NUR 514 Topic 7 DQ 2 Review HIPAA, protected health information (PHI), and requirements for privacy and confidentiality in EHRs. Discuss one ethical and one legal issue related to the use of EHRs that directly impact advanced registered nursing practice. Discuss possible consequences for compromising patient data and measures you can implement in your own practice to protect patient privacy and confidentiality. Re: Topic 7 DQ 2

NUR 514 Topic 7 DQ 2 Review HIPAA, protected health information (PHI), and requirements for privacy and confidentiality in EHRs. Discuss one ethical and one legal issue related to the use of EHRs that directly impact advanced registered nursing practice. Discuss possible consequences for compromising patient data and measures you can implement in your own practice to protect patient privacy and confidentiality. Re: Topic 7 DQ 2

Health Insurance Portability and Accountability Act (HIPAA) and protected health information are applicable to electronic health records (EHR). The patient has a right to privacy in regard to all their health care information (U.S. Department of Health & Human Services Office for Civil Rights, n.d.). This information must only be shared with authorized personnel who provide direct care to the patient. EHRs use data encryption and security measures to protect this data. The user has a password to access the system.

If patient portals are in use, the patient can access using PINs or passwords. All information contained in an EHR is to be used for the purposes of patient care or data aggregation to improve patient outcomes (U.S. Department of Health & Human Services Office for Civil Rights, n.d.). It is the legal obligation of a facility or provider to notify patients of any data breaches and the Secretary of Health and Human Services.

EHR documentation can be time-consuming for an advanced practice nurse. This may have an effect on the nursing-patient relationship. In order for cooperation and collaboration to result in positive health outcomes for the patient, the patient must be able to establish a rapport with the nurse (McBride et al., 2018). When a clinical decision support system is needed in a specific patient population, the advanced practice nurse creates a legal situation in which the patient suffers harm.

An example is a patient with a history of heart failure who arrives at the emergency room with a diagnosis of possible sepsis based on a CDSS symptom recognition pattern. The patient had a CHF exacerbation based on the history and further evaluation (McBride et al., 2018). The EHR will continue to detect sepsis and prioritize sepsis management orders. If these order sets were followed, the patient’s health would suffer. Nurse educators must understand and teach these concepts to their students.

HIPAA violations result in fines, prison time, or both. I would protect patients’ privacy by not discussing PHI in public places. This entails creating a private area where patients and families can speak without being overheard. When I am not present, the EHR must be locked. To obtain information in person or over the phone, family members must provide the PIN or code required. Unless there is a legal document granting an individual power of attorney for health care, the patient must clearly state who he or she wants his or her information shared with.

References

McBride, S., Tietze, M., Robichaux, C., Stokes, L., & Weber, E. (2018). Identifying and addressing ethical issues with use of electronic health records. Online Journal of Issue in Nursing, 23(1). https://ojin.nursingworld.org/MainMenuCategories/ANAMarketplace/ANAPeriodicals/OJIN/TableofContents/Vol-23-2018/No1-Jan-2018/Identifying-and-Addressing-Ethical-Issues-EHR.html#McBride7

U.S. Department of Health & Human Services Office for Civil Rights. (n.d.). Privacy, security, and electronic health records. https://www.hhs.gov/sites/default/files/ocr/privacy/hipaa/understanding/consumers/privacy-security-electronic-records.pdf.