PRIVACY IN THE ELECTRONIC AGE

Table of Contents 1.0 Introduction 3 2.0 Health Care Information Technology 3 3.1 Disadvantages of IT in Health Care 3 4.0 Role of Risk Manager in Modern Health Care 3 5.0 Changes in Modern Risk Management of Healthcare 3 6.0 Future of Managing Risk in Healthcare 3 7.0 Conclusion 3 8.0 Bibliography 3 1.0 Introduction In the modern days there have been increased cases of identity theft as well as other deceitful acts by individuals who have seasoned their skills in using falsified information to deceive others; as a corollary, the public has become overly sensitive about revealing their personal information and details. Unless it is impossible or unavoidable to do so, many prefer to remain cautious and keep their details to themselves. This, however, is not very easy to do when one has to access health care. When the patients visit a medical institution their medical history, lifestyle, occupation and familial lives are some of the key factors that the health practitioners might have to refer to in giving an accurate prognosis of their health problems and the most suitable treatment and management techniques. Keeping such information to oneself and refuse to give it to the health practitioners may have adverse ramifications on one’s health. With the cost of medical care in the United States of America bordering on an approximated two trillion U.S. dollars annually, it is necessary to make sure that the funds are utilized as effectively as possible. One of the strategies proposed by experts to increase effectiveness in the utilization of funds as well as the services provided by the medical institutions is to incorporate the use of information technology in the health care processes. In the year 2004 a presidential order was issued by the then president of the U.S.-George W. Bush- that directed all health institutions to transform their institutional procedures and adopt information technology in the formulation of electronic health records (EHRs); this was to be done under the guidance of U.S. Department of Health and Human Services. Some of the most notable advantages of the electronic health records are the fact that they are very effective in enhancing coordination and organisation of information; more over they lessen the rates of medical errors and duplication of information about the Patients medical history and tests conducted. In addition to this, the electronic health records allow the medical care practitioners and other concerned stakeholders to easily access data stored by the health institutes from remote locations as well as ensuring better disease management (Rothstein, 2007) As a consequence of the increased need for patient privacy in the modern hospitals, the management of health care risk has gained extra significance. This is especially so in light of the malpractice crisis of that occurred in America in the 1970s. After this crisis, it was the assumption of many people that there would be increased efforts by the involved parties to reduce or completely eradicate the risks in health institutes. The administration and management of health institutes found out that the commercial institutes could be engaged in making sure that the risk involved for the shareholders of the medical sector was reduced through insurance cover, among other policies. Nevertheless, there continues to be increased risks posed by the contemporary health facilities of America and the role of a risk manager to take care of the risk issues is gaining increased importance (Kuhn and Youngberg, 2002). According to Kendall (n.d) privacy is a very significant concept in health care; in this light, the patients who visit any medical institution have a right to be assured that their personal information will be safeguarded and kept confidential. 2.0 Health Care Information Technology Information Technology, commonly abbreviated as IT, refers to the application of electronic or digitalized signals in the performance of a task. Health care IT therefore enables medical practitioners to manage information about the medical institution and its patients by collecting, preserving, transmitting and/or recovering it electronically. The utilization of information technology in medical institutes allows the institute to advance from the classical forms of storing information in paper form documentation to electronic health records; the electronic health records are also referred to as automated, electronic or computer-based health records. Despite the thousands of information technologies that are in the modern market the IT systems that are applied in health institutions are classified into three broad groups. According to the Joint Commission on Accreditation of Healthcare Organisation (2001) the first IT classification is the clinical systems; this is utilized in the provision of information about the medical care of a health institution’s patients. The managerial and fiscal IT structures are applied in the performance of the health institute’s administrative procedures such as accounting and invoicing and other costing processes. The other information technology system that is also very significance in the digitalization of a medical organisation is the infrastructure system that bears both the clinical and administrative systems. 