Home Uncategorized Week 6 Journal Chapter 12

Uncategorized

Week 6 Journal Chapter 12

Using the attached form, complete this weeks reflections related to your readings, assignments, and implications for current or future practice.

Health IT and EHRs: Principles and Practice, Sixth Edition

Chapter 12: Health IT Privacy and Security

HIPAA Privacy and Security Rules

Privacy – right of an individual to be left alone.

Security – supports:

Confidentiality – the treatment of information that an individual has disclosed in a relationship of trust with the expectation that it will not be divulged to others in ways that are inconsistent with the understanding of the original disclosure (such asNotice of Privacy Practices) unless the individual grants permission

Data integrity – improper alteration or destruction of data

Data availability – assurance that data will be able to be accessed when needed in accordance with Privacy provisions

© 2017 American Health Information Management Association
Key Privacy & Security Terms
PHI
Covered entity
Business Associate
TPO
Disclosure
Use
Authorization
Consent

© 2017 American Health Information Management Association
HIPAA Enforcement Rule
Office for Civil Rights (OCR) responsible for enforcement of HIPAA
Penalties for violation of the Privacy, Security, or Breach Notification rules may include:
Corrective action plan (CAP)
Settlement agreement
Civil penalties may include civil monetary penalties (CMP)
Criminal penalties may result in imprisonment
Other lawsuit may also be filed for actions associated with privacy, security, and breach notification

© 2017 American Health Information Management Association
Technical & Other Solutions for Privacy Rule Management
Patient identification and matching
Master person index
Health record integration
Deidentification
Data sharing agreements
Genomic data sharing and GINA
Privacy and trust principles for precision medicine

Emergency uses of PHI
Criminal background checks
Right of access
Clarification of mental/ behavioral health record sharing
Data segmentation for privacy

HIPAA Security Rule

Authentication Types by Strength
Wet signature
Digitized signature
Image of a wet signature
Electronic signature
Password, biometric, or token
Digital signature
Process of encryption and non-repudiation to represent a signature
Public key infrastructure (PKI) is a set of policies, procedures, standards, and practices that enable a digital signature – but is not the only form of digital signature.
Requirements for digital signature, digital certificate, encryption
EPCS
CORE Phase IV operating rules
EHR MU incentive program

© 2017 American Health Information Management Association
Access Controls and Minimum Necessary and Audit Logs
Audit logs should provide the metadata for who did what to which information at what date and time and from what location

© 2017 American Health Information Management Association
Encryption
Encryption uses an algorithm to scramble the content of a file (for data at rest) or transmission (for data en route) so that only an equivalent algorithm can be used to decrypt the message
Nonrepudiation is substantial evidence of the identity of the signer of a message and of message integrity sufficient to prevent a party from successfully denying the origin, submission, or delivery of the message and integrity of its contents
HHS guidance specifies that if a file or transmission has been encrypted but has been lost or hacked, the loss or hack is not a notifiable breach

© 2017 American Health Information Management Association
Identity Theft Controls
Fastest growing crime in the US
Misuse of credit cards = ½ of all identity theft
Payment Card Industry Data Security Standard
Medical identity theft
Inappropriate or unauthorized misrepresentation of personal information to obtain access to property (e.g. drugs) or services (e.g., health plan coverage)
Red Flags Rule
Use of patterns, practices, and specific activities, known as red flags, which could indicate identity theft
Some healthcare organizations must comply, others do so voluntarily as a best practice

© 2017 American Health Information Management Association
Administrative Factors to Reduce Risk
Risk analysis is the primary process that should be documented. Risk analysis follows the SDLC

© 2017 American Health Information Management Association
Physical and Technical Controls
Facility security controls
Storage management program
Virtualization
Reliability
Full redundancy
Fail over
Technical monitoring tools

© 2017 American Health Information Management Association
Addressing Emerging Threats
Unified threat management program
Management support
Threat intelligence
Policies and procedures
Everyone’s responsibility
Controls
Training
Auditing and monitoring

Reflective Journal Rubric

20 pts

Discussion Criteria

Exemplary

10 Points

Developing

7 Points

Needs Improvement

4 Points

Faculty Comments

Application of Course Knowledge

Journal contributes reflections and unique perspectives or insights gleaned from weekly objectives or examples from the healthcare field.

Journal entry has limited application of course knowledge and demonstration of perspectives.

Journal does not reflect application of course knowledge and personal insights or examples from healthcare.

Grammar, Syntax, APA Format

APA format, grammar, spelling, and/or punctuation are accurate, or with zero to three errors.

Four to six errors in APA format, grammar, spelling, and syntax noted.

Journal entry contains greater than six errors in APA format, grammar, spelling, and/or punctuation or repeatedly makes the same errors after faculty feedback.

Reflective Journal

Name:

Date:

1. Summarize and reflect on this week’s, readings and learning activities.

2. How will these concepts impact your own professional practice now or in the future?

Turn in your highest-quality paper
Get a qualified writer to help you with

“ Week 6 Journal Chapter 12 ”

Get high-quality paper

NEW! AI matching with writer

Hire a Writer

Client Reviews

4.9

Sitejabber

4.6

Trustpilot

4.8

Our Guarantees

100% Confidentiality

Information about customers is confidential and never disclosed to third parties.

Original Writing

We complete all papers from scratch. You can get a plagiarism report.

Timely Delivery

No missed deadlines – 97% of assignments are completed in time.

Money Back

If you're confident that a writer didn't follow your order details, ask for a refund.

New to Your Trusted Assignment Help Service? Sign up & Save

Calculate the price of your order

Type of paper needed:

Pages:

You will get a personal manager and a discount.

Academic level:

We'll send you the first draft for approval by at

Total price:

$0.00

Power up Your Academic Success with the
Team of Professionals. We’ve Got Your Back.

Power up Your Study Success with Experts We’ve Got Your Back.

Order Now Order Now