Ethical Issues in Health Information Management PDF

Summary

These lecture notes discuss ethical issues in health information management. They cover core ethical problems, historical context, ethical principles, and professional values. The document also touches on the obligations of health information management professionals and how to resolve ethical problems.

Full Transcript

Ethical Issues in Health
Information Management

Dr. Maha Al-Hajeri
440
Objectives

1. Recognize core health information ethical problems, including those related to privacy
and confidentiality; compliance, fraud, and abuse; clinical code selection and use; quality
review; research and decision support; public health; managed care; clinical care;
electronic health information systems; the management of sensitive information; the roles
of manager, entrepreneur, and advocate; and business relationships with vendors.
2. Recognize the historical problems of research and ethics and the importance of diligence
for future research endeavors.
3. Identify ethical principles and professional values that can guide health can guide health
information management (HIM) professionals who must confront and respond to ethical
problems.
4. Apply the AHIMA Code of ETHICS to guide behaviors such as protecting privacy,
advocating for others, and refusing to participate in or conceal unethical behaviors such
as protecting privacy, advancing HIM knowledge and practice, advocating for others, and
refusing to participate in or conceal unethical behaviors.
5. Follow the steps in an ethical decision-making process that can be used to resolve
complex ethical problems.
Definition:

1. Ethics is the process of reasoned (discussion)
discourse among decision makers
2. Ethical discussion provides a framework for resolving
conflict when competing values are at stake for the
choices being considered
3. “Ethics is the formal process of intentionally &
critically analyzing, with respect to clarity and
consistency , the basis of one’s moral judgments”
Glover
Theory into Practice:

Autonomy
Would require the HIM professional to ensure that the patient, and not a spouse or third party,
makes the decisions regarding access to his or her health information.
Beneficence
Would require the HIM professional to ensure that the information is released only to individuals
who need it to do something that will benefit the patient.
Nonmaleficence
Would require the HIM professional to ensure that the information is not released to some one
who does not have authorization to access it and who might harm the patient if access were
permitted.
Justice
Would require the HIM professional to apply the rules fairly and consistently for all and not to
make special expectations based on personal or organizational perspectives.
Moral Values and Ethical Competencies:

Although most people probably have never undertaken a formal study of
ethics, everyone is exposed to ethical principals, moral perspectives, and values
throughout a lifetime. Individuals learn about basic moral values from families,
religious leaders, teachers, the government, community organizations and other
groups that influence experiences and perspectives.
Ethics provides a language and a framework for formally discussing ethical
issues, taking into account the values and obligations of others. Ethical
discussion offers an opportunity to resolve conflicts when competing values are
at stake.
Ethical decision making requires people to explore choices beyond the
perspective of simple right or wrong (moral) options.
In contrast, bioethics involves problems or issues regarding clinical care or the
health information system that are never strictly theoretical in nature and must
always result in a decision
Ethical Foundations in Health
Information Management:
 Ethical principles and values have been important to the HIM profession since
its beginning in 1928. The first ethical pledge was presented in 1934, by
Grace Whiting Mayers,a visionary leader who recognized the importance of
protecting information in medical records.
 The HIM profession was launched with recognition of the importance of
privacy and the requirement of authorization for the release of information:
“I pledge myself to give out no information from any clinical record placed in
my charge, or from any other source to any person what soever, expect upon
order from the chief executive office of the institution which I may be serving
(Huffman 1972, 135)
Protection of Privacy, Maintenance of confidentiality, and
Assurance of Data Security:

The term privacy, confidentiality, and security are often used interchangeably.
However, there are some important distinctions, including:
Privacy: is “the right of an individual to be let alone, it includes freedom from
observation or intrusion into one’s private affairs and the right to maintain control
over certain personal and health information.
Confidentiality: carries “the responsibility for limiting disclosure of private
matters. It includes the responsivity to use, disclose, or release such information
only with the knowledge and consent of the individual”. Confidential information
may be written or verbal.
Security: includes “physical and electronic protection of the integrity,
availability, and confidentiality of computer-based information and the resources
used to enter, store, process, and communicate it. The means to control access
and protect information from accidental or intentional disclosure”.
 The HIM professional’s responsibilities include ensuring that patient
privacy and confidential information are protected and that data
security measures are used to prevent unauthorized access to
information.

