HIS 1

DGCCORTEZ,RMT
LESSON 14-15

ETHICS, PRIVACY AND SECURITY
“The application of the principles of ethics
in the domain of health informatics.”
PRINCIPLE OF ACCESS
- Authorized individuals should be given access
to EHR and the right to correct data.

PRINCIPLE OF LEGITIMATE INFRINGEMENT

Three main aspects of - The right to privacy and control over personal
information ethics GENERAL data should be conditioned by the appropriate,
ETHICS legitimate, and relevant data-requirement of a
Autonomy democratic society and by the equal rights of
others.
▪ The idea of either allowing individuals

to make their own decisions in

PRINCIPLE OF THE LEAST
response to a particular societal INTRUSIVE ALTERNATIVE
context, or being free from external - Any infringement of privacy rights should occur
influence or control. in the least intrusive manner and with the least
amount of interference with the rights of the
affected parties.
Beneficence & Non-maleficence

▪ Defined as do good and do no PRINCIPLE OF ACCOUNTABILITY

harm. ▪ Beneficence – usage of - Any infringement must be justified to the
stored data in the EHR system. concerned individuals.

▪ Non-maleficence – how the stored data

is protected. SOFTWARE ETHICS

▪ The ethical duties and responsibilities

INFORMATICS ETHICS of software developers to the

stakeholders.

PRINCIPLE OF INFORMATION-PRIVACY AND ▪ Must build products that meet the professional
DISPOSITION standards through testing and detailing
unresolved issues.
- Everyone has the fundamental right to privacy.

PRIVACY, CONFIDENTIALITY AND

PRINCIPLE OF OPENNESS
SECURITY
- The control measures of data should be
disclosed to the concerned individual in an
appropriate and timely fashion. • PRIVACY generally applies to
individuals and their aversion to
eavesdropping.

PRINCIPLE OF SECURITY
• CONFIDENTIALITY is more closely
- Data should be protected through all related to unintended disclosure of
appropriate measures. information.

ABUNALES, ESTREMERA, GARCIA Page 1 of 4

 HIS 1
DGCCORTEZ,RMT
LESSON 14-15

Reasons to protect privacy and • Having backup capabilities.

confidentiality

1. It is widely regarded as rights of all people

which merit respect without the need to be Key steps in Laboratory Information
earned, argued and defended. Flow for a Hospital Patient

2. Protection of these rights is ultimately

advantageous for both individuals and society.

Levels of Security in Hospital

Information System and LIS
Administrative Safeguards

• Regular risk assessment of the Health IT

environment.

• Continuous assessment of the effectiveness

of safeguards for EHR

• Detailed processes and procedures for

viewing and administering electronic health
record.

• Training for the users of health IT to

appropriately protect HER.

• Reporting of security breaches and

continued health IT operations.

Physical Safeguards

• Placing office alarm systems.

• Locking offices and areas that contain
computing equipment that stores electronic
health information. • Having security guards
that make regular rounds in the vicinity.
Technical Safeguards
Philippine Data Privacy Act 2012
“To protect the fundamental human right
of privacy of communication while
ensuring free flow of information to
promote innovation and growth”

• Configuration of computing equipment to

ensure security. Change Management in Health Informatics
• Using certified applications and technologies “A series of tools, techniques, and processes
that store or exchange electronic health aimed at successfully effecting change.”
information.
Change Management a. OPERATIONAL
• Setting up access controls to health IT and
CHANGES
electronic health information.
- Can influence the way dynamic business tasks
• Encryption of electronic health information.
are led
• Regular audit of the health IT operations

b. STRATEGIC CHANGES

ABUNALES, ESTREMERA, GARCIA Page 2 of 4

 HIS 1
DGCCORTEZ,RMT
LESSON 14-15
- Occur when business direction is altered.
c. CULTURAL CHANGES
- Influence the internal organizational
culture
d. POLITICAL CHANGES
- Occur primarily due to political reasons
of varying types
Change Management Process a.
Kurt Lewin’s Unfreeze-Change-
Refreeze model
- 3-step model that is still widely used as
the basis for many change management
strategies
b. Proski’s ADKAR model
- “Awareness of the business reasons for
change; Desire to engage and participate
in the change; Knowledge about how to
change; Ability to implement change; and
Reinforcement to ensure change sticks”
c. Kotter’s Change model
- 8-step model by building a strong
collaborative team.
Health Information
Management Professionals
Have a special skill set that qualifies them to
assume the role of privacy and security officers
who take care of the storage, protection, and
maintenance of the information in the health
care institution.
Philippine Health Information
Profession
Philippines developed an e-Health Strategic
Framework and
ABUNALES, ESTREMERA, GARCIA
Plan for 2014 – 2020, whose objective is to
utilize information and communication
technologies in the health sector
Telemedicine in the Philippines
Medgate, Lifeline,
MyPocketDoctor &
MyDocNow, Medway
Health Inc.
Key points to remember
• Health informatics ethics is the application
of the principles of ethics to the domain of health
informatics. There are three main aspects of health
informatics ethics: general ethics, informatics ethics,
and software ethics.
• General ethics covers autonomy,
beneficence, and non-maleficence.
• Informatics ethics refers to privacy,
openness, security, access, infringement, least
intrusion and accountability.
• Software developers should consider the
best interest of the society in general, the institution
and its employees, and the profession.
• Administrative, physical, and technical
safeguards are placed to regularly monitor
effectiveness and assess the health IT environment.
• Change is inevitable and pervasive.
Organizations are driven to change in order to
respond to the many pressures they encounter from
their environment. These pressures include global
competition, changes in costumer demand,
technological advances, and new legislation.
• Change management is a series of tools,
techniques, and process aimed at successfully
effecting change.
• Health information management (HIM)
professionals, credentialed with their academic
preparations, work experiences, and commitment to
patient advocacy and professional code of ethics,
have a specialized skillset that uniquely qualifies
them to assume the role of both privacy officials who
store, protect, and transmit information in all media
and formats.
• One of the strategic goals of the e-Health
Strategic Framework and Plan for 2014-2020 is to
Page 3 of 4
 HIS 1
DGCCORTEZ,RMT
LESSON 14-15

establish unified and coherent health and

management information systems to take
advantage of ICT to reach and provide better health
services and support the attainment of the UN’s
Sustainable Developmental Goal.

• Telemedicine efforts form the government

and other non-profit organizations have also
ensued. The National Telehealth Center is the
leading research unit in the University of the
Philippines responsible for developing cost effective
tools and innovations in the realm of information and
communications technology (ICT) for improving
health care.

ABUNALES, ESTREMERA, GARCIA Page 4 of 4