Response To Compliance Management Scenario

According to the US department of health services the most common HIPAA violation in hospitals is the impermissible uses and disclosures of protected health information. A prevalent scenario is when a health care worker accesses files of patients who are not under the worker’s care. Anyone that is not directly related to the patients’ health care or insurance is not allowed to access the patients’ health records. This can be prevented by having all employees participate in HIPPA training after a direct violation of the policy along with mandatory training before their employment. Another preventive measure is informing workers, upon employment, that electronic medical records indirectly allow for monitoring the use and misuse of patient files.

The act is meant to followed by the rules, but the state can change certain thing according to the way it believes HIPAA should be done. If someone were to commit theft, he or she would have to pay thousand in fines and be sentenced to ten years of imprisonment. The hospitals and medical institutes must call, mail, email, or use the media to inform the victims that his or her information is a risk. They will have up to 30 days to contact everyone involved or an additional 30 if he or she is having trouble finding a large number of people or if the police have to become part of the solution.

HIPPA Breaches A Common Legal Issue in Healthcare When it pertains to patient health information discretion is paramount. Protecting patients from threats that could endanger their rights is essential and the primary reason for safeguarding their personal information is to secure the interest of the individuals who are entrusting the organization with their information. There are however breaches to individuals’ private health information. In the healthcare field one common legal issue is HIPPA and data breaches.

1- HIPAA Enforcement rule became stricter Because of the lack of compliance from many covered entities with HIPAA privacy and security rules, the enforcement rule is procreated. The Department of Health and Human Services HHS is given the power by the enforcement rule to look for any unauthorized access of PHI (Protected Health Information) in any covered entity against HIPAA Privacy rule. In the same time the enforcement rule gave The Department´s Office for Civil Rights the qualification to apply a criminal charge as penalties against HIPAA violation and for a person who commits an illegal act, who fail to introduce corrective measures within 30 days. 2007: CMS announced the deadline for compliance with the National Provider Identifier (NPI) It is mandated by HIPAA, that all health care providers use their NPI, which is an individual identification number, to identify themselves.

Nurses and doctors take the oath to protect the privacy and the confidentiality of patients. Patients and their medical conditions should not be discussed with anyone who is not treating the patient. Electronic health records are held to the same standards as nurses in that information is to be kept between, and shared only with the immediate care team. HIPAA violations are not taken lightly nor are the violation fines cheap. Depending on the violation, a hospital can be fined from $100 to $50,000 per violation (National Nurse 2011 p 23).

Understanding HIPAA laws, following them and reporting violations safeguard confidential

Unfortunately HIPAA violations happen every year in our country. In fact, a situation happened in a New York-Presbyterian Hospital and Columbia University Medical Center on May 7th 2010. The HIPAA violation happened after the electronic health records of 6,800 patients ended up on Google for the world to see. The United States Department of Health and Human Services (HHS) who are responsible for HIPAA enforcement laws deeply investigated this case. It was discovered that a Columbia University physician who developed applications for New York-Presbyterian Hospital and Columbia University, attempted to deactivate a personally owned computer server on the network containing electronic protected health information (ePHI).

The hospital employee failed to keep protected health information secure and violated the patient’s privacy. Unauthorized information concerning the patients’ medical condition and treatment plan were released to an unauthorized contact phone number and person. Applying administrative safeguards to protect the organization's health information covers security objectives, such as confidentiality, which was breached in this particular case. The patient’s privacy rights and HIPAA law were violated because the health care organization provided an unauthorized disclosure and ignored the patient’s specific communication request. The patient had specifically provided an alternative contact number at her work, and the hospital failed to accommodate

HIPAA Violation rocks hospital! An employee at St. Charles Health system accessed over 2400 patients’ medical records over a two-year period because they were curious. We all know that curiosity killed the cat and now it may have direr consequences for this curiosity seeker and the hospital system. HIPAA Violation without intent to commit fraud The employee who viewed the protected health information (PHI) without a legitimate reason to do so is in jeopardy of large civil fines, loss of their respective clinical license and criminal prosecution.

There was an obvious breach of duty by the nurse who was doing a procedure on the wrong patient. The nurse should have correctly identified Dr. McKey before continuing with the enema.

Code Black If you have ever been to the ER for a non-life-threatening emergency, then you are aware of the long wait times associated. This is a common complaint amongst patients and many do not understand the reasons behind it. Code Black is a documentary that attempts to show the drawbacks of our current health care system by taking viewers into a public hospital.

The nurses and faculty that violate the privacy rule will face severe consequences such as civil and criminal penalties. For example, when violations occur, $100 to $25,000 per year will need to be paid off depending on the situation. Not only that, but going to prison can also be added depending on what and how the information was released (Wimberley et al., 2005, 489). Taking the time to correctly deliver the process of not releasing confidential information is needed, so there wouldn’t be any consequences or violations to the privacy

The code of ethics is important—providing nurses with the knowledge of exactly what to do in certain situations. The code of ethics for nurses make the nurses’ job easier because the provisions promote knowledge, team collaboration which makes caring for patient almost effortless. In contradiction, the third provision states imply that “nurses advocate for, and protects the rights, health, and safety of the patient” (Lachman et al., 2015). The third provision could present with a dilemma when it comes to whistle blowing. Whistle blowing is described as “telling the truth about individuals or systems that are harming or potentially could harm patients, regardless of personal outcome” (Hopper 2011).

These mistakes include the nurse’s public announcement of the issue, Sue’s access of the chart to discover information about the patient’s diagnosis,

A breach in security can cost healthcare organizations thousands of dollars. A failure in the measures implemented to protect electronic health information can also affect the healthcare organization patients. A data breach compromises patients name, address, social security numbers, as well as patient treatment information. Patients are put at risk of experiencing insurance fraud and identity theft. Per Aggarwal, Jamsed, Ozair, and Sharma, Prime Health Care Services Inc., paid $275,000 to settle a federal investigation for a violation of patient privacy (2015).