 This responsibility includes ensuring that the release policies and procedures
are accurate and up-to-date, that they are followed, and that all violations
are reported to the proper authorities.
 The Health Insurance Portability and Accountability Act (HIPAA) of 1996
establishes national standards for the privacy and security of health
information.
 This law deals with privacy, information standards, data integrity,
confidentiality, and data security.
 Although HIPAA was passed in 1996, it took five years before the Privacy Rule
became effective in April 2001, with an April 2003 compliance date.
 In an electronic environment, protecting privacy has become
extremely difficult and patients are becoming increasingly concerned
about the loss of privacy and their inability to control the
dissemination of information about them.

 As patients become more aware of the misuses of information, they may
become reluctant to share information with their health care team.
 This may, in turn, result in problems with the healthcare that is provided and
the information given to researchers, insurers, the government, and the many
other stakeholders who legitimately need to access to the information.
 Increasingly, patients are seeking anonymity and responding to issues related
to the use and disclosure of health information for directory purposes; to
family and close personal friends; for notification purposes such as disasters;
and for other disclosures required by law such as public health, employer
medical surveillance, and funeral directors.
Professional Code of Ethics:

 HIM professionals used the pledge as the basis for guiding ethical decision
making until 1957, at which time the American Association of Medical record
Librarians.
 House of delegates passed the first Code of Ethics for the Practice of Medical
Record Science.
 The first code of ethics combined ethical principles with a set of professional
values to help support the decisions that HIM professional had to make at
work.
 The original Code of Ethics has been revised several times since 1957- in
1978,1998, and 2004.
 Upon being awarded the credential of registered health information
administrator (RHIA) by the American Information Management Association
(AHIMA), the HIM professional agrees to follow the principles and values
discussed in this chapter and to base all professional actions and decisions on
those principles and values.

 Even if federal or state laws did not require the
protection of patient privacy, the HIM professional would
be responsible for protecting it according to the AHIMA’s
Code of Ethics.
Professional Values and Obligation:

 The ethical obligations of the HIM professional include the protection of
patient privacy and confidential information.
 Core health information issues include what information should be collected;
how the information should be handled, who should have access to the
information, and under what conditions the information should be disclosed.
 Ethical obligation are central to the professional’s responsibility, regardless of
the employment site or the method of information ethical and professional
values are based on obligations to the patient, the healthcare team, the
employer, the interests of the public, and one’s peers, and one’s professional
associations.
 Based on an analysis of the AHIMA Code of Ethics for 1957, 1977, 1998, and
2004, the following themes and values were identified.
Obligations to the Patient and the Healthcare
Team:

With regard to the patient and the healthcare team, the HIM
professional is obligated to:
Protect health, medical, genetic, social, personal,
financial and adoption information: Clinical information
(for example, diagnoses, procedures, pharmaceutical
dosages, or genetic risk factors) must be protected as well
as behavioral information (for example, use of drugs or
alcohol, high-risk hobbies, sexual habits).
It is increasingly important to protect genetic and social
information so that patients will not be vulnerable to the
risks of discrimination.
 Protect Confidential information:

 This involves ensuring that the information
collected and documented in the patient
information system is protected by all members
of the healthcare team and by anyone with
access to the information. This responsibility also
includes protection of verbal communication with
those in the legal profession.
Provide service to those who seek access
to patient information:
 Individuals who may request access to patient information
include healthcare providers: insurance, research, or
pharmaceutical companies; government agencies; and
employers. Disclosure and redisclosure policies and
procedures must ensure the honor of the profession
before personal advantage and the health and welfare of
patients before all other interests. He or she also must
balance the many competing interests of all stakeholders
who want patient information, avoiding conflicts of
interest.
Preserve and secure health information:

