" Designated Privacy Officer in a Healthcare Institution1The Designated Privacy Officer in a Healthcare InstitutionDesignated Privacy Officer in a Healthcare Institution2ABSTRACT On every institution, there are specifically designated privacy officers on which they will attaindifferent responsibilities in areas or function. In this study, I will show some important strategies inhandling responsibilities and duties as a privacy officer in a healthcare institution. This is veryimportant especially the safety of the whole organization. The privacy officer may have different titlesand duties depending on their designated institution or organization in a particular field. As adesignated privacy officer, they have an authority and responsibility for managing, oversee andimplement different sanctions for violation policy that is suited for the institution. Through this, I willgive some important monitoring procedures, the sanctions for violation policy that may apply forthose who break the policy intentionally and unintentionally reasons, and encouraging the nurses toreport the privacy and the security breaches, tracking each point of access to the patient's data basedand someone who entered the data, about the visitors who are accidentally came in a wrong unit, andother related to this situation. Designated Privacy Officer in a Healthcare Institution3The Monitoring Procedures that I will develop as a Designated Privacy Officer: In this part, I will develop and implement seven strategies that would benefit both patient andinstitution which covers policies, education, prevention, audits, detection, incident investigation, andbreach notification. Once this strategy has been implemented, I believe that the institution or theorganization will work well and organized since security has been locked down its system and patientswill be more relaxed since their privacy has been secured already and well monitored, they would havepeace of mind. Aside from this security measures have been implemented, we could say that peoplearound the facility are knowledgeable that they cannot just do anything aside from implementing theright and appropriate work on the work area. An example of this is the policy in the use of Email andInternet use, they can only use the Internet for business purpose only. for the education, we can createposters that will do the do's and don'ts inside the work area. Some policies are implemented directly inthe shelter hospitals from discovery, it was proven and implemented by (Creager, P. T. 2008). He haddone a unique procedure in monitoring in the healthcare institution. For the prevention, we can securethe system that the only authorized person can access the critical areas, these people are those whohave the right positions. For adults, we can create a system that will do inventory for the workplace andmake it sue that supplies and other materials are well managed as well as the system that will createaudit logs for every process that will make by the last user. There are many monitoring procedures thathave been implemented by every privacy officer like (Schyve, P. M. 2009). He is one of the leaders in thehealthcare organization, who implemented one of the effective monitoring procedure in the institutionof healthcare. For detection, we can create a system that will notify us if someone is trying to interceptor someone is been on our system by creating a more secure network.Designated Privacy Officer in a Healthcare Institution4The Sanction for Violation Policy that I will Include as a Designated Privacy Officer: As a designated privacy officer, I would implement 3 sanctions for violating the policies. Most ofthe healthcare institution have developed effective policies in order to maintain the peace andregulatory of the certain institution or organization. It is very important that all the policies are clearlyunderstood and familiarized with all of the staff and patients in a particular healthcare institution toavoid any violation happened. Regarding with this, there are still users or staffs and even visitors in theinstitution of healthcare who have been violated the policies and the rules of the said institution.Therefore, if I were a designated privacy officer in this institution, I will do the following sanctions forviolation policy. 1. Explanation letter - what is the reason and why does end-user violates the policy, in this matter,we could decide, decide what is the right sanction/action that will be placed whoever violatesthe policy. In this matter, we can get and gather information from the end-user, on what wasreally happened and through this, and we could know what will be the next step in our decision. 2. Suspension- If the end-user or any user/staff in the institution had violated the policies withoutthe right or correct intentions why he/she violates this policy I will be placed them to anindefinite suspensions depending on how heavy the violation has been made and take furtheractions preventing that user to gain access to the system again, so that we can avoid anothermistake or another bad intention that could break down the policies of the workplace. Most ofthe suspensions that have happened are due to lack of concentration of focus in a particularassignment of nurses, or through ignorance of other visitors from the policy that the institutionhave been implemented, as it was stated by (Destache, D. M. 2003). Since we implemented thetype of policies they are aware that violating policies would cause trouble once certain policieshave been broke. Designated Privacy Officer in a Healthcare Institution53. Termination- I