Failures to incorporate security measures may occur in handling patient information and/or the usage of computer systems in the workplace. These cases may create threats and vulnerabilities, which are ultimately attributed to the employee. To avoid becoming a culprit in the irresponsible handling of patient information, an employee should be aware of the current regulations and turn to legal consultations when in doubt.
If an employee has failed to adhere to security measures when handling sensitive information, he or she is inevitably the guilty party in the threats and vulnerabilities that may arise from this negligence. Data safety becomes all the more critical in the case of patient information, as confidentiality constitutes a cornerstone of the medical profession (Crotty & Mostaghimi, 2014). Technical details notwithstanding, it is always a person who fails to incorporate necessary security measures in the process of handling information. Therefore, this person is, for all intents and purposes, the culprit in such a case.
To avoid such an outcome, employees should be aware of the existing regulations and adhere to them while also receiving consultations when necessary. In the United States, the foremost regulation considering information security in healthcare is the Health Insurance Protection and Portability Act or HIPAA. This regulation stresses explicitly that not only medical professionals but all entities involved in handling patient information are to assume liability for data breaches should they occur (Crotty & Mostaghimi, 2014).
Since regulations cannot cover all practical aspects, employees may also find themselves without precise guidelines, in which cases legal consultation is advisable (Crotty & Mostaghimi, 2014). Following these recommendations may prevent an employee from becoming the culprit in creating threats and vulnerabilities.
The mishandling of patient information and unsafe usage of computer systems may lead to threats and vulnerabilities, as it is ultimately an employee’s actions that create those and make them the culprit. To avoid such cases, one should adhere to the existing regulations concerning data security and use legal consultations when in doubt.
Crotty, B.H., & Mostaghimi, A. (2014). Confidentiality in the digital age. BMJ: British Medical Journal, 348. Web.