Patient Information and Confidentiality

For this module, explain the threats to patient information and confidentiality that are
present in your selected organization (Salisbury,NC VA). Be sure to link them with
regulations (e.g., HIPAA and Wi-Fi security).

Patient Information and Confidentiality 

Concerns over security and privacy of the electronic health information may be in
relation to releasing information inappropriately from an individual organization or the
systematic information flows in a healthcare industry as well as the related industries.
Information leaks from an organization when unauthorized users purposefully or unintentionally
disseminate or access information against the organizational policy. Outsiders could also break
into the computer systems. There are also cases where the professionals act against the interests
of particular patients, therefore invading the privacy (Anderson, 2002). Data or information is
normally exchanged between different professionals, and these concerns could arise in between,
either among the secondary users, payers, and providers, either without or with information
about the patient. Therefore, countermeasures and interventions are necessary. The aim of this
paper is discussing the threats to patient confidentiality and information present in Salisbury,NC
VA, with reference to regulations like Wi-Fi security and HIPAA.
Based on HIPAA, security provisions and data privacy is provided to medical
information. The regulation guarantees proper protection of health information and at the same
time, permitting easy and efficient health information flow for high quality care to be provided.
This also helps in protecting the wellbeing and health of the public. There is a particular way in
which the healthcare professionals are required to handle all the patient information they come
across. The regulation requires that covered entities should have the appropriate physical,

technical, and administrative safeguards for guarding the privacy of non-electronic and electronic
protected health information (Barrows & Clayton, 1996).
HIPAA offers protections on the insurance information. From the institution’s website,
there is a section on insurance and billing. If someone is really interested in the information, he
or she can easily hack to acquire it. The link on patient information also has a lot that can be
stolen. Therefore, there is a need to the hospital to be cautious about leaking information as this
can easily tarnish the reputation and image, therefore, leading to patient turnover.
From the website, the phone directory provides information about the service, location,
and phone for the various patient advocates. This is very risky since someone outside the
healthcare institution might call asking for information of a particular patient or staff, or even go
to the physical addresses provided (Barrows & Clayton, 1996). Unknowingly, a professional
might provide the sensitive information to an outsider, after which it can be used in inappropriate
Data protection has become very pertinent in the modern day technology world. Public
WiFi providers should be informed about their obligations as far as the Data Protection Act
(1998) is concerned, particularly in relation to the collection and processing of personal
information. Salisbury, NC VA is posing immense threats to patient confidentiality and
information. A quick scan at the institution’s website makes it evident that the personal
information belonging to patients can easily be interfered with. The information might even be
stolen and used for malicious activities. Regardless of the fact that the information might need to
be used by different healthcare professionals for promoting high quality healthcare, there should
be more controls where the external people should not be able to view the data as is the case.

When using internet at the institution, there should be controls, where the guest WiFi can
be separated from the business WiFi (Alam, Al Sabah Chowdhury, 2007). This can go a long
way in preventing compromises on the sensitive patient information. The hospital should take
charge of its information technology privacy and confidentiality, and ensure that the EPOS
systems and private networks are protected. WiFi and other forms of internet are normally used
at the institution, and considering how delicate the exchange of information and data among and
between the professionals has become, the necessary measures need to be taken.
Having noted that there is intensive internet use at the institution, there is a great need to
emphasize that in case Wi-Fi passwords are normally offered to the customers or even patients
for internet access, then the management should remain informed that this is actually a big risk to
the business. This is the reason why there should be a secure and separate system for the guests.
A good solution to this can be ensuring that the network is protected, and a secure login can be
used (Barrows & Clayton, 1996).


From the foregoing discussion, it has been that patient confidentiality and privacy have
been compromised to a great extent. This clearly relates to the storage and exchange of personal
and sensitive patient information online or through the various social media platforms. As such,
it can be very easy for the outsiders or even people within to exchange and share the information
either intentionally or unintentionally. Consequently, the information and reputation of the
institution would be compromised. However, there are regulations such as HIPAA and Wi-Fi
which offer guidance on what institutions such as Salisbury, NC VA need to do so as to protect
the information their patients offer.



Alam, A. S., Al Sabah, S.A.A., Chowdhury, A.R. (2007). Wi-Fi Security The Great Challenge.
National Conference on Communication and Information Systems. National Conference
on Communication and Information Security.
Anderson, J. G. (2002). Ethics and Information Technology : A Case-Based Approach to a
Health Care System in Transition. Springer-Verlag New York, Incorporated, Secaucus:
NJ. 63-112. Retrieved from the eBrary database.
Barrows, R. C., & Clayton, P. D. (1996). Privacy, Confidentiality, and Electronic Medical
Records. Journal of the American Medical Health Informatics Association, 3 (2), 139-

  1. Retrieved from the PubMed Central database.