How many patients are impacted

Assignment Help Computer Engineering

Reference no: EM133661432

Homework: Breach Activity

Breach Activity; Assessing Privacy This activity meets CAHIIM Domain II.1.

Develop privacy strategies for health information.

Part I

You are the Privacy Officer at Quality Hospital. It is a 500-bed hospital in large city. It provides various services: acute care with an ICU, CCU, NICU, pediatrics, obstetrics, psychiatric and is a Level I trauma center. Quality Hospital provides various outpatient services as well: cardiac cath lab, specialty clinics, and rehabilitation. It is a complex organization.

Review the following scenarios that occurred at your hospital and determine whether the scenario is a reportable breach:

Scenario A: On April 1 Mary Nurse, RN, reports for duty on Unit 3B. Michael Patient is assigned to her. The EHR automatically gives staff access to patients on the unit they are assigned for the shift. Michael Patient was transferred from Unit 3A to Unit 3B on March 31. Mary logs into the EHR and is unable to access Michael Patient's record. The EHR has an override if this issue occurs, and she goes through a series of steps to gain access to his record. Since Mary is not familiar with Mr. Patient's history, she begins to review the medical record. After reviewing quite a bit of the record, she notices that it says Michael is aged 25. Mary suddenly realizes that this is not her patient. Her Michael Patient is 80 years old.

Is this a breach? Why or why not? Provide a detailed explanation (citing HIPAA statute numbers if necessary to provide rationale). If this is a breach, indicate if this is a reportable breach and indicate how many patients are impacted. If there is not enough information to determine whether this was a breach, indicate what additional information you would need.

Scenario B: Even though Quality Hospital has an EHR many old paper records still exist, and the hospital is required by law to continue to retain them. Since the hospital was unable to maintain all of the records onsite, it hired Acme Storage to store their records offsite. All paper records have been stored by Acme since 3/1/2015. Quality Hospital somehow stopped paying the storage fees to Acme in 2019. On 1/3/2021 Acme started to throw out the records in a big dumpster. A new HIM Director was hired 12/7/2021. The HIM Department received a medical record request on 2/18/2022. The ROI clerk could not locate the information and asked the HIM Director where he could locate paper medical records dating back to 2013. It took a few days for the HIM Director to track down the records. On 2/23/2022 the HIM Director discovers that Acme has thrown out the records. On 2/24/2022 the HIM Director notifies you the Privacy Officer.

Scenario C: On 3/1/21 Dr. Jones is preparing for his telemed appointment with John Harrison. He pulls up the most recent lab work and then calls Mr. John Harrison. He begins discussing with Mr. Harrison that he is a little concerned with the results as his A1C is rather high. Mr. Harrison cannot understand this. He had bloodwork done three months ago and it was within normal limits. Dr. Jones pulls up the graph of the A1C results over time and sees that the bloodwork from three months ago was also elevated. He then realizes that is looking at Joan Harrison's bloodwork. He apologizes to Mr. Harrison for the error and then continues their appointment.

Part II: As Privacy Officer, you are charged with reporting breaches to OCR. In the past you have realized that you do not always have all the key information for reporting breaches in one location. You have decided to develop a form that you can complete to make it easier to report breaches. Using good form design techniques and the information in the pdf, create a form for this purpose. After you complete designing your form, select the scenario(s) you have identified as breach(es) in part I of this homework and begin to enter the information. You will probably not have all the information that is required such as addresses, phone numbers etc. If the information is not available, leave it blank. However, you should be able to complete some key such as whether a Business Associate was involved, how many individuals were impacted, the breach start date, discovery date, type of breach, location etc.

Reference no: EM133661432

Questions Cloud

Analyse the organisation external environment : Organisational Transformation Assessment – Client Report - written analysis of what you consider to be the company's current circumstances, their existing

Explain the concept of failfast : What are the differences between PUSH and PULL systems? Explain the concept of FailFast.

Which reason below justifies use of contract warehousing : Which reason below justifies the use of contract warehousing? It requires more in-depth negotiations than public warehousing to secure.

Leadership should switch to more holistic model : leadership should switch to a more Holistic model, as then leaders would be able to pay closer attention to the bigger picture and long-term goals.

How many patients are impacted : Provide a detailed explanation. If this is a breach, indicate if this is a reportable breach and indicate how many patients are impacted.

Practice using the stack abstract data type : Practice using the stack abstract data type. One common use of a stack is to reverse data. In this assignment we are going to allow the user to type in text

Develop a presentation in favour of a statement : HLTH 6049- Develop a presentation in favour of a statement about a current issue or future trend in healthcare in Canada from the topics provided.

How effective is the firewall in the current network : What is the risk of just having a single router or switch within the Memphis office? How effective is the firewall in the current network?

How do you think this limiting of central power fit : How do you think this limiting of central power fit in with the Texas history and political culture of the state that you have learned so far

User Account

All Pages