Original records are not to be kept in shadow charts. Shadow charts should only contain copies of the original records. This is to ensure that all original documentation is always placed in the main chart. The purpose for this is to have the most up to date documentation in the main chart at all times and not in an ancillary departments’ shadow chart that not everyone will have access to if needed. Shadow charts are to be stored away in locked cabinets with limited access to maintain confidentiality of health information.
Shadow charts contain protected health information as well and the safety and security of this information should be secured in the same manner as the main record. A2. Information Technology (IT) Staff IT staff can diminish security breaches by developing effective ways to teach clinical staff about securing their workstations when not in use. Mandatory in-service and power point presentations would be an effective way to do this. The importance of workstation security, not accessing another employee’s computer while in use and not using another employee’s password should be discussed.
Along with how doing so would be in violation of company policy and the HIPAA Privacy Act. Disciplinary action should also be discussed. B. Criminal Liability A situation from Montana Code 41-1-402 that may result in criminal liability to the organization if not followed correctly is (d) which basically states that a minor may consent to health care services/treatment and to control access to his/her Protected Health Information (PHI) if he/she needs mergency care, including transfusions, without which the minor’s health will be jeopardized. If an organization has established care for a minor in an emergency situation and/or is needing a blood transfusion and the organization refuses to treat due to the parents or legal guardian being unavailable and consequently the minor dies or has irreversible disability the organization can be held criminally liable.
The organization can be charged with negligence and/or medical malpractice if the plaintiff can prove the following elements: (1) a duty of care is owed to the patient; (2) a breach of this duty of care; (3) a causal connection between the breach of duty and the patient’s injury; and (4) damages (McWay, 2012). B1. HIPAA Definition HIPAA defines criminal liability as covered entities and specified individuals, whom “knowingly”, obtain or disclose individually identifiable health information in violation of the Administrative Simplification Regulations (“Hipaa violations and,” ).
In contrast to civil liability, criminal liability requires that the act be done “knowingly”. “Knowingly” is having the understanding that the actions constitute an offense. The term “covered entity” under the HIPAA Privacy Rule refers to three specific groups, including health plans, health care clearinghouses, and health care providers that transmit health information electronically (“What is a,” 2012). B2. Clinical Staff Impact Actions of the clinical staff would be directly impacted by section ( c ) of the Montana Code 41-1-402.
Section ( c ) states that if the health care professional accepts responsibility to treat the minor patient for pregnancy, sexually transmitted diseases, or drug and substance abuse then it also obliges the health professional to counsel or refer the minor to another healthcare professional for counseling. This directly impacts the staffs’ clinical actions. This means that they can not simply treat and release patient. A system has to be in place for counseling young patients or referring them out for counseling and a record of this must be maintained in the medical record chart C. Health Record Identification
A situation from Montana Code 50-16-603x that could result in a legal claim if not followed correctly is ( 1 ) which states that health-care information may not be released except for statistical purposes, if no identification of individuals can be made from the information released. The organization is responsible for ensuring that the medical record is completely anonymised before releasing it to ensure that the patients identity is not apparent and can not be reasonably ascertained from the medical record alone, or in combination to any other information the user may have access to.
If for some reason, potentially identifying information is released such as a home address, a phone number, date of birth or place of employment which could lead to identification of the patient that organization can be found liable for breach of confidentiality. C1. Confidentiality Policy Statement In accordance to Montana Code 50-16-603, health care information should not be released except: for statistical purposes without identifiable information written consent has been given by named person to medical personnel in the event of an emergency o public health professionals in the event of a communicable disease outbreak child abuse cases D. Comparison of Montana Codes Three points of comparison from the Montana Code to the HIPAA laws and how they relate to the release of information are: Montana Code 50-16-541 states that a health care provider must answer with a decision no later than 10 days to a written request to examine or copy a patient’s medical record. HIPPA Law states that the patient is to be notified within 30 days of a decision to examine or copy medical record.
Montana Code falls within compliance of the HIPAA law by requiring providers to notify patients of a decision within 10 days. Montana Code 50-16-542 states the reasonable fee allowed for photocopying the medical record may not exceed $0. 50/page and the reasonable fee can incorporate an administrative fee that can not surpass $15. 00 to search and handle health care information. HIPAA Law affirms that the covered entity may include a fee based on the cost of supplies, postage (if needs to be mailed) and preparing an explanation if needed.
HIPAA Law states that handling fees are not allowed. Based on this information the handling fee that the Montana Code approves is not in compliance with HIPAA. The $15. 00 searching and handling fee should be eliminated. Montana Code 50-16-542 affirms that a health care provider may deny a patient access to his/her medical record if knowledge of the information could be injurious to the health of the patient or could be expected to cause danger to the life or safety of any individual.
HIPAA law states that the covered entity can deny access to health information if it is determined that the access is likely to cause danger to the individual or another person. These two codes/laws are basically the same. Montana Code in is compliance. D1. Release of Information Policy Statements Patients can obtain or examine a copy of their health record with a written request within 10 days in accordance to the Montana Code #50-16-541. A copy of the medical record will be made available to the patient by appointment during regular business hours: to examine is free of charge, to obtain is $0. 5/per page. References Hipaa violations and enforcement. (n. d. ). Retrieved from http://www. calvet. ca. gov/Files/AboutUs/HIPAAViolationsEnforcement. pdf McWay. (2012). Legal and ethical aspects of health information management. Retrieved from http://online. vitalsource. com/books/9781133614234/id/ch04lev3sec2 What is a “covered entity” under hipaa?. (2012). Retrieved from http://www. hrsa. gov/healthit/toolbox/HealthITAdoptiontoolbox/PrivacyandSecurity/entityhipaa. html