RUA: We Can But Dare We? Galide Michel Maxinau Chamberlain University College of Nursing NR 360: Information Systems in Healthcare Instructor: Yuliya Malishkin November 15, 2020 Introduction Arguably, privacy is a fundamental human right that is essential to autonomy and human dignity protection. Privacy and confidentiality form the foundation upon which other human rights are built to enable individuals to create a barrier and protect personal space. Safeguarding the ownership concerning patient medical information in the nursing domain is the health care provider’s moral obligation. This paper intends to provide insight into the impact of technology on health care, focusing on patient privacy and confidentiality issues. The paper will be structure into three sections: section one provides insight into HIPAA law and regulation, section two delves into a selected scenario about HIPAA violation. In contrast, the third section will focus on the advantage and disadvantages of technology in nursing care. HIPPA, Legal and Regulations The utilization of technology has increased difficulty maintaining patient privacy and adherence to the HIPAA standard and regulation. The HIPAA act’s privacy requirement limits patient information sharing and how such information ought to be utilized. Thus, HIPAA laws ensure that the patient medical data is protected, and in the event of a violation, an individual must incur financial penalties. The adoption of technology has had a negative impact on patient privacy due to the vulnerability of electronic systems in exposing patient data to unauthorized persons. Besides, many forms of technological solutions in health care are not HIPAA compliant. The absence of automatic log-off in some systems, inadequate encryption technologies, and insecure texting applications (Rosenbloom, Smith, Bowen, Burns, Riplinger & Payne, 2019). Thus, adopting such a solution increases the vulnerability of cyber attack and subsequent loss of patient medical data privacy and confidentiality. Health Care Regulation Increased adoption of technologic solutions affects the implementation of health care policies due to privacy confidentiality concerns. The adoption of technology has resulted in the formulation of health care regulations such as the 21st Century Cure Act that provided unprecedented access to patient medical information to third parties (Majumder et al., 2017). This act prohibits information blocking and enhanced interoperability of patient data accessed by the patient on their handheld devices. The after-mentioned act has a negative impact on nursing due to the resultant risk of loss of patient data and confidentiality and the consequent violation of the HIPAA laws (Rosenbloom et al., 2019). Regarding the legal guideline on the appropriate use of technology, health care providers must adhere to the HIPAA provision in deciding on what is acceptable and not acceptable about sharing patient medical data. Scenario Ending and Recommendation Scenario 1: Ransomware Attack A ransomware attack occurred at the Better Health Medical center. Upon investigation, that attack was classified as a crypto locker, which resulted in the health information systems’ encryption. As a result, access to patient medical data was restricted until ransoms are paid to the hackers for the encryption key to be released. Better health care strives to protect its reputation and pubic images and faces a dilemma on whether to pay $70,000 or risk patient data exposure to the public. Action Undertaken By the Hospital The hospital did not respond immediately to the cybercriminal’s extortion and instead decided to prevent the public and the media from gaining insight into the extent of the hospital’s attack. As a result, physicians and clinicians were requested to resort to a manual system for over a week as a means of buying time as the IT department tried to circumnavigate the attackers. The resultant delay resulted in slowed operation and increased workload, and the subsequent re-routing of clinical care. On the second, an insider leaked the situation to the media resulting in massive media attention and a subsequent increase in price from $70,000 to $100,000. Recommended Actions The appropriate course of action would be to unplug the machine and notify the authorities. The hospital ought to report the incident to the department of homeland security and adhere to the HIPAA regulations. The next step would be to update the hospital stakeholder on the prevailing situation and effort being put in place to remedy the situation. Lastly, the hospital ought to assess the breach’s level and contact the affected patient within 60 days (Mercer, 2019). In all the steps mentioned above, the hospital should not pay the ransom. Scenario 2: Use of Mobile Phone This scenario is related to investigations being conducted at the workplace due to violation of HIPAA rules involving a celebrity admitted at the hospital. As the case manager, the