Journal of Medical Systems, 30(1), 57-64. doi:http://dx.doi.org/10.1007/s10916-006-7405-0

U.S. Department of Health and Human Services (n.d.). HIPAA privacy rule. Retrieved from http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.htm

U.S. Department of Health and Human Services (n.d.). HIPAA security rule. Retrieved from http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html

McWay, D.C., JD, RHIA. (2010). Legal and ethical aspects of health information management (3rd ed.). Clifton Park, NY: Delmar-Cengage Learning. ISBN: 9781435483309.

Telecommunications and Networking in Health Care

         

          Computer science and telecommunications make it possible to achieve integrated health care.  Computers and networking offer health organizations an opportunity to provide excellent service to patients while decreasing costs due to streamlining operations.  Integrated health care will consist of merging these technologies to improve the delivery of health care.

            In the past patients needed to call the doctor’s office and make an appointment and then get to the doctor’s office for the appointments and check-ups.  Today telecommunications have played a vital role in changing this environment.  Telecommunication transmissions mean that a patient will have access to medical treatment or care no matter their location.  These services offer the capability of preventative medicine and monitoring of biomedical telemetry devices such as electronic stethoscope, digitized X-rays, microscopy, blood pressure monitoring and EKG strips.  Interactive video equipment can also provide patients with access to specialists and services not available in rural areas (Kennedy, 1995).  Telecommunications is not only for the use of medical care; videoconferencing and webinars have become the norm.  These are used to educate providers and staff without having to travel reducing time out of the office and travel expenses.  Physicians will have access to the most current health care information available through these interactive sessions according to Kennedy (1995) states “physicians also report that they have learned how to treat more cases through their collaboration with the specialists at the Medical College” (Sec. Hospital and Physicians, para 2).  Telecommunications have improved the face of health care by the ability to share information.

            Telecommunications and networking make it possible to share information.  Networking has provided the platform to integrate normally segregated areas into one unified sharing of information.  This is an example of how networking links all the different aspects of health care together for unified collaboration. 

Telecommunications and Networking (n.d.)

What objectives should be considered when selecting which networking solution to use?  Several factors should be considered:

·         evaluate and prioritize users’ networking goals

·         find networking solutions that support a variety of standards and the existing networking

·         Find a solution that compliments existing systems without having to replace them 

·         Networking that supports enterprise wide access so it is usable for future growth

·         Flexibility to third party users for the development of ‘special’ applications

·         Networks that allow access to all systems from a desktop device

(Hax, 1990).

These are some of the key features that must be considered for an organization to remain cost efficient and have room for future infrastructure growth.

            The delivery of health care is changing because of computer technology.  Telecommunication and networking infrastructures provide increased efficiencies and protocols for patient safety.  The objectives of merging these technologies with health care are to create continuity of care, uniformity, and patient safety, while this is being accomplished facilities are experiencing overall decreased costs for improved care.

Thanks Chelley      

References

Hax, M. A. (1990). Toward enterprise-wide networking. Computers in Healthcare, 11(11), 53. Retrieved from http://search.proquest.com/docview/195652421?accountid=32521     

Kennedy, M. (1995). The role of networking in the health care environment. Telecommunications, 29(9), 55. Retrieved from http://search.proquest.com/docview/210536518?accountid=32521   

Telecommunications and Networking Concepts (n.d.). Retrieved from http://hilp.blog.com/telecommunications-and-networking-concepts-for-health-care/

 

 

 

 

         

 

The Impact from Electronic Medical Records Integration

As the process of storing and retrieving patient information is changing from paper based records to electronic medical records, facilities are noticing very specific improvements in business operations and processes.  This impacts health organizations and patient treatment especially in rural communities where health care access may be limited.

The challenges that facilities face in implementing these systems is enormous and routinely underestimated.  Since the ‘top-down’ perspective assumes the improved benefits from an EMR the reality is there has not been much talk on ‘how’ to implement these integrations (Oneill, 2007).  The implementation of an EMR consists of a total business reprocess engineering effort.  This affects every aspect of a health care facility from top managers, employees, staffing, physicians, and billing.  Challenges that paper-based facilities encounter are that the paper record needs to be in two places at once.  Sharing of the information between departments is tedious and time consuming not to mention trying to track the paper chart throughout the facility.  At any given time employees from lab, diagnostic imaging, pharmacy or billing may need to access a patient’s chart simultaneously to get information for treatment.  This is one reason for electronic medical records integration.  The first step in the process is vendor selection.

Vendor selection is a critical part in starting the process for EMR implementation.  Vendor selection for a rural health care facility is a bigger challenge due to the lack of IT funding and ability to hire consultants.  An example of this is Dryden Family Medicine located in a rural community with only four staffed physicians.  They realized the need for an EMR but as with all health care facilities lacked funding.  Because of this they comprised a team of leader employees (with limited IT knowledge) to help select a vendor.  They came up with a list of priorities such as service, support, reliability, stability, and cost.  Using the resources they had available and researching trade journals and product reviews they selected a vendor they felt met their list of criteria (Oneill, 2007).  EMR implementation is usually done in stages to maximize benefits.

Benefits of an EMR video

            The first step in EMR implementation is to work on integrating current operational systems.  Acquiring billing information, patient records, internal communications, and generating prescriptions are the usual day to day first level of operations.  This can impact a practice by making information easier to retrieve/ share saving the staff time.  According to Oneill (2007) the first phase of implementation made a huge difference on office, clinical, and physician staff by “faxing of prescriptions greatly reduced the potential for medication errors due to illegible handwriting or incorrect dosages….[staff time] reduction in phone calls to and from pharmacies….internal e-mail and messaging allowed for more efficient internal communications” (p. 28).  The second phase consists of establishing links with other parties and integrating with specialists, hospitals, labs and pathology departments and the third phase is the quality and disease management and preventative maintenance portion of the EMR.  With all of these working properly it can impact a practice financially decreasing costs, increasing profits and most importantly increasing the care and safety of all patients.    

Implementation of an EMR will impact job descriptions and responsibilities within the organization.  Flexibility is an absolute for the successful implementation when going through this process.  Many employees will be asked to do jobs they would not necessarily do so flexibility is a key feature.  EMR’s improve nursing care so they can spend more time on patient care instead of remedial tasks, physicians can spend less time on patient phone calls because information was available to staff to answer higher level questions and billers no longer had to depend on ‘doctor staff’ diagnosis coding to bill procedures.  For Dryden Family Medicine this process increased their bottom line by 11 % the first year and 20% the second year (Oneill, 2007).  Interestingly enough the patient volume over these two years remained stable. 

An EMR can impact all sizes of facilities from large multi-national hospitals to rural community care clinics.  EMR’s organize, maintain, share, and improve efficiencies.  They keep consistency in the medical practice generating increased income and providing clinicians with the necessary information for proper and safe patient treatment.       

Thanks Chelley

 References

(2010, July 07). Benefits of an EMR [Web Video]. Retrieved from http://www.youtube.com/watch?feature=player_detailpage&v=TiQ8c11dkU0

Oneill, L., Klepack, W. (2007). Electronic medical records for a rursl family practice. A case study in systems development. Journal of Medical Systems, 31(1), 25-33. doi http://dx.doi.org/10.1007/s10916-006-9040-1