Synthesis: Suggest ways to improve/strengthen your chosen solution (may use information not contained within the scenario). Scenario: Security at All Pine Medical Center.
a. Identify concepts and ideas from multiple sources that improve or strengthen your solution.
b. Identify any new found information and the impact that new information may or may not have on your solution.
c. Identify potential missing information and the impact that missing information may or may not have on your solution.
Dr Palmer and his staff are upset by the many security elements sandwiched in the health record system. Instead of inactivating the security features, A possible solution for their upset is to allow the security system to go to sleep after 15 minutes of no operation. This way, if the system will not be accessed for a given period of time, it shall be redirected into idle mode and health records shall not be rendered into jeopardy. This solution is practical because it gives the working staff enough time to have a break and go back in a manageable time-frame without having to log out. The drawback of this solution is that, within the set time frame, an intruder can access the system and possibly expose patient records.
Another solution would be, instead of accessing the system through a username and a password, the system could be opened by fingerprint. This technique would only need an employee to place their respective finger in the identification system, then they would be granted full access to the system. The solution is practical since it will eradicate passwords and usernames granting the user simple and easy access to the system (Jamoom et al., 2013). The negative part of this solution is embedded on the cost of the finger-print system. In other words, every computer must be fitted with the system and this calls of additional costs. However, when all areas are put into consideration, I believe that this is the best solution for the problem. Simply, the fingerprint system will eliminate the tedious access of records through usernames and passwords. Furthermore, security of the system shall be increased since fingerprints cannot be leaked or copied like usernames and passwords.
Critical Thinking Case study:
Scenario: Security at All Pine Medical Center
All Pine Medical Center is a 250 bed trauma hospital in Indianapolis, Indiana. All Pine is a Joint Commission approved Medicare, Medicaid facility and houses a separate large inpatient, outpatient cardiology building adjacent to the main hospital. Palmer Cardiology Associates manages the cardiology center with Dr. Robert Palmer as the medical director. Dr. Palmer’s group has been affiliated with All Pine Medical Center for the past fifteen years and generates a vast amount of revenue for the facility.
Ten months ago, All Pine moved totally away from paper medical records and implemented an electronic health record (EHR) system. The move was completed in two phases over an eighteen month time span. Dr. Palmer’s group was ecstatic about the move to an EHR and was fully onboard with the change. Today, Dr. Palmer and his colleagues are frustrated over all of the security features associated with All Pine Medical Center’s new EHR. Dr. Palmer wants some of the security features disabled so he can get faster access to his patient’s data and not be limited on the time spent with a patient’s record. The current process in place for all physician’s and hospital employees is to first log on to All Pine Medical Center’s main system with a user name (assigned by the hospital IT department) and password (selected by the physician or employee); second, then log on to the electronic health record using the main user name but a different password along with an access code (again assigned by the hospital IT department).
Dr. Palmer and his associates want to sign on one time and access anything they want within the main system and electronic health record for as long as they want. He has assured the hospital risk management and health information management departments his group will sign off once they have completed what they needed to do or access in the patient record.
Due to the State and Federal rules and regulations in regards to confidentiality and security of patient health information, the health information management department is at a loss as to how to accommodate Dr. Palmer’s request. The Chief Executive Officer (CEO) and the Chief Information Officer (CIO) of All Pine have said, “Just make him happy”. The health information management director along with risk management, quality assurance, and the facilities IT department have formed a task force to find a way to modify Dr. Palmer and his groups access to the hospital’s main system and the EHR. The task force has reviewed the following documents for guidance on confidentiality and security of patient health information.
The task force has reviewed:
1. All Pine’s internal policy and procedures on confidentiality, security, and access to patient health records.
2. Joint Commission Accreditation rules and regulations for confidentiality, security, and access to patient health records.
3. HIPAA rules and regulations on confidentiality, security, and access to patient health records.
They are at a standstill on a concrete resolution for Dr. Palmer’s request. Your task, utilizing the 6 goals of the ARC, is to assess the issue/problem between Dr. Palmer and his group and All Pine Medical Center.