Unethical Behavior in the Health Information System from the Technical Aspect

     

 Unethical Behavior in the Health Information System from the Technical Aspect

    Health information system (HIS) is a technological advent used in handling healthcare issues. The need for HIS stems from a complex of factors that include hospital (the organization), limited resources, increasing produced information, cost examination necessity, information quality improvement need, medical research, and related sciences (Ahmadian et al., 2017). HIS consists of various network technologies, electronic health/medical records, clinical databases, administrative, biomedical, and financial technologies that create, process, transmit and store healthcare information (Asi & Williams, 2018). In essence, HIS manages all healthcare components, including administration, clinical, and economic aspects of the system. The healthcare system benefits from HIS as it improves information access, enhanced documentation quality, medical error reduction, improved patient care quality,  better information integration, reduced hospital costs, shared databases, and hospital management. The following discussion reveals that technical issues cause unethical behavior in HIS, but the system design and policies can improve the HIS.

Challenges in Health Information System

    The adoption of HIS is slower than most industrial technologies by 10-15 years. Although many countries in the developed world are using it, most developing countries are struggling to use the system due to challenges arising in the security design side, institutional management, and data inaccuracies (Asi & Williams, 2018). The following section described the ethical challenges in using HIS that need evaluation and policy realignment to benefit HIS.

Design Issues

The global technical perception shows that technology-based systems should be objective and rational. However, the notion ignores the need to incorporate cultural, personal, and political factors that influence technology adoption (Ngafeeson, 2015). For instance, HIS technology designers are purely IT professionals with minds obsessed with IT drives. Besides, when designing the system, the professionals considered that healthcare users would be rational and objective in perceiving HIS (Ozair et al., 2015). Consequently, the IT experts emphasized the technical specifics and designs that will give IT-perceived outcomes, including improved information access, documentation quality, improved patient care quality, information integration, reduced hospital costs, medical error reduction, shared databases, and hospital management. However, the technical hitches come from lacking standard technology and a structured healthcare information exchange (HIE) that allows independent sharing of healthcare data between institutions (Conaty-Buck, 2017). Besides, security and privacy concerns arise in an interoperable system that allows quick and seamless electronic data sharing in the health system.

In the U.S., the Health Insurance Portability and Accountability Act (HIPAA) governs electronic healthcare system utilization by promoting patient privacy, but expert and technical issues result in unethical behavior. HIPAA ensures patient confidentiality and privacy by forbidding handlers of health data from making such information available to unintended and unauthorized persons without the patient's consent (Conaty-Buck, 2017). However, technical and human factors involved in the storage and transition of health information cause the breach the HIPAA provision on security. For example, in 2013, a prosecutor found a data technician culpable for violating HIPAA provisions on patient's privacy by using her position to extract patient information that included names, Medicare numbers, and addresses that they sold for over 17 months (Moore & Frye, 2017). Although the technician was convicted to 6-month imprisonment and fined $2100, the patients whose privacy was breached remained vulnerable to people with their personal information without their consent. The conditions created by the technical experts leave the patients vulnerable to giving their information to malicious persons through the HIS unknowingly. For instance, another health facility lost the data of more than 34,000 patients to thieves that stole the laptop of a system maintenance contractor (Conaty-Buck, 2017). The contractor had downloaded patient data in their password-protected computer, but they had not encrypted the downloaded patient information (Conaty-Buck, 2017). The contractor lost such data to unscrupulous persons who would use them for malicious purposes without patient consent. Besides, another hospital, Prime Health care Services Inc. paid $275,000 towards servicing a federal investigation into patient privacy abuse (Moore & Frye, 2017). Thus, although HIPAA provisions promise to protect patient privacy, patient information remains vulnerable to theft due to human error and technical structures.

Data Inaccuracies

Data integrity means that patient information is intact and without alterations. Improving patient data safety is an electronic health system that reduces health disparities and enhances public health delivery (Asi & Williams, 2018). However, concerns are arising on the reliability and accuracy of the digital data entered in the HIS. System shortcuts such as "copy and paste" or "cut and paste" are the basis of inaccurate representation of the patient, which leads to incorrect treatment. The practice is unethical as it increases the burden on patients towards clinicians and healthcare institutions (Ozair et al., 2015). Besides, a system that uses a drop-down menu and disposes of relevant patient information in the trash or recycles bin presents data integrity issues (Lucyk et al., 2017). The option provided in the system places the clinician in selecting the right place to store patient data. Errors arising from the course leads to blame on the clinician, which could earn them penalties. Besides, data transfer causes the loss or destruction of data as sometimes inaccuracies in a database change a patient's clinical management. Furthermore, the transfers give data inaccuracies that open an opportunity for medical identity theft (Lucyk et al., 2017). Consequently, the patient gets an insurance bill that clears another person's treatment expenses, leading to losses. Moreover, the patient becomes liable to future costs as the policy provider becomes wary that the client did not provide accurate information during insurance cover selection. Hence, inaccuracies arise from system designs that place users at risk of unethical behavior, as is evident in the drop-down menus, trash, and "cut + paste" options.

