RES: Ethical, Legal and Security aspects of Health Informatics

Question 1

what are the 2 ethical principles?

Answer 1

1. Fundamental Ethical Principles
2. General Principles of Informational Ethics

Question 2

what are the 3 basic security principles?

Answer 2

1. privacy & confidentiality
2. availability
3. integrity

Question 3

what are the 2 legal standards?

Answer 3

1. Health Insurance Portability and Accountability Act of 1996 (USA)
2. R.A. Data Privacy Act of 2012 (Philippines)

Question 4

what are the 6 FUNDAMENTAL principle of ethics

Answer 4

1. autonomy
2. equality and justice
3. beneficence
4. non maleficence
5. impossibility
6. integrity

Question 5

All persons have a fundamental right to self- determination

Answer 5

Principle of Autonomy

Question 6

All persons are equal and have a right to be treated accordingly

Answer 6

Principle of Equality and Justice

Question 7

All persons have a duty to advance the good of others where the nature of this good is in keeping with the fundamental and ethically defensible values of the affected party.

Answer 7

Principle of Beneficence

Question 8

All persons have a duty to prevent harm to other persons insofar as it lies within their power to do so without undue harm to themselves.

Answer 8

Principle of Non-Malfeasance

Question 9

All rights and duties hold subject to the condition that it is possible to meet them under the circumstances that obtain

Answer 9

Principle of Impossibility

Question 10

Whoever has an obligation has a corresponding duty to fulfill that obligation to the best of her or his ability

Answer 10

Principle of Integrity

Question 10

what are the 7 GENERAL principles of informational ethics?

Answer 10

1. Principle of Information- Privacy and Disposition
2. Principle of Openness
3. Principle of Security
4. Principle of Access
5. Principle of Legitimate Infringement
6. Principle of Least Intrusive Alternative
7. Principle of Accountability

Question 11

Recognizes the fundamental right to privacy, person has control over processing of data about his/her data

Answer 11

Principle of Information- Privacy and Disposition

Question 12

Data processing must be disclosed in an appropriate and timely fashion to the subject or subjects of those data.

Answer 12

Principle of Openness

Question 12

Data that have been legitimately collected should be protected by all reasonable and appropriate measures to maintain integrity and confidentiality

Answer 12

Principle of Security

Question 13

The subject of a health record has the right of access to that records and the right to correct the record with respect to its accurateness, completeness, and relevance

Answer 13

Principle of Access

Question 14

Data processes is conditioned only by the legitimate, appropriate, and relevant data- needs of a free, responsible and democratic society, and by the equal and competing rights of other persons

Answer 14

Principle of Legitimate Infringement

Question 15

Any infringement of the privacy rights of the individual person…may only occur in the least intrusive fashion and with a minimum of interference with the rights of the affected person

Answer 15

Principle of Least Intrusive Alternative

Question 16

Any infringement of the privacy rights of the individual person, and of the right to control over person-relative data, must be justified to the affected person in good time and in an appropriate fashion

Answer 16

Principle of Accountability

Question 16

what are the 3 security principles?

Answer 16

1. privacy
2. confidentiality
3. security

Question 17

Guarding against improper information modification or destruction, includes ensuring information non-repudiation and authenticity

Answer 17

INTEGRITY

Question 18

Preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information

Answer 18

confidentiality

Question 19

Ensuring timely and reliable access to and use of information

Answer 19

availability

Question 20

what are the 3 protection measures?

Answer 20

management practices

physical safeguards

technical measures

Question 21

what are the elements of a security program

Answer 21

1. protecting the privacy of data
2. ensuring the integrity o fdata
3. ensuring of availability pf data

Question 22

what are the threats caused by environmental and hardware or software factors

Answer 22

1. Earthquakes, floods, hurricanes, tornadoes, etc.
2. Hardware breakdown (e.g., hard disk crash causing data corruption
3. Software failures (e.g., program code that doesn’t execute properly
4. Electrical outrages or surges
5. Malwares (e.g., viruses, worms, Trojan horse, Spyware, backdoor
   programs, Rootkit)

Question 23

what are the threats caused by people?

