Course Book : #117 - Maintaining Confidentiality

Maintaining Confidentiality

Course 117

TWO contact hours

By: Monica Oram, RN, BSN

Upon completion of this course the reader will be able to achieve the following objectives:

 

  1. Define confidentiality and related key terms

  2. Define the concepts concerning confidentiality

  3. Understand what is considered confidential information

  4. Understand the outcomes of breach of confidentiality

  5. Understand responsibilities as a healthcare worker with private and confidential information.

  6. Understand about informed consent

  7. Recognize confidentiality related to HIV/AIDS patients

 

 

Defining Key Terms

 

Confidentiality is a term that indicates preserving the privacy of the persons in which you care for. This will mean that all information related to them will be kept in strict confidence for use only by the team of care providers. This includes information gained verbally or from resident or client records.

All information is considered confidential when it pertains to medical care and client records.

 

Breach of confidentiality is sharing information verbally or in written form regarding a resident or client with someone who is not on the care team of the resident or client, or who does not have a release of information form from the resident or client.

 

Indiscretion is an action in which you inadvertently share confidential information. There is no bad intent associated with an indiscretion.

 

Informed consent is when a resident or client acknowledges and allows the release of information to other parties. This permission is given by filling out a legal consent form, which becomes part of the resident or clients permanent record.

 

Private is defined as not available for public viewing or knowledge.

 

Privileged information is a term that refers to all information shared between an attorney and his client. This information is considered confidential and is not admissible in court.

 

Scope of practice are the duties and responsibilities of an assigned job as designated by education or law.

 

 

The concepts of confidentiality are very much regulated to even a higher degree as the new HIPAA laws have come into full effect this past April 14, 2003. To fully understand HIPAA and the law, refer to course # 106.

 

Concepts concerning confidentiality

 

  • Do no harm

  • Be honest

  • Use information proactively

  • Irreversible

  • Threat of self destruction

Do no harm- In regard to gathering, recording and sharing verbal or written information, “do no harm” means that the resident and healthcare provider will have an honest relationship in which sensitive data should be and shall be disclosed at no risk to the resident or client that there will not be a breach in confidential issues. In regard to privacy, “do no harm” means that the resident /client will not be unnecessarily exposed or intentionally embarrassed while physically examined or treated.

 

Be honest- Deal honestly with residents and families, and also your peers. Don’t be afraid to admit a mistake.

 

Use information proactively- Information shared will be used for the sole purpose of being accurate in diagnosis, prescribing the best recommended treatment, and providing the best care.

 

Irreversible- Information once shared cannot be unshared, erased, or deleted. Think about what you are saying before words fall out of your mouth.

Threat of self destruction- A claim of confidential or private matters can not be honored if concealment poses a threat to the resident or client. For example, most everything is shared in confidence, but lets say for example a person threatens suicide.. You would not be able to honor privacy as you would have to share this information to prevent a possible threat to harm oneself.

 

What is considered confidential?

 

Information and actions that are confidential and private include, but are not limited to the following:

  • Age

  • Sex

  • Race

  • Religion

  • Marital status

  • Occupation

  • Health information

  • Social security number

  • Insurance information

  • Health conditions and problems

 

Confidentiality is held to a much higher standard, as it was stated in the beginning of this course. This is due to the regulations and impositions of rules and laws that have gone into affect under a law placed into effect by Congress and the Dept. of Health and Human Services. If you are unfamiliar with HIPAA, it is highly advisable to research HIPAA and know how this law effects YOU! It does and will effect all personnel in the healthcare industry in some form or fashion. Sanctions and fines are quite hefty for those who violate the laws. (see course 106 for more on HIPPA)

 

Also considered confidential are:

  • Lab tests and X-rays

  • Blood work

  • MRI and CT scan

  • Any diagnostic procedure done on the patient

  • Any physical contact that involves examination

  • Personal care

  • Toileting and dressing

Breach of Confidentiality

 

There are two types of OUTCOMES related to breach of confidentiality.

Outcome can be POSITIVE or NEGATIVE.

 

Positive outcomes

 

Positive outcomes of a breach in confidentiality include:

  • Suspected abuse or neglect can be investigated

  • Possible future abuse and neglect may be avoided or prevented

  • A suicide or attempted suicide may be prevented

  • Appropriate interventions may be initiated for a resident or client to get help in appropriate related areas.

 

Do not ever assume that someone else will take care of getting the information to the proper person. Take the initiative to make sure the bases are covered and the resident or client receives appropriate interventions as needed. Remember to always respect information given to you with high regard to confidential matters unless it is in the best interest of the resident or client for this information to be shared with appropriate resource personnel.

 

Negative outcomes

 

Negative outcomes of a breach in confidentiality include:

  • The facility or agency may reprimand a healthcare worker, such as disciplinary action against the employee for breaching confidentiality related to patient care issues.

  • The resident or client may suffer embarrassment and emotional distress

  • Irreversible damage may be done to the caregiver/ care receiver relationship.

  • The resident or client may file charges against the healthcare worker, staff, and facility. They may be able to sue and win compensation for breach of confidential matters.

 

Remember, often times it is not WHAT we say, But rather HOW we say it, and more importantly.. WHO we say it to. Never forget that lives are affected by breaching confidentiality.

 

Responsibilities of Healthcare Workers with Private and Confidential Information.

 

Guidelines for protecting private and confidential information include the following:

  • Discuss resident and client information ONLY in a place that is away from other residents, families and visitors.

  • Report should not be given at the nurses station, as this is not a private area, with much opportunity for information to be overheard.

  • Never discuss patients in an elevator, in a hallway, cafeteria, or any other public place within or outside of the facility.

  • Discuss resident information only with appropriate staff. Do not ever release information to media or newspapers. Don’t release information to the police without first alerting a supervisor. Instead refer them to an appropriate manager.

  • Do not keep a copy or make copies of resident information.

  • Destroy all end of shift report sheets after use.

  • Any item with a residents name or identifying medical information should NEVER be placed in general trash receptacles. They should be shredded for appropriate disposal of confidential information.

 

 

Responsibilities regarding private and confidential information include:

 

Know your expected limits: Check your job description. Ask your supervisor to clarify anything you do not understand. Never discuss information that you are unsure of, and be sure of who you are sharing this information with. Not all friends and family are authorized to know information regarding your resident or client’s condition.

 

Be on the alert for “breaks” or “leaks”. Be particularly mindful of when private information becomes casual chatting.

 

Practice care that is private and behavior that guards confidence.

 

Report to your supervisor. The best working relationships are those in which you keep your supervisor well informed and on top of things that are going on. Keep open lines of communication between your superior and yourself.

 

Patient privacy and confidentiality generally refers to a patient’s right to:

  • Decide what personal health information can be shared with others

  • Decide how that information can be shared, and with whom it may be shared

  • Not have information about resident or client discussed in areas where others could overhear

 

Privacy also refers to the right to have physical privacy ( curtains pulled)

 

Patient confidentiality generally refers to a patient’s trust that health information will only be shared with those who need to know, and in order to provide appropriate care.

 

 

For care to be appropriate authorized health care staff need full access to a patient’s medical record. But, patients may withhold important information if they fear it will not be kept private and confidential. By ensuring patient privacy and confidentiality, your facility will help patients feel a sense of trust and help assure them they will receive appropriate care.

 

 

 

Protecting patient privacy and confidentiality is vital to your organizations mission. It helps increase patient’s satisfaction and sense of dignity. It helps ensure that patients get the most effective care.

 

Protecting Patient Privacy and Confidentiality

Can Be A Challenge

 

New Technology and the growing use of computers help improve health care. These also make it easier than ever for patient data to be wrongfully shared.

For example, staff must take care to protect patient privacy and confidentiality when using modern technology such as:

  • Fax machines

  • e-mail and other computer networks

  • Electronic records

  • Telephones and voice mail systems

 

 

Ethics and Standards

 

Ethics and Standards for professional behavior are very important in health care. For example, security measures can protect patient data only if staff use them correctly and consistently.

 

Breach of confidentiality and patient privacy can result in costly lawsuits for healthcare providers and facilities. By understanding and following your facility’s policies and guidelines, you can help prevent legal action.

 

Federal and State Governments

 

Federal and State Governments recognize that patient privacy and confidentiality is a critical issue. Actions they have taken include passing HIPAA and Patient Bill of Rights.

 

HIPAA is the Health Insurance Portability and Accountability Act.

Congress passed HIPAA in 1996. HIPAA set deadlines for Congress and Federal agencies to pass laws to protect the confidentiality of medical records.

 

Patient Bill of Rights: Some states have a bill of rights that ensures a patient’s right to quality care. This includes the right to have medical information kept private and confidential. The Federal government is working on similar laws.

 

Who else monitors patient privacy?

 

Agencies include:

  • Joint Commission on Accreditation of Healthcare Organizations (JCAHO) This national organization accredits health care facilities that meet JCAHO standards. Patient confidentiality and privacy is an important part of these standards. If JCAHO surveyors evaluate your organization, they will expect you to know your organizations mission, your organizations policies for protecting confidentiality, what efforts your department is making to improve patient privacy and confidentiality, and how your job relates to all of these.

 

 

  • National Committee for Quality Assurance (NCQA) This National organization evaluates managed care plans. It also accredits managed care organizations. NCQA teamed up with JCAHO to develop special recommendations to help managed care organizations protect patient privacy and confidentiality. Areas that these recommendations address include: staff education, patient consent, and systems to ensure confidentiality.

 

  • Health Care Financing Administration ( HCFA) HCFA is a part of the U.S. Department of Health and Human Services. It administers Medicare, Medicaid and Child Health Insurance Programs. HCFA’s responsibilities include: ensuring that Medicare, Medicaid and the Child Health Insurance Programs are properly run by state agencies. HCFA also plays a part in evaluating health care facilities and services.

 

 

Healthcare facilities and providers must meet strict guidelines to be certified by HCFA. These include guidelines related to patient privacy and confidentiality.

 

You can help build a foundation for protecting patient privacy and confidentiality. The best way to ensure meeting legal requirements and your facility’s standards is to UNDERSTAND POLICY AND PROCEDURES.

 

All staff must know:

  • Who has access to patient information

  • Security measures for handling patient health information

  • Proper procedures for destroying patient health information

 

 

 

Developing an environment of trust is another key factor. Trust develops when patients see a facility’s commitment to protecting privacy and confidentiality. Staff should handle medical records carefully. Be sure to never leave them open or unattended in public areas where others can have access to them. Seek informed consent whenever health information needs to be released. This included MARS and TARS, which need to be closed when not in use, and removed from the tops of medication carts and treatment carts when not in use as well.

 

Understand your facility’s “need to know policy”. Healthcare staff should only have access to information needed for their job. It is important to keep evaluating what information really needs to be known.

 

Ask yourself, “ Do I want to know this information or do I NEED to know it?” “Do I have a right to know this information?”

 

Use Good Sense…. Along with following your facility’s policies and procedures, using common sense is one of the most important ways to help protect patient privacy and confidentiality.

 

For example: Think before you speak, Be aware of whether others can over hear your conversation, If you think that certain information might be confidential, treat it as such.

 

Show courtesy and respect.

 

This is a key part of protecting patient privacy and confidentiality. It is important to treat all patients with respect, Handle patients’ medical records with the same care that you would want your own medical records handled.

Respect every patient’s right to privacy.

 

INFORMED CONSENT

 

Informed consent involves giving a patient needed information for making decisions about his or her care. One aspect involves the informed and voluntary release of confidential health information.

Informed consent policies should reflect today’s high technological environment. Patients must be told who will receive information and how it will be used.

For consent to be truly INFORMED The patient MUST be told:

  • Who the information will be sent to

  • Who requested the information

  • How the information will be used

  • How long the consent is valid

 

The patient must also be able to make decisions as defined by law.

The law states, in general:

Every adult is considered to be competent to make all of his or her decisions unless proven otherwise by a court of law. If the patient is proven incompetent, the patient’s proxy (surrogate) or court appointed guardian makes decisions on his or her behalf.

 

When the patient is a minor, a parent or legal guardian is generally asked to give consent.

 

Healthcare staff must use language that is understandable to the patient. Try to avoid being too technical. A qualified interpreter may be needed.

 

It must be clear that the patient understands the information by discussing questions a patient has, and giving more written or verbal information. Ask questions for example, “Who do you think will see your medical records?”

 

Remember that consent must be voluntary- the patient must give consent without feeling pressured. Consent that is not voluntary is not legally binding.

 

Patients should have the chance to review their medical records before giving informed consent.

 

 

Some information must be released

 

Some information must be released with or without consent. In general, healthcare staff must report abuse, criminal activity, or threats from patients.

 

 

 

 

Confidentiality and HIV/AIDS

 

Every state requires reporting of HIV positive status and AIDS cases. While the data is used for infection control purposes, the requirement is controversial. That is because in some states, facilities must report a patient’s name, address or other identifying information.

 

It’s very important to protect HIV/AIDS information. Anyone who improperly releases a patients HIV/AIDS status can face serious legal action, as well as severe reprimand by the Board of Nursing. Laws very from state to state, be sure to know your states laws in regards to HIV and AIDS. For a very informative update, see course # 101.

 

Other related rules regarding confidentiality

 

In many states, Minors can give consent for certain medical care. This includes care for pregnancy, sexually transmitted diseases, and drug dependency. Some minors, such as those who are married or in the armed forces, can make all their own decisions about medical care.

 

Mental health or substance abuse treatment, in general, for these types of treatment, special laws and policies apply to the release of patient information. Staff need to be aware of how any laws and policies affect release of information to the patient and others.

 

Summary

Patient confidentiality and privacy are a very important aspect within our jobs in the healthcare industry. Each and every day we place our trust into the hands of our patients. Maintaining confidentiality will ensure quality care by showing that your patients can count on you for maintaining privacy and respect for their care and their medical records. With legality issues so much on the rise today, we should always be ever so mindful to the problems at hand when confidentiality issues are violated. Smart charting, and adherence to company policy and procedures will go along way in protecting you legally as you do your best to give high quality care to your patients. Confidentiality issues are also a standard of practice related to ethical and professional healthcare.

 

 

References:

 

Nurses Legal Handbook

Fourth Edition, Springhouse Publishing

2000, Springhouse Corporation

 

Residents rights and confidentiality

Third edition

Mosby Publishers; 2002

 

www.ahca.gov

 

www.jcaho.org

Maintaining Confidentiality

Course 117

TWO contact hours

By: Monica Oram, RN, BSN

Upon completion of this course the reader will be able to achieve the following objectives:

 

  1. Define confidentiality and related key terms

  2. Define the concepts concerning confidentiality

  3. Understand what is considered confidential information

  4. Understand the outcomes of breach of confidentiality

  5. Understand responsibilities as a healthcare worker with private and confidential information.

  6. Understand about informed consent

  7. Recognize confidentiality related to HIV/AIDS patients

 

 

Defining Key Terms

 

Confidentiality is a term that indicates preserving the privacy of the persons in which you care for. This will mean that all information related to them will be kept in strict confidence for use only by the team of care providers. This includes information gained verbally or from resident or client records.

All information is considered confidential when it pertains to medical care and client records.

 

Breach of confidentiality is sharing information verbally or in written form regarding a resident or client with someone who is not on the care team of the resident or client, or who does not have a release of information form from the resident or client.

 

Indiscretion is an action in which you inadvertently share confidential information. There is no bad intent associated with an indiscretion.

 

Informed consent is when a resident or client acknowledges and allows the release of information to other parties. This permission is given by filling out a legal consent form, which becomes part of the resident or clients permanent record.

 

Private is defined as not available for public viewing or knowledge.

 

Privileged information is a term that refers to all information shared between an attorney and his client. This information is considered confidential and is not admissible in court.

 

Scope of practice are the duties and responsibilities of an assigned job as designated by education or law.

 

 

The concepts of confidentiality are very much regulated to even a higher degree as the new HIPAA laws have come into full effect this past April 14, 2003. To fully understand HIPAA and the law, refer to course # 106.

 

Concepts concerning confidentiality

 

  • Do no harm

  • Be honest

  • Use information proactively

  • Irreversible

  • Threat of self destruction

Do no harm- In regard to gathering, recording and sharing verbal or written information, “do no harm” means that the resident and healthcare provider will have an honest relationship in which sensitive data should be and shall be disclosed at no risk to the resident or client that there will not be a breach in confidential issues. In regard to privacy, “do no harm” means that the resident /client will not be unnecessarily exposed or intentionally embarrassed while physically examined or treated.

 

Be honest- Deal honestly with residents and families, and also your peers. Don’t be afraid to admit a mistake.

 

Use information proactively- Information shared will be used for the sole purpose of being accurate in diagnosis, prescribing the best recommended treatment, and providing the best care.

 

Irreversible- Information once shared cannot be unshared, erased, or deleted. Think about what you are saying before words fall out of your mouth.

Threat of self destruction- A claim of confidential or private matters can not be honored if concealment poses a threat to the resident or client. For example, most everything is shared in confidence, but lets say for example a person threatens suicide.. You would not be able to honor privacy as you would have to share this information to prevent a possible threat to harm oneself.

 

What is considered confidential?

 

Information and actions that are confidential and private include, but are not limited to the following:

  • Age

  • Sex

  • Race

  • Religion

  • Marital status

  • Occupation

  • Health information

  • Social security number

  • Insurance information

  • Health conditions and problems

 

Confidentiality is held to a much higher standard, as it was stated in the beginning of this course. This is due to the regulations and impositions of rules and laws that have gone into affect under a law placed into effect by Congress and the Dept. of Health and Human Services. If you are unfamiliar with HIPAA, it is highly advisable to research HIPAA and know how this law effects YOU! It does and will effect all personnel in the healthcare industry in some form or fashion. Sanctions and fines are quite hefty for those who violate the laws. (see course 106 for more on HIPPA)

 

Also considered confidential are:

  • Lab tests and X-rays

  • Blood work

  • MRI and CT scan

  • Any diagnostic procedure done on the patient

  • Any physical contact that involves examination

  • Personal care

  • Toileting and dressing

Breach of Confidentiality

 

There are two types of OUTCOMES related to breach of confidentiality.

Outcome can be POSITIVE or NEGATIVE.

 

Positive outcomes

 

Positive outcomes of a breach in confidentiality include:

  • Suspected abuse or neglect can be investigated

  • Possible future abuse and neglect may be avoided or prevented

  • A suicide or attempted suicide may be prevented

  • Appropriate interventions may be initiated for a resident or client to get help in appropriate related areas.

 

Do not ever assume that someone else will take care of getting the information to the proper person. Take the initiative to make sure the bases are covered and the resident or client receives appropriate interventions as needed. Remember to always respect information given to you with high regard to confidential matters unless it is in the best interest of the resident or client for this information to be shared with appropriate resource personnel.

 

Negative outcomes

 

Negative outcomes of a breach in confidentiality include:

  • The facility or agency may reprimand a healthcare worker, such as disciplinary action against the employee for breaching confidentiality related to patient care issues.

  • The resident or client may suffer embarrassment and emotional distress

  • Irreversible damage may be done to the caregiver/ care receiver relationship.

  • The resident or client may file charges against the healthcare worker, staff, and facility. They may be able to sue and win compensation for breach of confidential matters.

 

Remember, often times it is not WHAT we say, But rather HOW we say it, and more importantly.. WHO we say it to. Never forget that lives are affected by breaching confidentiality.

 

Responsibilities of Healthcare Workers with Private and Confidential Information.

 

Guidelines for protecting private and confidential information include the following:

  • Discuss resident and client information ONLY in a place that is away from other residents, families and visitors.

  • Report should not be given at the nurses station, as this is not a private area, with much opportunity for information to be overheard.

  • Never discuss patients in an elevator, in a hallway, cafeteria, or any other public place within or outside of the facility.

  • Discuss resident information only with appropriate staff. Do not ever release information to media or newspapers. Don’t release information to the police without first alerting a supervisor. Instead refer them to an appropriate manager.

  • Do not keep a copy or make copies of resident information.

  • Destroy all end of shift report sheets after use.

  • Any item with a residents name or identifying medical information should NEVER be placed in general trash receptacles. They should be shredded for appropriate disposal of confidential information.

 

 

Responsibilities regarding private and confidential information include:

 

Know your expected limits: Check your job description. Ask your supervisor to clarify anything you do not understand. Never discuss information that you are unsure of, and be sure of who you are sharing this information with. Not all friends and family are authorized to know information regarding your resident or client’s condition.

 

Be on the alert for “breaks” or “leaks”. Be particularly mindful of when private information becomes casual chatting.

 

Practice care that is private and behavior that guards confidence.

 

Report to your supervisor. The best working relationships are those in which you keep your supervisor well informed and on top of things that are going on. Keep open lines of communication between your superior and yourself.

 

Patient privacy and confidentiality generally refers to a patient’s right to:

  • Decide what personal health information can be shared with others

  • Decide how that information can be shared, and with whom it may be shared

  • Not have information about resident or client discussed in areas where others could overhear

 

Privacy also refers to the right to have physical privacy ( curtains pulled)

 

Patient confidentiality generally refers to a patient’s trust that health information will only be shared with those who need to know, and in order to provide appropriate care.

 

 

For care to be appropriate authorized health care staff need full access to a patient’s medical record. But, patients may withhold important information if they fear it will not be kept private and confidential. By ensuring patient privacy and confidentiality, your facility will help patients feel a sense of trust and help assure them they will receive appropriate care.

 

 

 

Protecting patient privacy and confidentiality is vital to your organizations mission. It helps increase patient’s satisfaction and sense of dignity. It helps ensure that patients get the most effective care.

 

Protecting Patient Privacy and Confidentiality

Can Be A Challenge

 

New Technology and the growing use of computers help improve health care. These also make it easier than ever for patient data to be wrongfully shared.

For example, staff must take care to protect patient privacy and confidentiality when using modern technology such as:

  • Fax machines

  • e-mail and other computer networks

  • Electronic records

  • Telephones and voice mail systems

 

 

Ethics and Standards

 

Ethics and Standards for professional behavior are very important in health care. For example, security measures can protect patient data only if staff use them correctly and consistently.

 

Breach of confidentiality and patient privacy can result in costly lawsuits for healthcare providers and facilities. By understanding and following your facility’s policies and guidelines, you can help prevent legal action.

 

Federal and State Governments

 

Federal and State Governments recognize that patient privacy and confidentiality is a critical issue. Actions they have taken include passing HIPAA and Patient Bill of Rights.

 

HIPAA is the Health Insurance Portability and Accountability Act.

Congress passed HIPAA in 1996. HIPAA set deadlines for Congress and Federal agencies to pass laws to protect the confidentiality of medical records.

 

Patient Bill of Rights: Some states have a bill of rights that ensures a patient’s right to quality care. This includes the right to have medical information kept private and confidential. The Federal government is working on similar laws.

 

Who else monitors patient privacy?

 

Agencies include:

  • Joint Commission on Accreditation of Healthcare Organizations (JCAHO) This national organization accredits health care facilities that meet JCAHO standards. Patient confidentiality and privacy is an important part of these standards. If JCAHO surveyors evaluate your organization, they will expect you to know your organizations mission, your organizations policies for protecting confidentiality, what efforts your department is making to improve patient privacy and confidentiality, and how your job relates to all of these.

 

 

  • National Committee for Quality Assurance (NCQA) This National organization evaluates managed care plans. It also accredits managed care organizations. NCQA teamed up with JCAHO to develop special recommendations to help managed care organizations protect patient privacy and confidentiality. Areas that these recommendations address include: staff education, patient consent, and systems to ensure confidentiality.

 

  • Health Care Financing Administration ( HCFA) HCFA is a part of the U.S. Department of Health and Human Services. It administers Medicare, Medicaid and Child Health Insurance Programs. HCFA’s responsibilities include: ensuring that Medicare, Medicaid and the Child Health Insurance Programs are properly run by state agencies. HCFA also plays a part in evaluating health care facilities and services.

 

 

Healthcare facilities and providers must meet strict guidelines to be certified by HCFA. These include guidelines related to patient privacy and confidentiality.

 

You can help build a foundation for protecting patient privacy and confidentiality. The best way to ensure meeting legal requirements and your facility’s standards is to UNDERSTAND POLICY AND PROCEDURES.

 

All staff must know:

  • Who has access to patient information

  • Security measures for handling patient health information

  • Proper procedures for destroying patient health information

 

 

 

Developing an environment of trust is another key factor. Trust develops when patients see a facility’s commitment to protecting privacy and confidentiality. Staff should handle medical records carefully. Be sure to never leave them open or unattended in public areas where others can have access to them. Seek informed consent whenever health information needs to be released. This included MARS and TARS, which need to be closed when not in use, and removed from the tops of medication carts and treatment carts when not in use as well.

 

Understand your facility’s “need to know policy”. Healthcare staff should only have access to information needed for their job. It is important to keep evaluating what information really needs to be known.

 

Ask yourself, “ Do I want to know this information or do I NEED to know it?” “Do I have a right to know this information?”

 

Use Good Sense…. Along with following your facility’s policies and procedures, using common sense is one of the most important ways to help protect patient privacy and confidentiality.

 

For example: Think before you speak, Be aware of whether others can over hear your conversation, If you think that certain information might be confidential, treat it as such.

 

Show courtesy and respect.

 

This is a key part of protecting patient privacy and confidentiality. It is important to treat all patients with respect, Handle patients’ medical records with the same care that you would want your own medical records handled.

Respect every patient’s right to privacy.

 

INFORMED CONSENT

 

Informed consent involves giving a patient needed information for making decisions about his or her care. One aspect involves the informed and voluntary release of confidential health information.

Informed consent policies should reflect today’s high technological environment. Patients must be told who will receive information and how it will be used.

For consent to be truly INFORMED The patient MUST be told:

  • Who the information will be sent to

  • Who requested the information

  • How the information will be used

  • How long the consent is valid

 

The patient must also be able to make decisions as defined by law.

The law states, in general:

Every adult is considered to be competent to make all of his or her decisions unless proven otherwise by a court of law. If the patient is proven incompetent, the patient’s proxy (surrogate) or court appointed guardian makes decisions on his or her behalf.

 

When the patient is a minor, a parent or legal guardian is generally asked to give consent.

 

Healthcare staff must use language that is understandable to the patient. Try to avoid being too technical. A qualified interpreter may be needed.

 

It must be clear that the patient understands the information by discussing questions a patient has, and giving more written or verbal information. Ask questions for example, “Who do you think will see your medical records?”

 

Remember that consent must be voluntary- the patient must give consent without feeling pressured. Consent that is not voluntary is not legally binding.

 

Patients should have the chance to review their medical records before giving informed consent.

 

 

Some information must be released

 

Some information must be released with or without consent. In general, healthcare staff must report abuse, criminal activity, or threats from patients.

 

 

 

 

Confidentiality and HIV/AIDS

 

Every state requires reporting of HIV positive status and AIDS cases. While the data is used for infection control purposes, the requirement is controversial. That is because in some states, facilities must report a patient’s name, address or other identifying information.

 

It’s very important to protect HIV/AIDS information. Anyone who improperly releases a patients HIV/AIDS status can face serious legal action, as well as severe reprimand by the Board of Nursing. Laws very from state to state, be sure to know your states laws in regards to HIV and AIDS. For a very informative update, see course # 101.

 

Other related rules regarding confidentiality

 

In many states, Minors can give consent for certain medical care. This includes care for pregnancy, sexually transmitted diseases, and drug dependency. Some minors, such as those who are married or in the armed forces, can make all their own decisions about medical care.

 

Mental health or substance abuse treatment, in general, for these types of treatment, special laws and policies apply to the release of patient information. Staff need to be aware of how any laws and policies affect release of information to the patient and others.

 

Summary

Patient confidentiality and privacy are a very important aspect within our jobs in the healthcare industry. Each and every day we place our trust into the hands of our patients. Maintaining confidentiality will ensure quality care by showing that your patients can count on you for maintaining privacy and respect for their care and their medical records. With legality issues so much on the rise today, we should always be ever so mindful to the problems at hand when confidentiality issues are violated. Smart charting, and adherence to company policy and procedures will go along way in protecting you legally as you do your best to give high quality care to your patients. Confidentiality issues are also a standard of practice related to ethical and professional healthcare.

 

 

References:

 

Nurses Legal Handbook

Fourth Edition, Springhouse Publishing

2000, Springhouse Corporation

 

Residents rights and confidentiality

Third edition

Mosby Publishers; 2002

 

www.ahca.gov

 

www.jcaho.org

Maintaining Confidentiality

Course 117

TWO contact hours

By: Monica Oram, RN, BSN

Upon completion of this course the reader will be able to achieve the following objectives:

 

  1. Define confidentiality and related key terms

  2. Define the concepts concerning confidentiality

  3. Understand what is considered confidential information

  4. Understand the outcomes of breach of confidentiality

  5. Understand responsibilities as a healthcare worker with private and confidential information.

  6. Understand about informed consent

  7. Recognize confidentiality related to HIV/AIDS patients

 

 

Defining Key Terms

 

Confidentiality is a term that indicates preserving the privacy of the persons in which you care for. This will mean that all information related to them will be kept in strict confidence for use only by the team of care providers. This includes information gained verbally or from resident or client records.

All information is considered confidential when it pertains to medical care and client records.

 

Breach of confidentiality is sharing information verbally or in written form regarding a resident or client with someone who is not on the care team of the resident or client, or who does not have a release of information form from the resident or client.

 

Indiscretion is an action in which you inadvertently share confidential information. There is no bad intent associated with an indiscretion.

 

Informed consent is when a resident or client acknowledges and allows the release of information to other parties. This permission is given by filling out a legal consent form, which becomes part of the resident or clients permanent record.

 

Private is defined as not available for public viewing or knowledge.

 

Privileged information is a term that refers to all information shared between an attorney and his client. This information is considered confidential and is not admissible in court.

 

Scope of practice are the duties and responsibilities of an assigned job as designated by education or law.

 

 

The concepts of confidentiality are very much regulated to even a higher degree as the new HIPAA laws have come into full effect this past April 14, 2003. To fully understand HIPAA and the law, refer to course # 106.

 

Concepts concerning confidentiality

 

  • Do no harm

  • Be honest

  • Use information proactively

  • Irreversible

  • Threat of self destruction

Do no harm- In regard to gathering, recording and sharing verbal or written information, “do no harm” means that the resident and healthcare provider will have an honest relationship in which sensitive data should be and shall be disclosed at no risk to the resident or client that there will not be a breach in confidential issues. In regard to privacy, “do no harm” means that the resident /client will not be unnecessarily exposed or intentionally embarrassed while physically examined or treated.

 

Be honest- Deal honestly with residents and families, and also your peers. Don’t be afraid to admit a mistake.

 

Use information proactively- Information shared will be used for the sole purpose of being accurate in diagnosis, prescribing the best recommended treatment, and providing the best care.

 

Irreversible- Information once shared cannot be unshared, erased, or deleted. Think about what you are saying before words fall out of your mouth.

Threat of self destruction- A claim of confidential or private matters can not be honored if concealment poses a threat to the resident or client. For example, most everything is shared in confidence, but lets say for example a person threatens suicide.. You would not be able to honor privacy as you would have to share this information to prevent a possible threat to harm oneself.

 

What is considered confidential?

 

Information and actions that are confidential and private include, but are not limited to the following:

  • Age

  • Sex

  • Race

  • Religion

  • Marital status

  • Occupation

  • Health information

  • Social security number

  • Insurance information

  • Health conditions and problems

 

Confidentiality is held to a much higher standard, as it was stated in the beginning of this course. This is due to the regulations and impositions of rules and laws that have gone into affect under a law placed into effect by Congress and the Dept. of Health and Human Services. If you are unfamiliar with HIPAA, it is highly advisable to research HIPAA and know how this law effects YOU! It does and will effect all personnel in the healthcare industry in some form or fashion. Sanctions and fines are quite hefty for those who violate the laws. (see course 106 for more on HIPPA)

 

Also considered confidential are:

  • Lab tests and X-rays

  • Blood work

  • MRI and CT scan

  • Any diagnostic procedure done on the patient

  • Any physical contact that involves examination

  • Personal care

  • Toileting and dressing

Breach of Confidentiality

 

There are two types of OUTCOMES related to breach of confidentiality.

Outcome can be POSITIVE or NEGATIVE.

 

Positive outcomes

 

Positive outcomes of a breach in confidentiality include:

  • Suspected abuse or neglect can be investigated

  • Possible future abuse and neglect may be avoided or prevented

  • A suicide or attempted suicide may be prevented

  • Appropriate interventions may be initiated for a resident or client to get help in appropriate related areas.

 

Do not ever assume that someone else will take care of getting the information to the proper person. Take the initiative to make sure the bases are covered and the resident or client receives appropriate interventions as needed. Remember to always respect information given to you with high regard to confidential matters unless it is in the best interest of the resident or client for this information to be shared with appropriate resource personnel.

 

Negative outcomes

 

Negative outcomes of a breach in confidentiality include:

  • The facility or agency may reprimand a healthcare worker, such as disciplinary action against the employee for breaching confidentiality related to patient care issues.

  • The resident or client may suffer embarrassment and emotional distress

  • Irreversible damage may be done to the caregiver/ care receiver relationship.

  • The resident or client may file charges against the healthcare worker, staff, and facility. They may be able to sue and win compensation for breach of confidential matters.

 

Remember, often times it is not WHAT we say, But rather HOW we say it, and more importantly.. WHO we say it to. Never forget that lives are affected by breaching confidentiality.

 

Responsibilities of Healthcare Workers with Private and Confidential Information.

 

Guidelines for protecting private and confidential information include the following:

  • Discuss resident and client information ONLY in a place that is away from other residents, families and visitors.

  • Report should not be given at the nurses station, as this is not a private area, with much opportunity for information to be overheard.

  • Never discuss patients in an elevator, in a hallway, cafeteria, or any other public place within or outside of the facility.

  • Discuss resident information only with appropriate staff. Do not ever release information to media or newspapers. Don’t release information to the police without first alerting a supervisor. Instead refer them to an appropriate manager.

  • Do not keep a copy or make copies of resident information.

  • Destroy all end of shift report sheets after use.

  • Any item with a residents name or identifying medical information should NEVER be placed in general trash receptacles. They should be shredded for appropriate disposal of confidential information.

 

 

Responsibilities regarding private and confidential information include:

 

Know your expected limits: Check your job description. Ask your supervisor to clarify anything you do not understand. Never discuss information that you are unsure of, and be sure of who you are sharing this information with. Not all friends and family are authorized to know information regarding your resident or client’s condition.

 

Be on the alert for “breaks” or “leaks”. Be particularly mindful of when private information becomes casual chatting.

 

Practice care that is private and behavior that guards confidence.

 

Report to your supervisor. The best working relationships are those in which you keep your supervisor well informed and on top of things that are going on. Keep open lines of communication between your superior and yourself.

 

Patient privacy and confidentiality generally refers to a patient’s right to:

  • Decide what personal health information can be shared with others

  • Decide how that information can be shared, and with whom it may be shared

  • Not have information about resident or client discussed in areas where others could overhear

 

Privacy also refers to the right to have physical privacy ( curtains pulled)

 

Patient confidentiality generally refers to a patient’s trust that health information will only be shared with those who need to know, and in order to provide appropriate care.

 

 

For care to be appropriate authorized health care staff need full access to a patient’s medical record. But, patients may withhold important information if they fear it will not be kept private and confidential. By ensuring patient privacy and confidentiality, your facility will help patients feel a sense of trust and help assure them they will receive appropriate care.

 

 

 

Protecting patient privacy and confidentiality is vital to your organizations mission. It helps increase patient’s satisfaction and sense of dignity. It helps ensure that patients get the most effective care.

 

Protecting Patient Privacy and Confidentiality

Can Be A Challenge

 

New Technology and the growing use of computers help improve health care. These also make it easier than ever for patient data to be wrongfully shared.

For example, staff must take care to protect patient privacy and confidentiality when using modern technology such as:

  • Fax machines

  • e-mail and other computer networks

  • Electronic records

  • Telephones and voice mail systems

 

 

Ethics and Standards

 

Ethics and Standards for professional behavior are very important in health care. For example, security measures can protect patient data only if staff use them correctly and consistently.

 

Breach of confidentiality and patient privacy can result in costly lawsuits for healthcare providers and facilities. By understanding and following your facility’s policies and guidelines, you can help prevent legal action.

 

Federal and State Governments

 

Federal and State Governments recognize that patient privacy and confidentiality is a critical issue. Actions they have taken include passing HIPAA and Patient Bill of Rights.

 

HIPAA is the Health Insurance Portability and Accountability Act.

Congress passed HIPAA in 1996. HIPAA set deadlines for Congress and Federal agencies to pass laws to protect the confidentiality of medical records.

 

Patient Bill of Rights: Some states have a bill of rights that ensures a patient’s right to quality care. This includes the right to have medical information kept private and confidential. The Federal government is working on similar laws.

 

Who else monitors patient privacy?

 

Agencies include:

  • Joint Commission on Accreditation of Healthcare Organizations (JCAHO) This national organization accredits health care facilities that meet JCAHO standards. Patient confidentiality and privacy is an important part of these standards. If JCAHO surveyors evaluate your organization, they will expect you to know your organizations mission, your organizations policies for protecting confidentiality, what efforts your department is making to improve patient privacy and confidentiality, and how your job relates to all of these.

