Medical Errors and Losing Information of Patients - Assignment Example

Loosing Patient Information al Affiliation: Loosing Patient Information A medical error takes place when a health-care organization selects an inappropriate method of medical care or executes a suitable method of care in an improper way. Medical errors are described as individual errors in healthcare. For instance, in this case, losing medical information is itself medical error since the information lost could have been used by medics to provide healthcare to a patient ( Loukides, 2012). Healthcare is reputable institutions that is also affectedaffected by data hacking and breaches more than the military and banking sectors. Health care organizations expose patient’s data or even it gets stolen. Such information includes lab tests results, allergies, medications and other forms of clinical information stored in computers or physical files. Many hospitals use outdated and primitive technology that does not receive security updates and this may allow hackers to access employees’ login credentials. In addition, they rarely encrypt all the data kept since even the Federal Health Records Protection law and the Health Insurance Accountability act does not demand encryption by the health care firms (Park, 2014)) Patient’s data needs to be accessed at times for doctors and other medical physicians to be able to make decisions concerning the patient and how to improve patient care. Inability to access data at the right time may delay clinical decisions and ultimately affect patient care negatively. Similarly, patients have the right to ensure that their personal health information is protected and can only be shared on certain circumstances. It is thus the responsibility of the health care centers to install control measures and practices to ensure that patient data is secure from unauthorized people. They must document the use of patient information, share with patient about security and privacy issues as well as reporting any information loss. On the other hand, patients should contact the healthcare administration immediately once they suspect that their personal data has been misused ( Loukides, 2012). The healthcare doctors and management should be at the forefront of adopting and using digital medical and electronic health information that has many benefits and help eliminate risks of losing patient data. Health policy leaders should develop standards, policies and procedures, adopt newest technologies, and educate healthcare professionals and other physicians aimed at improving healthcare through data privacy, confidentiality and protection from loss (Kloss, 2012). In recent news on 23rd August 2014 by BBC, East Midlands Ambulance Service recorded a missing disk of patients’ records. The disk contains records of names and addresses of patients who received treatment from paramedics between September and November 2012. The disk contained details of 42000 ambulance patients. Copies of handwritten report forms were stored in the disk and listed anyone who used East Midlands Ambulance Services (EMAS) over the two months in 2012. EMAS chief executive officer, Sue Noyes said that the reported had been reported to the police station and to the Commissioner of Information. Although she said that the disk had been stored in the Nottingham headquarters and had been no break-in the building, it is still unsure on how the disk went missing. She said that the disk had been lost just within the premises and a search was taking place. She informed patients to contact EMAS if they had any concerns about their patient information (Kloss, 2012). Patton Fuller Community Hospital is a networking virtual organization famous for specialized medical care, physical therapy, surgery, radiology, pharmacy, labor delivery among other administrative activities. This community hospital was established in 1975 whose focus was to provide quality medical services to all patients both children and adults. It was one of the first hospitals established in Kesley. It has been devoted to offer diverse and substantial programs and services aimed at helping patients maintain their health. Apart from the vibrant health departments, the hospital also consists of well-organized departments like human resource, reception, accounting, among other executive offices, which are very vital and enhance hospital success. The administrative departments has been able to send encrypted data reliably and gain access to databases and records and requires information access and stable communication so as to protect patients information from loss. They have a network architecture that facilitates communication among all departments. However, the network architecture may not be that efficient and some areas need to be addressed. For example, wireless technology need to be integrated further into the network to enhance communication and prevent loss of patient information (Park, 2014)). Patton Fuller Community Hospital can keep its medical information more secure and confidential in several ways. It should ensure that there is physical, administrative and technical safeguarding of patient information to protect data confidentiality, security and reliability of any recorded patient information, while all at once allowing appropriate and authorized access of the stored information to health care providers for the care, treatment and management of patients. Ways of physical safeguarding of information include isolation of devices, allowing express physical access of the devices only to authorized staff members; back up of data and maintaining copies, disaster contingency protocols, and ensure proper disposal of outdated devices. Technical safeguarding of patient information includes the installation and use of firewalls and protected modes of transmission for communication purposes. Such transmission modes include the use of encryption techniques, use of secure sockets layer (SSL) and virtual private networks (VPN) (Park, 2014)). Administrative safeguarding include; setting up of policies such as ensuring that departmental security policies are well documented. It also ensures that staff are well trained among other factors such as to maintenance and audit tracks for all system logs. It puts force policies aimed at storing and retaining electronic data and back up for all systems, adhering to definite and specific methods of reporting incidents and resolution of any rising security issues, as well as clearly documenting responsibility, accountability, sanctions and taking of disciplinary actions for staff members who violate the policies and procedures of the system (Kloss, 