Now you must write an open letter addressing the community and explain how the
department is going to protect the information. In your letter, address the following
questions.
1.Explain why the health department collects this information conveying the idea of
how it serves the greater good.
2.Discuss the public’s interest in privacy and why this is important in our society.
3.Discuss why the department needs to infringe on the community’s privacy.
4.Explain how the department might ensure greater security.
5.Be sure to identify at least one applicable regulation, statute, or source that
supports the ability of the department to collect this information.
Medical Records, Patient Consent, and Information Management
The health department maintains community records that track diabetes rates and
incidence of HIV and their management practices in the community. The collection of data is a
systematic approach that ensures the department spends its resources appropriately to improve
the health of the population in the most effective approach. The data collected is used for
epidemiological, qualitative and comparative analysis to describe the health problems of a
community. The data is used to identify the inequalities of the health services and to determine
the priorities for effective use of resources. The health benefits are those that benefit the wider
environmental and social changes. Successful health needs assessment require practical
approach to understand what is involved and the resources necessary to complete the
assessments, and to ensure sufficient integration of the study findings that will help in planning
and commissioning of the local services (Nass, Levit, & Gostin, 2009).
Medical Records, Patient Consent, and Information Management
2
This is important because it does not only help the department to monitor but also to
improve the healthcare services and well being of the community. The information gathered is
important in assessing the health needs of a community. This is because the health needs of a
patient collected in their respective clinics may reveal the community health needs. Therefore,
this information is important in assessing the wider needs of a community in planning and
providing the local health services. If the needs are ignored, the community health needs will not
be addressed thereby putting more and more people in danger. Using the information collected,
the department is able to assess the residents cost of care, safety, accessibility as well as the
quality of health; and or use the information to partner with other institution for regional health
planning (Meyers et al., 2008).
The privacy Act of 1974 states that all persons information obtained from individuals
and have personal identifiers such as social security number, name or any other identifier should
not be disclosed without prior written consent from the individual. The issue of Health Insurance
portability and Accountability Act (HIPAA) comes into place when the health information is
collected and discussed. The issue of confidentiality refers to the professional obligation to hold
the health information collected as confidential. This obligation is supported by the professional
association codes of ethics found in the first principle of the American Health Information
Management Association Code of Ethics (AHIMA) “advocate, uphold and protect individual’s
right to privacy and confidentiality when disclosing healthcare information (Nass, Levit, &
Gostin, 2009).”
The public’s interest on the issue of privacy in this department arises from the breach of
privacy due to the stolen laptops. The concern is caused due to worries that the information in
Medical Records, Patient Consent, and Information Management
3
those two stolen laptops may negatively affect the resident’s dignity, and is likely to cause harm.
The public is scared that the breached information may contain personally identifiable health
information, which can lead to embarrassment or discrimination. In addition, the medical
information collected in this department include the most intimate details regarding patient’s
behavior, and may also include information about their social behaviors or personal relationship
or economic status. This brings forth the major concern for the medical data privacy. Thus, the
society needs some sort of assurance that the information that got lost with the stolen laptops is
protected and will not be disclosed to the public (Meyers et al., 2008).
All institutions that are involved in collection of resident’s healthcare information, they
must establish strong measures that ensure that people’s personal data is not disclosed by taking
strong strategies that safe guard the health data. All the organizations should take additional
measures to strengthen the data protection. In this context, the department understand the value
of individual rights, personal choice and is doing all it can to protect intrusion of the private
sphere. The department understands the importance of maintaining the medical information
confidential. For this reason, this organization have appointed security officers who have the
responsibility of assessing effective strategies of data protection, and implementing staff
training that will help implement the solutions. The departments also make greater use of
encryption in order to further protect the resident health data (Krames StayWell Blog, 2009).
Effective data protection needs effective security measures. The HIPAA security rule sets
floor for data security standards. However, the HIPAA security and privacy rule have not
improved the public confidence that their personal information will be kept confidential. With
the recent spate of the stolen laptops that contain patient health information, encryption has been
Medical Records, Patient Consent, and Information Management
4
done on other laptops and other removable media that contains such data (Meyers et al., 2008).
Enhanced security measures will reduce risks associated with data theft and will reinforce the
public’s trust and diminish the anxiety about potential risk of unintentional disclosure of the
information. In addition, the department is considering applying new strategies such as
pseudonymization strategy. This is a strategy used to replace the identities of the people’s
information in the organizations database. The use of pseudo IDs ensures that the medical
information cannot be linked directly to a person (Nass, Levit, & Gostin, 2009).
Medical Records, Patient Consent, and Information Management
5
References
Krames StayWell Blog (2009). Improving the Informed Consent Process.
Meyers, J., Frieden, T. R., Bherwani, K.M., and Henning, K.J . (2008). Ethics in Public Health
Research: Privacy and Public Health at Risk: Public Health Confidentiality in the Digital
Age.. Am J Public Health. 98(5): 793–801.
Research and the Privacy of Health Information: The HIPAA Privacy Rule: Beyond the
HIPAA Privacy Rule: Enhancing Privacy, Improving Health Through Research.
Washington (DC): National Academies Press (US); 2009. 4, HIPAA, the Privacy Rule,
and Its Application to Health Research.