In the United States to protect health information is implemented the Health Insurance Portability and Accountability Act (HIPAA). According to HIPAA, any information that is somehow related to the physical or mental condition of an individual is considered protected health information or PHI (Drolet, 2017). PHI includes patients’ names, surnames, license numbers, email addresses, photos, address, location, data on payment operations, and any other information that can help somehow identify the patient. This information may not be shared on social media, websites, or with anybody except the individuals’ caretakers under any conditions. According to Oyeleye (2021), the only exception is when the healthcare provider requires social media help to identify the unidentified patient. Therefore, healthcare providers are obliged to keep their patients’ data private and disclose it only to those who have a legal right to it.
Privacy, Security, and Confidentiality
A number of countries showed interest in developing electronic health records systems and ensuring the security of this data. Although privacy and security have the same definition, there are some differences between them. Privacy can be defined as the right determined by an individual of sharing his information and personal data (Keshta, 2019). It means that the patient can be provided with their healthcare providers’ documentation upon their wish. Security is the level at which sharing of the private info is restricted and allowed only for authorized people. The HIPAA security rule involves the privacy rule and assumes that entities utilize physical, administrative, and technical safeguards to avoid privacy breaches (Moore, 2019, p.270). At the same time under confidentiality means the restriction of healthcare data to those who are not authorized to access it. For example, if the patient does not want to share any personal information with his family members, it is their full right to keep it private, and this decision must be supported by the nurse.
However, electronic health records are used in the medicinal practice there is always a risk of breaches leading to the disclosure of private data. The protection of medical information should be the priority of medicinal facilities. Therefore, it is important to ensure security, privacy, and confidentiality of the patients’ information which requires following some advice. There are some common ways of protecting data such as changing your password at regular intervals, choosing compound passwords, not sharing login details, logging out in case of leaving the computer. EHR information can be protected as well by not sending any pictures or other materials related to the patient via messengers, websites, social networks, avoid talking about patients in public.
Evidence Relating to Social Media Usage and PHI
Regardless of the HIPAA rules the breaches in patients’ data still take place. According to Yarghi’s (2018) research, an average of 2.17 breaches occur per 1,000 professionally active healthcare providers in the USA. The most common types of shared information are patients’ names, diagnoses, and sometimes even photos. Some breaches are connected with hacking or IT incidents, therefore, it is important to wisely use the EHR and choose passwords that are not easy to compute. On average, a hacking breach incident that happens among different entities simultaneously can affect more than 80,000 individuals (Yarghi, 2018). For example, there is a known breach where a nurse accessed medical data related to her neighbor and changed some data she took for inappropriate or irrelevant. Along with it she distracted the patient from the surgery preparation and tried to figure out information about her upcoming procedure. As a result, the actions of the nurse were reported to HR and she was fired immediately. Nurses need to be interested in protecting their patients’ data and enjoy the job without breaking the rules.
References
Drolet, B. C., Marwaha, J. S., Hyatt, B., Blazar, P. E., & Lifchez, S. D. (2017). Electronic communication of protected health information: privacy, security, and HIPAA compliance. The Journal of Hand Surgery, 42(6), 411-416. Web.
Keshta, I. & Odeh, A. (2019). Security and privacy of electronic health records: concerns and challenges. Egyptian Informatics Journal, 22(2), 177-183. Web.
Moore, W., & Frye, S. (2019). Review of HIPAA, part 1: protected health information, and privacy and security rules. Journal of Nuclear Medicine Technology, 47(4), 269-272. Web.
Oyeleye, O. A. (2021). The HIPAA privacy rule, COVID-19, and nurses’ privacy rights. Nursing2021, 51(2), 11-14.
Yarghi, N., & Gopal, R. D. (2018). The role of HIPAA omnibus rules in reducing the frequency of medical data breaches: insights from an empirical study. The Milbank Quarterly, 96(1), 144-166. Web.