 This includes obligations to maintain and protect
the medium that stores the information, such as
paper documentation, computer, microfilm, CD-
ROM , and the HER, including the protection of all
databases and detailed secondary record and
registries.
Promote the quality and advancement of
Healthcare :
 As an important member of the healthcare team, the HIM
professional provides valuable expertise in the collection
of health information that will help providers valuable
expertise in the collection of health information that will
help providers improve the quality of care they deliver.
The HIM professional should develop expertise in clinical
medicine, pharmacology, biostatistics, and quality
improvement methodologies so as to interpert clinical
information and support research.
Function within the scope of responsibility and
restrain from passing clinical judgment:

 Sometimes healthcare data may indicate a
problem with a provider of care, the treatment
of a diagnosis, or some other problem. The HIM
professional’s obligation is to provide the data ;
however, the obligation of evaluating the
significance of the data rests with those held
accountable for the review.
Obligations to the Employer:

With regard to the employer, the HIM professionals is
obligated to:
Demonstrate loyalty to the employer: The HIM
professional can do this by respecting and following the
policies, rules, and regulations of employment unless they
are illegal or unethical.
 Protect committee deliberations: The HIM professional should
be as committed to protecting committee conversations and
decisions as he or she is to protecting patient information.

 Comply with all laws, regulations, and policies
that govern the health information system: The
HIM professionals should keep up-to-date with
state and federal laws, accrediting and licensing
standards, employer policies and procedures, and
any other standards that affect the health
information system.
Recognize both the authority and the power associated with
the job responsibility. The HIM professional is the expert on
privacy and confidentiality and must be present at strategic
meetings with clinical providers, administrative staff, and
financial and operations management personnel to be sure
that HIM expertise is presented and understood.

 Accept compensation only in relationship to work
responsibilities. Increasingly, there are groups or individuals
who could benefit by having access to patient information and
are willing to pay such information. The HIM professional must
avoid the temptation to accept money for disclosing patient
information or proprietary vendor secrets.
Obligations to the Public
With regard to the public interest, the HIM professional is
obligated to:

 Advocate change when patients or system problems are
not in the best interest of the patients. The HIM
professional should be a change agent and lead initiatives
to change laws, rules, and regulations that do not ensure
the integrity of patient information, including the
protection of privacy and confidentiality.
 Report violations of practice standards to the proper
authorities. The HIM professional should not share information
learned at work with family or friends or discuss such
information in public places. The HIM professional should report
the results of audits to the proper authorities only and bring
potential or actual problems to the attention of those
individuals responsible for the delivery and assessment of care
and services.
 Promote interdisciplinary cooperation and collaboration.
As an important member of the healthcare team, the HIM
professional should work with others to analyze and
address health information issues, facilitate conflict
resolution, and recognize the expertise and dignity of his
or her fellow team members.
Obligations to Self, Peers, and Professional Associations:
With regard to self, peers and professional associations, the
HIM professional is obligated to:

Be honest about degrees, credentials, and work
experiences. The HIM professional should only report an
acquired degree (such as a BS or MS) or successfully
earned credentials ( such as RHIA or a CCS). Work
experiences must be reported accurately and honestly.
Bring honor to oneself, one’s peers, and one’s profession.
This obligation refers to personnel competency and
professional behavior ( for example, at professional
meetings). The HIM professional should try to ensure that
peers and colleagues are proud to have him or her on the
health information team.
 Commit to continuing education and lifelong
learning. The HIM professional’s education
should not stop when he or she has earned a
degree or credentials.

 Strengthen health information professional
membership. This obligation includes belonging to
professional associations, actively participating on
committees, making presentations, writing for
publications, and encouraging others to seek
health information management as a career.
 Represent the health information profession to the public.
The HIM professional has a responsibility to advocate for
the public interests in areas related to the principles and
values of HIM practice.

