MMI 407 - Legal, Ethical and Social Issues
Course Description:This course presented the legal and regulatory requirements applicable to healthcare data and information management systems, and stimulated critical thinking around selected topics related to the ethical and social impacts of information technology as they interface with the current healthcare regulatory environment. Some topics included HIPAA, medical ethics, fraud & abuse, data privacy and confidentiality, antitrust law, intellectual property issues, The Joint Commission, disclosure, transparency and accountability, compliance programs, including clinical research data compliance, healthcare data privacy and security regulations, and conflicts of interest.
What I Learned:
Having explored a career in law prior to going into Information Technology, I was interested in the subject matter. This was one of those classes, that as you are taking and look back, you sit back and say "Wow!” It was one of those eye-opening experiences that engages you and really broadens your perspective on the subject. It really helped to have a professor like Karin Lindgren who is amazingly passionate about Law and its application to the field of Medical Informatics. The expectations for the class were rigorous and demanding with a lot of writing. The class turned out to be one of my favorites, as did the instructor.
One of the most valuable aspects of the class was the interactive thinking we did together as a class. Professor Lindgren forced us to critically think and examine issues, and then to internalize the subject matter. This was not a class one wanted to be unprepared for. Each week had reading assignments, and at the end of every class, we would dive into the critical issues.This included openly discussing and challenging other classmate viewpoints. In this way, each of the learning objectives enhanced my own perspectives. Analyzing, critiquing and forming arguments either for or against an issue has really benefited me, as I can more adequately do the same in situations that present themselves in my workplace. I'm surprised actually at how many opportunities have presented themselves since this class but with the drastically changing landscape under healthcare reform, the opportunities are prevalent.
This course instilled within me a deep understanding for the important tenants that make up the Health Insurance Portability and Accountability Act (HIPAA). Nearly the entire first half of the class focused on the Protected Health Information (PHI), the Privacy Rule, the Security Rule, unique Identifiers and responsibilities for de-identification, minimum necessary data sets (MDS) and the HITECH Act. All of these dimensions of healthcare center on issues rooted in data privacy and confidentiality, disclosure, transparency and accountability.
Equally import is the time we spent covering patents, copyright, intellectual property (IP) and anti-trust issues. These were especially pertinent on an individual level as these are all considerations that need to be accounted for as we want to protect our own ideas and individual work. It also brings forefront to our minds the type of things we need to think about to be responsible employees for the employers we work for. We also explored issues around fraud and abuse.
After gaining a background in all these areas, I put put my understanding of class fundamentals to the test through individual research topics where I completed a case study, criticism paper, and wrote a research paper. The research assignment acted as a personal capstone for the course to allow me demonstrate my mastery for the course material. I thoroughly enjoyed the research as I chose a topic related to the industry I was working in. It also challenged me to deeply explore the regulatory framework that created the healthcare insurance industry, and the legal, ethical, and social issues that remain as concerns today.
After working individually, I was assigned to a group, that was given a unique case studies.,My team was tasked with analyzing and articulating all the legal, ethical or social issues that we could find. We also met and presented before other groups, and they critiqued our ability to identify the issues. We offered the same perspective for other groups that presented their topics.Together we were all edified, as we learned from each other.
In summary, the interactive thinking offered the true value from this class, and again much of the learning was fostered by the atmosphere setup by Professor Lindgren. I was intellectually charged and was eager to help identify concerning legal issues as I was ready to spot them from discussions and interactions at work. From this, I personally committed to speak out and help support my executives in addressing these issues head on. Even better, as executive leadership opportunities presented for myself, I would be better equipped to protect my companies interests. This class was vital in helping me understand my role in being a responsible contributor in any organization, and it gave me the confidence to be an asset in this regard.
HIPAA privacy reg 45 CFR 164.514(b)(2)(i)]. (n.d.).
The Ethical Dimensions in the Public Reporting of Clinical Performance Data. (2005-2006). The Digest of Ethical Issues in Managed Care, III(III).
