Question

1. What edits would you make to the General Hospital’s disclosure policy, if any, to improve the clarity of the requirements to both the patient and hospital staff?
2. If General Hospital implemented a new online patient portal that allowed patients to request disclosure of their medical information online, what changes would need to be made to their release of information policy?
3. In the scenario in question 8 above, could General Hospital mandate all release of information requests be submitted through the online patient portal to help streamline the process internally and mitigate access and disclosure risks? Why or why not?

TITLE: AUTHORIZATION TO RELEASE PATIENT INFORMATION – USE AND DISCLOSURE OF MEDICAL INFORMATION POLICY: All information contained within a patient’s medical record will be maintained in a confidential manner to protect the patient’s right to confidentiality and comply with City, State and Federal Regulations including HIPAA. PURPOSE: This policy includes the procedures to follow when a patient requests to disclose their medical information to another physician, hospital, or medical facility, an attorney, an insurance company, to the patient or any other party as authorized by the patient. Protected Health Information (PHI) may only be accessed/used or disclosed, as follows: to those directly involved in the treatment of the patient; to comply with public health regulations; for the payment of services provided to a patient; to researchers as authorized by the patient or an IRB approval; as required by law; or as authorized by the patient or other legally authorized individual/or entity. Protected Health Information may be disclosed with a written authorization from the patient if all the following are met: The authorization is in writing, is dated, and is signed or otherwise authenticated (scanned or electronically signed). The exception is immunization records, which may be disclosed to a school with the verbal permission of the parent or the patient. The authorization specifies the information to be disclosed. The authorization specifies the entity or location to disclose the information. The authorization specifies the person or persons to receive the information. PROCEDURES: The following information must be reviewed, and documented that it was reviewed, before protected health information is disclosed: A patient or other designated/authorized individual requesting disclosure of the medical information has completed a Release of Information form. The Release of Information form must be completed or updated by the patient or other designated/authorized individual. The Release of Information should be reviewed to verify the signature (scanned or electronically signed) of the patient or legally authorized representative. Verbal or telephone authorization are not accepted. The date on the authorization must be no more than three-years-old or must not have expired. A healthcare provider can verbally disclose or fax medical information to a physician, hospital, or medical facility upon receipt of the required authorization or a statement in the record documenting that the patient is unable to authorize release of their information in an emergency. Medical information may be released and/or disclosed with another healthcare provider/healthcare organization without a signed authorization if the healthcare providers have a known patient in common or for continuity of care.

Answer 1

Hospital staff: Hospital staffs in the organization are responsible to maintain patient information in confidential. The people who directly involves in caring for a client and uses and shares patient information as their job and stores this information in the health records

Hospital staff should access the information when it is necessary in order to continue their work

1. Patient information can be shared when it is   a treatment purpose, such as people who involved in a care and coordinated care by other people, consultation purpose, sending a patient to another health care provider for treatment purpose.

2. Health care information can be shared for billing purpose

3. Health care information can be shared when it is a for an operation purpose

4. Health care information can be disclosed for insurance purpose

5. Health care information can be shared when it is a research purpose according to institutional review board

6. Health care information should be disclosed when it is a purpose of court

Policies for maintaining confidentiality

1. Any information that contain patent information should not be shared by the health care provider unless it is necessary

2. Health care information should not be copied out by the healthcare provider without specific medical record director. Healthcare provider can access records and discuss regarding their care of the patient

3. Authorization should not be given to insurance companies in order to preserve the records by health care staffs

4. Health care records should be shared to health care provider who in charge of patient care

5. Written request be accepted for granting permission to access the information instead of verbal requestion

6.informtions should be disclosed and produced on the basis of written authorization forms signed and dated by the patient and guardians on behalf of incase of mentally incompetent, can write authorization form to request disclosure of information

7. Health care information should be shared to attorney in protection of organization in case of liability

8. Health care information should not be taken outside of hospital without authorization form

Patient:

Patient has all rights to access in their own medical record whenever. The patient can change of information when it contains incorrect information by requesting in written form. Patient can get   the disclosure information list. Patient can write and request the not to disclosure the information to friends, office staff and anyone. Patent has right to take legal case or action against employees who breached the rules

Changes to be made hospital while patient is disclosing patient information: online health services where patient can enter his health information in patient portal and make a request and select a healthcare provider according to his wish.

the patient can make appointment and access blood reports and not about sensitive pathology and sensitive reports. past medical history can be edited by the patient.

1. Information has been entered by the patient in patient portal. Information can be viewed by the patient and information can be edited by the patient.

2. Security password has been provided to the patient. Patient can access it at his home to connect  helath care providerand make an apointment Upon requestion of patient , health care provider can give health advice on the requestion made by the patient

3. Patient can view and download the data

4. Secure message should be established between patient and health care provider.

5. The patient portal should be active for a certain period

6. Fees can be collected from the patient for continuing patient portal

Patient portal:

Patient can get information according to the organization rules and regulations.

Health care organization will not release all information. Because of the diagnoses such as AIDS, drug abuse, mental health. It makes addition legal problems. Some of the problems arise from disclosure of information like blood test such as HIV and congenital disease. Because these kinds of results are really sensitive. The information regarding the blood test which is showed in patient portal such as cytology and medical terminology. While releasing such information, it cause patient mentally upset and make his condition jeopardize. Because these kind of results are to be discussed in person with physician. Sensitive issues should not be disclosed in online patient portal. This kind of online portal can be problematic while releasing all information. another point of issue hackers are misusing patient information while organisation releasing all information as per patient requestion. patein can access blood report and not about  sensitive issues and can make appointment and their past history.