Sample Essay On Florida Hospital

Technology has been very helpful in every aspect of living in the society. Whatever line of job one is in, it is bound to include technology, which makes work easier and lighter for the people who use it. In the medical field, the electronic health record (EHR) is the official health record for an individual, which access is shared by various agencies and facilities. Its use is expected to lead to increased efficiency and quality of care, as well as to reduced costs in the healthcare industry (“Electronic health record,” 2015).
One of the leading hospitals in Florida that uses electronic health records is the Seven Rivers Community Hospital, which is located in Crystal River. It was established in 1978 and has 128 beds for general and medical/surgical purposes. This acute care facility has been serving the community with its great healthcare services.
The Seven Rivers Community Hospital considers the ways they can provide better services for their patients. As such, they use electronic health records to immediately trace the medical history of their patients. Scott Doughs, the Systems Administration Analyst of the hospital, is responsible for the hospital’s EHR. He was interviewed regarding his role as a Systems Administration Analyst.
According to Doughs, a Systems Administration Analyst is responsible for system maintenance, document creation, system audits, and report building. The System Administration Analyst will assist in providing system enhancements and upgrades for the benefit of the physicians, clinicians, and the whole department, which in turn aims to improve patient care while creating a front and back office workflow.
Doughs explained that there is a need for implementing security measures in the EHR system since the information is shared with other hospitals and agencies, which may need the patient’s medical history. Confidentiality in the EHR system should be ensured, as patient information should be made accessible to other people only with the patient’s consent or for any legal reason (Lurinda, 2012). Doughs also said that a patient has legal, state, and federal rights to have a copy of and make any necessary changes in their medical record.
With regards to securing the confidentiality and privacy in their system, Doughs reiterated that the system can be kept confidential by making sure that only the authorized individuals are able to access patient information. In this regard, users should be granted the appropriate access levels. The users should be identified and their information -- usernames, passwords, and access settings -- set up. The basic standards for passwords include prohibiting password reuse, requiring a minimum number of characters, and requiring that they be changed on a regular basis. Various organizations and physicians practice the two-tier approach to authentication by implementing biometrics identifier scans, such as the face, retina, palm, or finger recognition.
Doughs further added that the user’s access is based on predefined privileges that are set for the users’ various roles. For example, the receptionist and the nurse have very different responsibilities and tasks; thus, they have access to different types of data. Users are designated with certain privileges that enable them to access only the information that is within their authority, and which enables them to fulfil their responsibilities and perform their roles. This also makes them accountable for the use of the information they access.
Since EHR information looks like public information for everyone, the government has implemented regulations, with the intention of preventing the misuse of patients’ medical information. Doughs elucidated on the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Help (HITECH), which serve as guidelines for the preservation of data availability, confidentiality, and integrity. He said that violating the rules of the HIPAA and HITECH will result in serious consequences, such as civil and criminal punishments for organizations and clinicians.
Doughs verbalized that the HIPAA Security Rule establishes national standards for the protection of individuals’ electronic protected health information (e-PHI), which is created, received, used, or maintained by an entity covered by HIPPA. To comply with this law, the appropriate administrative, physical, and technical measures must be employed. This would ensure the confidentiality, integrity, and security of ePHI.
For their system’s security, Doughs employed NitroSecurity and FairWarning. FairWarning sends the patient’s information, policies, and privacy violations to NitroView ESM, which correlates and analyzes the information in real time, together with the security events within the network, such as those that come from the applications, databases, hosts, and firewalls. This leads to the use of a single platform that allows the system and the IT personnel to detect, investigate, and respond to privacy and security concerns on the patient’s information. FairWarning regularly checks and keeps track of the clinical applications and systems to make sure that the patients’ information remains private. On the other hand, NitroSecurity tracks the devices and applications within the network in order to protect the system and ensure its integrity and security. With the integration of the two applications into a single real-time interface, NitroView ESM and FairWarning privacy solutions enable information security analysts and privacy officers to get timely notifications and alerts, which in turn simplify the process of resolving privacy issues before they lead to non-compliance and even litigation.
Doughs concluded that although technology, such electronic health records, can be of big help, they also require plenty of resources for the implementation of security systems and the conduct of trainings. He reiterated that software applications should be installed and upgraded every time to ensure the security of the patients’ medical information.

References

Electronic health record. (2015). Retrieved from
http://whatis.techtarget.com/definition/electronic-health-record-EHR
Lurinda, H. (2012). Electronic health records: Privacy, confidentiality and security. AMA