Ethical Issues in Health Information Management Lecture Notes PDF
Document Details
Uploaded by Deleted User
Dr. Maha Al-Hajeri
Tags
Summary
This document discusses ethical issues in healthcare information management, covering topics like patient privacy, confidentiality, and the importance of ethical decision-making processes. It also examines the roles of managers, entrepreneurs, and advocates in healthcare.
Full Transcript
Ethical Issues in Health Information Management Dr. Maha Al-Hajeri 440 Objectives 1. Recognize core health information ethical problems, including those related to privacy and confidentiality; compliance, fraud, and abuse; clinical code selection and use; quality...
Ethical Issues in Health Information Management Dr. Maha Al-Hajeri 440 Objectives 1. Recognize core health information ethical problems, including those related to privacy and confidentiality; compliance, fraud, and abuse; clinical code selection and use; quality review; research and decision support; public health; managed care; clinical care; electronic health information systems; the management of sensitive information; the roles of manager, entrepreneur, and advocate; and business relationships with vendors. 2. Recognize the historical problems of research and ethics and the importance of diligence for future research endeavors. 3. Identify ethical principles and professional values that can guide health can guide health information management (HIM) professionals who must confront and respond to ethical problems. 4. Apply the AHIMA Code of ETHICS to guide behaviors such as protecting privacy, advocating for others, and refusing to participate in or conceal unethical behaviors such as protecting privacy, advancing HIM knowledge and practice, advocating for others, and refusing to participate in or conceal unethical behaviors. 5. Follow the steps in an ethical decision-making process that can be used to resolve complex ethical problems. Definition: 1. Ethics is the process of reasoned (discussion) discourse among decision makers 2. Ethical discussion provides a framework for resolving conflict when competing values are at stake for the choices being considered 3. “Ethics is the formal process of intentionally & critically analyzing, with respect to clarity and consistency , the basis of one’s moral judgments” Glover Theory into Practice: Autonomy Would require the HIM professional to ensure that the patient, and not a spouse or third party, makes the decisions regarding access to his or her health information. Beneficence Would require the HIM professional to ensure that the information is released only to individuals who need it to do something that will benefit the patient. Nonmaleficence Would require the HIM professional to ensure that the information is not released to some one who does not have authorization to access it and who might harm the patient if access were permitted. Justice Would require the HIM professional to apply the rules fairly and consistently for all and not to make special expectations based on personal or organizational perspectives. Moral Values and Ethical Competencies: Although most people probably have never undertaken a formal study of ethics, everyone is exposed to ethical principals, moral perspectives, and values throughout a lifetime. Individuals learn about basic moral values from families, religious leaders, teachers, the government, community organizations and other groups that influence experiences and perspectives. Ethics provides a language and a framework for formally discussing ethical issues, taking into account the values and obligations of others. Ethical discussion offers an opportunity to resolve conflicts when competing values are at stake. Ethical decision making requires people to explore choices beyond the perspective of simple right or wrong (moral) options. In contrast, bioethics involves problems or issues regarding clinical care or the health information system that are never strictly theoretical in nature and must always result in a decision Ethical Foundations in Health Information Management: Ethical principles and values have been important to the HIM profession since its beginning in 1928. The first ethical pledge was presented in 1934, by Grace Whiting Mayers,a visionary leader who recognized the importance of protecting information in medical records. The HIM profession was launched with recognition of the importance of privacy and the requirement of authorization for the release of information: “I pledge myself to give out no information from any clinical record placed in my charge, or from any other source to any person what soever, expect upon order from the chief executive office of the institution which I may be serving (Huffman 1972, 135) Protection of Privacy, Maintenance of confidentiality, and Assurance of Data Security: The term privacy, confidentiality, and security are often used interchangeably. However, there are some important distinctions, including: Privacy: is “the right of an individual to be let alone, it includes freedom from observation or intrusion into one’s private affairs and the right to maintain control over certain personal and health information. Confidentiality: carries “the responsibility for limiting disclosure of private matters. It includes the responsivity to use, disclose, or release such information only with the knowledge and consent of the individual”. Confidential information may be written or verbal. Security: includes “physical and electronic protection of the integrity, availability, and confidentiality of computer-based information and the resources used to enter, store, process, and communicate it. The means to control access and protect information from accidental or intentional disclosure”. The HIM professional’s responsibilities include ensuring that patient privacy and confidential information are protected and that data security measures are used to prevent unauthorized access to information. This responsibility includes ensuring that the release policies and procedures are accurate and up-to-date, that they are followed, and that all violations are reported to the proper authorities. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 establishes national standards for the privacy and security of health information. This law deals with privacy, information standards, data integrity, confidentiality, and data security. Although HIPAA was passed in 1996, it took five years before the Privacy Rule became effective in April 2001, with an April 2003 compliance date. In an electronic environment, protecting privacy has become extremely difficult and patients are becoming increasingly concerned about the loss of privacy and their inability to control the dissemination of information about them. As patients become more aware of the misuses of information, they may become reluctant to share information with their health care team. This may, in turn, result in problems with the healthcare that is provided and the information given to researchers, insurers, the government, and the many other stakeholders who legitimately need to access to the information. Increasingly, patients are seeking anonymity and responding to issues related to the use and disclosure of health information for directory purposes; to family and close personal friends; for notification purposes such as disasters; and for other disclosures required by law such as public health, employer medical surveillance, and funeral directors. Professional Code of Ethics: HIM professionals used the pledge as the basis for guiding ethical decision making until 1957, at which time the American Association of Medical record Librarians. House of delegates passed the first Code of Ethics for the Practice of Medical Record Science. The first code of ethics combined ethical principles with a set of professional values to help support the decisions that HIM professional had to make at work. The original Code of Ethics has been revised several times since 1957- in 1978,1998, and 2004. Upon being awarded the credential of registered health information administrator (RHIA) by the American Information Management Association (AHIMA), the HIM professional agrees to follow the principles and values discussed in this chapter and to base all professional actions and decisions on those principles and values. Even if federal or state laws did not require the protection of patient privacy, the HIM professional would be responsible for protecting it according to the AHIMA’s Code of Ethics. Professional Values and Obligation: The ethical obligations of the HIM professional include the protection of patient privacy and confidential information. Core health information issues include what information should be collected; how the information should be handled, who should have access to the information, and under what conditions the information should be disclosed. Ethical obligation are central to the professional’s responsibility, regardless of the employment site or the method of information ethical and professional values are based on obligations to the patient, the healthcare team, the employer, the interests of the public, and one’s peers, and one’s professional associations. Based on an analysis of the AHIMA Code of Ethics for 1957, 1977, 1998, and 2004, the following themes and values were identified. Obligations to the Patient and the Healthcare Team: With regard to the patient and the healthcare team, the HIM professional is obligated to: Protect health, medical, genetic, social, personal, financial and adoption information: Clinical information (for example, diagnoses, procedures, pharmaceutical dosages, or genetic risk factors) must be protected as well as behavioral information (for example, use of drugs or alcohol, high-risk hobbies, sexual habits). It is increasingly important to protect genetic and social information so that patients will not be vulnerable to the risks of discrimination. Protect Confidential information: This involves ensuring that the information collected and documented in the patient information system is protected by all members of the healthcare team and by anyone with access to the information. This responsibility also includes protection of verbal communication with those in the legal profession. Provide service to those who seek access to patient information: Individuals who may request access to patient information include healthcare providers: insurance, research, or pharmaceutical companies; government agencies; and employers. Disclosure and redisclosure policies and procedures must ensure the honor of the profession before personal advantage and the health and welfare of patients before all other interests. He or she also must balance the many competing interests of all stakeholders who want patient information, avoiding conflicts of interest. Preserve and secure health information: This includes obligations to maintain and protect the medium that stores the information, such as paper documentation, computer, microfilm, CD- ROM , and the HER, including the protection of all databases and detailed secondary record and registries. Promote the quality and advancement of Healthcare : As an important member of the healthcare team, the HIM professional provides valuable expertise in the collection of health information that will help providers valuable expertise in the collection of health information that will help providers improve the quality of care they deliver. The HIM professional should develop expertise in clinical medicine, pharmacology, biostatistics, and quality improvement methodologies so as to interpert clinical information and support research. Function within the scope of responsibility and restrain from passing clinical judgment: Sometimes healthcare data may indicate a problem with a provider of care, the treatment of a diagnosis, or some other