Health informatics professionals are guided by federal, state and local regulations, as well as a code of ethics published by the American Health Information Management Association (AHIMA).
Because the profession is relatively new – and evolving rapidly, thanks to fast-moving technological advances – keeping up with legal and ethical issues can be a challenge. Healthcare workers and consultants, health policymakers and medical researchers are only a few of the professional communities affected by shifting regulations, laws and ethical guidelines. Many organizations appoint a Chief Privacy Officer (CPO), an executive position charged with developing and implementing the policies a company will adhere to in protecting customer and employee data.
These issues are a major focus for the American Medical Informatics Association (AMIA), which offers a working group for members that is specifically geared toward ongoing education about ethical, legal and social issues related to health informatics.
Every aspect of the health informatics profession is affected in some way by ethical and legal concerns. The issue essentially comes down to finding a way to balance the need to protect the security of patient information with the potential for better care and outcomes associated with greater interoperability and improved ability to share records among healthcare entities.
The health informatics profession is built on the premise that healthcare providers and patients should not have to choose between record security and ease of sharing. This is a high-level way of looking at the overall goal of health informatics professionals, whose primary mission is to help the healthcare industry continue to integrate electronic medical records in a secure, efficient way.
As the profession has grown in prominence over the past decade, standards of ethical behavior and regulations have been amended and expanded. As a result, today’s health informatics students have a broad range of specialization choices available to them when they graduate.
Here are a just a few of the ethical, legal and social issues that are shaping the health informatics profession today:
- The protection of private patient information
- Patient safety
- Risk assessment
- Reporting design and data display
- System implementation
- Curriculum development
- Research ethics
- Liability
- User involvement and accessibility
- Ethical dilemmas resulting from data availability and sharing
Existing Health Informatics-Related Laws
One of the most important current laws affecting health informatics is the Privacy Act of 1974. This law requires that federal agencies provide public notice of their records systems by publishing them in the Federal Register. It also requires written consent from subjects before a record can be released, and provided a process by which subjects can access or change their records.
Other important regulatory rulings and organizations include:
- The Confidentiality of Alcohol and Drug Abuse Patient Records regulations, which provided additional protections of privacy for patients in substance abuse treatment programs regulated by the federal government
- The Institutional Review Board (IRB), which are established by various government health sciences bodies (federal and/or state) to protect rights, welfare and well-being of human research participants and patients
- The Joint Commission on Accreditation of Healthcare Organizations (the Joint Commission), which rules on the eligibility of hospitals and other organizations to participate in Medicare
- The Health Information Technology for Economic and Clinical Health (HITECH) Act, which was enacted in 2009 as part of the American Recovery and Reinvestment Act to promote the adoption of health information technology, as well as to ensure compliance on the institutional level
- The Health Insurance Portability and Accountability Act (HIPAA), which strengthened the privacy protections of patients regarding the sharing of medical information, particularly as it relates to employment
- The Food and Drug Administration Safety and Innovation Act (FDASIA), which in 2012 strengthened the FDA’s ability to speed patient access to digital records and improve the safety of drugs, medical devices, and biological products
- The 21st Century Cures Act, which became law in December 2016 and is designed to accelerate the development of medical technology and improve patient access to technological advances in medicine
Laws and regulations are closely tied to ethical concerns. Several health information technology organizations – AHIMA, AMIA and the Health Information Management and Systems Society (HIMSS) — have taken on leadership roles for the examination and implementation of ethical standards in the industry.
The Code of Ethics and Standards
AHIMA’s Code of Ethics explains that the “ethical obligations of the health information management (HIM) professional include the safeguarding of privacy and security of health information; disclosure of health information; development, use and maintenance of health information systems and health information; and ensuring the accessibility and integrity of health information.”
It also gives seven purposes for the code of ethics:
- The promotion of high standards of health information management practice
- The identification of core values of the health information management mission
- A summary of the broad ethical principles that reflect the core values
- Establishment of ethical principles used to guide decisions and actions
- Establishment of a framework for professional resolution of conflicts and ethical uncertainties
- Providing ethical principles that allow the public to hold health information management professionals accountable
- Providing opportunities for mentors to guide new practitioners in ethics education
The code also establishes standards for ethical coding and standards for clinical documentation improvement.
Legal Matters to Think About
Author, columnist, nurse and attorney Nancy J. Brent, writing for the HIMSS website in 2013, published a list of important legal issues for health informatics professionals to keep in mind. Brent’s advice boiled down to a few major points:
- The highest priority for a health information management team must be patient safety.
- Procedures for health information management must be established, and team members must be well-trained on these policies.
- Patient information much be held as securely as possible.
- Passwords and other login information must never be shared among team members.
In addition, Brent advises health informatics professionals to remain as informed as possible about new regulations and rulings in ethical conflicts and uncertainties industry-wide. The protection of patient rights and progress toward better health outcomes using electronic technology depend on the depth of knowledge front-line health informatics professionals bring to their jobs.
A 100% online Master of Science in Health Informatics from the USF Health Morsani College of Medicine can position healthcare professionals to help shape the future of health information management. Healthcare organizations increasingly need well-trained professionals to develop and implement records systems that protect patient privacy and ensure the ease of data sharing among stakeholders.