 

Proposed Solutions

    The solutions include technical, managerial, and institutional issues that enhance using HIS without widespread doubts on patient data integrity.

Design Solution

    To overcome the design problem's technical side, implementing a remote and technical security structure on patient data will ensure ethical handling of the information. Although some studies suggest that training healthcare officers on system protection is a viable solution, healthcare partitions see the method as subjective as IT professionals in that dimension (Ngafeeson, 2015). The IT experts are responsible for implementing security measures that include antivirus software, firewalls, and intruder detecting software that enhances patient data integrity (Ozair et al., 2015). Firewalls prevent cyber intruders from hacking the database through web requests, while antivirus software detects and deactivate bots sent by hackers to allow requests that will lead to data retrieval. Additionally, the implementation of security policies that govern access, usage, transmission, and patient data storage in the health information system is vital (Ngafeeson, 2015). For example, the policy should include the restriction sharing of user authentication systems, including utilizing employee passwords by other employees or unlisted individuals in accessing healthcare information in the electronic system (Ozair et al., 2015). Furthermore, the organization should provide a security officer who works with IT experts to ensure the safety of the physical installations that can allow entry into the database containing digital patient records. Therefore, initiating technical and remote security measures that include antivirus, firewalls, and intrusion sensors is vital.

Data Inaccuracies

            The design and audit of the system offer a solution to inaccuracies in data entry. For instance, the menu used in data entry should eliminate the drop-down system and embrace the tabular system for accurate entries, selection, and ease of proofing (Leon et al., 2020). Besides, the implemented system should have a single storage option for specific patient data, eliminating the confusion the clinicians encounter during the storage process (Leon et al., 2020). Similarly, the clinicians need training on system usage to update their knowledge and point to the standard error that can cause inaccuracies. The training programs should cover the standard interfaces used by every set of clinicians that include nurses, physician assistants, physiotherapists, radiologists, and physicians. Moreover, the finance and administrative departments should ensure that a regular system audit occurs to reduces inefficiencies. Therefore, data inaccuracies are easy to overcome through redesigning of the user interface, training the users, and allocating definitive storage areas.

    Overall, the technical issues in the health information system include data inaccuracies and design hitches. Design problems in HIS arise from IT experts' borrowing ideas in the implementation of the program, which results in objective and rational reasoning without considering cultural, personal, and social issues involved in the system. Problem is evident in the inabilities of HIPAA to enhance privacy and security of patient data. Besides, the difficulties in data inaccuracies come from the design issues that leave users in a dilemma. Such include the types of menu and storage options with the system. However, to overcome the security design problem, remote protections that are viable include using antivirus, intrusion sensors, firewalls, system audits, and implementation of user policies on shared authentications. Moreover, overcoming data inaccuracies needs redesigning the system to a user-friendly platform, training clinicians on its usage, and making universal storage units. Thus, technical issues in HIS arising from security design and data inaccuracies are curable using policies, system design, and user training.

References

Ahmadian, L., Dorosti, N., Khajouei, R., & Gohari, S. H. (2017). Challenges of using Hospital Information Systems by nurses: comparing academic and non-academic hospitals. Electronic physician, 9(6), 4625. DOI:  10.19082/4625

Asi, Y. M., & Williams, C. (2018). The role of digital health in making progress toward Sustainable Development Goal (SDG) 3 in conflict-affected populations. International journal of medical informatics, 114, 114-120. DOI: https://doi.org/10.1016/j.ijmedinf.2017.11.003

Conaty-Buck, S. (2017). Cybersecurity and healthcare records. American Nurse Today, 12(9), 62-64. Accessed online on 11/02/2020, from https://www.myamericannurse.com/wp-content/uploads/2017/09/ant9-Focus-0n-Cybersecurity-824a.pdf

Leon, N., Balakrishna, Y., Hohlfeld, A., Odendaal, W. A., Schmidt, B. M., Zweigenthal, V., & Daniels, K. (2020). Routine Health Information System (RHIS) improvements for strengthened health system management. Cochrane Database of Systematic Reviews, (8). DOI: https://doi.org/10.1002/14651858.CD012012.pub2

Lucyk, K., Tang, K., & Quan, H. (2017). Barriers to data quality resulting from the process of coding health information to administrative data: a qualitative study. BMC health services research, 17(1), 766. DOI: https://doi.org/10.1186/s12913-017-2697-y

Moore, W., & Frye, S. (2019). Review of HIPAA, part 1: history, protected health information, and privacy and security rules. Journal of nuclear medicine technology, 47(4), 269-272. DOI: http://tech.snmjournals.org/content/47/4/269.short

Ngafeeson, M. N. (2015). Healthcare information systems opportunities and challenges. In Encyclopedia of Information Science and Technology, Third Edition (pp. 3387-3395). IGI Global. DOI: 10.19082/4625

Ozair, F. F., Jamshed, N., Sharma, A., & Aggarwal, P. (2015). Ethical issues in electronic health records: A general overview. Perspectives in clinical research, 6(2), 73. DOI: https://dx.doi.org/10.4103%2F2229-3485.153997