14 ethics, privacy, and security

Health informatics ethics (HIE)

application of the principles of ethics to the domain of health informatics.

healthcare, informatics, and software

three main aspects of health informatics:

autonomy

is defined as either allowing individuals to make their own decisions in response to a particular societal context, or as the idea that no one human person does not have the authority nor should have power over another human person.

Beneficence and Non-maleficence

defined as "do good" and "do no harm." In health informatics, - relates most significantly with the use of the stored data in the BHIR system, and - with data protection.

Informatics ethics

involves the ethical behavior required of anyone handling data and information, as prescribed by the International Medical Informatics Association (2016).

seven principles

privacy, openness, security, access, legitimate infringement, least intrusive alternatives, and accountability.

Principle of Information-Privacy and Disposition

All persons and group of persons have a fundamental right to privacy, and hence to control over the collection, storage, access, use, communication, manipulation, linkage, and disposition of data about themselves.

Principle of Openness

The collection, storage, access, use, communication, manipulation, linkage, and disposition of personal data must be disclosed in an appropriate and timely fashion to the subject or subjects of those data.

Principle of Security

Data that have been legitimately collected about persons or groups of persons should be protected by all reasonable and appropriate measures against loss degradation, unauthorized destruction, access, use, manipulation, linkage, modification, or communication.

Principle of Access

The subjects of electronic health records have the right of access to those records and the right to correct them with respect to its accurateness, completeness, and relevance

Principle of Legitimate Infringement

The fundamental right of privacy and of control over the collection, storage, access, use, manipulation, linkage, communication, and disposition of personal data is conditioned only by the legitimate, appropriate, and relevant data-needs of a free, responsible, and democratic society, and by the equal and competing rights of others.

Principle of the Least Intrusive Alternative

Any infringement of the privacy rights of a person or group of persons, and of their right of control over data about them, may only occur in the least intrusive fashion and with a minimum of interference with the rights of the affected parties.

Principle of Accountability

Any infringement of the privacy rights of a person or group of persons, and of the right to control over data about them, must be justified to the latter in good time and in an appropriate fashion.

society

Activities should be carried out with the best interest of the - in mind. Developers should be mindful of social impacts of software systems. This includes disclosing any threats or known defects in software.

institutions and its employees

activities must be done in the best interests of the -, while balancing their duties to the public, including being straightforward about personal limitations and qualifications.

professional standards

software products should meet expected -.

Privacy

generally applies to individuals and their aversion to eavesdropping, whereas confidentiality is more closely related to unintended disclosure of information

confidentiality

if someone breaks into the clinic to view an individual's patient record, that perpetrator is in violation of -.

administrative, physical, technical

Safeguards can be on an - - - level

Administrative level

may be implemented by the management as organization-wide policies and procedures

Physical level

mechanisms to protect equipment, systems, and locations

Technical Level

automated processes to protect the software and database access and control

availability, accountability, perimeter identification, controlling access, comprehensability and control

technological security tools function

Availability

ensuring that accurate and up-to-date information is available when needed at appropriate places.

Accountability

helping to ensure that healthcare providers are responsible for their access to and use of information, based on a legitimate need and right to know;

Perimeter identification

knowing and controlling the boundaries of trusted access to the information system, both physically and logically.

Controlling access

enabling access for health care providers only to information essential to the performance of their jobs and limiting the real or perceived temptation to access information beyond a legitimate need.

Comprehensibility and control

ensuring that record owners, data stewards, and patients understand and have effective control over appropriate aspects of information privacy and access.

register patient, order tests, collect sample, receive sample, run sample, review results, release results, report results

Key Steps in Laboratory Information Flow for a Hospital Patient

Register Patient

Patient record (e.g., ID Number, name, sex, age, location) must be created in the LIS before tests can be ordered. LIS usually automatically receives these data from a hospital registration system when a patient is admitted.

Order Tests

Physician orders tests on a patient to be drawn as part of the laboratory's morning blood collection rounds. The order is entered into the CIS and electronically sent to the LIS.

Collect Sample

Before morning blood collection, the LIS prints a list of all patients whose blood samples have to be drawn and the appropriate number of sample bar-code labels for each patient's test order.

Receive Sample

When the samples arrive in the laboratory, their status have to be updated in the LIS from "collected" to "received." This can be done by scanning each sample container's barcode ID into the LIS.

Run Sample

The sample is loaded onto the analyzer, and the bar code is read. Having already received thes test order from the LIS, the analyzer knows which tests to perform on the patient.

Review results

The analyzer produces the results and sends them to the LIS. These results are only viewable to the technologists because they have not been released for general viewing.

Release Results

The technologist releases the results. Unflagged results are usually reviewed and released at the same time. The LIS can also be programmed to automatically review and release normal results or results that fall within a certain range.

Report Results

The physician can view the results on the CIS screen. Reports are printed when needed from the LIS.