Ethics and EHRs: Experts weigh in on the top 10 areas to watch. (2007, August). Electronic Health Records Briefing. Retrieved from hcPro: http://www.hcpro.com/content/74194.cfm
Adler-Milstein, J., McAfee, A. P., Bates, D. W., & Jha, A. K. (2007, December). The State Of Regional Health Information Organizations: Current Activities And Financing. Health Affairs, 27(1), pp. 60-69. doi:10.1377/hlthaff.27.1.w60
Agrawal, R., & Johnson, C. (2007, May-June). Securing electronic health records without impeding the flow of information. International Journal of Medical Informatics, 76(5-6), pp. 471-479. doi:10.1016/j.ijmedinf.2006.09.015
Anderson, J. G. (2004, March 18). The role of ethics in information technology decisions: a case-based approach to biomedical informatics education. International Journal of Medical Informatics, 73(2), pp. 145-150. Retrieved from http://download.journals.elsevierhealth.com/pdfs/journals/1386-5056/PIIS1386505603002016
Bartschat, W., Blevens, A., Burnette, L., Costa, K., D’Ambrosio, M., Glowacki, G., . . . Tomes, J. (2005, November-December). Update: Maintaining a Legally Sound Health Record—Paper and Electronic. Retrieved from http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_028509.hcsp?dDocName=bok1_028509
Bartschat, W., Blevins, A., Burnette, L., Costa, K., D’Ambrosio, M., Glowacki, G., . . . Tomes, J. (2005, October). The Legal Process and Electronic Health Records. Retrieved from The Legal Process and Electronic Health Records.: http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_028134.hcsp?dDocName=bok1_028134
Broccolo, B. M., & Klanica, K. E. (2006, October 18). Conflicts of Interest in Human Subject Research: Adapting to Evolving Best Practice Standards. Medical Research Law & Policy, 5(20), pp. 690-704. Retrieved from http://pubs.bna.com/ip/bna/mrl.nsf/eh/a0b3n4c4f0
Brodkin, J. (2008, July 02). http://www.hunton.com/files/publication/d31b869a-1b7d-4422-aeb5-d4569490b029/presentation/publicationattachment/35e40e83-73ef-4a1d-8ee0-0078d3ebafe3/cloud_computing. Retrieved from http://www.hunton.com/files/publication/d31b869a-1b7d-4422-aeb5-d4569490b029/presentation/publicationattachment/35e40e83-73ef-4a1d-8ee0-0078d3ebafe3/cloud_computing
Burrington-Brow, J., Hjort, B., & Washington, L. (2007, May). Health Data Access, Use and Control. Journal of AHIMA, 78(5), pp. 63-66. Retrieved from AHIMA.org: http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_034053.hcsp?dDocName=bok1_034053
Carder-Thompson, E., Hurst, A. L., & Smith, R. (2008, November 10). Current Issues Under the Civil False Claims Act: Worthless Services, Off-Label Use, and More. Retrieved from http://www.lifescienceslegalupdate.com/uploads/file/CURRENT%20ISSUES%20UNDER%20THE%20CIVIL%20FALSE%20CLAIMS%20ACT
Conover, C. J. (2004, October 4). Health Care Regulation: A $169 Billion Hidden Tax. Retrieved from http://www.cato.org/pubs/pas/pa527
Department of Health & Human Services. (2006, December 12). HIPAA Security Guidance. Retrieved from http://www.himss.org/content/files/CPRIToolkit/version6/v7/D86_CMS_SecurityGuidanceforRemoteUseFinal122806
Desio, P. (n.d.). An Overview of the Organizational Guidelines. Retrieved from USSC.gov: http://www.ussc.gov/Guidelines/Organizational_Guidelines/ORGOVERVIEW
Eastgate, P. G., Narula, R., Schrelber, J. L., & Zimmerman, H. M. (2008). Provider Networks and Joint Ventures:. Health Law Monitor, XII(1), pp. 1-12.