problem. The HIM professional’s obligation is to provide the data ; however, the obligation of evaluating the significance of the data rests with those held accountable for the review. Obligations to the Employer: With regard to the employer, the HIM professionals is obligated to: Demonstrate loyalty to the employer: The HIM professional can do this by respecting and following the policies, rules, and regulations of employment unless they are illegal or unethical. Protect committee deliberations: The HIM professional should be as committed to protecting committee conversations and decisions as he or she is to protecting patient information. Comply with all laws, regulations, and policies that govern the health information system: The HIM professionals should keep up-to-date with state and federal laws, accrediting and licensing standards, employer policies and procedures, and any other standards that affect the health information system. Recognize both the authority and the power associated with the job responsibility. The HIM professional is the expert on privacy and confidentiality and must be present at strategic meetings with clinical providers, administrative staff, and financial and operations management personnel to be sure that HIM expertise is presented and understood. Accept compensation only in relationship to work responsibilities. Increasingly, there are groups or individuals who could benefit by having access to patient information and are willing to pay such information. The HIM professional must avoid the temptation to accept money for disclosing patient information or proprietary vendor secrets. Obligations to the Public With regard to the public interest, the HIM professional is obligated to: Advocate change when patients or system problems are not in the best interest of the patients. The HIM professional should be a change agent and lead initiatives to change laws, rules, and regulations that do not ensure the integrity of patient information, including the protection of privacy and confidentiality. Report violations of practice standards to the proper authorities. The HIM professional should not share information learned at work with family or friends or discuss such information in public places. The HIM professional should report the results of audits to the proper authorities only and bring potential or actual problems to the attention of those individuals responsible for the delivery and assessment of care and services. Promote interdisciplinary cooperation and collaboration. As an important member of the healthcare team, the HIM professional should work with others to analyze and address health information issues, facilitate conflict resolution, and recognize the expertise and dignity of his or her fellow team members. Obligations to Self, Peers, and Professional Associations: With regard to self, peers and professional associations, the HIM professional is obligated to: Be honest about degrees, credentials, and work experiences. The HIM professional should only report an acquired degree (such as a BS or MS) or successfully earned credentials ( such as RHIA or a CCS). Work experiences must be reported accurately and honestly. Bring honor to oneself, one’s peers, and one’s profession. This obligation refers to personnel competency and professional behavior ( for example, at professional meetings). The HIM professional should try to ensure that peers and colleagues are proud to have him or her on the health information team. Commit to continuing education and lifelong learning. The HIM professional’s education should not stop when he or she has earned a degree or credentials. Strengthen health information professional membership. This obligation includes belonging to professional associations, actively participating on committees, making presentations, writing for publications, and encouraging others to seek health information management as a career. Represent the health information profession to the public. The HIM professional has a responsibility to advocate for the public interests in areas related to the principles and values of HIM practice. Promote and participate in health information research. For example, when problems are discovered with the health information system, the HIM professional should conduct studies to clarify their sources and potential solutions. Ethical Responsibilities of the HIM professional: In general, the HIM professionals primary responsibilities include those related to designing and implementing a system to ensure the completeness, accuracy, and timeliness of health information. In support of these responsibilities, the HIM professional is accountable for complying with laws, rules, regulations, standards, and policies from many sources, including the government, accreditation and licensure organizations, and the healthcare facility. Some of the HIM professional’s core ethical responsibilities include the following: Protecting patient privacy and confidential information. Making appropriate decisions regarding the selection and use of clinical diagnostic and procedural codes. Developing policies and procedures that ensure coding accuracy that supports clinical care and research and meets the requirements for reimbursement, while avoiding fraud and abuse violations. Reporting quality review outcomes honestly and accurately, even when the results might create conflict for an individual or an institution. Ensuring that research and decisions support system that reliable. Releasing accurate information for public health purposes for patients with communicable diseases, such as AIDS or venereal diseases, and assisting with the complexities of information management in the context of bioterrorism and the threat or reality of global diseases, such as smallpox or avian flue. Supporting managed care systems by providing accurate, reliable, information about patients and consumers, clinicians, healthcare organization, and