healthcare

Authors Name:
Instructors Name:
Course:
Date:
Healthcare
The US Department of Health and Human Services (HHS) was required to establish laws protecting the security and privacy of health information under the Health Insurance Portability and Accountability Act (HIPAA) of 1996 (OCR 1). The HIPAA Security Rule “establishes a national set of security standards for confidentiality, integrity, and availability of certain health information that is held or transferred in electronic form” (OCR 1). This protected information record is referred to as e-PHI, i.e., electronic protected health information. This privacy rule applies to healthcare providers, health plans, and healthcare clearinghouses (OCR 3).
Implementing HIPAA compliance has made the process of research difficult in the healthcare sector. E.g., researchers can only carry out research based on chart data, when the patient gives permission to use the information. This deters the patients from benefiting from timely and cost-effective research. Additionally, this has contributed to increases in costs for surveys and studies. Patient care is also affected since the health providers cannot share the patient’s information freely increasing the time taken to attain critical information that affects the patient’s care.
The healthcare providers also incur an extra cost from legal charges in case of violation of the HIPAA which makes the healthcare providers exceedingly cautious in sharing of the patient’s information even when the patient has authorized it.

Additionally, there has been an increase in cost due to the complexity of HIPAA implementation. Cost of implementation increases due to training and certifications required for all the employees and the hiring of professionals to monitor the adherence to the provisions of the Act. There is also increase in the amount of administrative work, e.g., additional paperwork for HIPAA compliance.
The duration to implementing this mandate by healthcare providers depends on the organization’s workforce, technology, systems, and size. Developing a culture that prioritizes information security is key in minimizing the amount of time spent in implementing HIPAA, i.e., if the entire workforce understands and values data security there will be no time dragging. Creating an environment that is conducive to achieve this objective is important and can help save time as well as the costs that may be incurred. E.g., using medical devices, technology, firewalls, computer operating systems and servers that are obsolete can be detrimental and time-consuming. Other factors that are dynamic like the rate of employee turnover and technological advancements, can also impact on the time used to implement the mandate. Therefore, the organization should be ready to accept and adapt to changes so that time spent in implementation can be minimized. Concisely, implementation and adherence to HIPPA is a continuous practice for healthcare providers and should not be viewed as a destination rather than a journey.
Work cited
Office for Civil Rights (OCR). “Summary of the HIPAA Security Rule.” HHS.gov, US Department of Health and Human Services, 26 July 2013, www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html.