 Promote and participate in health information research.
For example, when problems are discovered with
the health information system, the HIM
professional should conduct studies to clarify
their sources and potential solutions.
Ethical Responsibilities of the HIM
professional:
In general, the HIM professionals primary responsibilities
include those related to designing and implementing a
system to ensure the completeness, accuracy, and timeliness
of health information. In support of these responsibilities,
the HIM professional is accountable for complying with laws,
rules, regulations, standards, and policies from many
sources, including the government, accreditation and
licensure organizations, and the healthcare facility. Some of
the HIM professional’s core ethical responsibilities include
the following:
 Protecting patient privacy and confidential information.

 Making appropriate decisions regarding the selection and
use of clinical diagnostic and procedural codes.
 Developing policies and procedures that ensure coding
accuracy that supports clinical care and research and
meets the requirements for reimbursement, while
avoiding fraud and abuse violations.
 Reporting quality review outcomes honestly and
accurately, even when the results might create conflict
for an individual or an institution.

 Ensuring that research and decisions support system that
reliable.
 Releasing accurate information for public health purposes
for patients with communicable diseases, such as AIDS or
venereal diseases, and assisting with the complexities of
information management in the context of bioterrorism
and the threat or reality of global diseases, such as
smallpox or avian flue.
 Supporting managed care systems by providing accurate,
reliable, information about patients and consumers,
clinicians, healthcare organization, and patterns of care,
with special care devoted to issues related to access to
information.

 Facilitating the exchange of information for patients,
families, and providers of care, especially for those
affected by chronic and terminal illness, that ensure
patient and beneficence.
 Ensuring that the HER meets the standards of privacy and
security according to HIPAA and other federal and state
law.
 Ensuring that clinical data repositories, data marts, data
warehouse, and EHRs meet the standards of the best practices
of health information and database management.

 Participating in the development of integrated delivery
systems so that patients can move across the continuum
of care and the right information can be provided to the
right people at the right time.
 Working in the context of e-health technologies that allow
consumers, patients, and caregivers to search for health
information and advice, create and maintain personal
health records, and conduct virtual consultations with
their care providers.
 Ensuring that health information technology systems, including
EHRs, electronic prescribing, bedside bar coding, computerized
provider order entry (CPOE), and clinical decisions support
systems reduce errors and improve quality.

 Managing the protection of sensitive information,
including genetic information; drug, alcohol, sexual, and
behavioral information; and adoption information.
 Developing moral awareness and nurturing an ethical
environment in the context of managing a health
information system.
 Serving as entrepreneur and advocate for patients, the
healthcare team, and others who have interests in the
health information system.
 Working with vendors in the development of
business relationship that ensure ethical
processes when selecting and communicating
with vendors, managing vendor relationships, and
dealing with the contract negotiation process.
Ethical Issues Related to Medical Identity Theft:

 Medical identity theft is an emerging ethical issue and has
become the latest information crime. It is relatively easy
to do, the stakes are high, the financial temptations are
huge, it is difficult to detect and there are virtually no
protections for the patient or providers that are
victimized, at the present time.
 What is it, who commits the crime, what protections can
be put into place, and what HIM advocacy roles are
needed? (AHIMA e-HIM Work Group on Medical Identity
Theft 2008; Nicholas et al 2008).
 “Medical identity theft occurs when someone uses
a person’s name and sometimes other parts of
their identity- such as insurance information or
social Security Number-without the victim’s
knowledge or consent to obtain money by
falsifying claims for medical services and
falsifying Medicare records to support those
claims. (World Privacy Forum 2006b, 16)”
 Medical identity theft is committed by family,
friends and acquaintances, and strangers who
steal someone’s identity in order to obtain
medical care, services or equipment, either
because they do not have medical care or their
insurance does not cover the needed services.
Medical identity theft creates an ethical dilemma for the
healthcare system because those involved can be working
within the healthcare delivery system, including doctors,
nurses, administrative staff, and health information and
billing employees. The World Privacy Forum (2006b,14) notes
that:

“All levels of the medical system may be involved in medical
identity theft, Doctors, clinics, billing specialists, nurses and
other members of the medical profession have taken part in
this crime, as have criminals who work in administrative
positions inside the healthcare system to collect information
and to carry out their crimes”
 HIPAA provides some modicum of protection but cannot
begin to truly protect patient information or patients from
being harmed. The problem becomes almost unsolvable in
the context of secondary releases of false information for
information for insurance, the increasing number of
integrated systems and the development of medical
clearinghouses.
 HIM professionals are in strong positions to be
advocates on behalf of patients who are
victimized by this crime. In addition, it places an
obligation on the profession to be diligent in
hiring practices, especially with the employees
that report directly to HIM professionals. Once
hired, the employees must have ongoing
educational sessions on the importance of ethical
behavior.
The Patient’s Perspectives:

 Many patients have victimized by medical identity theft
and the overwhelming reality is that there are few who
can assist them in resolving the problem, as opposed to
those who are victimized by financial identity theft. There
are inadequate resources and knowledge in the private
sector(police departments, insurance companies, bankers,
and the like) as well as the lack of laws specific to
medical identity theft.
 Once information is in patient’s medical record , it is
difficult to amend or remove that information, HIM
professionals cannot ignore the false documentation in
the medical records and information systems or the
problems of duplicating these false entries in multiple
databases as a result of secondary data uses.
The HIM Professional’s Perspectives:

 Because of the unique aspects of this crime, HIM
professionals must be vigilant in the case of medical
identity theft and work with the real patient to confirm
and correct inaccurate information. If there is no previous
medical record, there must be a way to identify the
record as being fraudulent and refuse further release of
information, something lent and refuse further release of
the information, something easier than done.
 Patients need to be able to access and amend
their medical records, if fraud has occurred. As
patients maintain their own personal health
record (PHR)., they will become more aware of
the fraud. They are in the best position to know
that the documentation belongs to someone else,
based on a review of medical or financial reports
(AHIMA PHP; World Privacy Forum 2006a).
 Even HIPAA, which was designated prior to this
latest information crime, does not give the
patient the right to request and assure the
necessary amendment in all records. Covered
entities are not required to account for
disclosures related to treatment, payment, or
healthcare. AHIMA (2006), as part of the 2006
State of HIPAA Compliance Survey noted:
 “As in previous years, the accounting for
disclosures requirement is reported to be difficult
one and is most often mentioned as needed
modification. AHIA and other groups have sought a
recommendation for such an amendment from the
National Committee on Vital and Health Statistics
and the office for Civil Rights, but at this time no
amendment is expected in the near future”
 The health information system is extremely
complex. Data can be entered manually,
electronically, through PDAs, through wireless
systems, or from laptops.

 Information systems cross geographical
boundaries and utilize many different software
and hardware applications for patient care and
research.
The AHIMA Code of Ethics requires that we
protect the information across this
continuum. The adage a few years ago was
“follow the money”.

 Today the mantra must be “follow the
information”.
What can HIM professionals do as part of
advocacy roles?

 Facilitate the patient’s ability to review and correct errors
in their medical records (not just the entries with which
they disagree but those that are due to fraud and do not
belong to their medical or treatment history). This
information might also be in the pharmaceutical
information system or within the insurance agency
database.
 Prevent discrimination. Not only can medical errors affecting
patient safety occur with medical identity theft, but there
can also be discrimination in the life and health insurance
systems.

 Reconsider the importance of analysis. The entire
medical record was previously analyzed for
accuracy and the medical record analyst could
learn to identify falsification of information. Now,
analysis often is limited to discharge summaries,
operative reports, and other critical documents.
 Consider improving the HIPAA rules and regulations related
to the accounting of disclosures to include problems
related to internal participants.