celebrity’s picture is in the mobile phones, and that legal action against the hospital will be sought due to the resultant leakage of the photos to the Gossip Gazette. Appropriate Action to Take The most appropriate action would be to hand over the cell phone to the investigators for further action. Under the HIPAA breach of the violation, taking the patient picture, and the subsequent sharing without written consent (Carlson & Mandel, 2017). In this context, two scenarios are possible. There is a likelihood that the case manager shared the picture with the gossip magazine and thus liable to legal action and penalty imposed by HIPAA through fines not able to legal action and penalty imposed by HIPAA through fines not exceeding $ 1 5000,000 or up to 10 years of imprisonment. The second option might be related to a data breach due to the lack of appropriate security measures and the vulnerability to cyber-attacks. Besides the lack of specific HIPAA rules assigned to mobile, most organizations depend on the HIPAA rule for privacy to protect electronic devices (Nettrour, Burch & Bal, 2018). Thus, the option of handing over the phone would be appropriate to determine whether the picture leaked to the magazine was accessed illegally or through the help of an insider before proper action is taken. Impact of Technology in Nursing Care Information technology has a positive impact on nursing practice due to the increased efficiency and reduced cost of care. The utilization of IT in the health care result in better patient focused care resulting in improved quality of care and information sharing within and among health care providers (Rouleau, Gagnon & Côté, 2015). Utilization of IT in the health care setting is only advantageous when used appropriately, but in the vent of misuses might expose the health care provider to legal litigation and resultant financial expenses. Advantage of Appropriate Use of Technology in Health Care Appropriate use of technology improves the quality of care. In essence, the utilization of technological solutions in health care has resulted in digitizing records that are securely stored and easily accessible by the patient and medical professional (Rouleau, Gagnon & Côté, 2015). Through useful storage, management, and retrieval of patient data, health care providers are better suited to treat diseases and prevent over-prescription of medication accurately. Digitization of health records results in improved care quality due to streamlined processes, reduced cost, and improved patient outcomes. The use of technology improves patient safety. If used appropriately, health information technology reduces medical errors, adverse drug reactions, and compliance to practice guidelines. Appropriate use of computerized physician order entry (CPOE), in conjunction with the clinical decision support systems (CDS), is a viable tool for preventing medical errors. Studies indicate that the use of CPOE with the CDS resulted in a significant reduction in medical mistakes (Alotaibi & Federico, 2017). The utilization of bar code technological solutions in medical administration also contributes to reduced medical errors, contributing to patient safety and positive outcomes. Risk of Technology Use in Health Care Increased vulnerability to cyber-attack is the most significant risk associated with the utilization of technology in health care. The storage of patient medical records to the cloud increases retrieval speed while increasing cyber-attacks (Rouleau, Gagnon & Côté, 2015). Utilization of internet of thing devices in health care further exacerbates the threat of cyber attacks on hospital networks, resulting in the loss of patient data and breach of privacy and confidentiality. The risk of a cyber attack harms patient safety and resultant financial implication on health care providers in the long run. Disadvantages of Technology in Health Care Difficulty in set up and access limits the utilization of technology in health care. One of the critical disadvantages of the technology is that some patients might not be technologically savvy, while access to the internet to access telemedicine facility is also difficult. Thus, technology becomes a barrier to accessing health care (Rouleau, Gagnon & Côté, 2015). Also, issues related to technological malfunction and the dependency on the internet and power sever NR360 Information Systems in Healthcare RUA: Technology Presentation Guidelines Purpose The purpose of this assignment is to (a) explore and present an information technology used in the healthcare system that supports the patient care experience and (b) develop the skills of team communication, collaboration, and production. Course outcomes: This assignment enables the student to meet the following course outcomes: CO 1: Describe patient‐care technologies as appropriate to address the needs of a diverse patient population. (PO 1) CO 5: Identify patient care technologies, information systems, and communication devices that support safe nursing practice. (PO 5) CO 6: Discuss the principles of data integrity, professional ethics, and legal requirements related to data security, regulatory requirements, confidentiality, and client’s right to privacy. (PO 6) CO 8: Discuss the value of best evidence as a driving force to institute change in delivery of nursing care. (PO 8) Due date: Your faculty member will inform you when this assignment is due. The Late Assignment Policy applies to this assignment. Total points possible: 240 points Preparing the assignment Follow these guidelines when completing this assignment. Speak with your faculty member if you have questions. 