Essay Available:
100% (1)
page:
5 pages/≈1375 words
Sources:
6
Style:
APA
Subject:
Health, Medicine, Nursing
Type:
Annotated Bibliography
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 21.6
Topic:

The HIPAA Privacy ACT

Annotated Bibliography Instructions:

Scenario No. 1: HIPAA Privacy Rule

Case Study: Imagine that you are the privacy officer for a small town hospital. You receive a report that there is a breach of privacy. You are informed that a 15-year-old girl is received at the emergency with an emergency labor. The baby is delivered in the emergency room as there is no time to move the patient to the obstetrics (OB) department. In addition to the emergency delivery, the baby is born with multiple medical problems. Once the mother and baby are moved to obstetrics and neonate, care is given to both. 



The OB nurse who took care of the mother and baby completes her shift, and she goes home to her own daughter to have a talk with her. She sits her daughter down and pleads with the girl to tell her if she ever has any problems, especially when it comes to pregnancy. The nurse tells her daughter the story about the young patient who delivered that evening, and she accidentally mentions the patient’s name. The patient’s name is one of those odd names that immediately triggers the nurse’s daughter to relay that she knows the patient. The mother/nurse, realizing that she made a big mistake by mentioning the patient’s name, pleads with her daughter not to say anything. Needless to say, word shoots through the four high schools in the town the next day.



The nurse returns to work the following evening, and she contacts you to hand in her badge and keys, stating that she knows she made a mistake by breaching the young patient’s privacy and she knows she is going to be fired. In addition to the breach of the obstetrics nurse, you learn that the patient hid her pregnancy from her family, and to make matters worse, her aunt and mother are both nurses at the hospital. You know both of these nurses on a professional and personal level. 



Scenario No. 1 HIPAA Privacy Rule Project Assignment:

Research the HIPAA Privacy Rule here: 



U.S. Department of Health and Human Services. (2002). Standards for privacy of individually identifiable health information; Final Rule. Federal Register, 67(157), 53182-53273. Retrieved from http://www(dot)hhs(dot)gov/ocr/privacy/hipaa/administrative/privacyrule/privrulepd.pdf.



Then, perform additional research regarding the HIPAA Privacy Rule and prepare your Final Paper by analyzing the issues through these questions in regards to the above scenario: 

1. Analyze the specific requirements needed to perform this investigation. 

2. Identify whether this incident was an actual breach of privacy according to the HIPAA law. 

3. Examine the differences and similarities between the hospital’s stance and HIPAA as to whether the nurse should be fired from her job. 

4. Explain why you would fire or not fire the nurse immediately or whether you would put her on administrative leave awaiting the details of the investigation. 



Writing the Final Paper



The Final Paper:

1. Must be eight to ten double-spaced pages in length, excluding title and reference pages, and formatted according to APA style as outlined in the Ashford Writing Center. 

2. Must include a title page with the following: 

a. Title of paper 

b. Student’s name 

c. Course name and number 

d. Instructor’s name 

e. Date submitted 

3. Must begin with an introductory paragraph that has a succinct thesis statement. 

4. Must address the topic of the paper with critical thought. 

5. Must end with a conclusion that reaffirms your thesis. 

6. Must use at least eight scholarly sources (not including the course text) that were published within the last five years, including a minimum of four sources from academic journals found in the Ashford University Library. 

7. Must document all sources in APA style, as outlined in the Ashford Writing Center. 

8. Must include a separate reference page, formatted according to APA style as outlined in the Ashford Writing Center. 



Carefully review the Grading Rubric for the criteria that will be used to evaluate your assignment.

