Healthcare Training Institute - Quality Education since 1979
CE for Psychologist, Social Worker, Counselor, & MFT!!
In the last section, we discussed three concepts that focus on the HIPAA guidelines related to minors. These three concepts related to HIPAA guidelines on minors include: autonomy; State Law vs. HIPAA; and exemptions.
In this section, we will examine three risks in which ethical boundaries could be broken due to the sharing of HIPAA approved information on the internet. These risks for boundary breaking due to the sharing of HIPAA approved information on the internet include: nationwide database; hackers; and errors in correspondence.
3 Risks of Sharing Information on the Internet
♦ Risk #1 Worldwide Database
Erica, age 38, was a diagnosed as being schizophrenic who learned about the database from an article on the internet. Erica developed extremely paranoid delusions in which the government was watching her every move. Obviously, the knowledge of the new database worsened her condition, and eventually, she refused to attend sessions because she believed that I worked for the people who were after her.
♦ Risk #2 Hackers
For example, the confidential records of thousands of patients were stolen from the University of Washington Medical Center in 2001, and in Philadelphia, at the Drexel University College of Medicine's database 5,000 neurosurgery patients records were accessed last year. Even Microsoft and the Pentagon, with state of the art computer security systems, were recently victims of hackers.
In general, the better the security system, the more adept hackers become at breaking codes. As long as there is information to steal, computer-savvy hackers will try to get at it as long as it benefits them financially. Although there are measures clinicians and others can take to prevent a system breach (firewalls, access-control servers, encryption etc), there is no foolproof system to guarantee that the nationwide database will not be breached.
In addition to hackers, the databases may not be safe even from the people with legitimate access to them. In the medical world, for instance, a public health worker gave two newspapers a computer disk with 4,000 names of HIV-positive individuals. A banker called due the mortgages on cancer patients after cross-referencing information he obtained as a county health board member.
♦ Risk #3 Errors in Correspondence
Under the new privacy rule, the public has no recourse to sue for the inadvertent sharing of private documentation. HIPAA threatens penalties for noncompliance with security regulations, but if hackers or others obtain private information and an individual is harmed, the option to sue has been removed. Instead, the client can only complain to the Department of Health and Human Services, who can hardly take legal action themselves when no clear definitions exist. Not only that, but also the large number of instances of negligent behavior resulting in illegal documentation disclosure makes it near impossible for an individual to gain any attention or retribution.
In this section, we discussed three risks in which ethical boundaries could be broken due to the sharing of HIPAA approved information on the internet. These risks for boundary breaking due to the sharing of HIPAA approved information on the internet include: nationwide database; hackers; and errors in correspondence.
In the next section, we will examine three changes in ethical boundaries in regards to the disclosure of raw test-data. These three test-data boundary changes include: shift in standards; effects of HIPAA; and protecting test security.