3.0 Advantages of Information Technology in Health Care According to the Medpac Congressional Report (2004) the excellence, security and efficiency of medical care has the propensity to be greatly enhanced by the utilization of informational technology. This is because IT allows the different shareholders in the health institutes to promptly and effortless access required health data. Health information technology, as illustrated in the diagram below, is also very highly valued for its capacity to increase the levels of transparency. Figure 1 (Medpac Congressional Report, 2004) 3.1 Disadvantages of IT in Health Care In as much as the electronic health records have their benefits, they can also pose a danger to the maintenance of privacy in regards to patients’ information. Information technology allows the digitalization of patient records and information; this allows for a patient’s data to be reproduced as many times as necessary and passed on from one person or network system to the other without the expenses or tediousness involved in paper documentations. Despite the fact that this is beneficial because the various medical practitioners and patients can easily access the information stored in the medical records, there occurs a proportional rise in the number of unwarranted individuals who may, in one way or the other, gain entry to a patient’s confidential data. The Medpac Congressional Report (2004) asserts that in as much as the incorporation of information technology into health care enhances efficacy, the investment into such endeavours require huge amounts of resources and trained knowledgeable human resource to execute the laid down strategies. The implementation of information technology to health institutes, especially the large one, is also a very intricate process which requires a lot of ventures in terms of time and transformation of the health institute’s organisational culture. As with many other types of changes in organisations, there exists a probability of the health care human resource or patients resisting the changes and acting as impediments to the installation of information technology. 4.0 Role of Risk Manager in Modern Health Care Kuhn and Youngberg (2002) assert that the risk manager has a variety of duties to perform in a health institution. The first responsibility that is bestowed upon the manager is to provide the other members of the health institute with superior leadership which appreciates and encompasses the values of risk diminution and the security of patients as well as their privacy. The remaining active in the leadership structure by a risk manager ensures that the health institute is guided and therefore sufficiently equipped with the information and data that it requires to effective decisions; such decisions should be aimed at lessening the frequency and occurrence of errors in the health care processes as well as improving the quality of care presented to the patients. Risk managers have to investigate the different research materials that relate to issues in prevalent in their health institutions, especially about the safety and privacy of their patients. This can also be done through the moving around the health institute during working hours or through the conduction of audits. The data collected is very significant and the risk manager, in collaboration with the rest of their staff, has to decide on what the best way to deal with the collected information for the benefit of the health institute and its patients is. In addition to this, the risk manager is also vested with the task of coming up with a feasible strategic policy for the implementation of a financial appraisal in which self refund and buying of insurance covers is lower than the cost of risk. According to Kendall (n.d) the American health care system has to bear an estimated forty billion U.S. dollars expenditure resulting from health care inaccuracies; approximately half of this massive amount is blamed on mistakes that could easily have been avoided. The risk manager must therefore take very seriously their duty of formulating an effective policy that ensures patient safety and privacy. In addition to this, the Joint Commission on Accreditation of Healthcare Organisation (2001) asserts that the managers have to establish what the associations between unfavourable occurrences and the acknowledged causes in the hospital processes are; in doing this, the risk manager will be establishing an organisational culture of administering risks in the health institute based on collected and ascertained substantiation. 5.0 Changes in Modern Risk Management of Healthcare According to Switzer (2001) there have occurred several transformations between the health care risk management that took place a few tears back and that which is currently being conducted in the United States of America. A few years ago the first priority, also the most important, in many of the health institutes was to maintain a good name for the health institute as well as safeguarding the financial interests of the health organisation. In the modern day, however, the focus has shifted and more significance is now given to ensuring the security of the health institution’s patients as well as their privacy; the focus is usually to maintain at nil or very low levels the risks of causing any form of damage to a patient. This is usually achieved by the management of the health institute making sure that all the medical human resource are adequately trained and skilled to do their work and also to deal with any impediments that may hinder giving quality care to patients. Rothstein (2007) asserts that another transformation is in the myriad of techniques that are applied in the recording and documentation of medical data and information about the health facility as well as its patients. In the former days records were stored in form of paper documentation; in the contemporary days, as already discussed, despite the fact that there may still be some traces of paper work, most of the collection, preservation and conduction of information from one relevant person