patterns of care, with special care devoted to issues related to access to information. Facilitating the exchange of information for patients, families, and providers of care, especially for those affected by chronic and terminal illness, that ensure patient and beneficence. Ensuring that the HER meets the standards of privacy and security according to HIPAA and other federal and state law. Ensuring that clinical data repositories, data marts, data warehouse, and EHRs meet the standards of the best practices of health information and database management. Participating in the development of integrated delivery systems so that patients can move across the continuum of care and the right information can be provided to the right people at the right time. Working in the context of e-health technologies that allow consumers, patients, and caregivers to search for health information and advice, create and maintain personal health records, and conduct virtual consultations with their care providers. Ensuring that health information technology systems, including EHRs, electronic prescribing, bedside bar coding, computerized provider order entry (CPOE), and clinical decisions support systems reduce errors and improve quality. Managing the protection of sensitive information, including genetic information; drug, alcohol, sexual, and behavioral information; and adoption information. Developing moral awareness and nurturing an ethical environment in the context of managing a health information system. Serving as entrepreneur and advocate for patients, the healthcare team, and others who have interests in the health information system. Working with vendors in the development of business relationship that ensure ethical processes when selecting and communicating with vendors, managing vendor relationships, and dealing with the contract negotiation process. Ethical Issues Related to Medical Identity Theft: Medical identity theft is an emerging ethical issue and has become the latest information crime. It is relatively easy to do, the stakes are high, the financial temptations are huge, it is difficult to detect and there are virtually no protections for the patient or providers that are victimized, at the present time. What is it, who commits the crime, what protections can be put into place, and what HIM advocacy roles are needed? (AHIMA e-HIM Work Group on Medical Identity Theft 2008; Nicholas et al 2008). “Medical identity theft occurs when someone uses a person’s name and sometimes other parts of their identity- such as insurance information or social Security Number-without the victim’s knowledge or consent to obtain money by falsifying claims for medical services and falsifying Medicare records to support those claims. (World Privacy Forum 2006b, 16)” Medical identity theft is committed by family, friends and acquaintances, and strangers who steal someone’s identity in order to obtain medical care, services or equipment, either because they do not have medical care or their insurance does not cover the needed services. Medical identity theft creates an ethical dilemma for the healthcare system because those involved can be working within the healthcare delivery system, including doctors, nurses, administrative staff, and health information and billing employees. The World Privacy Forum (2006b,14) notes that: “All levels of the medical system may be involved in medical identity theft, Doctors, clinics, billing specialists, nurses and other members of the medical profession have taken part in this crime, as have criminals who work in administrative positions inside the healthcare system to collect information and to carry out their crimes” HIPAA provides some modicum of protection but cannot begin to truly protect patient information or patients from being harmed. The problem becomes almost unsolvable in the context of secondary releases of false information for information for insurance, the increasing number of integrated systems and the development of medical clearinghouses. HIM professionals are in strong positions to be advocates on behalf of patients who are victimized by this crime. In addition, it places an obligation on the profession to be diligent in hiring practices, especially with the employees that report directly to HIM professionals. Once hired, the employees must have ongoing educational sessions on the importance of ethical behavior. The Patient’s Perspectives: Many patients have victimized by medical identity theft and the overwhelming reality is that there are few who can assist them in resolving the problem, as opposed to those who are victimized by financial identity theft. There are inadequate resources and knowledge in the private sector(police departments, insurance companies, bankers, and the like) as well as the lack of laws specific to medical identity theft. Once information is in patient’s medical record , it is difficult to amend or remove that information, HIM professionals cannot ignore the false documentation in the medical records and information systems or the problems of duplicating these false entries in multiple databases as a result of secondary data uses. The HIM Professional’s Perspectives: Because of the unique aspects of this crime, HIM professionals must be vigilant in the case of medical identity theft and work with the real patient to confirm and correct inaccurate information. If there is no previous medical record, there must be a way to identify the record as being fraudulent and refuse further release of information, something lent and refuse further release of the information, something easier than done. Patients need to be able to access and amend their medical records, if fraud has occurred. As patients maintain their own personal health record (PHR)., they will become more aware of the fraud. They are in the best position to know that the documentation belongs to someone else, based on a review of medical or financial reports (AHIMA PHP; World Privacy Forum 2006a). Even HIPAA, which was designated prior to this latest information crime, does not give the patient the right to request and assure the necessary amendment in all records. Covered entities are not required to account for disclosures related to treatment, payment, or healthcare. AHIMA (2006), as part of the 2006 State of HIPAA Compliance Survey noted: “As in previous years, the accounting for disclosures requirement is reported to be difficult one and is most often mentioned as needed modification. AHIA and other groups have sought a recommendation for such an amendment from the National Committee on Vital and Health Statistics and the office for Civil Rights, but at this time no amendment is expected in the near future” The health information system is extremely complex. Data can be entered manually, electronically, through PDAs, through wireless systems, or from laptops. Information systems cross geographical boundaries and utilize many different software and hardware applications for patient care and research. The AHIMA Code of Ethics requires that we protect the information across this continuum. The adage a few years ago was “follow the money”. Today the mantra must be “follow the information”. What can HIM professionals do as part of advocacy roles? Facilitate the patient’s ability to review and correct errors in their medical records (not just the entries with which they disagree but those that are due to fraud and do not belong to their medical or treatment history). This information might also be in the pharmaceutical information system or within the insurance agency database. Prevent discrimination. Not only can medical errors affecting patient safety occur with medical identity theft, but there can also be discrimination in the life and health insurance systems. Reconsider the importance of analysis. The entire medical record was previously analyzed for accuracy and the medical record analyst could learn to identify falsification of information. Now, analysis often is limited to discharge summaries, operative reports, and other critical documents. Consider improving the HIPAA rules and regulations related to the accounting of disclosures to include problems related to internal participants. Participate in HIM research studies that will help identify occurrences and sources of medical identity thefts. Conduct needed risk assessments as the NHIN becomes more of a reality- the electronic health record (HER), can make this crime easier. Document and quantify this problem. Improper access to information and disclosures of false information could increase in the future as a result of the HER. Build interdisciplinary collaborative teams to conduct this research, including healthcare providers, HIM professionals, privacy and security experts, legal representatives (both prosecution and defense), ethicists, HIPAA, identity theft and fraud experts, and patients who have been victimized. Design systems that can assess employees’ integrity and accountability. Make sure the healthcare team and employees that work on behalf of patients respect the importance and sacredness of the information in the patient’s medical records. Assure that colleagues understand and value the HIM Code of Ethics, which sets forth values and ethical principles and offers ethical guidelines to which professionals aspire and by which their actions can be judged. Consider establishing policies so that patients who are victim of medical identity fraud do not have to pay for the costs of duplicating their files. When HIM professionals think about identity, they typically think about the person and the story in an individual medical record. Ethical Issues Related to Documentation and Privacy: Just a few decades ago, only a few people created documentation in patient health records and still fewer wanted access to patient information after the episode of care was completed. In today’s healthcare system, many providers document their decision-making process and patient outcomes in the health information system and many more people want access to the information. The HIM professional plays a critical role in developing policies and procedures to ensure the integrity of patient information, including appropriate and authorized access. In addition to writing policies and procedures to ensure compliance with federal and state laws, accrediting and licensing agencies, and the bylaws of the healthcare facility, the HIM professional can serve many functions that support the integrity of data and the protection of privacy. As a member of the HIM team, the HIM professional can design and deliver educational sessions to the healthcare team to make them aware of the documentation and access rules and regulations. Unacceptable documentation practices include backdating progress notes or other documentation in the patient’s record and changing the documentation to reflect the known outcomes of care. Ethical Issues Related to Release of Information: The primary ethical problems are pertinent to the release of information: ▪ Violations of the need-to-Know principle. ▪ Misuse of blank authorizations. ▪ Violation of privacy that occur as a result of secondary release of information procedures. In the past, the standard for ROI was the need to know. If an insurance company had a patient request to pay for the surgery, the request was sent to the healthcare facility and the HIM professional carefully examined it for legitimacy. He or she would: Compare the patient’s signature to the one collected upon admission to the facility. Check the date to ensure that the request was dated after the occurrence so that the patient was aware of what was being authorized and released. Verify the insurance company as the one belonging to the patient. Review the request for what was wanted and whether the requester was entitled to the information. Today, the process of abstracting needed information