HollyMusolf_HS420-01_Unit8Assignment.docx - Selecting and...

This preview shows page 1 - 4 out of 9 pages.

Selecting and Adopting a Health Information System 1Selecting and Adopting a Health Information System - Part 1: Unit 8 AssignmentHolly MusolfHS420:01 Advance Health InformaticsKaplan UniversityMarch 22, 2018
Selecting and Adopting a Health Information System 2Part 1: Privacy and security laws/regulations, adult education strategies, and training methodsElectronic Health Records (EHR) are important to the efficiency and quality care of patients. With the advancement and use of EHRs, Health Information Management (HIM) also becomes an important factor. They are very involved with strengthening privacy and security requirements for accessing personal health information (PHI). Even through their enforcement ofregulations and laws, there are still issues related to adult education of privacy and security regulations. Leadership is an important aspect in addressing any issues. Having a person in that leadership position to help stress the importance of protecting patient information is a vital measure in any organizations privacy and protection activities. [Hea05].To combat the problem of leadership designation of Security Officers is the key. These officers will be responsible for promoting a culture of protecting patient privacy and securing patient information. Another educational challenge in this sector is documentation. Documentation of risk analysis, HIPAA related policies, and reports are a requirement under the HIPAA Security Rules. Furthermore, documentation is a learning tool to show how the company did in they risk analysis and implantation of safeguards to address identified risk. The solution is to make sure that staff can reference the master file for security findings, decisions, and actions. This is easier than reconstruction and more accurate should auditing for compliance occur.[Hea05].Security risk analysis should also be done. This will give knowledge of potential threats to the integrity of personal health information. For this reason, education to staff about ongoing security risk analysis processes may present a problem. One solution is to have a designated planthat clearly outlines responsibilities for each risk analysis component. [Hea05].
Selecting and Adopting a Health Information System 3Part 2: Principles for releasing PHI elements of an authorizationIn healthcare facilities policies must be implemented for the employees to access PHI. Only authorized users should be able to review the data, log in with their own user name and password, so the access could be traceable. The review and access should be permitted only for necessary information to perform the treatment, no extra information should be shown. Unauthorized use of the data must be prosecuted by law. When third party wants to access the PHI, policies and regulations they must be informed of the release. To keep the organizations responsible for confidentiality and security of received patient’s data, a Business Associate

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture