Confidentiality - Documenting and Reporting Flashcards
Nurses are legally and ethically obligated to keep information about patients ___.
confidential
Only members of the health care team who are d___ involved in a patient’s care have legitimate access to the medical record. Thus, the nurse discusses a patient’s diagnosis, treatment, assessment, and/or any personal conversations only with members of the health care team who are involved in a patient’s care.
d-irectly
A breach of confidentiality is often a c___ rather than a deliberate act. Students need to make sure that patient-identifiable information (e.g., files, stickers, information in notebooks, worksheets) is not taken home and that it is disposed of correctly in a secure bin for shredding.
c-areless
Examples of breaches of ___ are accessing information not related to your duties, discussing patient information in an inappropriate area, such as in an elevator or on public transport, revealing to a caller confidential patient or co-worker details, emailing patient information through a public network such as the Internet, and leaving confidential material in a public area.
confidentiality
Even after you are no longer on placement at an agency, you are obligated to maintain the ___ of patients and co-workers at that agency.
confidentiality
Includes individually identifiable health information such as demographic data; facts that relate to an individual’s past, present, or future physical or mental health condition; provision of care; and payment for the provision of care that identifies the individual.
Personal health information (PHI)
True or false: ensuring appropriate access to and confidentiality of personal health information (PHI) is the responsibility of all people working in health care.
True
Federal legislation that protects personal information, including health information.
Personal Information Protection and Electronic Documents Act (PIPEDA)
Delineates how private-sector organizations may collect, use, or disclose personal information in the course of commercial activities. Individuals have the right to access and request correction of any personal information collected about them as well.
Personal Information Protection and Electronic Documents Act (PIPEDA)
Applies to all organizations engaged in commercial activities unless the federal government exempts an organization or activity in a province with similar legislation.
The Personal Information Protection and Electronic Documents Act (PIPEDA)
A combination of hardware and software that protects private network resources (e.g., the information system of the hospital) from outside hackers, network damage, and theft or misuse of information.
Firewall
Includes placing computers or file servers in restricted areas or using privacy filters for computer screens visible to visitors or others without access. This form of security has limited benefit, especially if an organization uses mobile wireless devices such as notebooks, tablets, personal computers (PCs), and smart phones. These devices are easily misplaced or lost, falling into the wrong hands. Some organizations use motion detectors or alarms with these devices to help prevent theft.
Physical security measures
Safety mechanism that logs a user off a computer system after a specified period of inactivity.
Automatic sign-off
A collection of alphanumeric characters that a user types into a computer before accessing a program after the entry and acceptance of an access code or user name. This should not be shared with anyone or anything.
Passowrd
To protect patient privacy, health care agencies ___ who accesses patient records and when they access them.
track
Destroy (e.g., s___) anything that is printed when the information is no longer needed.
s-hread
When writing patient data onto forms or including it in papers written for nursing courses, you need to ___-identify all patient data.
de
True or false: historically the primary sources for inadvertent, unauthorized disclosure of PHI occurred when information was printed from a patient record and/or faxed to other health care providers.
True
Nurses need to destroy all papers containing PHI (e.g., social insurance number, date of birth or age, patient’s name or address) ___ after using or faxing them.
immediately
Some nurses work in settings where they are responsible for erasing files from a computer hard drive that contain calendars, surgery or diagnostic procedure schedules, or other daily records that contain PHI. It is important to know and follow the disposal ___ for records in the institution where you work.
policies
Health care facilities and departments have policies for the use of fax machines, which specify the ___ of information that can be faxed, allowable recipients of the information, where information is sent, and the process used to verify that information was sent to and received by the appropriate person(s).
types
Nurses should fax only the amount of information that is requested or required for immediate clinical needs. The following are some steps to take to enhance fax security:
- Confirm that fax numbers are ___ before sending to be sure that you direct information properly
- Use a ___ sheet to eliminate the need for the recipient to read the information to determine who gets it. This is especially important if a fax machine serves a number of different users.
- Authenticate at both ends before data transmission to verify that source and destination are correct. Use the cover sheet to list intended recipient(s), the sender, and the phone and fax numbers. Verify the fax number on the transmittal confirmation sheet.
- Use programmed speed-dial keys to eliminate the chance of a dialing error and misdirected information.
- Use the en___ feature on the fax machine. Encoding transmissions makes it impossible to read confidential information without the encryption key.
- Place fax machines in a secure area and limit machine access to designated individuals.
- Log fax transmissions. This feature is often available electronically on the machine.
correct
cover
en-cryption
