Case Scenario:
The administration at Rasmussen Hospital is concerned about how patient data stored on their networks, as related to HIM and patient care functions via the EHR and other clinical systems will be secured, especially regarding compliance with HIPAA regulations on security, privacy, and when using mobile devices for remote work.
They have asked you to develop a brief presentation to educate HIM staff, outlining some of the measures that will be put into place for their next staff meeting.
Assume the role of a HIM staff coordinator or manager as you prepare these materials for educating and informing your fellow staff members.
Your presentation materials will be evaluated based on applicability to securing and managing private healthcare data in the modern era, even when those data may be in transit, and providing complete explanations (going beyond just a list) of security measures and standards.
Instructions:
Develop a set of at least four presentation content slides, or a one to two-page memorandum as a digital instructional resource to teach your fellow HIM staff on the following topics. Use and refer to our course materials, class lecture topics, plus your independent research to explore these topics in depth.
- Identifies and explains in detail two specific, modern data security measures that will help deter information security threats in the healthcare environment. Select security measures applicable to the modern world of remote data storage and actively using networks for data transfer, while conducting HIM functions that work with PHI.
- Explains how information should be secured when using mobile devices, as used by HIM staff and clinical staff when working with patient data remotely. Mobile devices include all of the following: mobile phones, laptop computers and tablets. Provide specific security techniques for mobile device use. You may apply information provided in lecture as well as outside research.
- Explains how security for mobile devices differs from equipment that does not leave the facility.
- Includes information on safely using various network types, including public versus private wifi connections for remote work, and methods used for securing data while in transmission over networks.
- Describes two specific, relevant HIPAA guidelines, including one Administrative safeguard example and at least one Technical safeguard example.
- Develops examples for meeting each HIPAA guidelines, as necessary for implementation of your selected guidelines. Link your methods to the HIPAA guideline selected.
- Selects appropriate format for digital resource: Slide presentation or a memorandum to staff.
- Uses professional language and tone with correct spelling, grammar, and punctuation in the digital resource.
- Uses professional and appropriate communications, considering font size, font color, backgrounds, and graphic images in the digital resource. Be sure the design choices include readability by a typical staff member.