Annotated Bibliography Sample Content Preview:

The HIPAA Privacy ACT
Name:
Institution:
Course Title:
Instructor:
Date:
The HIPAA Privacy Act
1.0 Introduction
There are specific privacy standards outlined in the final December 28, 2000 HHS final rule (65 FR 82462) also referred to as the "Privacy Rule." These are specific standards for Privacy of Individual Identifiable Health Information that consumers are increasingly concerned about (Nass, Levit & Gostin, 2009). These provisions have created a platform that ensures nationwide protection for the privacy of citizen’s most sensitive health information. These regulations are to assure consumers that all their sensitive information including genetic information will be properly protected (Field, 2005). The Privacy Rule ensures ensure that health plans and healthcare providers fully guard and prevent misuse of individual identifiable health information and limit sharing of such information. In this particular case, there is a need to apply the HIPAA Breach Notification Rule, 45 CFR 164.400-414. This requires the Privacy Section of the Health Insurance Portability and Accountability Act (HIPAA) covered entities and related business associates to provide notification following a breach of unsecured protected health information (Anatayakul, n.d; Erickson, 2005; Wiener, Gilliland, 2011). This paper seeks to discuss the role of the HIPAA, based on a case study provided that will help analyze the requirements of investigating breach of privacy according to the HIPAA and the necessary steps that should be taken to address the issue.
1.1 Background
The Privacy Section of the Health Insurance Portability and Accountability Act (HIPAA) is a national legislation created to assure every patient across the nation protection of their health insurance information. This limits individuals and institutions that have access to patient’s information on how they can use it (McGowan, 2012). In the HIPAA Breach Notification Rule, following a breach of unsecured protected health information, covered entities must first provide notification of the breach to affected individuals, the secretary and if necessary to the media. The notice must be provided to the affected individual or their representatives or guardians in written form by first class mail or by email as agreed to receive such notices electronically (Nass, Levit & Gostin, 2009; Gunn et al., 2004; Flaherty, 2014; Fleming, 2014).
The individuals must be provided, without delay, with the information on the extent of the breach, the steps the affected individual should take to protect themselves from potential harm and description of what the covered entity is doing to investigate and prevent further breaches. This will also require the secretary of breaches of unsecured protected health information. This is done through online platforms provided at the HHS web site where an electronic form is filled. This will then be followed by adopting the hospitals policy recommendation on the specific sanctions that should be given to the member who failed to comply with the policy and procedure in this case the nurse (HHS.gov, 2015; Field, 2005; Fleming, 2014; McGraw, 2013).
2.0 Analysis of Specifics Required to Perform the Investigation
In accordance to the modifications of the HIPAA provisions for modifications to the standards, the provisions to the Privacy Rule (67 FR 14776), a member of the health care providers breached unsecured health information to unauthorized third party (Anatayakul, n.d; Flaherty, 2014). In accordance to the HIPAA regulations, a breach in this case is imminent and it is the mandate of the hospital to carry out the necessary steps as per the provisions in the HIPAA Privacy Rule. Despite being an unintentional acquisition of patient information by the nurse daughter, the information was not transferred from the nurse daughter to the general public at school in good faith hence ended up harming the patient’s image. This kind of breach is between an authorized covered entity member and a non authorized entity hence making it an actual breach. It fails to meet the exceptions provided in the HIPAA Privacy Rule (Gunn et al., 2004). Covered entities in which the hospital and the nurse in this case were the only ones that were supposed to have access to this patient’s information. The information, according to the HIPAA rules, could only be shared among covered entities which include business associates to the hospital, request by public health purposes, and public agencies for health oversight activities such as audits, civil, criminal or administrative purposes, and the law enforcement officials, for judicial and administrative proceedings and for research purposes. These are the only incidences that could be used to allow the patients information out of the hospital without their consent. Otherwise, a clearly written individual permission that met specific consent requirements was required in this case (Nass, Levit & Gostin, 2009; Rezaeibagha, Win & Susilo, 2015).
3.0 Differences and Similarities Between Hospitals Stance and HIPAA On the Disciplinary Decision On the Nurse
The stances between the hospital decision and the HIPAA for the nurse to be fired based on disclosure of information to a non-cleared third party entity are similar. It is clear that the nurse disclosed unprotected information for a patient that belong to the hospital and that she is not supposed to discuss with unauthorized parties in this case a non...
Updated on
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Order

👀 Other Visitors are Viewing These APA Essay Samples:

© Essayzoo.org 2025
We are an established and reputable company, with over 10 years in the essay business.
Terms of Service | Privacy Policy | Essays for Sale | Essay Rewriter | APA Generator Tool | Topic Generator | Text Summarizer | Thesis Statement Generator
Sign In
Not register? Register Now!