 Participate in HIM research studies that will help
identify occurrences and sources of medical identity
thefts.
 Conduct needed risk assessments as the NHIN
becomes more of a reality- the electronic health
record (HER), can make this crime easier. Document
and quantify this problem. Improper access to
information and disclosures of false information could
increase in the future as a result of the HER.
 Build interdisciplinary collaborative teams to conduct
this research, including healthcare providers, HIM
professionals, privacy and security experts, legal
representatives (both prosecution and defense),
ethicists, HIPAA, identity theft and fraud experts, and
patients who have been victimized.

 Design systems that can assess employees’
integrity and accountability. Make sure the
healthcare team and employees that work on
behalf of patients respect the importance and
sacredness of the information in the patient’s
medical records.
 Assure that colleagues understand and value the HIM Code
of Ethics, which sets forth values and ethical principles
and offers ethical guidelines to which professionals aspire
and by which their actions can be judged.

 Consider establishing policies so that patients who are
victim of medical identity fraud do not have to pay for the
costs of duplicating their files.
 When HIM professionals think about identity, they
typically think about the person and the story in an
individual medical record.
Ethical Issues Related to Documentation
and Privacy:
 Just a few decades ago, only a few people created
documentation in patient health records and still fewer
wanted access to patient information after the episode of
care was completed.
 In today’s healthcare system, many providers document
their decision-making process and patient outcomes in the
health information system and many more people want
access to the information.
 The HIM professional plays a critical role in
developing policies and procedures to ensure the
integrity of patient information, including
appropriate and authorized access.

 In addition to writing policies and procedures to
ensure compliance with federal and state laws,
accrediting and licensing agencies, and the
bylaws of the healthcare facility, the HIM
professional can serve many functions that
support the integrity of data and the protection
of privacy.
 As a member of the HIM team, the HIM professional can
design and deliver educational sessions to the healthcare
team to make them aware of the documentation and
access rules and regulations.

 Unacceptable documentation practices include backdating
progress notes or other documentation in the patient’s
record and changing the documentation to reflect the
known outcomes of care.
Ethical Issues Related to Release of
Information:
The primary ethical problems are pertinent to the release of
information:
▪ Violations of the need-to-Know principle.
▪ Misuse of blank authorizations.
▪ Violation of privacy that occur as a result of secondary
release of information procedures.
In the past, the standard for ROI was the need to know. If
an insurance company had a patient request to pay for the
surgery, the request was sent to the healthcare facility
and the HIM professional carefully examined it for
legitimacy.
He or she would:
Compare the patient’s signature to the one collected upon
admission to the facility.
Check the date to ensure that the request was dated after the
occurrence so that the patient was aware of what was being
authorized and released.
Verify the insurance company as the one belonging to the
patient.
Review the request for what was wanted and whether the
requester was entitled to the information.
 Today, the process of abstracting needed information is
virtually nonexistent, except for disability cases, and
documentation is copied above and beyond the criterion
of the need-to-know principle.

 Another common ethical problem is misuse of blanket
authorizations. Patients often sign a blanket authorization,
which authorizes the release of information from that
point forward, without understanding the implications.
 The requester of the information then could use the
authorization to receive health information for many
years.
 The problem with the use of blanket authorization is that
there is no way for the patient to know that the
information is being accessed.

 Patients cannot authorize the release of information in
2003 for diagnosis or care that has not yet been provided.
For example, by 2009, the patient might have AIDS or
cancer and might not want this information released.
 A third problem is secondary release of information to
others by the an unauthorized party. This problem has
increased in frequency since the computerization of
health information.
 Patients have increasingly expressed concerns about the use of
blanket authorizations and secondary ROI by the initial
requester or receiving party. They fear that more information is
being given out than is necessary and that they do not know
about the many people and agencies that are gaining access to
this information.

 HIPAA has been designed to address several issues related
to patient privacy, including a return to the need-to-know
principle.
 The HIM professional needs to participate in the
development of computerized systems that can replicate
the original human decisions regarding ROI to release
what is needed but not more.
 Although it is easier to just photocopy the information, the HIM
professional needs to carefully consider the implications of
doing this within the context of patient privacy.

