Medical professionals must take active steps for protect a patient’s peels, or be found in violation of HAIFA rules and regulations. Possible cell phone/tablet HAIFA violations In an article, Catherine Barrett describes many issues involving the use of personal devices by healthcare professionals and the inadvertent violation of the Health Information Portability and Accountability Act (HAIFA) security regulations.
According to Barrett (201 1), “An estimated 81 percent of 2,041 physicians surveyed use personal mobile devices, whether a BlackBerry, Android or phone, to access electronic protected information] peel, such as patient records” (Para. 4). While the practice of using personal devices may seem faster than trying to access office provided equipment, many risk factors increase the risk exposure of peels to unapproved entities. One way that peel can be lost is theft of the mobile device.
Phones are stolen every day, and if the medical professional accessed patient records on his phone, the information was stored in the phone’s internal memory or within the SIMI card. Another issue is the lack of authentication when using a personal device. Many phones and tablets store passwords, giving people other than a medical professional access to any data stored on the phone or tablet. Most phones or tablets lack encryption also. Without this safeguard, all peel data on the phone can be shared with anyone if stolen.
If the medical professional is using an unsecured Wi-If connection or an unsecured cell network, medical information could be threatened as well. Barrett (2011) recommends using virtual private networks (VPN) when transmitting patient information (Para. 7). Impact on patient medical identity When one thinks of identity theft, one thinks of financial problems. Medical identity theft is Just as devastating patients as financial issues are.
This type of theft is defined as the fraudulent acquisition of another person’s personal information – such as their name, Social Security number, or health insurance number – for unlawfully obtaining such items as prescription drugs or devices, or medical services (Love, 2014). Insurance reimbursements obtained illegally are also considered medical identity theft. According to one survey completed y the Identity Theft Resource Center, 43 percent of all identity theft is medical-related identity theft (Love, 2014).
Under the Health Information Technology for Economic and Clinical Health Act (HITCH Act), all medical providers must notify patients and HAS when a breach of patient medical records is found. Unlike financial identity theft, it is nearly impossible to separate the thief’s medical information from the victim’s information because of the fear of medical liability (Love, 2014). If some information about the patient is kissing and a MIS-diagnosis occurs, then the chance off malpractice lawsuit increases.
Safeguards and solutions for peels though management responsibly There are many steps suggested through the HAIFA Security Rule that can help protect or provide reasonable safeguards for peels. These steps fall under administrative, physical, and technical safeguards. According to Barrett, “Administrative safeguards “provide management, accountability and oversight structure for covered entities to ensure proper safeguards and policies and procedures are in lace” to protect peel” (Barrett, 2011, Para. 9).
These steps should include, but are not limited to, (1) conducting periodic risk assessments of all devices used exchange peel, (2) developing an electronic process to stop alteration or destruction of peel, (3) developing processes that encrypt all peel data, and (4) providing the proper training for all clinicians who handle the peel (Barrett, 2011). Some physical safeguards would be to keep an inventory of all devices, both personal and office-supplied, that access peels, keep all mobile devices in a cure area, and set up remote shutdown protocols for stolen equipment.
From the technical side, encryption is one important guard to have for all peel (Barrett, 2011). Installing strong firewalls and anti-malicious software is an additional protection procedure. Secure IT backup facilities, such as secure cloud storage, will protect patient data as well. Following these steps and incorporating other steps as necessary will help the administrative aspect any health care agency provide better protection for the patient information and the agency’s reputation. Ethical and legal issues of compromised peels Health care agencies can face a few legal issues if they are found in violation of the HAIFA regulations.
Fines of up to $25,000 a year, as well as prison time, are possible legal consequences (Freemen, 2009). Employees can also face termination, fines, and prison time as well. Patients could face loss of health insurance, employment, and other necessities if their medical identity is compromised. One main modification that the HITCH act made was in making business associates of healthcare agencies liable compliance with certain aspects of he HAIFA regulations (Department of Health and Human Services, 2013).
Ethically, when the HAIFA regulations are compromised, the patient’s rights and privacy have been violated. Some might even say one has violated his duty-based rights when HAIFA rules are broken. Duty-based ethics is defined as “universal principles that guide all actions” (Freemen, 2009, p. 11). Either way, ethically, it is necessary to protect patients by protecting their privacy and their information. Conclusion Today’s technology has created many good ways to help keep the health professional connected with his patients. There are ‘Pads, portable tablets, and Android smartness.
With the increased use of these devices, there is an increased risk of peel becoming compromised. It is the ethical and legal responsibility of the health care professional to provide the necessary protection for the patient by guarding all medical data against theft. Keeping up with all available technology and keeping systems backed up will help decrease the risks to this valuable data. References Barrett, C. (2011, Cot. ). Healthcare providers may violate HAIFA by using mobile devices to communicate with patients. ABA Health source, 8(2).