We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy

Administrative Ethics Essay

In 1996 Congress enacted HIPAA to protect the privacy and security of protected health information maintained by health care providers, which include health insurance companies, hospitals, doctors, and employers who sponsor self-insured health plans (“Health Insurance Portability and Accountability Act Of 1996 (HIPAA)”, 2011). HIPAA is enforced by the Department of Health and Human Services.

There are two sets of regulations issued by the HHS; Standards for Privacy of Individually Identifiable Health Information, the ‘privacy rule’ and the Security Standards for Individually Identifiable Health Information, the ‘security rule. ’ The privacy rule requires entities to implement policies and procedures. This is to ensure the members use and disclose protected health information, PHI only for permissible purposes and to ensure patients and the insured have the right to access and amend their PHI.

The security rule requires entities to implement policies and procedures to protect against threats to ensure confidentiality, integrity, and availability of PHI (“Health Insurance Portability and Accountability Act Of 1996 (HIPAA)”, 2011). HIPAA violations can result in criminal and civil penalties. The Department of Health and Human Services establishes the civil penalty structure for HIPAA violations. The department HHS, Office of civil Rights, OCR enforces the privacy standards; Center for Medicare and Medicaid enforces the security rule.

We will write a custom essay sample on Administrative Ethics specifically for you
for only $16.38 $13.9/page

Order now

The HHS determines the amount of civil penalty based on the nature and extent of the violation and the harm resulting from the violation. In 2012 a group of ear and eye doctors in Massachusetts reported the theft of an unencrypted personal laptop as required by the Health Information Technology for Economic and Clinical Health Act (HITECH). The laptop contained personal health information of MEEI patients and research subjects. Reporting the theft of a laptop containing electronic PHI is required under the Breach Notification Rule.

During the investigation the OCR indicated that Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates, known as MEEI, failed to take the correct steps to comply with the requirements of the Security Rule. They failed to implement the security measures sufficient to ensure the confidentiality of electronic PHI. The impact of the violation affects MEEI patient population the most. By law the patients who were affected will be notified. Those patients will need to atch what happens with their health information and their personal information. Personal identity, credit history, and health information will need to be carefully watched for inaccurate information or authorized alterations. OCR’s investigation indicated the failure to comply with the security rule requirements had occurred over an extended period of time. MEEI apparently did not have adequate policies and procedures in place relating to the confidently and access of the electronic PHI.

OCR emphasizes the importance of confidential health information and the special attention that must be paid to safeguarding the information stored or transported on portable devices (Massachusetts Provider Settles HIPAA Case after Investigation, 2012). MEEI must come up with a corrective action plan that must be approved by the OCR, including reviewing, revising, and maintaining policies and procedures to ensure the confidentiality of electronic PHI and policies and procedures that restrict access to electronic PHI.

An independent monitor will be set up to conduct assessments of MEEI semi-annually and report to HHS for a period of three years. There will also be a fine of $1. 5 million. The OCR believes the violation was severe and the potential risk for harm was widespread. Administratively MEEI failed to demonstrate good ethical practices by not ensuring the privacy of protected health information. They also did not educate the staff regarding HIPAA. Legally, MEEI could be at a higher risk for lawsuits related to the breach of confidentially.

Other ethical issues include the doctors’ medical license. Not following the correct plan could result in losing their license to practice. More fines could place a financial burden on the facility and cause the facility to close. The loss of patients for not keeping information protected is also an issue. Although the article did not include any MEEI comments, the managers should have a clear understanding of what their responsibilities will be; to ensure the confidentially and to ensure that staff are equally prepared and aware of policies and procedures and patient privacy.

Their responsibilities lie with the organization, to the patients served by the organization, and to the employees of the organization. All patient information needs to be treating with dignity and respect. It will be the manager’s responsibility to make sure the staff is in compliance with all policies and procedures and the HIPAA rules and regulations.

How to cite this page

Choose cite format:

Administrative Ethics. (2019, Jun 20). Retrieved from https://paperap.com/paper-on-essay-administrative-ethics/

We will write a custom paper sample onAdministrative Ethicsspecifically for you

for only $16.38 $13.9/page
Order now

Our customer support team is available Monday-Friday 9am-5pm EST. If you contact us after hours, we'll get back to you in 24 hours or less.

By clicking "Send Message", you agree to our terms of service and privacy policy. We'll occasionally send you account related and promo emails.
No results found for “ image
Try Our service

Hi, I am Colleen from Paperap.

Hi there, would you like to get such a paper? How about receiving a customized one? Click to learn more https://goo.gl/CYf83b