 This situation has created an opportunity for HIM professionals
to participate with other HIM professionals in efforts to correct
these problems.
 Because the HIM professionals works in many employment sites
throughout the health care delivery system, the ethical
obligations extend into a variety of areas, as noted above.
 In fulfilling the responsibilities of the position, the HIM
professional must apply ethical values when making decisions
wherever he or she is positioned within the organization.
Ethical Decision-Making Matrix:

HIM professionals must factor several criteria into their
decision making, but are not limited to:
Cost: Can the facility and the health information system
afford the improvement in the system.
Technological feasibility: will the technological
application provide accurate and reliable information for
the decision-making process.
Federal and state laws: Are there fedral or state laws that
must be considered before a change is made in the
system.
 Medical staff bylaws: are there rules or regulations unique
to the facility that require or prohibit a decision.

 Accreditation and licensing standards: Which agencies
have standards that are important to the decision being
made? Do the standards allow or prohibit a certain
action?
 Employer policies, rules or regulations: Does the facility
have policies, rules, or regulations that require or prohibit
a decision.
Although these criteria must be assessed in the
decision-making process, they cannot be used
alone. Virtually every decision the HIM professional
makes also must be based on ethical principles and
professional values.

 When a decision must be made about the issue
and only one choice is identified, the decision
most likely will be based on an individual's narrow
moral perspectives of the right or wrong.
Core Health Information Ethical Problems:

 Several problems face HIM professionals in today’s complex world, including
issues related to the use of information; computerized health information
systems; the management of sensitive health information; process and
strategies for decision making; and the HIM roles as manager, entrepreneur,
and advocate.
 The business relationships with vendors can also create ethical tensions.
 There are issues raised because of the uses of information, including clinical
code selection and use, quality review, research and decision support, public
health, managed care, and clinical care (Harman 2006).
Ethical Issues Related to Coding:

 In the past, coding was done almost exclusively for clinical studies and quality
assurance review processes. Although codes were provided for reimbursement
purposes, the health care facility was reimbursed on the basis of usual,
customary, and reasonable costs.
 The codes that were assigned became the basis of retrieval for clinical
studies, the reimbursement system, and quality outcome reporting systems.
 Over time, healthcare facilities have contained to use the coding systems to
retrieve information in health records for clinical and administrative studies,
but they also have begun to use the code so that the greatest amount of
reimbursement could be given.
 This placed the importance of accurate coding at the forefront of the ethical
issues facing HIM professionals.
 Ethical problems have risen in the past few years as a result of the direct
linkage between coding and payment for care.

 Increased pressure has been put on HIM professionals who are coding to
transmit inaccurate information, creating problems that are legal and ethical
in nature. Problems include pressure to code inappropriate levels of service,
discovering misrepresentation in physician documentation, miscoding to avoid
conflict, discovering miscoding by other staff, lacking the tools and
educational background to code accurately, and being required by employers
to engage in negligent coding practices.
 Failure to heed the complex rules of coding for reimbursement can lead to
problems with compliance and with fraud and abuse for the HIM professionals.
Ethical Issues Related to Quality Management, Decision
Support, Public Health, Managed Care, and Clinical Care:

Many factors contribute to the ethical problems faced by quality management
professionals, including the raising cost of healthcare, limited resources, and
concerns with patient safety. Some of the common quality outcome problems
include (Spath 2006):
 Inaccurate performance data that are inappropriately shared with the public.
 Negative care outcomes, such as infections, that occur in the course of
providing home healthcare.
 Failure to check a physician’s licensure status.
 Incomplete health records hidden in preparation for accreditation or licensure
surveys.
 Patterns of inappropriate healthcare.
 The pressures to conceal information, discovered as an
outcome of quality reporting systems and that could be
potentially harmful to an employer and problems with
patient safety require constant diligence and the courage
to repeatedly report the truth.