2012). Electronic Medical Records (EMR) must integrate the use of the following components within their policies and procedures of system security: authorization, accountability, authentication, accessibility, confidentiality, data reliability, integrity, and no disclaimer. The methods recommended for use by Patton Fuller Community Hospital and other healthcare include databases with single sign-on or several lists giving rights and privileges of users to access the resources. Users also enjoy automatic logging off accounts after use or even after a specific period of inactivity to avoid invalid access by other unauthorized users, and finally use of physical access controls (Park, 2014)). Authentication refers to the process of verifying and validating the identity of a specific user to a computer system and can be done using usernames and login passwords, smart cards, digital certificates, among other biometrics. The role of authentication is only to verify the identity of a computer user. Access rights to the system can only be defined by authorization component. Electronic medical records must be constantly made available to users. The system administrators must ensure that they guard and defend against several threats by providing fault acceptance for their systems such as use of duplicated hardware components, information archives, networking and power system; and provide physical safety to servers as well as incorporating the detection of preventative virus and intrusion risks (Park, 2014)). To preserve confidentiality and privacy, unauthorized third parties must never be allowed to access the systems and must always be prevented from accessing and seeing any medical data. This can be achieved through preventing physical access to data stored using technologies such as switched networks, encryption of the data such that even if illegitimate users physically obtain the data, it cannot be read. It is necessary to maintain data integrity when sending information from one system to another by confirming that the information received at the other end is as it was sent and that no modifications were made on the way. Methods recommended to maintain data integrity are detection of intrusion facilities such as tripwire, and use of message digest or hashing to notice any modification of the data in transit. Non disclaimer or repudiation ensures that the message transferred has been sent and at the same time received by the parties alleged to have sent and received the message, and this provides a proper record of the whole transaction. Digital signatures and logs of system audit for all user activity are also methods of non-repudiation (Park, 2014)). Many ethical concerns may arise in the whole issue of losing patient data. These are confidentiality, privacy and security. Medical records, either electronic or paper based comprises of communication tools that supports proper clinical decision making, planning and coordination of activities and services, evaluation of the quality of care as well as research, education and accreditation of various regulatory processes. To ensure the above ethical issues are not violated, electronic documentation must be authenticated and if the documentation is handwritten, then the entries must be legible. In the past, medical records were handwritten and stored in physical files and this increased the chances of insecurity. In addition, the files were only limited to access by few member, even the patients could not access their records. One of the major limitations of paper-based medical records is lack of security. Doors and locks, identification cards and tiresome sign-out procedures only control access for those who access the records. Unauthorized access to paper based medical records triggers no alerts and that no one can notice if the information had been viewed. However, with the introduction of computers and other technologies has changed documentation to electronic and this has enhanced security, privacy and confidentiality. Health records belong to the patient. National director for Health defines health records as not just a collection of information being protected but it is a life. Thus protecting patient information from loss is a very important aspect in the healthcare industry According to the American Medical Informatics Association website, Quality improvement strategy to reduce losing medical information as a medical error is very crucial in the medical practice. The strategy is aimed at reducing the possibility of the loss occurring and includes both proactive as well as reactive strategies. Whereas proactive components refer to activities, policies and procedures aimed at preventing adverse occurrence the loss, reactive components include policies and actions aimed at responding to adverse occurrences. For example in this case, several methods have been discussed which are aimed at reducing the possibility of losing physical patient information as well as compromising its privacy. Similarly, ways of dealing with adverse effects that have already happened say for instance information leaked to unauthorized people have also been highlighted. Examples are use of data encryption, firewalls, and authorization and authentication practices, use of login passwords among other practices. In both cases, the process of medical error management strategy comprises of: Diagnosis-identification of potential loss of medical information Assessment-This involves calculating the possibility of adverse effects occurring from the risk situation. Prognosis-This concerns the estimation of the impact and consequences of the adverse effect Management-Deals with the control of the probable risks (Kloss, 2012). Patton Fuller Community Hospital together with other medical organizations should address this risk/error of losing patient information following the above discussed policies and strategies. The overall objective of reducing the liability of losing patient information is to minimize the risk of harming patients, negative exposure of the healthcare providers as well as preventing financial losses (Kloss, 2012). References Bishop, T. (2010). Patient information. Primary Health Care, 20(10), 12. Divanis, A. G. &  Kloss Linda. (2012). “Information Management and Governance: Essential Health Data Integrity Practices.” Presentation at the AHIMA Health Information Integrity Summit, Chicago, IL, November 8, 2012. Loukides, G. (2012). Anonymization of Electronic Medical Records to Support Clinical Analysis. Berlin: Springer Science & Business Media. Park, R. (2014). Accessing patient information leads. Kai Tiaki : Nursing New Zealand, 20(1), 36.   Read More