Professional Documents
Culture Documents
HIPPAA, a federal law called the Health Insurance Portability and Accountability Act
which applies to most health care practitioners and has set in place detailed rules regarding
privacy, access, and disclosure of information. Health care practitioners as well as health care
workers have a duty to keep personal medical information confidential and by law,
communication between the patient and doctor is strictly confidential. Not only doctor-patient
communications should be kept confidential, but there records are required to be kept
confidential as well. Not even family members are necessarily or automatically allowed to have
access to information. All patients are entitled to confidentiality unless they give permission for
disclosure or they are unable to express a preference due to their condition.
HIPPA Violations. Violating HIPAA is expensive and punishable by law.
Noncompliance penalties cost anywhere between $100 to $50,000 and is based upon the level of
negligence. The vast majority of data breaches are due to stolen or lost data that was
unencrypted. Best practices, which most employees are taught upon hiring, are often the best
way to protect patient data. Data breaches frequently occur when employees lose unencrypted
portable devices, mistakenly send patient health information to vendors who then post that
information online, or even disclose personally identifiable, sensitive information on social
networks. Employee training and adherence to security policies and procedures is extremely
important. (Confidentiality and HIPAA)
With Electronic Health Records growing in use and popularity, theft is on the rise as well.
Almost half of all data breaches are the result of theft. Unencrypted laptops, smartphones, and
other portable devices run the risk of data breaches. Certain companies, such as TrueVault, will
store data stored off-premise and prevent data breaches. Electronic health records advocates also
the digitalization of health records and complying with HIPPA regulations. However, numerous
ethical issues arise as technology used in the field is constantly evolving.
References
Angst, C. M. (2009). Protect my privacy or support the common-good? Ethical questions about
electronic health information exchanges. Journal of Business Ethics, 90, 169-178.
Confidentiality and HIPAA. (n.d.). Retrieved May 16, 2015, from
http://www.merckmanuals.com/home/fundamentals/legal-and-ethical-issues/confidentiality-andhipaa
Genes, N., & Appel, J. (2013). Ethics of data sequestration in electronic health records.
Cambridge Quarterly of Healthcare Ethics, 22(4), 365-72.
Mallah, A., Amr, G., Guelpa, P., Marsh, S., & Van Rooij, T. (2010). Personalized Medicine,
Vol.7(2), p.163-170
Meyer, J., & Pyles, J. (2005). The risks of healthcare IT. Modern Healthcare, 35(31), 22.