Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health...
-
Upload
clarissa-dennis -
Category
Documents
-
view
217 -
download
1
Transcript of Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health...
![Page 1: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/1.jpg)
Privacy in HealthcareChallenges Associated with Implementing Privacy
in an Electronic Health Records Environment
John P. Houston, J.D.Vice President, Privacy & Information Security, Assistant Counsel
University of Pittsburgh Medical CenterAdjunct Assistant Professor of Biomedical Informatics
University of Pittsburgh School of Medicine
Privacy in HealthcareChallenges Associated with Implementing Privacy
in an Electronic Health Records Environment
John P. Houston, J.D.Vice President, Privacy & Information Security, Assistant Counsel
University of Pittsburgh Medical CenterAdjunct Assistant Professor of Biomedical Informatics
University of Pittsburgh School of Medicine
![Page 2: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/2.jpg)
2
Questions
What is Privacy?
What is Confidentiality?
What is (Information) Security?
![Page 3: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/3.jpg)
3
Security, Privacy & Confidentiality
• Privacy - the state of being free from intrusion or disturbance in one's private life or affairs. (Random House Dictionary)
• Confidentiality - The ethical principle or legal right that a physician or other health professional will hold secret all information relating to a patient, unless the patient gives consent permitting disclosure. (The American Heritage® Stedman's Medical Dictionary)
• Security - Protection against unauthorized access to, or alteration of, information and system resources including CPUs, storage devices and programs. (Free On-line Dictionary of Computing)
![Page 4: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/4.jpg)
4
Security, Privacy & Confidentiality
(Information) SecurityKeeping the bad guys out.
PrivacyConfidentiality
Making sure that those people who have access to information, only access the information for appropriate purposes.
![Page 5: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/5.jpg)
5
Health Privacy Laws in Pennsylvania
• PA Medical Records Laws• HIPAA Privacy Rule• ARRA Privacy Rule• Federal & State “Sensitive
Information laws
![Page 6: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/6.jpg)
6
Observation
We have reached a tipping point where the volume and complexity of privacy
regulations have made compliance extremely difficult
![Page 7: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/7.jpg)
7
Observation
Even intelligent, well educated and informed individuals do not fully or accurately understand the privacy
regulations
![Page 8: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/8.jpg)
8
Result
Many institutions inappropriately implement privacy regulations
![Page 9: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/9.jpg)
9
Reality
Timely, accurate and complete information is necessary to provide effective and
efficient health care
![Page 10: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/10.jpg)
10
Challenge
To provide the right information to the right individual at the right time
![Page 11: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/11.jpg)
11
Failure must be defined in terms of impacting patient care• Patients often do not know what they really want• Arbitrary or overly restrictive barriers• HIPAA contemplates taking reasonable steps• If we must error, error to the benefit of ensuring that good
quality patient care is delivered
Failure
![Page 12: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/12.jpg)
12
Privacy Is a Balance
Privacy is a balance between:•An individual’s right to have his / her information kept confidential•A provider’s need for information to support the delivery of effective and efficient healthcare•Public / societal interests
Practically speaking privacy is not an absolute
![Page 13: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/13.jpg)
13
Privacy Is a Societal Value
In good faith people have substantial differences of opinion regarding the value
and importance of privacy
![Page 14: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/14.jpg)
14
Reality
The Healthcare industry is quickly moving towards a highly integrated and highly distributable electronic health records
environment
![Page 15: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/15.jpg)
15
Global Access to Information
Health Information ExchangesNationwide Health Information Network
![Page 16: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/16.jpg)
16
The Move to Electronic Health Records
The implementation of an electronic health records environment fundamentally changes the manner in which privacy must
be viewed and addressed
![Page 17: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/17.jpg)
17
How is Privacy Different?
Local Availabilityvs.
Global Availability
![Page 18: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/18.jpg)
18
Paper Records - Local Availability
Information is locked up in a file cabinet or the Medical Records Department
![Page 19: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/19.jpg)
19
Electronic Records - Global Availability
Information is:• Accessible through an institution’s
electronic health records system(s)• Accessible via an HIE• Accessible via the Internet on the
NHIN(future)
![Page 20: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/20.jpg)
20
Myth
Institutions all operate a single monolithic health information system
![Page 21: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/21.jpg)
21
Examples of Issues
• Impractical to honor patient request for additional privacy protections / consents
• Difficult to perform new accounting of disclosure requirements
• Difficult to comply with new “Pay for out of pocket in full” restrictions.
![Page 22: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/22.jpg)
22
Computers areSTUPID!
WARNING!
![Page 23: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/23.jpg)
23
The Evolution of Privacy in EHRs
![Page 24: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/24.jpg)
24
System Flexibility
It is difficult to develop / implement information system controls that support
privacy while providing the flexibility necessary to ensure the efficient and
effective delivery of health care
![Page 25: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/25.jpg)
25
System Flexibility
Due to the difficult in developing / implement information system controls that support privacy, institutions often establish
structural barriers (separate systems, shadow records, paper records, etc).
![Page 26: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/26.jpg)
26
Immediacy
Prospective controls and structural barriers often impede access to information in emergent situations and significantly
reduce efficiency
![Page 27: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/27.jpg)
27
Should psychiatric information be segregated?
Example – Psychiatric Information
![Page 28: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/28.jpg)
28
Should psychiatric Information be segregated?•Information results from services provided by a PCP or in an acute care setting•Access is often important in emergent situations•Drug – to – drug interactions•Alternative diagnosis?•Drug diversion?
Example – Psychiatric Information
![Page 29: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/29.jpg)
29
Where do you draw the line?
Question
![Page 30: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/30.jpg)
30
In The End
• Institutions must be diligent in training their work force
• Enforcement is vital
![Page 31: Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,](https://reader035.fdocuments.us/reader035/viewer/2022062422/56649ed35503460f94be2ee0/html5/thumbnails/31.jpg)
31
Commercial
http://www.ge.com/company/advertising/index.html