is virtually nonexistent, except for disability cases, and documentation is copied above and beyond the criterion of the need-to-know principle. Another common ethical problem is misuse of blanket authorizations. Patients often sign a blanket authorization, which authorizes the release of information from that point forward, without understanding the implications. The requester of the information then could use the authorization to receive health information for many years. The problem with the use of blanket authorization is that there is no way for the patient to know that the information is being accessed. Patients cannot authorize the release of information in 2003 for diagnosis or care that has not yet been provided. For example, by 2009, the patient might have AIDS or cancer and might not want this information released. A third problem is secondary release of information to others by the an unauthorized party. This problem has increased in frequency since the computerization of health information. Patients have increasingly expressed concerns about the use of blanket authorizations and secondary ROI by the initial requester or receiving party. They fear that more information is being given out than is necessary and that they do not know about the many people and agencies that are gaining access to this information. HIPAA has been designed to address several issues related to patient privacy, including a return to the need-to-know principle. The HIM professional needs to participate in the development of computerized systems that can replicate the original human decisions regarding ROI to release what is needed but not more. Although it is easier to just photocopy the information, the HIM professional needs to carefully consider the implications of doing this within the context of patient privacy. This situation has created an opportunity for HIM professionals to participate with other HIM professionals in efforts to correct these problems. Because the HIM professionals works in many employment sites throughout the health care delivery system, the ethical obligations extend into a variety of areas, as noted above. In fulfilling the responsibilities of the position, the HIM professional must apply ethical values when making decisions wherever he or she is positioned within the organization. Ethical Decision-Making Matrix: HIM professionals must factor several criteria into their decision making, but are not limited to: Cost: Can the facility and the health information system afford the improvement in the system. Technological feasibility: will the technological application provide accurate and reliable information for the decision-making process. Federal and state laws: Are there fedral or state laws that must be considered before a change is made in the system. Medical staff bylaws: are there rules or regulations unique to the facility that require or prohibit a decision. Accreditation and licensing standards: Which agencies have standards that are important to the decision being made? Do the standards allow or prohibit a certain action? Employer policies, rules or regulations: Does the facility have policies, rules, or regulations that require or prohibit a decision. Although these criteria must be assessed in the decision-making process, they cannot be used alone. Virtually every decision the HIM professional makes also must be based on ethical principles and professional values. When a decision must be made about the issue and only one choice is identified, the decision most likely will be based on an individual's narrow moral perspectives of the right or wrong. Core Health Information Ethical Problems: Several problems face HIM professionals in today’s complex world, including issues related to the use of information; computerized health information systems; the management of sensitive health information; process and strategies for decision making; and the HIM roles as manager, entrepreneur, and advocate. The business relationships with vendors can also create ethical tensions. There are issues raised because of the uses of information, including clinical code selection and use, quality review, research and decision support, public health, managed care, and clinical care (Harman 2006). Ethical Issues Related to Coding: In the past, coding was done almost exclusively for clinical studies and quality assurance review processes. Although codes were provided for reimbursement purposes, the health care facility was reimbursed on the basis of usual, customary, and reasonable costs. The codes that were assigned became the basis of retrieval for clinical studies, the reimbursement system, and quality outcome reporting systems. Over time, healthcare facilities have contained to use the coding systems to retrieve information in health records for clinical and administrative studies, but they also have begun to use the code so that the greatest amount of reimbursement could be given. This placed the importance of accurate coding at the forefront of the ethical issues facing HIM professionals. Ethical problems have risen in the past few years as a result of the direct linkage between coding and payment for care. Increased pressure has been put on HIM professionals who are coding to transmit inaccurate information, creating problems that are legal and ethical in nature. Problems include pressure to code inappropriate levels of service, discovering misrepresentation in physician documentation, miscoding to avoid conflict, discovering miscoding by other staff, lacking the tools and educational background to code accurately, and being required by employers to engage in negligent coding practices. Failure to heed the complex rules of coding for reimbursement can lead to problems with compliance and with fraud and abuse for the HIM professionals. Ethical Issues Related to Quality Management, Decision Support, Public Health, Managed Care, and Clinical Care: Many factors