Health Information Exchanges (HIE) has, without a doubt, improved patient care delivery in health care and clinical systems. HIE involves the electronic sharing of patient medical information across hospital systems or organizations ( Edaibat, Dever, & Stuban, 2017) . Healthcare providers, such as nurses, pharmacists, and doctors, engage in HIE to appropriately improve the precision, speed, and quality with which care delivery is offered to patients. Some of the arguments for HIE include allowing health care professionals to diagnoses patients efficiently, reduce incidences of duplicate testing, and avoid costs associated with manual printing and scanning of patient’s information. Besides the obvious benefits, the implementation and continuous use of HIE have gravely exposed patients’ data, thus leading to a rise in security concerns.
Despite the HIEs nationwide campaign conducted by the federal government and the Office of the National Coordinator for health information (ONC), 83 percent of care providers still share patient data by paper – not electronically. Both healthcare providers are worried that by using HIE, a security breach that could only affect a single paper record may end up exposing an entire database of patient medical information. Doctors and patients are still reluctant to embrace HIE even though research findings establishing that the security of data in HIE can be improved by the use of encryption, electronic audit trails, and authentication ( Warner, 2011) . ,
Delegate your assignment to our experts and they will do the rest.
Some patients are also concerned with how the personal information they have provided will be shared or accessed. The guidelines provided by ONC and HIPAA laws on the sharing and access to patient data is unclear ( Dimitropouloser et al., 2011) . The lack of clarity of HIPAA laws has confused most health care providers and organizations who find it challenging to adhere to federal and state regulations on data security. Therefore, most healthcare providers may end up sharing the acquired patient information in a way that they see fit because there are no set and clear laws to guide them. Therefore, there is an elevation of patient information exposure to privacy and security breach. Additionally, research from the American Hospital Association (AHA) shows that increased sharing barriers in HIPAA regulations have negatively impacted the evaluation of the security outcomes of patient data ( Brodnik, Rinehart-Thompson, & Reynolds, 2017). The existence of strict regulation of HIE in the integrated care setting makes it difficult for patients and providers to have an honest and trustworthy relationship. It, therefore, becomes difficult for patients to arrive at an amicable on how the patient medical information obtained can be coordinated to ensure data safety.
There is a diversity of opinion on the definition of a security breach in HIEs because of the diversity of stakeholders involved. Some of the stakeholders include HIPAA, Department of Health and Human Sciences (HHS), ONC, National Health Information Network (NHIN), and Health Information Technology for Economic and Clinical Health (HITECH) ) ( Dimitropoulos et al., 2011) . Each stakeholder comes with the regulations it sees fit in an attempt to define data security and breach. Patients are, therefore, often at cross-roads on who to listen to and what law to follow.
HIE is done electronically over digital devices. There has been a growing number of grey hackers engaged in cyber-security attacks may end up compromising sensitive patient protected health information (PHI) and product information (PI) ( Feldman & Houser, 2017). The increase of cyber-security attacks has hence elevated the concern of HIE over its capability to protect their sensitive medical information. A research study conducted by Black Book survey shows that patients preferred the sharing of digital data between consumer’s physician and hospital. However, most patients seemed worried about the sharing of their private medical information across organizations and hospital systems because it increased the risk of a security breach. Fifty-seven percent of the participants of the Black Book Survey pointed out that they were skeptical of the potential benefits brought by HIE vis a vis the security risks it presented ( Feldman & Houser, 2017) .
The widespread adoption of HIE by states and the federal government has made a wide array of patient information available. Health pundits assert that the amount of available patient data shared via HIE has the potential of burdening health care providers, such as doctors and nurses ( Warner, 2011) . An increase in burden may lead to work burnout, which in turn the efficiency and level of competency of health care providers. Health care providers may become negligent in the end by failing to exercise caution in protecting the security of patient data, thus exposing the collected information to unauthorized access and even theft. A study conducted by the Center for Medicare and Medicaid services established that most care providers argue that the HIE system developed by ONC is suited to a billing system and for delivery of care to patients ( Dimitropoulos et al., 2011) . Failure to involve all healthcare stakeholders in creating the HIE system has made it impossible to reduce the security concerns involved in sharing and accessing patient electronic medical data.