Friedman, M. J. (2008). Introduction: Outline of th e U.S. Legal System. In Outline of the U.S. Legal System (pp. 5-17). Washington D.C.: U.S. Department of State. Retrieved from http://www.america.gov/media/pdf/books/legalotln
Goodman, K. (1997). Bioethics and health informatics; an introduction. In K. Goodman, Ethics, Computing, and Medicine: Informatics and the transformation of health care (pp. 1-31). Cambridge University Press. doi: http://dx.doi.org/10.1017/CBO9780511585005.002
Gostin, L. O., & Nass, S. (2009). Reforming the HIPAA Privacy Rule: Safeguarding Privacy and Promoting Research. The Journal of the American Medical Association, 301(13), pp. 1373-1375. doi:10.1001/jama.2009.424
Grossman, J. M., & Cohen, G. R. (2008, September). Hospitals Cautious About Subsidizing EMR Adoption Despite Relaxed Federal Rules. Retrieved from Center for Studying Health System Change: http://www.hschange.org/CONTENT/1015/1015
Hayes, D. L. (2004, February). Advanced Copyright Issues on the Internet. Retrieved from http://www.fenwick.com/docstore/355/Advanced_Copyright_02-29-04
Informatica. (2006, August). How to Launch a Data Governance Program: Practical Guidelines for Technology Implementers. Retrieved from http://www.techrepublic.com/whitepapers/how-to-launch-a-data-governance-program-practical-guidelines-for-technology-implementers/323875/post
Institute of Medicine. (2007). Rewarding Provider Performance: Aligning Incentives in Medicare (Pathways to Quality Health Care Series). Washington D.C: The National Academies Press. Retrieved from http://www.nap.edu/nap-cgi/report.cgi?record_id=11723&type=pdfxsum
Kahnke, R. E., & Bundy, K. L. (2008, March-April). Clean Rooms Are not Just for Kids: How to Demonstrate Independent Development to Avoid a Trade Secret. TRENDS: Your Business and the Law, pp. 1-24. Retrieved from http://www.faegrebd.com/files/12645_Trends%20March%20and%20April%202008
Lewis, J., Allen, J. C., & Askanas, M. S. (June, 30 2008). Employees have right to privacy in text messages, court of appeals rules. Retrieved from Jason | Lewis: http://www.jacksonlewis.com/resources.php?NewsID=1427
Lindgren, K. (2010, October). Summary of Legal Protections Available for Intellectual Property Assets. Med Inf 407 Class. Chicago, Illinois, United States of America: Northwestern Univdersity.
Lindgren, K. J. (2010, October). “Fair Use” of Copyrighted Works. Med Inf 407. Chicago, Illinois: Northwestern University.
Mark, H. W. (n.d.). The Principle of Autonomy.
Nahra, K. J. (2008, June). Are Troublesome HIPAA Changes on the Way? Retrieved from http://www.wileyrein.com/publications.cfm?sp=articles&newsletter=4&id=730
National Conference of STate Legislatures. (2007, August 15). Report from the health information protection taskforce to the state alliance for e-health. Retrieved from http://www.ncsl.org/issues-research/health/reports-from-the-state-alliance-for-e-health.aspx
Parks, R. S., Harvey, J. A., & Esch, R. (2008, June 5). Cloud Computing: What to Ask When the Clouds Roll In. Retrieved from http://www.hunton.com/files/publication/d31b869a-1b7d-4422-aeb5-d4569490b029/presentation/publicationattachment/35e40e83-73ef-4a1d-8ee0-0078d3ebafe3/cloud_computing
Rosenfeld, S., Koss, S., & Siler Avalere Health LLC. (2007, June). Privacy, Security, and the Regional Health Information Organization. Retrieved from ihealthreports: http://www.allhealth.org/briefingmaterials/chcf-rhioprivacy-1091
Safran, C., Bloomrosen, M., Hammond, W. E., Labkoff, S. E., Markel-Fox, S., Tang, P., & Detmer, D. (2006, September 14). Toward a National Framework for the Secondary Use of Health Data. Retrieved from AMIA: http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/privacysummary
Sobel, R. (2012, Febuary 8). The HIPAA Paradox: The Privacy Rule That’s Not. doi:10.1353/hcr.2007.0062
(2008). Chapter 1: History and Oranization of State Judicial System. In U. D. State, Outline of the U.S. Legal System (pp. 19-43). Washington D.C.: U.S. Department of State. Retrieved from http://www.america.gov/media/pdf/books/legalotln#popup
(2008). Chapter 2: History and Organization of the Federal Judicial System. In U. D. State, Outline of the U.S. Legal System (p. 45). Washington, D.C.: U.S. Department of State.
U.S. Department of Health & Human Services. (2003, April 3). Research under HIPAA. Retrieved from HHS.gov: http://www.hhs.gov/ocr/privacy/hipaa/understanding/special/research/research
U.S. Department of Health & Human Services. (2008, July 17). HHS, Providence Health & Services Agree on Corrective Action Plan to Protect Health Information. Retrieved from HHS.gov: http://www.hhs.gov/news/press/2008pres/07/20080717a.html
U.S. Department of Health and Human Services. (2003, May). Summary of the HIPAA Privacy Rule. Retrieved from HHS.gov: http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/privacysummary
Waymack, M. H. (n.d.). Justice.
Waymack, M. H. (n.d.). Non-Maleficence.
Waymack, M. H., & Parks. (n.d.). Beneficence.
Westermeier, J. T. (2009, March). Understanding the Importance of Derivative Works. Retrieved from Finnegan.com: http://www.finnegan.com/resources/articles/articlesdetail.aspx?news=9cbb473b-f87b-47eb-8d4b-0202ad56343a