Ensuring the privacy, security, and confidentiality of personal health information has been a fundamental principle for the health information management (HIM) profession throughout its 80-year history. Today, HIM professionals continue to face the challenge of maintaining the privacy and security of patient information, an effort that grows in complexity as information becomes more and more distributed in electronic systems. The challenge of this responsibility has also increased due to the constantly changing legislative and regulatory environment.
Regulations have impacted privacy and security:
The Privacy Rule sets the floor providing baseline requirements to preserve the overall confidentiality of protected health information (PHI) regardless of type (e.g. verbal, paper, electronic).
The Security Rule applies only to protected health information in electronic form
The Final HITECH Omnibus Rule strengthens privacy and security protections through
If you have question or would like to learn more about the HITECH Rule, please read our HITECH FAQs.
As the demands for health information become more diverse, health information management (HIM) professionals use their expertise to protect health information and sure the right information is available to the right people at the right time. Successful privacy, security, and confidentiality programs depend on HIM professionals for their expertise on the applicable laws and regulations impacting the appropriate management of healthcare data. HIM professionals ensure privacy and security programs meet compliance and regulatory requirements from the point of creation and implementation and continuously maintained thereafter.
In a time of changing regulations and continuous technology advancement, holding a privacy and security credential has become paramount. AHIMA’s Certified in Healthcare Privacy and Security (CHPS) credential is the only combined privacy and security credential in the industry and is one that is held by many HIM professionals. It is a true attestation to the qualifications and skills set of an HIM professional working in the privacy and security arena. Individuals who achieve the CHPS designation validate their commitment to advancing the management of privacy, security, and confidentiality practices.
HIM professionals hold diverse roles such as organizational and corporate privacy officers, compliance officers, and risk managers, to name a few, and are change agents in policy development and maintenance.
Sample job descriptions include:
HIM professionals advocate for strong privacy and security programs as electronic health record (EHR) systems are implemented and upgraded. HIM professionals provide the functional requirements for electronic health information, taking into account federal and state laws, including e-discovery, to ensure appropriate access, use, and disclosure of health information.
HIM professionals can also impact privacy, security, and confidentiality standards, laws, and regulations outside of their organization in multiple ways.