 

 

  • National Committee for Quality Assurance (NCQA) This National organization evaluates managed care plans. It also accredits managed care organizations. NCQA teamed up with JCAHO to develop special recommendations to help managed care organizations protect patient privacy and confidentiality. Areas that these recommendations address include: staff education, patient consent, and systems to ensure confidentiality.

 

  • Health Care Financing Administration ( HCFA) HCFA is a part of the U.S. Department of Health and Human Services. It administers Medicare, Medicaid and Child Health Insurance Programs. HCFA’s responsibilities include: ensuring that Medicare, Medicaid and the Child Health Insurance Programs are properly run by state agencies. HCFA also plays a part in evaluating health care facilities and services.

 

 

Healthcare facilities and providers must meet strict guidelines to be certified by HCFA. These include guidelines related to patient privacy and confidentiality.

 

You can help build a foundation for protecting patient privacy and confidentiality. The best way to ensure meeting legal requirements and your facility’s standards is to UNDERSTAND POLICY AND PROCEDURES.

 

All staff must know:

  • Who has access to patient information

  • Security measures for handling patient health information

  • Proper procedures for destroying patient health information

 

 

 

Developing an environment of trust is another key factor. Trust develops when patients see a facility’s commitment to protecting privacy and confidentiality. Staff should handle medical records carefully. Be sure to never leave them open or unattended in public areas where others can have access to them. Seek informed consent whenever health information needs to be released. This included MARS and TARS, which need to be closed when not in use, and removed from the tops of medication carts and treatment carts when not in use as well.

 

Understand your facility’s “need to know policy”. Healthcare staff should only have access to information needed for their job. It is important to keep evaluating what information really needs to be known.

 

Ask yourself, “ Do I want to know this information or do I NEED to know it?” “Do I have a right to know this information?”

 

Use Good Sense…. Along with following your facility’s policies and procedures, using common sense is one of the most important ways to help protect patient privacy and confidentiality.

 

For example: Think before you speak, Be aware of whether others can over hear your conversation, If you think that certain information might be confidential, treat it as such.

 

Show courtesy and respect.

 

This is a key part of protecting patient privacy and confidentiality. It is important to treat all patients with respect, Handle patients’ medical records with the same care that you would want your own medical records handled.

Respect every patient’s right to privacy.

 

INFORMED CONSENT

 

Informed consent involves giving a patient needed information for making decisions about his or her care. One aspect involves the informed and voluntary release of confidential health information.

Informed consent policies should reflect today’s high technological environment. Patients must be told who will receive information and how it will be used.

For consent to be truly INFORMED The patient MUST be told:

  • Who the information will be sent to

  • Who requested the information

  • How the information will be used

  • How long the consent is valid

 

The patient must also be able to make decisions as defined by law.

The law states, in general:

Every adult is considered to be competent to make all of his or her decisions unless proven otherwise by a court of law. If the patient is proven incompetent, the patient’s proxy (surrogate) or court appointed guardian makes decisions on his or her behalf.

 

When the patient is a minor, a parent or legal guardian is generally asked to give consent.

 

Healthcare staff must use language that is understandable to the patient. Try to avoid being too technical. A qualified interpreter may be needed.

 

It must be clear that the patient understands the information by discussing questions a patient has, and giving more written or verbal information. Ask questions for example, “Who do you think will see your medical records?”

 

Remember that consent must be voluntary- the patient must give consent without feeling pressured. Consent that is not voluntary is not legally binding.

 

Patients should have the chance to review their medical records before giving informed consent.

 

 

Some information must be released

 

Some information must be released with or without consent. In general, healthcare staff must report abuse, criminal activity, or threats from patients.

 

 

 

 

Confidentiality and HIV/AIDS

 

Every state requires reporting of HIV positive status and AIDS cases. While the data is used for infection control purposes, the requirement is controversial. That is because in some states, facilities must report a patient’s name, address or other identifying information.

 

It’s very important to protect HIV/AIDS information. Anyone who improperly releases a patients HIV/AIDS status can face serious legal action, as well as severe reprimand by the Board of Nursing. Laws very from state to state, be sure to know your states laws in regards to HIV and AIDS. For a very informative update, see course # 101.

 

Other related rules regarding confidentiality

 

In many states, Minors can give consent for certain medical care. This includes care for pregnancy, sexually transmitted diseases, and drug dependency. Some minors, such as those who are married or in the armed forces, can make all their own decisions about medical care.

 

Mental health or substance abuse treatment, in general, for these types of treatment, special laws and policies apply to the release of patient information. Staff need to be aware of how any laws and policies affect release of information to the patient and others.

 

Summary

Patient confidentiality and privacy are a very important aspect within our jobs in the healthcare industry. Each and every day we place our trust into the hands of our patients. Maintaining confidentiality will ensure quality care by showing that your patients can count on you for maintaining privacy and respect for their care and their medical records. With legality issues so much on the rise today, we should always be ever so mindful to the problems at hand when confidentiality issues are violated. Smart charting, and adherence to company policy and procedures will go along way in protecting you legally as you do your best to give high quality care to your patients. Confidentiality issues are also a standard of practice related to ethical and professional healthcare.

 

 

References:

 

Nurses Legal Handbook

Fourth Edition, Springhouse Publishing

2000, Springhouse Corporation

 

Residents rights and confidentiality

Third edition

Mosby Publishers; 2002

 

www.ahca.gov

 

www.jcaho.org