In this chapter, you will learn to
Distinguish among the relevant general privacy terms applicable to healthcare
Recognize how privacy protects patient rights and supports the confidentiality of the healthcare information
Appreciate the role of and requirement for the healthcare privacy officer
Understand the prevailing data privacy concepts that make up leading privacy frameworks
Comprehend measures required under privacy principles related to data breach, including requirements for notifying affected individuals
This book is very clear in its intentions. Within healthcare, the roles and responsibilities of those who are charged with protecting information converge around distinct roles that may or may not have involved working with digital or electronic information previously. Some roles originate from traditional privacy or legal roles in health information management, where there is a shift from information being stored on paper to being stored in digital format; others come from information technology support backgrounds, such as local area networking, application management, and end-user support, where new concerns over protected health information is relevant. Still others may come from the clinical engineering or biomedical technician professions, where the interconnectivity of medical devices to each other and to internal and external networks is rapidly evolving. To help you visualize this convergence, Figure 7-1 depicts the intersection. For these previously distinct and somewhat separated communities, a primer is needed, both in privacy compliance for those with stronger backgrounds in security and in security for those with stronger backgrounds in privacy compliance. Chapter 7 provides such a primer for those who now have a responsibility for complying with information privacy in healthcare, and Chapter 8 does the same for those with traditional privacy or legal compliance roles in healthcare who now have increasing roles in protecting digital information through information security management.
Convergence of healthcare competencies with information privacy and security responsibilities
The distinction between privacy and security has begun to narrow. Some advocate that privacy is a concept embedded in the practice of providing information security or cybersecurity. However, for purposes of this text, we will maintain a distinction. This chapter presents information privacy as a function of what is being protected and why. Chapter 8 will address security by defining how an organization can protect the information.