UNIT 9

avatar
Created by
Rolando Carbonell

Cards (75)

  • Three Main Aspects of Information Ethics
    • General Ethics
    • Informatics Ethics
    • Software Ethics
  • Autonomy
    The idea of either allowing individuals to make their own decisions in response to a particular societal context or being free from external influence or control
  • Electronic Health Records (EHR)

    • Must respect patient autonomy
    • Includes certain restrictions about access, content, and ownership of records
    • Balance: too much patient control may defeat the purpose of the document because critical information may be modified or deleted without the knowledge of the health professional. Limited patient access and control improve document quality because patients also verify their records
  • Beneficence
    Do good
  • Non-maleficence
    Do no harm
  • Beneficence in health informatics
    Relates most significantly with the usage of stored data in the EHR system
  • Non-maleficence in health informatics
    Relates most significantly with how data is protected
  • Deeply integrated EHR systems are rich in raw data that can be utilized in groundbreaking biomedical and public health research
  • New EHR systems should be developed with consent features for researchers and scientists
  • Consolidated clinical data from repositories may provide the best possible treatment data for their patient, which further upholds beneficence
  • Integrated data storage in health informatics is also a breeding ground for varying threats like temporary outages or even total system failures resulting in the inability to performs necessary procedures or, at its worst, significant patient mortality
  • Multiple backups for fast and easy recovery should remedy such problems
  • Medical records contain sensitive information about an individual; it deserves the highest level of data security
  • Vulnerabilities in security put patients at risk and lead to a violation of non-maleficence
  • Principles of Informatics Ethics
    • Information-Privacy and Disposition
    • Openness
    • Security
    • Access
    • Legitimate Infringement
    • Least Intrusive Alternative
    • Accountability
  • Health information ethics relies on the use of the software to store and process information
  • Software developers should ensure that completed activities serve the best interest of the institution and its employees
  • Software developers should be straightforward about their limitations and qualifications
  • Software developers must build products that meet the professional standards through testing and detailing unresolved issues
  • EHR's are widely used in developed countries
  • Advantages of EHR's
    • Improve the quality of care
    • Reduce cost
    • Enhance patient mobility
    • Reliable
    • Enable evidence-based medicine
  • Concerns that challenge low to middle-income countries to transition from paper-based to EHR systems
    • Privacy and confidentiality
    • Security and Data integrity
    • Availability
  • Protected Health Information (PHI)

    Diagnostic report that includes the patient's name, Social Security card number, and zip code
  • There are 18 data elements identified by the Health Insurance Portability and Accountability Act (HIPAA) as Protected Health Information
  • Privacy
    In healthcare settings refers to people's right to control access to their personal information. People have the authority to determine what information to share, with whom, and how
  • The HIPAA Privacy Rule protects the privacy of individually identifiable health information
  • The HIPAA Privacy Rule does not apply to the use or disclosure of "de-identified health information," which implies that the data do not contain protected health information (PHI)
  • Security
    Refers to the protection measures and tools that safeguard health information and health information systems from any unauthorized access to or modification of information, denial of service to authorized users, and provision of service to unauthorized users
  • Components of Security
    • Data security
    • System security
  • Confidentiality
    Either a tool to protect privacy or an act limiting disclosure of private matters. The intent is to ensure that individual health information is used for the intended purpose only, and that patient consent is required for any disclosure
  • Clear articulation of privacy, security, and confidentiality is foundational to the development and adoption of health informatics standards to prevent disclosure of PHI
  • The National Institute of Standards and Technology (NIST) "Confidentiality, Integrity, and Availability Triad" is a sound framework with which to analyze an organization's security management practices
  • Three Levels of Security in the Hospital Information System
    • Administrative
    • Physical
    • Technical
  • Administrative Safeguards for HIS
    • Regular risk assessment of other health IT environment
    • Continuous assessment of the effectiveness of safeguards for electronic health information
    • Detailed processes and procedures for viewing and administering electronic health information
    • Training for the users of health IT to appropriately protect electronic health information
    • Reporting of security breaches (e.g., Those entities required by law or contract) and continued health IT operations
  • Physical Safeguards for HIS
    • Office alarms systems
    • Locking offices and areas that contain computing equipment that stores electronic health information
    • Having security guards that make regular rounds in the vicinity
  • Technical Safeguards for HIS
    • Configuration of computing equipment to ensure security (e.g., Virus checking, firewall)
    • Using certified applications and technologies that store or exchange electronic health information
    • Setting up access controls to health IT and electronic health information
    • Encryption of electronic health information
    • Regular audit of the health IT operations
    • Having back up capabilities (e.g., Regular backups of electronic health information to another computer file serve)
  • 5 Key Functions of Technological Security Tools
    • Availability
    • Accountability
    • Perimeter Identification
    • Controlling access
    • Comprehensibility and control
  • Key Steps in Laboratory Information Flow for a Hospital Patient
    1. Register Patient
    2. Order Tests
  • The patient record (e.g., ID Number, name, sex, age, location) must be created in the LIS before the test/s
  • The LIS usually receives these data automatically from the hospital registration system when a patient is admitted