92%(24)22 out of 24 people found this document helpful
This preview shows page 7 - 10 out of 13 pages.
The HIS will meet security standards and regulations by; utilizing consent forms to authorize the release of patient health information, requiring proof of identification and ownership of health care information while allowing for patient requested corrections, providing an administrative avenue to privacy violation complaints, and mandating that all contracted entities meet the same privacy standards as the organization (Mastrian & McGonigle, 2016). The HIS will also follow security law and protect identifiable health data by using administrative
ADVANCED INFORMATION MANAGEMENT8safeguards, such as biometrics, password and log-in access. These safeguards help to protect the organization from security violations and maintain a patient’s private health data, including both medical and financial information.Data storage integrity is the accuracy, consistency, and availability of information that is stored as data within the HIS. The HIS will meet security standards through consistency, availability, and the integrity of the entered data by healthcare workers. Consistency refers to the entered data being saved in the original format without any loss of information from the point of entry to the time of storage. The system will ensure availability by allowing retrieval of data from the database at all times by the appropriate clinicians. Data integrity will be protected through the prevention of unintentional changes or loss of data. To ensure data backup and recovery, the HIS will utilize a secure online backup service to provide programmed, automatic backup of data, maintenance of data in a secure off-site location, and downtime is minimalized through online access (Tan & Payton, 2017). A yearly security assessment by a qualified organization will be done to ensure proper data security measures are being met. Protection of Patient Privacy (B.3.)With the enactment of HIPAA, the U.S. Department of Health and Human Services (HHS) established national standards for handling any information in a patient’s record and safeguards that information regardless of how the information was obtained. The most crucial factor in whether a HIS will be successful in protecting patient privacy is education. Education on how to protect a patient’s health information needs to be provided to the clinicians that use thesystem on a daily basis (Tan & Payton, 2017). To further clarify the key elements of HIPAA’s privacy policies, HHS refined a set of Privacy Rules to provide clarification to the HIPAA privacy framework. The Privacy Rule developed five key principles; consumer control,
ADVANCED INFORMATION MANAGEMENT9boundary setting, accountability, public responsibility, and security (Tan & Payton, 2017). The HIS will comply with HIPAA standards and protect patient privacy by using privacy screens that block data being entered on a computer screen, encryption to prevent intruders from transmitting or recoding patient information, authentication by biometrics to identify allowable access to patient data, and audit controls to trace information access and retrieval (Tan & Payton, 2017).