What nurses can do to safeguard patient privacy and confidentiality

Nurses have a legal and ethical responsibility to maintain the confidentiality of their patients health information. We are obliged to to keep these responsibilities in mind and act as patient advocates. Nurses can find out what these requirements are by seeking information in:

- the CNA Code of ethics
- their province or territories practice standards
- federal/provincial legislation and acts
- their own hospital or organizations policies

The rising popularity of using computer based technologies as opposed to paper based systems, brings with it new security risks. Most importantly, is the threat to breaches of patient privacy and confidentiality. This technology speeds the transmission in which information is shared with others and is convenient. Given this efficiency however, hospital staff often neglect privacy implications (Milholland, 1994). Most breaches are done inadvertently on the part of the health care workers. According to Feeg (2001), this can be attributed to the way staff members manipulate and share data without patient consideration. Potential breaches in security are considered one of the major downfalls of electronic documentation (Celia, 2002). Nurses should become educated in the ways in which they can decrease these threats, in order to better uphold their responsibilities to their patients. These safeguards include, but are not limited to:

1. learn and follow your place of works' policy for collection, use, and disclosure of patient information


2. do not share your access password with co-workers
   
3. change your password frequently
   
4. assure your password is difficult for others to guess


5. know what steps to take to report breaches in patient confidentiality


6. restrict access to information that is needed to do your job only


7. familiarize yourself with privacy legislation


8. know when it is okay to share patients information


9. what to do if a patient asks for access to their records
10. avoid using client names or other identifiers when faxing information


11. make sure to log off computers when not in immediate use

It is important fro nurses to not only safeguard our patients but ourselves. Nurses who breach patient confidentiality, even if unintended may face negative consequences. These can include having their licence suspended by their licensing body, disciplinary action taken by their employer, or legal action taken by the patient (CNPS, 2005).

Nurses should also be aware of the security measures put in place by their employer to protect electronic patient information. These can include:

1. frequent audits to monitor user activity


2. limiting large numbers of photocopies, downloading, and printing of patient information or records


3. use of "lock-out" systems if a staff member attempts to log on with a password more than a few times


4. de-activation of staff passwords who are no longer employed by the hospital/institution


5. timed log off after a certain amount of time


6. inactivated records should be protected from loss, defacement, unauthorized disclosure


7. installation of anti-virus software


8. precautions against theft of computers and laptops (ie: cameras, locked doors)


9. encryption protection for Internet transfer of patient information


10. prohibition of uploading unauthorized software onto computers


11. assuring access to patient information is on a need to know basis


12. all access of all users is tracked


13. use of secondary level authentication (ie: additional passwords, biometric identification)

(American Health Information Management Association, 2000)