RUNNING HEADER: ETHICAL ISSUES IN HEALTH IT

Case Study: Ethical Issues in Health IT

Ashley Winans
CIS 101
May 15, 2015
Professor Rell Snyder

RUNNING HEADER: ETHICAL ISSUES IN HEALTH IT

Ethical Issues in Health IT

Ethical issues regarding the use of information technology and systems arise in health
care just as it does in other industries. Principles of privacy, the patient's right to autonomy and
decision-making in the management of their personal health information are current issues of
debate. Many of theses issues are driven by the digitalization of health records as well the Health
Insurance Portability and Accountability Act.
The Digitalization of Health Records
When information is transformed from what has traditionally been a paper-based format
into digitized elements with meaning associated to them, new and intriguing discussions begin
surrounding proper and improper uses of this codified and easily transmittable information
(Angst, 2009, P.171). Many hospitals, facilities, and other stakeholders are engaged in the
process of retroactively digitizing medical information, oftentimes to receive Meaningful Use
incentives from the government. This is creating an enormous reserve of databases of medical
information, which offer improved access to timely information, evidence-based treatments, and
complete records from which to provide care (Angst, 2009, P.172).
The Ethics of Digitalization. Whereas many people believe that electronic health
records have innumerable benefits, others believe that this process of digitization is an egregious
invasion of privacy. There is a questions as to whether the public good aspect of capturing
private health information outweighs individual interests and whether it is ethical to mandate
participation in health information exchanges by all individuals who use the US health system
(Angst, 2009, P.170).
Health Insurance Portability and Accountability Act

RUNNING HEADER: ETHICAL ISSUES IN HEALTH IT

HIPPAA, a federal law called the Health Insurance Portability and Accountability Act
which applies to most health care practitioners and has set in place detailed rules regarding
privacy, access, and disclosure of information. Health care practitioners as well as health care
workers have a duty to keep personal medical information confidential and by law,
communication between the patient and doctor is strictly confidential. Not only doctor-patient
communications should be kept confidential, but there records are required to be kept
confidential as well. Not even family members are necessarily or automatically allowed to have
access to information. All patients are entitled to confidentiality unless they give permission for
disclosure or they are unable to express a preference due to their condition.
HIPPA Violations. Violating HIPAA is expensive and punishable by law.
Noncompliance penalties cost anywhere between $100 to $50,000 and is based upon the level of
negligence. The vast majority of data breaches are due to stolen or lost data that was
unencrypted. Best practices, which most employees are taught upon hiring, are often the best
way to protect patient data. Data breaches frequently occur when employees lose unencrypted
portable devices, mistakenly send patient health information to vendors who then post that
information online, or even disclose personally identifiable, sensitive information on social
networks. Employee training and adherence to security policies and procedures is extremely
important. (Confidentiality and HIPAA)
With Electronic Health Records growing in use and popularity, theft is on the rise as well.
Almost half of all data breaches are the result of theft. Unencrypted laptops, smartphones, and
other portable devices run the risk of data breaches. Certain companies, such as TrueVault, will
store data stored off-premise and prevent data breaches. Electronic health records advocates also

RUNNING HEADER: ETHICAL ISSUES IN HEALTH IT

encourage password-protected files, which will both enhance confidentiality as well as

streamline record retrieval for better patient care.
PHI Protection. Maintaining not only safe, but ethically conscious medical records
depends greatly upon protecting the confidentiality of PHI, or personal health information. Many
organizations have employed an HIM, or Health Information Management professional in each
health care organization is the one responsible for making sure patient information is secure.
Patients are likewise reminded to read the Notice of Privacy Practices from their doctors office
as well to never volunteer their health information over the phone or on a website.
The Ethics of Reporting. In terms of reporting, health care providers are sometimes
required by law to disclose certain health information due to the fact that certain conditions may
present a danger to others. Infectious diseases, such as syphilis, HIV, and tuberculosis, must be
reported, electronically or otherwise, to state or local public health agencies. This is where public
health and public health ethics come into play and also use technology to report, track, and
prevent outbreaks.
Additionally, health care practitioners who notice medical signs of child, adult, or elder
mistreatment (elder abuse) or neglect normally must report such information to protective
services. Conditions that might seriously impair a persons ability to drive, such as dementia or
recent seizures, must be reported to the Department of Motor Vehicles in some states.
Conclusion
The implementation of EHR, or electronic health record, systems is becoming a
necessary step towards improving the efficiency, costeffectiveness and quality of healthcare
systems across hospitals and clinics (Genes & Appel, 2013). Two major considerations include

RUNNING HEADER: ETHICAL ISSUES IN HEALTH IT

the digitalization of health records and complying with HIPPA regulations. However, numerous
ethical issues arise as technology used in the field is constantly evolving.

RUNNING HEADER: ETHICAL ISSUES IN HEALTH IT

References
Angst, C. M. (2009). Protect my privacy or support the common-good? Ethical questions about
electronic health information exchanges. Journal of Business Ethics, 90, 169-178.
Confidentiality and HIPAA. (n.d.). Retrieved May 16, 2015, from
http://www.merckmanuals.com/home/fundamentals/legal-and-ethical-issues/confidentiality-andhipaa
Genes, N., & Appel, J. (2013). Ethics of data sequestration in electronic health records.
Cambridge Quarterly of Healthcare Ethics, 22(4), 365-72.
Mallah, A., Amr, G., Guelpa, P., Marsh, S., & Van Rooij, T. (2010). Personalized Medicine,
Vol.7(2), p.163-170
Meyer, J., & Pyles, J. (2005). The risks of healthcare IT. Modern Healthcare, 35(31), 22.