Nurses and doctors take the oath to protect the privacy and the confidentiality of patients. Patients and their medical conditions should not be discussed with anyone who is not treating the patient. Electronic health records are held to the same standards as nurses in that information is to be kept between, and shared only with the immediate care team. HIPAA violations are not taken lightly nor are the violation fines cheap. Depending on the violation, a hospital can be fined from $100 to $50,000 per violation (National Nurse 2011 p 23).
According to the US department of health services the most common HIPAA violation in hospitals is the impermissible uses and disclosures of protected health information. A prevalent scenario is when a health care worker accesses files of patients who are not under the worker’s care. Anyone that is not directly related to the patients’ health care or insurance is not allowed to access the patients’ health records. This can be prevented by having all employees participate in HIPPA training after a direct violation of the policy along with mandatory training before their employment. Another preventive measure is informing workers, upon employment, that electronic medical records indirectly allow for monitoring the use and misuse of patient files.
HIPPA Breaches A Common Legal Issue in Healthcare When it pertains to patient health information discretion is paramount. Protecting patients from threats that could endanger their rights is essential and the primary reason for safeguarding their personal information is to secure the interest of the individuals who are entrusting the organization with their information. There are however breaches to individuals’ private health information. In the healthcare field one common legal issue is HIPPA and data breaches.
Code Black If you have ever been to the ER for a non-life-threatening emergency, then you are aware of the long wait times associated. This is a common complaint amongst patients and many do not understand the reasons behind it. Code Black is a documentary that attempts to show the drawbacks of our current health care system by taking viewers into a public hospital.
There were specific situations that led to the cause of Julie Thao's actions of medication error and the death of Jasmine. The situation could have completely been avoided had Julie followed the code of ethics and avoided shorts to provide proper care for the patient. The state claimed that Thao's mistake was caused by actions, omissions and unapproved shortcuts, however, there were other factors that played a role in her carelessness as well. While failure to comply with procedure has been a factor in the medication administration error, other factors contributed as well. For example, failure to properly use the information system, or to ignore alerts or warnings have also resulted in preventable errors (Nelson, Evan, & Gardener, 2005).
Unfortunately HIPAA violations happen every year in our country. In fact, a situation happened in a New York-Presbyterian Hospital and Columbia University Medical Center on May 7th 2010. The HIPAA violation happened after the electronic health records of 6,800 patients ended up on Google for the world to see. The United States Department of Health and Human Services (HHS) who are responsible for HIPAA enforcement laws deeply investigated this case. It was discovered that a Columbia University physician who developed applications for New York-Presbyterian Hospital and Columbia University, attempted to deactivate a personally owned computer server on the network containing electronic protected health information (ePHI).
The hospital employee failed to keep protected health information secure and violated the patient’s privacy. Unauthorized information concerning the patients’ medical condition and treatment plan were released to an unauthorized contact phone number and person. Applying administrative safeguards to protect the organization's health information covers security objectives, such as confidentiality, which was breached in this particular case. The patient’s privacy rights and HIPAA law were violated because the health care organization provided an unauthorized disclosure and ignored the patient’s specific communication request. The patient had specifically provided an alternative contact number at her work, and the hospital failed to accommodate
In this case study the primary nurse, Amelia Wilkerson, is caring for a patient, Katy Palmer who has recently been admitted to the hospital for fatigue and abnormal lab counts. The patient asks Amelia for information regarding her diagnosis. Amelia has seen Katy’s results and knows that she has been diagnosed with acute myelogenous leukemia. The ethical dilemma seen in this situation is that it is outside of the scope of practice for Amelia to discuss Katy’s original diagnosis with her.
The nurses and faculty that violate the privacy rule will face severe consequences such as civil and criminal penalties. For example, when violations occur, $100 to $25,000 per year will need to be paid off depending on the situation. Not only that, but going to prison can also be added depending on what and how the information was released (Wimberley et al., 2005, 489). Taking the time to correctly deliver the process of not releasing confidential information is needed, so there wouldn’t be any consequences or violations to the privacy
The code of ethics is important—providing nurses with the knowledge of exactly what to do in certain situations. The code of ethics for nurses make the nurses’ job easier because the provisions promote knowledge, team collaboration which makes caring for patient almost effortless. In contradiction, the third provision states imply that “nurses advocate for, and protects the rights, health, and safety of the patient” (Lachman et al., 2015). The third provision could present with a dilemma when it comes to whistle blowing. Whistle blowing is described as “telling the truth about individuals or systems that are harming or potentially could harm patients, regardless of personal outcome” (Hopper 2011).
A breach in security can cost healthcare organizations thousands of dollars. A failure in the measures implemented to protect electronic health information can also affect the healthcare organization patients. A data breach compromises patients name, address, social security numbers, as well as patient treatment information. Patients are put at risk of experiencing insurance fraud and identity theft. Per Aggarwal, Jamsed, Ozair, and Sharma, Prime Health Care Services Inc., paid $275,000 to settle a federal investigation for a violation of patient privacy (2015).
If we as nurses respect the confidentiality of a patient, we should do so for all the patients. However, Griffith (2007) argues that the duty of confidence should not be absolute and nurses should always consider sharing information if required. Though the principle of respecting patient autonomy and their right to confidentiality is broken here, the principle of beneficence and non-maleficence is uphold. Nurses have an obligation to protect patient’s confidentiality but the duty to warn an innocent party of imminent harm is far more critical. Therefore, breaking confidentiality here is potentially doing more good than