would suggest that end-user or any user would be terminated or provide legalactions to the user of the system from which policies have been violated if they intentionally dosomething to break the policy. They are aware that intentionally violating policies can break thesystem and there would be a loophole that can cause some information to be revealed orprivacy of the workplace will be placed in a vulnerable state. This kind of policy is very efficientand effective in order to avoid any violations that may happen in the healthcare institution. Itwould bring the institution into a good example of the other institution or branches to enhanceand encourage users to be more responsible as a part of the institution.4. Dissolution- of the user who has been violated the policy for no fewer than 1 month.5. Expulsion- to someone who repeatedly violated policy in the institution.6. Punishing people for having deviant behavior. These are the sanctions for violation policy that I would include as a designated privacy officer in ahealthcare institution. Designated Privacy Officer in a Healthcare Institution6To be more effective as a designated privacy officer in a healthcare institution, I will strive to make somemoves and better ways to make everything better in the institution that has assigned to me. I wouldencourage the nurses to contact system administrator so that the system admin would distinguish who'sthe right person and take further actions who can assist the visitor and advice them to accompany thevisitor to the right unit.In this matter we can say that we have lessened the access to the system and as well as we haveprovided the right solution to the visitor who accidentally entered the wrong unit. I will also encouragethe nurses to call our attention so that we can do preventive measure why and how does a visitor cameto the wrong unit, so we can maintain and look for another solution on how we can avoid anotherincident that can cause breaching of privacy beyond the vicinity, like for example, providing a systemthat would actually tell where is the exact location of the person who they are looking for, and for thenurses, I will provide especial access from where they can see or call attention of the other nurses whocan provide the visitor the right unit where they should go and assist them thoroughly and avoidanother incident. With this encouragement, we can make sure that the privacy as well as service of theworkplace is well-organized and secured and not vulnerable to any unwanted occur in the vicinity whilekeeping the system secured and followed. Once this has been implemented everything would flowsmoothly and avoid another incident of unintentional privacy breach.The healthcare institution, it is very important that all of the nurses and staffs are should activelycooperate whatever the policy inside the institution. Through this, the institution would gain a goodreputation in all aspect of actions. There will be more possibility that this healthcare institution willcome into a progressive and successful organization by simply implementing and following a simplepolicy that the designated privacy officer had implement. Designated Privacy Officer in a Healthcare Institution7 Let us understand is some of the visitors were came in a wrong unit in looking their patients.Because not all of them are knowledgeable about the policies that the institution have implemented. Inthe healthcare institution, there would be different and separate policies between the visitors and thepatients. For the patient, it would be necessary to be aware of about the hospital's policy regarding inmedication. For example, if the patients have a conscious illness, he/she must in separated from anotherpatient to avoid any complications and for the safety of everybody. For visitors, it is necessary that theywere also aware of the policy that has implemented regarding in visiting. For example, if the hospital hasbeen implemented policies about visiting hours, such the visiting hours every day will be from 9 am to 6pm only. The visitors must have followed this policy and they should familiarize other policies regardingthis. Avoid also bringing child or children at any hospitals when visiting the patients. This is to avoid anyincidents like entering a wrong unit of the patients.There are many possible incidents that may occur when someone entered in a wrong unit.Therefore, nurses that have assigned to this case, should be fully and actively cooperate with this, bymaking sure all the visitors are well-organized and have enough knowledge what at where exactly theirpatients are. There are different departmentation in every healthcare institution, such as nurse station.In the nurse station, there are nurses that could assist on every visitors that are looking for theirpatients. For newbie visitors, they should have first asked the designated guard in the hospital beforeentering, to avoid accidentally entered in a wrong unit. Accidental or inadvertent violation is theunintentional violation of privacy or security that may be caused by carelessness, lack of knowledge, lackof training, or other human error. Failure to follow established privacy and security policies andprocedures. An example of this kind of incident includes release of PHI without proper patientauthorization; leaving detailed PHI on an answering machine, improper disposal of PHI. Designated Privacy Officer in a Healthcare Institution8REFERENCESCreager, P. T. 2008- Hospital Shelter Policy and ProcedureSchyve, P. M. 2009- Leader of Healthcare OrganizationDestache, D. M. 2003- Innovation of Policies and Procedures "