Tag: data privacy

Healthcare Privacy and Ethics In The Age Of Technology

By Brooke Faulkner, freelance writer; @faulknercreek.

Computer, Business, Office, TechnologyAdvancements in medical technology grant modern patients access to better care than ever before, but they also come with serious privacy concerns. Widespread data breaches in the realm of digital health records led to the implementation of the Health Insurance Portability and Accountability Act (HIPAA) in 1996, and it’s a relevant as ever in the present day.

The federal government takes HIPAA violations extremely seriously, and fines for data breaches can reach up to $1.5 million per violation category, per year. The U.S. Department of Health and Human Services (HHS) Office for Civil Rights is responsible for enforcing HIPAA. The stiff penalties for violations have led to a decrease in data breaches in recent years. Forbes reports that HIPAA violations decreased three-fold in the years between 2014 and 2018, citing data from HHS.

In our current healthcare climate, patient privacy and data protection go hand in hand. HIPAA is meant to protect sensitive patient medical records while adhering to ethical principles. With the rise of alternate treatments like medical marijuana and CBD, which are illegal or regulated in many states, ensuring patient privacy is more important than ever. Here’s how patient privacy and ethics intersect in the age of technology.

Healthcare administrators, ethics and privacy

The role of the healthcare administrator is a complex one that merges patient care and bureaucratic involvement. Healthcare administrators are a major player in the front lines of HIPAA compliance. One of the biggest ethical dilemmas of the role is maintaining each patient’s right to privacy and autonomy. Administrators often play a big part in ensuring that a facility properly adheres to HIPAA and other relevant laws and regulations.

Of course, ensuring patient privacy only goes so far in certain situations. A healthcare administrator may break confidentiality under particular circumstances, such as when patients may harm themselves or others. Cultivating a thorough understanding of applicable laws and knowing when to break confidentiality is integral to maintaining a balance of patient privacy and ethics.

It may not always be easy to determine if or when confidential information should be shared. A psychiatrist in Singapore was recently fined $50,000 for breaching medical confidentiality by sharing confidential patient information with an unauthorized party. A man posing as a patient’s husband contacted the psychiatrist, claiming that his “wife” was suicidal. The psychiatrist had previously determined that his patient was at risk of self-harm, and he wrote a memo for the man that included confidential medical information. The man turned out to be the patient’s brother rather than her husband, and he did not have legal access to the patient’s medical information.

In this case, while the psychiatrist was within his rights to share information related to his patient’s potential for self-harm, he did not verify the identity of the family member who ultimately received the confidential medical information. Thus, the patient filed a complaint with the Singapore Medical Council (SMC). The SMC handed down the stiff penalty and censure as a form of “general deterrence” for similar situations in the future, and healthcare administrators should take note of the decision.

The role of the medical provider

The topics of patient privacy and ethics form the backbone of numerous industry jobs, from healthcare administrators to nurses and medical assistants. In many cases, medical assistants are directly responsible for administrative tasks, including the collecting and handling of patient data. Because of this fact, a medical assistant must ensure that he or she adheres to all pertinent privacy regulations and take the utmost care to keep patient data safe. Nurses also come in contact with sensitive patient data and should take similar precautions to avoid a potential HIPAA violation.

Ensuring patient data privacy starts at the training level for medical assistants. Best practices for maintaining electronic patient medical records is a key focus in any assistant’s education, but it’s particularly important for those interested in pharmacology. As a student, a medical assistant should be trained in HIPAA and similar regulations in order to develop a keen understanding of what’s at stake. A HIPAA breach could result in fines, but guilty parties may also be stripped of their individual licenses as well, causing many to lose their job and be barred from future employment in the healthcare industry.

While not all HIPAA violations result in termination, repercussions for individuals depend on the policy of the healthcare facility or organization and the severity of the violation. In 2018, a Texas nurse was fired after violating HIPAA regulations by posting sensitive patient data on social media. While posted information did not include a patient name, it contained specific details about the patient’s condition, and the nurse’s social media profile listed the facility in which she worked. Her employer, Texas Children’s Hospital, determined that the violation was severe enough to warrant firing her.

Continue Reading

Recognizing Risks of Healthcare Technology

By Brooke Faulkner

There’s no question that the forward march of medical technology has improved personal and public health, creating lasting positive change for humanity. New technology, however, sometimes comes with risks. While those risks rarely outweigh the potential advantages, fully exploring and preparing for them is an important responsibility.

New Solutions Pose New Dangers

One demonstration of this relationship occurred as we were developing medical devices meant to be used inside the human body. Using medical devices internally presents the problem of contamination from external sources, and we learned that killing bacteria isn’t enough — specifically, we discovered that the endotoxins produced by dead bacteria can also be harmful.

That particular issue, we’ve already solved. It is, however, an excellent example of how new benefits can present dangers that we hadn’t contended with before: our ability to kill bacteria presented a new problem as our technology continued to improve, and we started putting medical devices inside the body. We realized that some types of dead bacteria are still dangerous, and that our sterilization standards had to improve.

This relationship between new advancements and new risks continues today, although it takes different forms. The hot-button issue these days has more to do with data and privacy, which while not directly health related, has significant risks when breached.

Healthcare Data Innovations and Breakthroughs

Our ability to collect, process, and draw conclusions from ever larger amounts of data has been a huge boon to the medical industry.

This method of tracking and categorizing physical assets, as well as patients, can be very useful in preventing serious accidents caused by miscommunication. Even life-threatening mistakes, such as wrong-site surgery, can be prevented by good data management. Timing, types, and amounts of medication can also be streamlined with this process, which could for example automatically sweep a database for potential adverse reactions or conflicts before a drug is prescribed to a patient.

On both a wide and individual scale, the applications of our improving data technology are saving lives and improving the quality of life of patients.

All this integration, however, comes with those pesky risks. Not nearly enough to warrant halting progress but enough to need heavy consideration.

Cybersecurity in Healthcare

The problem with health data is it’s often some of the most private and consequential data about human beings. That, unfortunately, makes it some of the most profitable to identity thieves, and even advertisers with few scruples. Healthcare data can be held to ransom, used for identity theft, or even insurance fraud. As DeVry University notes: “Your name, address, date of birth and Social Security number are all in one convenient location — ripe for stealing. Cybercriminals can take your private health information (PHI) and sell it for high prices. In fact, stolen medical records sell for 10 to 20 times more than stolen credit card numbers.”

Continue Reading