Security and Privacy
Security and Privacy
HCS/533
February 10, 2014
Aimee Kirkendol
Security and Privacy
Introduction
Protecting patient’s privacy is of the most important when it comes to the health care field. There are many individuals who want to steal information which is not theirs, but allows them to this information to get what they want and this is, called identity theft. This paper will take a look at the incident at St. John’s Hospital and what should be done with patient information and what not to do with unwanted files. This paper will also take a look at the management plan and code of conduct.
Security Breach
It has been brought to the attention of the administrative office that there has been a security breach of policies and procedures concerning the protection of confidential client information. On numerous occasions, personnel who are working late have observed the cleaning staff reading discarded printouts. This is a violation of the HIPAA Laws, which are put in place to protect patients. This has taken place in a restricted-access IS department, and a problem like this should never have happened. All patient information printouts that are to be discarded should be shredded before being disposed of. When a document is thrown into the trash like these printouts were then they are open to the public and therefore a breach of information. This is the same as discussing patient information in waiting areas, hallways, or elevators. There are other people around who can listen to the conversation and therefore the patient’s information has been breached (Hicks, Joy, 2014).
What action should be taken toward cleaning personnel?
The cleaning staff was scene reading documents that were thrown in the trash while performing their cleaning duties. Technically the cleaning staff was not violating any laws because the printouts were tossed into the trash which makes them public information. With that being said the cleaning staff should be
HCS/533
February 10, 2014
Aimee Kirkendol
Security and Privacy
Introduction
Protecting patient’s privacy is of the most important when it comes to the health care field. There are many individuals who want to steal information which is not theirs, but allows them to this information to get what they want and this is, called identity theft. This paper will take a look at the incident at St. John’s Hospital and what should be done with patient information and what not to do with unwanted files. This paper will also take a look at the management plan and code of conduct.
Security Breach
It has been brought to the attention of the administrative office that there has been a security breach of policies and procedures concerning the protection of confidential client information. On numerous occasions, personnel who are working late have observed the cleaning staff reading discarded printouts. This is a violation of the HIPAA Laws, which are put in place to protect patients. This has taken place in a restricted-access IS department, and a problem like this should never have happened. All patient information printouts that are to be discarded should be shredded before being disposed of. When a document is thrown into the trash like these printouts were then they are open to the public and therefore a breach of information. This is the same as discussing patient information in waiting areas, hallways, or elevators. There are other people around who can listen to the conversation and therefore the patient’s information has been breached (Hicks, Joy, 2014).
What action should be taken toward cleaning personnel?
The cleaning staff was scene reading documents that were thrown in the trash while performing their cleaning duties. Technically the cleaning staff was not violating any laws because the printouts were tossed into the trash which makes them public information. With that being said the cleaning staff should be
References: Code of Ethical Conduct (2011) Mount Sinai Hospital, Joseph and Wolf Lebovic Health Complex, Retrieved on 1/8/14 from www.mountsinai.on.ca/for-physicians/code-of-conduct2011.pdf Community Tool Box (2013) Developing a Management Plan, Retrieved on 1/8/14 from ctb.ku.edu/en/table-of-content/leadership/effective-manager/management-plan/main Hicks, Joy (2014) About.com Medical Office, Avoid Violation of HIPAA Laws, Retrieved on 1/9/14 from medicaloffice.about.com/od/compliance/a/5-Ways-To-Break-Hipaa-Compliance.htm U. S. Department of Health and Human Services (2014) Health Information Privacy, Retrieved on 1/8/14 from www.hhs.gov/ocr/privacy/hipaa/understanding/training/index.html