to the other is done through the use of electronic information technology. According to the Medpac Congressional Report (2004) there exists a discrepancy between the past and present management of risk in health care facilities when it comes to dealing with threats or adverse occurrence encountered in the process of providing patients with health care. Formerly, only the very serious errors were assessed through the one by one assessment of the involved human resource. According to Kuhn and Youngberg (2002) once an error was committed by the health practitioners in the past days, it was very unlikely that the patient or their families would be notified of it; if it was necessary that they be informed, the information given would be very unclear. In the contemporary days, any unanticipated outcomes, miscalculations or errors encountered in the delivery of health care to a patient are promptly made known to them or their immediate relatives. The steps taken to remedy the situation and prevent measures set up to ensure that a repeat of the same does not happen in future are also communicated in clear unambiguous terms. This has served to increase the levels of transparency and reliability by the health institutions. After the assessment of an adverse occurrence in the classical health institutions, it was generally assumed that the hospital administration would take the necessary precautions to manage it; it was only after the problem re-occurred that the patients and other significant people in the health facilities realized that no action had actually been taken. In the modern day, however, the security and safety of patients is taken very seriously; in case and adverse action takes place, the health facility’s management is always on the front line to come up with feasible strategies to ensure that they do not occur again. In addition to this, there occurs a series of consistent follow up actions to assess whether the implemented transformations have been successful in deterring a repetition of the same adversities (Switzer, 2001). Kuhn and Youngberg (2002) assert that in the past the patients were deliberately left uninformed about the types of risks that they were involved in addition to reports on frequency of occurrence while at the health institutes; currently the hospital administrations have taken very seriously their role in conducting institutional and medical research after which the results are communicated and made public to the affected patients through hospital magazines and other bulletins. The risks that the patients are exposed to are also discussed and the hospital’s reaction to managing the same made very clear to the patients. 6.0 Future of Managing Risk in Healthcare Kuhn and Youngberg (2002) assert that in the future of risk management in health care there are many openings and prospects for the risk managers to devote themselves towards the effective administration and management of risks in their health institutions. The managers have to make their hospitals human resource appreciate the significant role that they have to play in the lives of thousands of ailing patients who come to seek treatment. This however, according to the Joint Commission on Accreditation of Healthcare Organisation (2001), does not mean that the future is filled with easily achievable objectives; on the contrary, it will not be easy to attain the intents of cultivating an organisational culture of patient privacy and safety. Nevertheless, there will be great accomplishments for the health institutes that will be able to achieve, through the guidance of their risk managers, meaningful transformations that will enable enhancements in the medical care given to patients. 7.0 Conclusion Despite the increased number of confrontations, patient demands and intricate technology that the modern health facilities have to deal with, the modern medical practitioners have to acknowledge and appreciate the fact that their patients and their families have handed over to them the care of their lives; as a consequence, the health practitioners therefore have the responsibility to completely eliminate or maintain at a minimum any risks that their patients may be involved in. The patients should also be assured of safety and privacy. The risk managers in the hospitals have to take their duties very seriously and ensure that the patients who entrust their lives and confidential private information are protected from any form of risks. Despite the fact that this is no easy feat to achieve, the health institutions that do will maintain a good name as being reliable and efficient. Apart from the feeling of accomplishment and satisfaction this will bring to the health workers, the general health of the nation’s populace will also be heightened and the nation will advance both economically and socially. 8.0 Bibliography Joint Commission on Accreditation of Healthcare Organisation (2001): ‘Revisions To Joint Commission Standards In Support Of Patient Safety And Medical/Health Care Error Reduction’ Oakbrook terrace, il:JCAHO, 1 July Kendall, D. B. (n.d): ‘Protecting Patient Privacy in the Information Age’ Kuhn, A. M. and Youngberg, B. J. (2002): ‘Risk Management: The Need for Risk Management to Evolve To Assure A Culture of Safety’ Qual Saf Health Care;11 Medpac Congressional Report (2004): ‘Information Technology in Health Care’ Report to the Congress: New Approaches in Medicare, June Rothstein, M. A. (2007): ‘Health Privacy in the Electronic Age’ The Journal of Legal Medicine, 28:487–501 Taylor & Francis Group, LLC Switzer, D. (2001): ‘Changing times: State of the Medical Professional Liability’ Market Aon Healthcare Alliance “Health Line”, Volume VIII, No. 1