 Conducting
Confidentiality Awareness Programs
During a recent visit to a small physician practice, a relatively new
member of the staff shared the following:
On my first day I was given a password to the system and was shown a
computer at my workstation. I did not receive any formal instructions
on how to operate the computer; I did not sign a confidentiality
agreement; and I did not receive an orientation to the importance of
confidentiality.
She paused and then added,
I just think there's a better way of orienting new staff.
She is correct, and in this final article of this three-part series on computer and
confidentiality, I will discuss some issues to consider when educating
staff about the importance of safeguarding patient confidentiality.
In a previous article, we discussed the
fact that having an information security policy protects the
confidentiality rights of patients. It also serves to reduce
organizational risks and potential liabilities. But just having a
policy is not enough. Staff need to understand the policy in order to
carry it out. In this regard, conducting educational awareness programs
is the key ingredient in implementing effective security programs. When
planning to implement educational awareness programs two issues need to
be addressed: 1) the goals of an educational program; and 2) the
audiences.
Educational Goals
The goals of an educational awareness program should be to:
- Raise the level of confidentiality awareness among physicians,
nurses, laboratory staff, and office personnel.
- Ensure that members of the staff understand the Information
Security Policy.
- Educate members of the staff about their respective
responsibilities to safeguard confidential information.
- Enhance the quality of care provided to your patients and their
families.
The Audiences
Depending on the organizational structure of your practice, the
following represent key audiences to educate regarding
maintaining the confidentiality of patient records.
- New Staff Orientation - New staff orientations are an ideal
time to communicate to all new employees that they are responsible for
protecting the confidentiality of patient care, business, personnel,
and information pertaining to the medical staff. Specifically, it
might be prudent to have new staff review and sign the organization's
confidentiality agreement as well as discuss key confidentiality
matters.
- Physician Orientation - Physicians need to know that
there are federal and state laws that must be followed in
order to safeguard patient confidentiality. Physicians also
need to understand and have an opportunity to discuss the
ethical issues involved in maintaining patient
confidentiality. And, they need to understand the
importance of providing staff with only the access they need
in order to perform their position responsibilities.
- Employee - Employees need to know what steps the
organization is taking to protect its informational
resources, particularly patient care. Employees also need
to know what they can do to safeguard confidential
information. Specifically, employees need to understand
how much information is to be released to others both with and
without consent. They also need to know the policies on
the sharing of medical information via voice mail, e-mail,
and facsimile. To be most effective, employees should
attend an annual educational awareness program on the
importance of maintaining confidentiality.
- Guest Users - Students and volunteers need to
understand the importance of protecting patient
information and what they are expected to do to safeguard
confidential information.
In this day when so many people have access to patients' records - both
manual and electronic - it is imperative that health care organizations
both large and small have strong information security policies. Once
these policies are signed, it is important to conduct educational
awareness programs to ensure that physicians, staff, and guest users
understand and abide by these policies. To do anything less in this
digital age is to risk losing the confidence of the American public.
|
