Most jobs have a confidentiality policy. In the medical field, confidentiality is extremely important. If the wrong person were to gain access to someone’s medical records, they could use that against them. It can potentially harm that person’s personal life. Keeping a patient’s information and medical records confidential is a must. The importance of confidentiality stressed in HIPAA and HITECH act protects the integrity of medical facilities and a patient’s privacy. In the medical field, confidentiality is highly stressed through the use of HIPAA and HITECH. HIPAA has rules and regulations that medical facilities and their employees must follow in order to protect the privacy of their patients (PossibleNow.com, Inc., 2013). The HITECH Act is “a part of the stimulus package known as the American Reinvestment Act” (Lindquist and Vennum, 2013). It requires that all policies, procedures, and technical controls are used to keep patient information confidential. Keeping a patient’s medical records is not an option—it is a must.
In order to protect medical facilities from internal and external threats, a certain process is followed. The first part of this process assesses a facility’s regulatory status, consisting of standards, Administrative Safeguards, Technical Safeguards, Organizational Requirements, Policies and Procedures, and Documentation Requirements. It also includes the development of reports based on all issues found. Any issues found will be fixed through necessary actions. By assessing the regulatory status, the facility will be better protected.
The second step in this process is remediation. Creating the Remediation Project Plan utilizes the Compliance Automation Portal (Lindquist and Vennum, 2013). During this process, internal resources (also known as outsources) corrects the issues using a system called CompliancePoint. CompliancePoint is a system that can be used from start to finish in the auditing process to insure the use of the rules and regulations found in
HIPAA and HITECH. Thus, the next step is the validation and reporting of compliance as it pertains to the remediation plan.
Upon completing the remediation process, ComliancePpoint finishes the final review (audit). During the final review notes are made in reference to how the medical facility has complied with the remediation plan. If the facility follows the plan, then the auditor notes this in the review. If the workers do not comply with the plan, this will be noted as well. These notes confirm the integrity of the medical facility and evidence is recorded. This evidence is used (when needed) to build a case either for or against the facility and the workers.
Journalist, Lance Williams, notes in the “California Watch” on January, 18th that a patient (Darlene Courtois) of a local hospital accuses the medical center of not keeping her medical records confidential. The hospital was proven guilty and fined $95,000 for wrongly publicizing the patient’s medical records. They stated that she suffered from a rare form of malnutrition, which she had never been treated for. The hospital is appealing the judgment. Their defense is that the patient waved her rights when she agreed to the interview. Courtois may still be awarded up to $785,000 ($1000 for each person her file was shared with) if a ruling is found in her favor.
Experiencing the benefits of HIPAA and HITECH, I was protected when my mother called my doctor to gain clarification of my medical situation after I had visited him following my 18th birthday. Since I forgot to sign a form saying they could speak with her they would not discuss my illness with her. It was nice to know they took the rules and regulations seriously even if it was aggravating for me to have to go back up there and sign the paper before they would talk to her. Had it been someone else calling other than my mother and they didn’t follow the rules and regulations my personal medical issues would have been shared with someone without my permission. By following the rules and regulation they avoided a possible lawsuit, protected the reputation and integrity of their facility, and protected my privacy.
Working in the medical field can be very rewarding. You get to help those who cannot help themselves. Keeping a patient’s personal information and medical records confidential is vital when working in a medical facility, and other work places. Confidentiality is not a joking matter. By keeping this kind of information confidential, you will not only protect your patient’s privacy, but you will also protect your employer from possible lawsuits. The HIPAA and HITECH act stresses confidentiality for the purpose of protecting the ethical integrity of an employer and the privacy of its patients.
References
Lindquist & Vennum > Publications What does the HITECH Act mean to your organization? . (n.d.). Lindquist & Vennum. Retrieved August 28, 2013, from http://www.lindquist.com/pubs/xprPubDetail.aspx?xpST=PubDetail&pub=78 Former patient claims confidentiality breach in Prime Healthcare lawsuit | California Watch. (n.d.). California Watch | Bold new journalism. Retrieved August 28, 2013, from http://californiawatch.org/dailyreport/former-patient-claims-confidentiality-breach-prime-healthcare-lawsuit-18788 HIPAA / HITECH Assessment. (n.d.).CompliancePoint. Retrieved August 28, 2013, from http://www.compliancepointis.com/sub_com Health Insurance Portability and Accountability Act (HIPAA). (n.d.).CompliancePoint. Retrieved August 28, 2013, from http://www.compliancepointis.com/sub_compliance_hipaa.asp?gclid=CJeByd7a-7gCFYik4AodPRQAFg