1) For this team project, students will be assigned by faculty into teams of three to five individuals depending upon class size. a. Teams will receive a project grade based on assessment by the project rubric, which will then be applied to each individual’s grade for the project minus points for lack of participation in the development or presentation of the project. b. NR 360 Chamberlain University Impact Of Technology In Nursing Care Presentation. The team leader will make all dropbox submissions for the course so that the: • TURNITIN similarity index will not pick up inadvertent self‐plagiarism from another team member’s submission. • Course faculty will have only one submission to review and grade. 2) Prepare a PowerPoint presentation with speaker notes between 25‐30 slides, excluding the title and reference slides. a. Speaker Notes • Outline and “script” the presentation for online students. o Online students’ speaker notes should include the name of the student who researched and presented the slide information. o Campus students follow the guidelines of your course instructor. b. Scholarly writing and APA guidelines should be followed as applicable to PowerPoint slides. c. Cite sources in APA format in the applicable slides and include the APA formatted reference in your reference list slide(s) ‐ minimum 6 references. d. Spelling, grammar, and punctuation apply even in bullet points and speaker slides (e.g., quotation marks, italics, verb tense, etc.). e. Copyright and plagiarism guidelines apply. 3) Each team will be assigned a healthcare information systems technology (e.g., Computerized Physician Order Entry, Electronic Health Record, Electronic Medical Record, etc.) by the course instructor. For that technology, include the following discussions in the presentation: a. Introduction of Technology and Team – 20 points/8% • Title slide identifies the assigned technology. • Title slide introduces team members. NR360_RUA_Technology_Presentation _Guidelines Revised: July 2020 1 NR360 Information Systems in Healthcare RUA: Technology Presentation Guidelines • b. c. d. e. f. g. h. Presentation provides an introduction that: o Describes the technology o States a purpose for use of the technology in healthcare o Establishes the professional tone for the presentation History and Current Use – 30 points/14% • Describe significant findings that prompted the development of the technology. • Discuss the history and current use of the technology in healthcare. • Describe three goals of this technology’s implementation. Impact on Healthcare and Nursing – 40 points/16% • Discuss impact on professional nursing practice related to: o Patient safety o Quality of care measures/monitoring o Risk management o Privacy, confidentiality, and security of patient data o Effect on population within the region o Ethical practice o Compliance with legal and regulatory mandates o Organizational infrastructure and operations • Support discussions with examples & data from current evidence-based resources. Three Advantages and Disadvantages – 40 points/16% • Patient’s perspective (e.g., patient outcomes, safety, patient/family satisfaction) • Nurse’s perspective (improves/hinders job efficiency/safety) • Healthcare organization’s perspective (regulatory compliance, financial, etc.) Controversy, Issues, Challenges, and Regulatory Implications – 30 points/14% • How might issues surrounding the chosen technology be addressed/solved? • Provide statistically significant data or evidence to support your findings. Summary – 20 points/8% • Key points • Discoveries/surprises • Lessons learned by the team Team Project Evaluation – 40 points/16% • Place & discuss the following questions and responses in the slides(s) following the summary slide and prior to the reference slide(s). • How did the team function well? (e.g., team strengths, team balance, etc.) • What problems did you have interacting as a team? (e.g., team weaknesses, outside challenges, technology, etc.) • What specific actions would you recommend to future teams to help them interact, function, and collaborate successfully? Presentation, Scholarly Writing, and APA format – 20 points/8% • 25-30 PowerPoint slides with speaker notes (excluding title & reference slides) • Submitted to Dropbox/Turnitin by Team leader only • Speaker Notes outline and “script” the presentation for online students. • Online students’ speaker notes should include the name of the student who researched and presented the slide information. • Campus students follow the guidelines of your course instructor. • Copyright and plagiarism guidelines apply. • Scholarly writing and current APA guidelines should be followed as applicable to PowerPoint slides. • Cite sources in APA format in the applicable slides and include the APA formatted reference in your reference list slide(s)‐ minimum 6 references. • Spelling, grammar, and punctuation apply even in bullet points and speaker slides (e.g., quotation marks, italics, verb tense, etc.). NR360_RUA_Technology_Presentation _Guidelines Revised: July 2020 2 NR360 Information Systems in Healthcare RUA: Technology Presentation Guidelines For writing assistance (APA, formatting, or grammar), visit the APA Citation and Writing page in the online library. Please note that your instructor may provide you with additional assessments in any form to determine that you fully understand the concepts learned in the review module. Continued Next Page… NR360_RUA_Technology_Presentation _Guidelines Revised: July 2020 3 NR360 Information Systems in Healthcare RUA: Technology Presentation Guidelines Grading Rubric Criteria are met when the student’s application of knowledge demonstrates achievement of the outcomes for this assignment. Assignment Section and Required Criteria (Points possible/% of total points available) Introduction of Technology & Team (20 points/8%) • • • • • Title slide identifies the assigned technology. Title slide introduces team members. Introduction describes the technology. Introduction states a purpose for use of the technology in healthcare. Introduction establishes the professional tone for the presentation. History & Current Use (30 points/14%) • • • Describe significant findings that prompted the development of the technology. Discuss the history and current use of the technology in healthcare. Describe three goals of this technology’s implementation. Highest Level of Performance High Level of Performance Satisfactory Level of Performance Unsatisfactory Level of Performance Section Not Present in Paper 20 points 18 points 16 points 7 points 0 points All criteria are described comprehensively. All criteria are 3 criteria are fully met 1-2 criteria fully met described concisely but not comprehensively (or) one element is not addressed. 30 points 26 points All criteria are described comprehensively with consideration of alternate perspectives or presentation of supporting data. Impact on Healthcare & Nursing (40 points/16%) 40 points Discuss impact on professional nursing practice related to: • Patient safety • Quality of care measures/monitoring • Risk management All criteria are described comprehensively with consideration of alternate NR360_RUA_Technology_Presentation _Guidelines All criteria are described concisely but not comprehensively. Some elements of alternate perspectives or presentation of supporting data are present. 35 points All criteria are described concisely but not comprehensively. Some elements of Revised: July 2020 23 points 2 criteria fully met 30 points 6 criteria fully met 10 points 1 criteria fully met 14 points 3 criteria fully met Criteria not present 0 points Criteria not present 0 points Criteria not present 4 NR360 Information Systems in Healthcare RUA: Technology Presentation Guidelines • • • • • • Privacy, confidentiality, and security of patient data perspectives or Effect on population within the region presentation of Ethical practice supporting data. Compliance with legal and regulatory mandates Organizational infrastructure and operations Support discussions with examples & data from current evidence-based resources Three Advantages & Disadvantages (40 points/16%) Three advantages and disadvantages are presented for: • Patient’s perspective (e.g., patient outcomes, safety, patient/family satisfaction) • Nurse’s perspective (improves/hinders job efficiency/safety) • Healthcare organization’s perspective (regulatory compliance, financial, etc.) Controversy/Issues/Challenges/Regulatory Implications (30 points/14%) • • • Controversy, issues, challenges, and regulatory implications are addressed. The presentation answers the question, “how might issues surrounding the chosen technology be addressed/solved?” Statistically significant data or evidence is provided to support the findings. Summary (20 points/8%) NR360_RUA_Technology_Presentation _Guidelines alternate perspectives or presentation of supporting data are present. 40 points 35 points All criteria are described comprehensively with consideration of alternate perspectives or presentation of supporting data. 30 points 26 points All criteria are des … NR 360 Chamberlain University Impact of Technology in Nursing Care Presentation . NR 360 Chamberlain University Impact Of Technology In Nursing Care Presentation