HIPAA Privacy Rule: Ensuring Patient Confidentiality in Healthcare

Verified

Added on 2023/01/11

AI Summary

Running head: ETHICS
Student name
Student No.
Unit
Title: The HIPAA Privacy Rule

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

ETHICS
Description of HIPAA and its compliance
Health care professionals are under a legal and ethical obligation to ensure privacy
and confidentiality of patient’s information. Over the past years, there has been increased
debate on what can and cannot be done with patient’s information. The debate also focused
on who have access to the patient’s information and for what purposes. With these on
discussion, the Health Insurance Portability and Accountability Act (HIPAA) saw the need to
increase accountability, health protection and effective and efficient administration on the
patient’s information. According to McCullough (2013) patient’s privacy and confidentiality
has been an issue in the health care setting, dilemma arising on what information about the
patient should not be shared and who should keep the patient’s family updated on the
treatment progress. With the introduction of the HIPAA privacy rule, there has been more
confusion in the health care facilities on what should and should not be shared as the health
care professionals fear the repercussions. The HIPAA privacy rule was put across to protect
the health information of patients as well as draw a clear cut on the rights of the patient as
pertains their health information. According to the US Department of Health and Human
Services (2017) the HIPAA privacy rule gives the patient more control over their health
information, creates boundaries on the release and use of the patient’s health information,
puts responsibility on health care professionals as the custodians of patient’s records and
gives punishment on whoever violates the rule. The rule also outlines the penalties and
consequences that follow after its violation.
McGrowan (2012) claims that since the introduction of the privacy rule, even health
professionals are afraid of giving any update on the patient’s status to their families due to
fear of violating the rule. Access to information and giving complete communication on the
patient’s status (for example when in the Intensive Care Unit) gives more satisfaction to the
patient’s family. Confidentiality is an essential element in health care setting but privacy is

ETHICS
not an absolute right but counterclaims like other people’s rights have to create a balance. As
a health care professional, I must be conversant with this rule so as to maintain the
boundaries set during disseminating the patient’s information to any party including the
family members. The rule allows me to share the information that is relevant to the
involvement of the family or any other person the patient identifies (Schwarzkopf et al.
2013). When the patient is able to make decisions, I may discuss the information with the
family members. In cases of emergency or when the patient is unavailable, I would have to
make the decision on the patient’s best interest. The law also allows me to disclose patients’
health information, for instance when the patient is found with a condition that puts the public
at danger.
Events of information breach
There are different ways in which health care organizations can violate the HIPAA
privacy rule. In certain American psychotherapy organisation would send the patient’s bills to
the collections company. This bills contained confidential information that could be used to
access the patient’s health care records. The State of New Jersey suspended and revoked the
organization’s license for not complying with the privacy rule, stating that in case the
patient’s bills were to send to a collection firm, then patient’s medical data must be omitted.
In another case, a nurse diagnosed her brother-in-law with an STD and send texts to her sister
to warn her of the disease. The man filled a law suit against the clinic but the judge dismissed
the case on the claim that the nurses’ actions were based on personal reason, although the
clinic had suspended the nurse (Blightma, Griffiths and Danbury, 2014). For this case, the
nurse should not have disclosed the man’s health information as per HIPAA, but still
considering that it was her close family member (her sister), one would be tempted to
disclose the information.

ETHICS
Preventing breach of patients’ information
To protect patients’ information from getting in the wrong hands, the hospital
management must ensure that security measures have been taken to protect patients’
information from hackers. All software should be up to date, use of strong passwords and use
of two factor authentication when login in. there could be much work in health care facility
hence the need to partner with other vendors. The third party should be trustworthy so that
they cannot breach any organization’s information. Any data stored in the vendor’s system or
any data transferred to the vendor should be encrypted using the right encryption algorithms.
Hard drives and any other devices handling patient’s information should be encryption
enabled. In case the health facility switches vendors, patients’ information with the previous
vendor must be completely destroyed.
Impact of information breach to the patient
According to Beltran-Aroca, Collazo-Chao, Montero-Perez-Barquero and Munoz-
Villanueva (2016), respecting one’s health records confidentiality helps safeguard their health
and well-being and also creates confidence of the society towards the doctor. Patient’s health
information does not only include their diagnoses and test results but also their lifestyle, what
they do and their habits. Disclosing these or getting in to the wrong hands could destroy the
patient’s reputation, lose certain opportunities or even lead to personal humiliation. However,
according to Hendelman & Byszewski(2014) there are exceptions to this confidentiality rule
especially the public health is under threat.
Impact of information breach to the nurse and their profession
For a health care professional who breaks the privacy and confidentiality rule, they
are faced with serious consequences. The consequences could include filing a law suit, losing
their clients and the relationship between the nurse and the patients is destroyed, termination

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

ETHICS
of one’s employment and criminal charges (Hunziker et al. 2012). When a lawsuit is filed,
evidence on the breach should be gathered that shows that there was an irreparable harm. In
most cases, health care facilities buy malpractice insurance to protect as a protection against
any kind of medical malpractice. Breaching the privacy rule could tarnish the nurse
reputation (Braun, Vance and Alexander, 2015). Although this could seem like a less fine, it
could have a long term consequence on the employee especially where the competing
companies are familiar to one another.

ETHICS
References
Beltran-Aroca, C. M., Girela-Lopez, E., Collazo-Chao, E., Montero-Pérez-Barquero, M., &
Muñoz-Villanueva, M. C. (2016). Confidentiality breaches in clinical practice: what
happens in hospitals?. BMC medical ethics, 17(1), 52. doi:10.1186/s12910-016-0136-
y
Braun, C. K., Vance, A., & Alexander, E. C. (2015). Managing Patient Confidentiality Issues
in Rural American Hospitals: Dealing with HIPAA in Central Appalachia. Ethics &
Critical Thinking Journal, 2015(2).
Blightman, K., Griffiths, S. E. and Danbury, C. (2014) Patient confidentiality: when can a
breach be justified?, Continuing Education in Anaesthesia Critical Care & Pain,
Vol.14, No. 2,pp. 52–56, https://doi.org/10.1093/bjaceaccp/mkt032
Hendelman, W., & Byszewski, A. (2014). Formation of medical student professional identity:
categorizing lapses of professionalism, and the learning environment. BMC medical
education, 14(1), 139.
Hunziker, S., McHugh, W., Sarnoff-Lee, B., Cannistraro, S., Ngo, L., Marcantonio, E., &
Howell, M. D. (2012). Predictors and correlates of dissatisfaction with intensive care.
Critical care medicine, 40(5), 1554.
McCullough, J. (2017). Maintaining patients’ privacy and confidentiality with family
communications in the Intensive Care Unit. The Journal for high acuity, progressive
and critical care nursing, Vol. 33, No. 5, pp. 77-79. Doi: 10.4037/ccn2013310
McGowan C. (2012). Patients’ confidentiality. Crit Care Nurse, 32(5):61–64.

ETHICS
The US Department of Health and Human Services. (2017). Summary of the HIPAA Rule.
Retrieved from: https://www.hhs.gov/hipaa/for-professionals/privacy/laws-
regulations/index.html
Schwarzkopf, D., Behrend, S., Skupin, H., Westermann, I., Riedemann, N. C., Pfeifer, R. &
Hartog, C. S. (2013). Family satisfaction in the intensive care unit: a quantitative and
qualitative analysis. Intensive care medicine, 39(6), 1071-1079.