Ethical Practice in HIT Profession: HIPAA Act
Ethics
in Health Information Technology (HIT) profession revolves around confidentiality,
privacy and security of health information. HIT involves development,
utilization and maintenance of health information systems. The American Health
Information Management Association (AHIMA) which is an association of HIT
professionals cites “privacy and security of personal health information are
cornerstones of HIM (health information management) practice and critical
elements for transition to electronic health information and information
exchange” (Sayles, 2013).
Prior
to the HIPAA privacy rule of 2003, ethics of healthcare providers were guided
by state-specific privacy acts and the non-specific federal Privacy Act of
1974. HIPAA required healthcare providers to comply to certain ethical
requirements (Harman, 2006).
The HIPAA Act was superseded by the HITEC Act of 2009. Many health systems and facilities have adapted HIT ethics since the HITEC Act that introduced the EHR meaningful use program. The act established government certification of EHR systems via the Centers for Medicare & Medicaid Services and the Office of the National Coordinator for HIT (ONC) at the federal level (Sayles, 2013). It extended and updated certain HIPAA provisions, penalties and standards to ensure more healthcare privacy and security in the HIT profession. It also enabled enforcement of HIPAA to include organizations that partner with healthcare providers and others that dealt with personal health information.
The HIPAA Act was superseded by the HITEC Act of 2009. Many health systems and facilities have adapted HIT ethics since the HITEC Act that introduced the EHR meaningful use program. The act established government certification of EHR systems via the Centers for Medicare & Medicaid Services and the Office of the National Coordinator for HIT (ONC) at the federal level (Sayles, 2013). It extended and updated certain HIPAA provisions, penalties and standards to ensure more healthcare privacy and security in the HIT profession. It also enabled enforcement of HIPAA to include organizations that partner with healthcare providers and others that dealt with personal health information.
This
is supplemented by Congress’ Medicare Access and CHIP (Children's Health
Insurance Plan) Reauthorization Act of 2015 (MACRA), a value-based
reimbursement system. By making payments to physicians and healthcare institutions,
the health industry has been incentivized to implement HIT ethical values.
Certain
challenges still exist in adaption of HIT ethics. This includes data breaches
in an increasingly technologically savvy world, where hackers are always a step
ahead; necessitating constant update of HIT systems and regulations. Other
challenges include misinterpretation of legal provisions, continued interplay
between federal and state laws and ineffective enforcement (Rinehart-Thompson,
2009).
References
Harman,
L., (2006). Ethical challenges in the management of health information, 2nd Edition.
Boston: Jones & Bartlett Publishers.
Rinehart-Thompson,
L. A., Hjort, B. M. and Cassidy, B. S., (2009). Redefining the Health
Information Management Privacy and Security Role.in Online Research Journal Perspectives in Health Information Management.
http://www.ncbi.nlm.nih.gov/pmc/articles/PMC2781727/.
Accessed on August 8, 2016.
Sayles,
N. B. (ed.), (2013). Health Information
Management Technology: An Applied Approach, 4th Edition. Chicago: AHIMA
Comments
Post a Comment