Discussion Week 4 IFSM 305: Lori Allen

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 4

Discussion Week 4 Lori Allen Number of pages: 4

Discussion Week 4

IFSM 305

Lori Allen

1
Discussion Week 4 Lori Allen Number of pages: 4

In today's world of healthcare, physicians, hospitals, clinics, and other providers have the unique ability

to use the technological advances that are at their disposal to promote and advance the health of

patients. All this has been made possible by the creation of computers, internet, software, hardware

systems that enable providers to not only have all the information regarding the patient at their

fingertips, but they are also able to share this information with others in the field who may need this

information to complete or contribute to the care of the patient. While this is an excellent tool and is

widely being used worldwide, it is dealing with sensitive information regarding people's health, personal

information such as names, address, phone numbers, diagnoses and much more. Therefore, it was

necessary to implement a standard for keeping this information safe and secure while allowing the flow

of information to be easily and effectively organized and transmitted throughout multiple healthcare

organizations. This standard is The Health Insurance Portability and Accountability Act of 1996, (HIPPA).

This act was established to ensure that patients' health records would be handled with the utmost care

with regards to privacy, security and accountability (S ummary of the HIPAA Security Rule", 2021). HIPPA

security states that health record data should be held in a secure place. This means that the computers

used, for example, should be data encrypted. When taking into consideration the question at hand, I

believe that there has been a violation of HIPPA security rules. The reason being that the individual in

charge of data protection, or systems operations management should be aware of the HIPPA rules, and

the potential threat caused by the data not being encrypted. This would, in my mind constitute a Tier 4

violation of HIPPA regulation and potentially put many patients in danger and this also carries a fine of

up to 50.000 dollars. (Journal H, 2021)

In order to prevent this type of situation in the future, there are several steps that should be taken.

2
Discussion Week 4 Lori Allen Number of pages: 4

1. All computers, or electronic devices used to store patient information should be kept in spaces that

only staff members can access such as behind doors with passcodes. In rooms which are designated as

“staff only”.

2. All data should be encrypted according to HIPPA rules. This should be done by the individual

responsible for information systems management in the proposed clinic or organization.

3. Each computer should have audit controls so that each person accessing it will be logged and time

stamped.

3
Discussion Week 4 Lori Allen Number of pages: 4

Bibliography

Summary of the HIPAA Security Rule. HHS.gov. (2021). Retrieved 9 April 2021, from

https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html.

Journal, H. (2021). What are the Penalties for HIPAA Violations?. HIPAA Journal. Retrieved 9 April 2021,

from https://www.hipaajournal.com/what-are-the-penalties-for-hipaa-violations-7096/.

You might also like