A report by the United States Government Accountability Office (GAO) indicated that the existence of insufficient standards of HIEs in some areas in various stated raised a lot of security concerns from both care providers and patients. States have different security health laws applicable to their constituents. ONC and HIPAA have failed to ensure that there is the consistency of standards across the country to ensure that people address any breach of security on patient’s data in the same way. GAO further reported that care providers often find it challenging to match patients to their health records. Such challenges can result in a mismatch of patient data. A patient may is at risk of permanently losing crucial medical information, which might lead to grave consequences, such as misdiagnosis and medical errors during care delivery ( Brodnik et al., 2017).
A report from the Commonwealth Fund shows that with more utilization of HIE, security fears over data sharing is likely to show a continued increase ( Edaibat, Dever, & Stuban, 2017). The operation of HIE is based on technology. Technological advancements are often changing as people are innovating new ways of doing things. Patients usually have concerns about the potential risks involved in electronic HIE whenever organizations introduce new technological advancements. Research studies show that most security breaches on patient data are not malicious hacking, but as a result of bad data hygiene among health care providers ( Feldman & Houser, 2017) . Most health care providers do not undergo the necessary training required to use the ever-evolving technological and operational changes in HIE. Many health professionals, therefore, do not observe the necessary security precautions to ensure the security of patient data shared in HIE.
The security concerns in HIE are heightened because of the difficulty involved in ascertaining the insurance liability after a health data breach. People expect that whenever a security breach on a patient’s biodata occurs, monetary damages are likely to follow quickly. However, this is not always the case because of confusion and disagreements often between insurance companies and patients who damage. Patients, therefore, lack faith in the security measures adopted by HIPAA regulation and the remedies that follow in case of breach ( Warner, 2011) . The regulations are not clear on what constitutes a security breach, thus making it difficult for patients and care providers to collect claims from insurance companies.
Patients, in general, have a view that there are existing gaps in the current law on how healthcare organizations and professionals may collect, use, and share health information. Such gaps make laws to lose their ability to strengthen accountability for compliance with health security protections ( Feldman & Houser, 2017) . It has, therefore, been difficult for stakeholders in HIE to preserve patient trust and address the security concerns hindering the achievement of interoperable health information exchanges. Patients fear that in case of breach and loss of sensitive medical data, the burden of the risk will fall on them because of the lack of effective mechanisms to make perpetrators of security breach accountable. As a result, more and more individuals are withholding sensitive and crucial medical information from their health care providers due to security concerns.
HIEs are essential tools that allow health care providers to be in a position to access vital patient information from other providers and health systems to provide better treatment to the patient. The heightened security concerns are, therefore, a hindrance to attaining efficiency in patient care delivery. It is high time relevant stakeholders in HIEs to formulate mechanisms through which they can cushion such security concerns that are curtailing health information exchanges. Tactics that can be used to quell such security concerns include reassessing laws protecting electronic health data and establish severe penalties for unauthorized access and sharing of patients’ health data. It is also essential to educate patients on both the benefits and potential risks of data sharing. Through education, patients will be aware of the dangers posed by withholding health data ( Dimitropoulos et al., 2011) . Also, patients will be in a position to know when to give consent or non-consent with their providers engaging in HIEs. Patient involvement is crucial, and security concerns may make them not to share information, thereby resulting in undesired health outcomes.
References
Brinda, D., and A. Walters. 2016. Data Privacy, Confidentiality, and Security. Chapter 11 in Health Information Management: Concepts, Principles, and Practice, 5th ed. Edited by P.K. Oachs and A.L. Watters. Chicago: AHIMA.
Brodnik, M. S., Rinehart-Thompson, L. A., & Reynolds, R. B. (Eds.). (2017). Fundamentals of law for health informatics and information management . AHIMA Press.
Dimitropoulos, L., Patel, V., Scheffler, S. A., & Posnack, S. (2011). Public attitudes toward health information exchange: perceived benefits and concerns. The American journal of managed care , 17 (12 Spec No.), SP111-6.
Edaibat, E. A., Dever, J., & Stuban, S. M. (2017). System dynamics simulation modeling of health information exchange (HIE) adoption and policy intervention: A case study in the State of Maryland. Operations Research for Health Care , 12 , 60-70.
Feldman, S. S., & Houser, S. H. (2017). Automating HIM through Health Information Exchange: An Information Exchange: An Informatics Approach. Journal of AHIMA , 88 (1), 32-35.
Warner, D. (2011). HIE patient consent model options. Journal of AHIMA , 82 (5), 48-49.