contribute to the ethical problems faced by quality management professionals, including the raising cost of healthcare, limited resources, and concerns with patient safety. Some of the common quality outcome problems include (Spath 2006): Inaccurate performance data that are inappropriately shared with the public. Negative care outcomes, such as infections, that occur in the course of providing home healthcare. Failure to check a physician’s licensure status. Incomplete health records hidden in preparation for accreditation or licensure surveys. Patterns of inappropriate healthcare. The pressures to conceal information, discovered as an outcome of quality reporting systems and that could be potentially harmful to an employer and problems with patient safety require constant diligence and the courage to repeatedly report the truth. Career opportunities for the HIM professional are growing in public health systems. The government’s responsibility to protect the health of the public sometimes competes with the need to protect patient privacy, such as in the case of reporting HIV status. State and local mandatory reporting requirements exist for certain conditions, including infectious and communicable diseases. Ethical Issues Related to Sensitive Health Information: All health information must be protected, but additional ethical issues have emerged around the release of sensitive information such as genetic, drug, and alcohol treatment; communicable disease; and psychiatric and adoption information. At least two levels of genetic information can be reported in an information system; presence of a disease, such as cystic fibrosis, and the presence of a risk disease, such as a genetic risk for breast cancer. According to Fuller and Hudson (2006), the HIM professional must be aware of the following issues related to genetic information: Genetic research and testing can give researcher, clinician, and patients a means to prevent, treat, or screen for a disease. Often, however, individuals are reluctant to participate in genetic research and testing because they believe they cannot be sure of the privacy of the genetic information that will be obtained from them and placed in their medical records or in research record. Insurers and employers may seek genetic information to identify at-risk individuals and deny them employment or insurance coverage, fire them, or raise their insurance premiums. It is difficult to provide special protections for genetic information as a category because it cannot be clearly separated from other medical information. Therefore, the best way to protect genetic information is to strengthen privacy and confidentiality protections for medical information in general and to enact antidiscrimination legislation. The HIPAA Privacy Rule provides a basic level of privacy and confidentiality protection for protected health information. The generation of experimental data by a research protocol is not specifically addressed by most state laws. HIM professionals have the responsibility to ensure that their practices are guided by state and federal laws and regulations to protect genetic information and by the ethical imperative to protect the privacy and confidentiality of patients. Ethical Issues Related to Research: The primary ethical principles that are engaged in research include respect for autonomy (self determination); beneficence (promoting good); non- maleficence (do no harm); and justice (fairness). The respect for autonomy requires an ability of the participant to understand and authorize the research through informed consent; beneficence means that benefit is possible; nonmaleficence means that patients will not be intentionally harmed; and justice requires fairness in the enrollment of participants. Ethical Issues Related to Electronic Health Records Systems: With a paper-based health record, access issues were relatively simple. Only one person at a time could access the information, and it was extremely difficult to collect and use of data of an aggregate nature. With computerization, many requesters are allowed multiple, simultaneous access and it is relatively easy to share information across a continuum of care and with computerized systems well outside the boundaries of any individual care site. The advent of the electronic information system has presented complex challenges with regard to record integrity and information security, integrated linkage of information system across continuum of care, software development and implementation, and the protection of information in e- health systems. E-HIM affords information exchange that necessitate active participation on the part of HIM professionals, in both the public and private sectors. There are many ethical challenges, including developing and maintaining information and systems security, exchanging information within and across jurisdictions, executing technical and clinical services contracts, handling release of information, implementing and managing telehealth applications, maintaining and documenting compliance with HIPAA and state privacy rule, and maintaining the legal electronic medical record. Roles of Manager, Entrepreneur, and Advocate: The HIM professional deals with daily complexities that require the need for understanding ethics. Problems such as late and absent employees, temptations at conventions and meetings, employees who should be terminated, and poor work performance are a few of the many dilemmas facing the busy HIM manager. As an entrepreneur, the HIM professional must understand the complexities of business practices intersecting with professional values and ethical principles. Difficulties may arise when consulting for competitors (having access to sensitive information that might be of value to the competition)., dealing with advertising, confronting unrealistic client expectations, or confusing profit versus not-for-profit motivations for decisions. Thank you.