Ensuring the privacy, security, and confidentiality of personal health information has been a fundamental principle for the health information management (HIM) profession throughout its 80-year history. Today, HIM professionals continue to face the challenge of maintaining the privacy and security of patient information, an effort that grows in complexity as information becomes more and more distributed in electronic systems. The challenge of this responsibility has also increased due to the constantly changing legislative and regulatory environment.
Regulations have impacted privacy and security:
Click here to watch video
The Privacy Rule sets the floor providing baseline requirements to preserve the overall confidentiality of protected health information (PHI) regardless of type (e.g. verbal, paper, electronic).
The Security Rule applies only to protected health information in electronic form
The Final HITECH Omnibus Rule strengthens privacy and security protections through
If you have question or would like to learn more about the HITECH Rule, please read our HITECH FAQs.
As the demands for health information become more diverse, health information management (HIM) professionals use their expertise to protect health information and sure the right information is available to the right people at the right time. Successful privacy, security, and confidentiality programs depend on HIM professionals for their expertise on the applicable laws and regulations impacting the appropriate management of healthcare data. HIM professionals ensure privacy and security programs meet compliance and regulatory requirements from the point of creation and implementation and continuously maintained thereafter.
In a time of changing regulations and continuous technology advancement, holding a privacy and security credential has become paramount. AHIMA’s Certified in Healthcare Privacy and Security (CHPS) credential is the only combined privacy and security credential in the industry and is one that is held by many HIM professionals. It is a true attestation to the qualifications and skills set of an HIM professional working in the privacy and security arena. Individuals who achieve the CHPS designation validate their commitment to advancing the management of privacy, security, and confidentiality practices.
HIM professionals hold diverse roles such as organizational and corporate privacy officers, compliance officers, and risk managers, to name a few, and are change agents in policy development and maintenance.
Sample job descriptions include:
HIM professionals advocate for strong privacy and security programs as electronic health record (EHR) systems are implemented and upgraded. HIM professionals provide the functional requirements for electronic health information, taking into account federal and state laws, including e-discovery, to ensure appropriate access, use, and disclosure of health information.
HIM professionals can also impact privacy, security, and confidentiality standards, laws, and regulations outside of their organization in multiple ways.
Ensuring the privacy, security, and confidentiality of personal health information is no easy feat. As the complexity of information grows and becomes more widely distributed across all media, so must the skills and responsibilities of healthcare professionals. If you are committed to ensuring privacy and security programs adhere to compliance and regulatory requirements from creation to implementation, review AHIMA’s privacy and security product offerings.
If you are committed to ensuring privacy and security programs adhere to compliance and regulatory requirements from creation to implementation, CLICK HERE to see AHIMA’s Privacy and Security educational offerings.
Privacy and Security Toolkits are free to members ($99.95 for nonmembers)! Toolkits can also be found in AHIMA’s Body of Knowledge (BoK)™.
AHIMA’s Body of Knowledge (BoK)™ contains many Privacy and Security articles. Here’s just a sample.
Read articles from Perspectives in Health Information Management (PHIM). Articles can also be found in AHIMA’s Body of Knowledge (BoK)™.
AHIMA’s highly respected Certified Healthcare Privacy and Security (CHPS) credential demonstrates competence in designing, implementing, and administering comprehensive privacy and security protection programs.
The CHPS credential:
Click here to learn more about eligibility requirements and how to apply.
Privacy, security, and confidentiality are core competencies of the health information management (HIM) profession. AHIMA is committed to providing members with the tools and resources needed to remain leaders of privacy and security throughout the industry.
“HIM professionals were known as the ‘confidentiality police’ long before the title ‘privacy officer’ was in use. As the role has evolved, so too have the methods and tools we use to develop and implement policies and procedures to protect privacy and access to patient health information. Privacy and Security Month is a great opportunity to keep confidentiality and security on everyone's radar and maybe even learn something new.”
~ Melissa Martin, RHIA, CCS, CHTS-IM, President/Chair, AHIMA Board of Directors
Thank you for celebrating 2016 Privacy and Security month with us! Check back in early 2017 to see what’s in store for the next Privacy and Security month.
With Support From:
“ Ensuring the privacy, security and confidentiality of protected health information (PHI) is a fundamental principle for the health information management (HIM) profession, and in our role as a business associate (BA) to organizations fulfilling their release of information (ROI) activities,” said Rita Bowen, MA, RHIA, CHPS, SSGB, vice president of privacy, HIM policy and education for MRO. “Technology has advanced the challenges and complexity of managing health information, as it often resides blended or merged from various sources (internal and external); it is also more easily shared from multiple systems. These factors, among others, make ROI more difficult than ever and explain why organizations look to the industry KLAS leaders to outsource this function.”