Security of Health Care Records

Security of Health Care Records

The incidences of breach of security have increased since the Health Care started to use technology for accessing and storing information about the patient. The Canadian Medical Association Journal (CMAJ) reports that there was a massive 97% escalation in the number of health records breached from 2010 to 2011. The number of patient records accessed in each breach has also considerable increased between 2010 and 2011. Despite the regulations of the US government on breach of healthcare records, most organizations continue to report incidents of breach associated with loss, compromise or theft of portable electronic gadgets (Hoffman, 2011).

Nurses provide patient with care according to the physician’s instructions. However, the perception is that they are harmless to patients and nurses should pursue a code of ethics as set in the American Nurses Association. The nurse takes the leading role in the mandate of protecting the patient’s right for privacy by honoring the confidentiality of information concerning with the patient. In addition, the nurses are taking care of patients’ health and prevent it from illegal, incompetent, and unethical practices. Technology has made it easy to protect patient privacy of the state of their health. It offers a database that has controlled access, accounted checks, perimeter identification and ratified access. This reduces the chances of breach of health records (McGonigle, et al, 2012).

My experience from the organization I am familiar with, the Federation of American Hospitals, indicates that information about health which is stored electronically is under the protection including different measures. One of the measures is control of the access. This is through allotment of unique names and/or number for detecting and following user identity. The organization only permits authorized persons to access electronic information during an emergency.

It also makes use of an automatic log-off to protect electronic information. The automatic log-off terminates an electronic session after encoded time of inactivity. The organization uses an Audit log that enables a user to create an audit log for a given time. It also enables user to categorize entries in the audit log similar to any of the elements itemized. The organization verifies and detects alterations of audit logs (Rothstein, 2010).

It also uses authentication whereby people or entities seeking the right to use electronic information are the only ones who have authorized to access such information. The organization records the date, time of admission, patient identity, and user identity when electronic information gets formed, changed, used, or obliterated. This provides indications of actions that happen and the subject that undertakes them (Goodman, 2010).

The nurse’s responsibility is to ensure protection of data through ensuring their ability to access the information, based on a reasonable and legitimate necessity and right to know. The nurse should maintain professional ethics of maintaining privacy. The Code of Ethics for registered nurses stipulates that nurses have a responsibility to uphold protection of data, and this should be espoused. As a nurse, I can ensure that there are standard transactions as one strategy to promote a culture of information privacy about patient’s health. I can ensure enactment of a policy requiring nurses to use the same format for a bill, payment remittance, or any other form. In addition, I can encourage nurses to involve in privacy compliance preparations. This will guide them to ensure private access to patient information and that there is the code of health data. I can also ensure that the nursing code of ethics gets upheld to protect information of a patient health (Dimitropoulos, 2011).

The ethical issues are likely to arise with the increased access to newer, smaller, and more powerful technology tools, when there is the loss of patients’ privacy, and loss of confidentiality of information concerning health. It will outlaw the rights of patients. There will be new concerns for healthcare practitioners for protecting patients’ rights of privacy, confidentiality and autonomy. The role of health records protection will broaden from the hands of health professionals to encompass the society as a whole (Bertin, 2012).

The strategies that can be implemented to ensure that the use of HIT contributes to an overall culture of safety in the Federation of American Hospitals are the following: first, it should be done through promotion of ethics, and morals in protection of information. The organization should be sensitized to ensure that it upholds to morality in protection of patients’ privacy, confidentiality and autonomy. The use of principles as a basis of ethical decision making should be adopted. Another strategy is the use of non-malfeasance principle. This is a strategy of not inflicting intentional harm through exposure of health records. It can contribute to the overall culture of safety in the Federation of American Hospitals. There is the need to enhance virtue ethics and care ethics as tools to cultivate the culture of safety in the organization (McGonigle, 2012).

Leaking of patient information through the Internet because of cyberspace challenges is one of the areas where improvement should be introduced in order to protect information. The strategy that could address the situation in this area could entail the use of encryption techniques when sending health records over the Internet. This strategy will ensure that information sent through the Internet gets encoded so that spies or hackers cannot access it. It only allows authorized parties to access information about patients’ health in the Internet. A joint which is integrated in computer system stores, catalogues and backs up the data. The hardware exists in a remote place, reinforced by multiple power grids that ensure protection of information (Brown, 2009).

In conclusion, security of healthcare records should rank as a major priority for healthcare organizations following the increase of the security breach incidences. Organizations should adopt new strategies that can preserve health information from leaking to unauthorized persons. A secure and effective nformation system is a fundamental indicator for realizing improvement in the quality of health care. Therefore, organizations should deploy information technology that is both secure and effective.


Bertin, L. R. (2012). Information Copyright and Fair Use and Network Security. In K. M. Dee McGonigle, Nursing Informatics And The Foundation Of Knowledge. London: Jones & Bartlett Publishers. 250-262

Brown, B. (2009). Improving the privacy and security of individual health records. Journal of Health Care System Compliance, 11(2): 39–40, 68.

Dee McGonigle, K. M. (2012). Ethical Applications of Informatics. In K. M. Dee McGonigle, Nursing Informatics And The Foundation Of Knowledge. . London: Jones & Bartlett. 70-138.

Dimitropoulos, L., Patel, W., Scheffler, S.&Pollack, S. (2011). Public views towards exchange of health information: Perceived advantages and considerations.American Journal of Managed Care, 17:111–116.

Goodman, V. (2010). Ethics, Systems information technology, and public health: New setbacks in the clinician-patient relationship. Journal of Law, Medicine & Ethics, 38(1), 58–63.

Hoffman, S., and Podgurski, A. (2011). Making good use and certification of health information technology: Safety Issues. Journal of Law, Medicine & Ethics, 39(3), 425–436.

McGonigle, D., & Mastrian, K. G. (2012). Nursing informatics and the foundation of knowledge .(Laureate Education, Inc., custom ed.). Burlington, MA: Jones and Bartlett Learning.

Rothstein, N (2010). The Hippocratic bargaining aspect and health information technology. Journal of Law, Medicine and Ethics, 38(1), 7–13.

buy custom essay