 Career opportunities for the HIM professional are growing in public health
systems.
 The government’s responsibility to protect the health of the public sometimes
competes with the need to protect patient privacy, such as in the case of
reporting HIV status.
 State and local mandatory reporting requirements exist for certain
conditions, including infectious and communicable diseases.
Ethical Issues Related to Sensitive Health Information:

 All health information must be protected, but
additional ethical issues have emerged around the
release of sensitive information such as genetic, drug,
and alcohol treatment; communicable disease; and
psychiatric and adoption information.
 At least two levels of genetic information can be
reported in an information system; presence of a
disease, such as cystic fibrosis, and the presence of a
risk disease, such as a genetic risk for breast cancer.
According to Fuller and Hudson (2006), the HIM professional must
be aware of the following issues related to genetic information:

 Genetic research and testing can give researcher, clinician, and patients a
means to prevent, treat, or screen for a disease. Often, however, individuals
are reluctant to participate in genetic research and testing because they
believe they cannot be sure of the privacy of the genetic information that will
be obtained from them and placed in their medical records or in research
record.
 Insurers and employers may seek genetic information to identify at-risk
individuals and deny them employment or insurance coverage, fire them, or
raise their insurance premiums.
 It is difficult to provide special protections for genetic information as a
category because it cannot be clearly separated from other medical
information. Therefore, the best way to protect genetic information is to
strengthen privacy and confidentiality protections for medical information in
general and to enact antidiscrimination legislation.
 The HIPAA Privacy Rule provides a basic level of privacy
and confidentiality protection for protected health
information.

 The generation of experimental data by a
research protocol is not specifically addressed by
most state laws.
 HIM professionals have the responsibility to
ensure that their practices are guided by state
and federal laws and regulations to protect
genetic information and by the ethical imperative
to protect the privacy and confidentiality of
patients.
Ethical Issues Related to Research:

 The primary ethical principles that are engaged in research include respect
for autonomy (self determination); beneficence (promoting good); non-
maleficence (do no harm); and justice (fairness).
 The respect for autonomy requires an ability of the participant to understand
and authorize the research through informed consent; beneficence means
that benefit is possible; nonmaleficence means that patients will not be
intentionally harmed; and justice requires fairness in the enrollment of
participants.
Ethical Issues Related to Electronic
Health Records Systems:
 With a paper-based health record, access issues were relatively simple. Only
one person at a time could access the information, and it was extremely
difficult to collect and use of data of an aggregate nature.
 With computerization, many requesters are allowed multiple, simultaneous
access and it is relatively easy to share information across a continuum of
care and with computerized systems well outside the boundaries of any
individual care site.
 The advent of the electronic information system has presented complex
challenges with regard to record integrity and information security,
integrated linkage of information system across continuum of care, software
development and implementation, and the protection of information in e-
health systems.
 E-HIM affords information exchange that necessitate
active participation on the part of HIM professionals, in
both the public and private sectors.

 There are many ethical challenges, including developing
and maintaining information and systems security,
exchanging information within and across jurisdictions,
executing technical and clinical services contracts,
handling release of information, implementing and
managing telehealth applications, maintaining and
documenting compliance with HIPAA and state privacy
rule, and maintaining the legal electronic medical record.
Roles of Manager, Entrepreneur, and
Advocate:
 The HIM professional deals with daily complexities that require the need for
understanding ethics. Problems such as late and absent employees,
temptations at conventions and meetings, employees who should be
terminated, and poor work performance are a few of the many dilemmas
facing the busy HIM manager.
 As an entrepreneur, the HIM professional must understand the complexities of
business practices intersecting with professional values and ethical principles.
 Difficulties may arise when consulting for competitors (having access to
sensitive information that might be of value to the competition)., dealing
with advertising, confronting unrealistic client expectations, or confusing
profit versus not-for-profit motivations for decisions.
Thank you.