Answer 23

1. Insiders who make innocent mistakes, abuse their privileges, access or alter data for spite or profit, Physical intruders who steal or otherwise harm systems and Vengeful employees or outsiders who mount attacks

Question 24

what are the 3 access controls

Answer 24

identification. authentication and authorization

Question 25

Act of verifying a claim of identity; types of authentication

Answer 25

authentication

Question 26

Right or permission given to an individual to use a computer resource, such as computer or to use specific applications and access specific data

Answer 26

authorization

Question 27

the 5 types of security??

Answer 27

1. Passwords
2. Smart Cards and Tokens (OTP)
3. Biometrics
   4.Two-factor authentication
4. Single sign-on

Question 28

HIPAA OF 1996

Answer 28

• Ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose jobs

Question 29

Ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose jobs

Answer 29

HIPAA OF 1996

Question 30

Protected Health Information

Answer 30

HIPAA 1996

Question 31

HIPAA OF 1996 WAS ESTABLISHED IN THE….

Answer 31

USA

Question 32

R.A. 10173 “Data Privacy Act of 2012”

Answer 32

• National Privacy Commission members were appointed in February 2016
• Implementing Rules and Regulations of RA No. 10173 – published August 25, 2016

Question 33

This can help you in identifying the issues and determine the appropriate course of action.

Answer 33

ethical decision-making matrix

Question 33

This provides guidance and will need to be interpreted and applied in context and take into consideration the details of the situation to determine the appropriate course of action.

Answer 33

Ethical principles

Question 34

what are the 3 organizations under academic orgs?

Answer 34

1. Institute of medicine
2. UPM
3. DLSHSI

Question 35

what are the 4 organizations under NON GOV orgs?

Answer 35

1. International Medical Informatics Association: IMIA Code of Ethics for Health Professionals 2016
2. Asia-Pacific Association of Medical Informatics
3. Philippine Medical Informatics Society
4. American Health Information Management Association

Question 36

what are the 2 organizations under GOV orgs?

Answer 36

1. Department of Information and Communications Technology
2. National Privacy Commission

Question 37

5 CONSUMERS/USERS of HEALTH INFORMATION TECHNOLOGY

Answer 37

1. Patients
2. healthcare professionals
3. support staff
4. health facilities
   5, third party payers/ insurance companies

Question 38

____ is the acronym for the Health Insurance Portability and Accountability Act that was passed by Congress in 1996 (in the United States of America).

Answer 38

HIPAA

Question 39

HIPAA does the following

Answer 39

1. Provides the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs;
2. Reduces health care fraud and abuse;
3. Mandates industry-wide standards for health care information on electronic billing and other processes; and
4. Requires the protection and confidential handling of protected health information

Question 40

what is the major goal of privacy rule

Answer 40

assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public’s health and well- being.

Question 41

as well as all the Administrative Simplification rules, apply to health plans, health care clearinghouses, and to any health care provider who transmits health information in electronic form in connection with transactions for which the Secretary of HHS has adopted standards under HIPAA (the “covered entities”).

Answer 41

privacy rule

Question 42

what does the protected health information protect?

Answer 42

individually identifiable health information” held or transmitted by a covered entity or its  business associate, in any form or media, whether electronic,
paper, or oral.

Question 43

Why is there a data privacy law for the Philippines?

Answer 43

a law has been passed in the Philippines to serve as its local counterpart that seeks to protect all forms of information, be it private, personal, or sensitive. It is meant to cover both natural and juridical persons involved in the processing of personal information.

Question 44

an act protecting individual personal information in information and communications systems in the government and the private sector, creating for this purpose a national privacy commission, and for other purposes.

Answer 44

RA 10173

Question 45

“the act of verifying a claim of identity”

Answer 45

Authentication

Question 46

There are 3 types of information that can be used for authentication

Answer 46

1. Knowledge
2. possession
3. inherence

Question 47

A right or permission given to an individual to use a computer resource or to use specific applications and access specific data. It is also a set of actions that gives permission to an individual to perform specific functions such as view, write, edit, delete, or execute tasks. (Sayles, 2013)

Answer 47

authorization