Use and Safety of the Internet

liability

legal responsibility

telemedicine

the use of electronic communications for the health and education of a patient or healthcare provider

Which of the following are basic workplace protocols? Check all that apply. a. no new software of any kind b. no releasing of customer names c. no sharing of passwords d. no downloading of software on workplace laptop d. no personal data on workplace computers

c, d, and e

interception of information

an event that happens when information that is meant for one person gets picked up by a different, unauthorized person

healthcare apps

applications (small software programs) that are used to diagnose and treat diseases and illnesses that are used on tablets, mobile phones, and other computer technology

confidentiality

the ability to keep information private and prevent its unauthorized disclosure

encryption

the activity of converting information into code

interference or intrusion

the blockage of information intended to be transmitted or shared

misappropriation

the inappropriate handling of information

These examples show ways in which information is not kept safe, and how this causes security failures:

- disclosure - interception of information - interference or intrusion - misappropriation

tech-based tutorials

demonstrations run by real-life nurses and physicians

virtual RN

a broad term used to describe a nurse who uses technology to care for a patient

Which of the following is an example of an administrative safeguard? a. telemedicine b. keeping medical records organized

b. keeping medical records organized

disclosure

the sharing of personal information

In order to comply with HIPAA, organizations must have a contingency, or backup, plan that includes the following:

- Data backup: All data and systems must be backed up. - Disaster recovery: In a disaster (such as a tornado or terrorist act), vital records must be accessible. - Emergency mode operation: A list of the first people who can respond in an emergency must be available. - Testing and revision: Periodically, all systems must be checked for functionality.

Examples of how healthcare workers use telecommunications technology include the following:

- Education: The Internet includes tools to aid in the completion of healthcare degrees and certification. - Public health: Announcements about viruses and diseases are given on government websites. - Decision making: Information from online experts is used to make decisions about patient care.

Additional protocols for using technology in the workplace include the following:

- Management and handling of electronic documents and tools: Follow the workplace policies for use. Personal use is not permitted. Risks include breaches of confidentiality and the potential for computer viruses. - Conserving and preserving company resources: Follow regular rules and policies on the maintenance of computers and other technology so that they function for work purposes. Software cannot be downloaded or it may cause viruses. Viruses can destroy entire networks and databases.

The most basic protocols for hospitals and most workplaces, as well as risks of inappropriate use, are as follows:

- Protection of proprietary methods or trade secrets: Sharing methods of the workplace is prohibited. Risks include copyright infringement. - Patient/client, employer, and employee privacy: This means that no personal information can be shared outside the workplace about a patient, employer, or other employees.

All healthcare workers should employ some basic safety protocols when using computers to safeguard patient information:

- Setting passwords: Passwords should be strong, employing length, complexity, and variety so that they cannot be guessed. Passwords should be changed often. - Using software: Software should be monitored to ensure that it is free of viruses or other threats. - Downloading content: Users must protect against downloading content that could harm the computer or system, or that could cause confidential patient information to be compromised. An example would be accidentally downloading a Trojan virus, which is malicious software that can grant a hacker access to the computer.

Consequences of HIPAA violations include:

- termination of the employee - prosecution in a court - rejection of certification renewal - jeopardizing the violator's career

A blood-bank worker delivers a supply to a hospital. On the way to the hospital, she remembers that she forgot one piece of paperwork at the office. She delivers the blood supply anyway so that it is not late for delivery. Which of the following are possible consequences? Check all that apply. a. termination b. healthcare team put at risk c. promotion

a and b

digital signature

a digital file that helps prove the authenticity of a record

Health Insurance Portability and Accountability Act

a federal law that protects patient health information from being misused

patient anonymity

a patient's right to remain unidentified or to have his or her information kept private and confidential

Which of the following statements is the best example of how technology is used in public health? a. A city announces via an e-mail to residents that the water at the beach is unsafe for swimming. b. A patient is given a prescription for medication. c. Two doctors collaborate on a patient's diagnosis. d. A healthcare administrator schedules a patient's next appointment.

a. A city announces via an e-mail to residents that the water at the beach is unsafe for swimming.

An X-ray technician takes a course to learn about new equipment at the facility where she works. This technology is being used for a. education purposes. b. public health purposes. c. decision-making purposes.

a. education purposes

When is a digital signature used? a. for any online service b. to pay for a course c. for insurance purposes d. to e-mail data

a. for any online service

If an organization loses all of its data but followed all of the proper procedures, where can employees find the data? a. in the backup or archive b. data will not be not recoverable c. in the administrator's personal computer

a. in the backup or archive

What is patient confidentiality? a. keeping personal information private and keeping patient name unknown b. keeping patient name unknown c. researching the patient's information on the Internet d. patients not revealing their Social Security numbers to healthcare facilities

a. keeping personal information private and keeping patient name unknown

What list is maintained about an organization in the event of an emergency? a. personnel who must be reached b. digital signatures c. encrypted data d. local police department contact information

a. personnel who must be reached

After visiting the doctor, she has to go out of town for work. What can she use to continue to get treatment and advice? a. telemedicine b. tutorial

a. telemedicine

What is encryption? a. the converting of information into code b. a HIPAA violation c. a code for a patient d. an online healthcare course

a. the converting of information into code

A patient is training for a marathon and experiencing pain in the top of her foot. She researches the issue on the Internet and believes she has tendonitis. To what can she refer in order to learn how to treat her injury at home before going to the doctor? a. tutorial b. telemedicine c. virtual RN

a. tutorial

A hospital is required by law to have contingency plans for many situations. What information is maintained in a disaster? a. vital records b. HIPAA laws c. patient Social Security numbers d. how-to manuals for equipment

a. vital records

Which would be most likely to happen if a patient wanted to gain information about an injury before deciding whether to visit her doctor? Check all that apply. a. The patient would visit her insurance company's website to find another doctor. b. The patient would visit a website to learn about treating the injury. c. The patient would find a tech tutorial to learn how to treat the injury. d. The patient would have a web conference with her doctor, and the doctor would record her vital signs.

b and c - A patient would be most likely to visit a website and complete a tech tutorial to learn about how to treat a minor injury. Most insurance company websites include information about policies and finding doctors.

Which of the following types of exposure threaten patient information? Check all that apply. a. transmission b. disclosure c. interception d. interference

b, c, and d

An X-ray technician is entering patient information into a patient's medical record. When it is time to go home, one of the healthcare workers in the office asks her for her username and password because he forgot his. Should she help him? a. Her colleague should use her password, but not her username. b. She should not give out her username or password. c. Her colleague should use her username, but not her password.

b. She should not give out her username or password. - No one should ever give out a username or password because it could cause a breach in patient confidentiality

A healthcare worker gives a coworker information about a patient that the coworker is not taking care of. The information is leaked. Who is liable by law? a. The healthcare facility is liable. b. The individuals who shared the information and the healthcare facility are liable. c. The individuals who shared the information are liable. d. Neither the individual nor the facility is liable since this was a mistake.

b. The individuals who shared the information and the healthcare facility are liable. - The individuals who shared the information and the organization are liable.

A patient who is diagnosed with cancer does not want her employer to know because she is afraid that she will lose her job. When she contacts her employer to say she is sick, she learns that the medical office gave her boss her radiology appointment schedule. Which statement below accurately describes the situation? a. The woman should not be worried about the consequences of knowing the information. b. The medical office should not have given out information about radiology appointments. c. The woman should not have kept the cancer diagnosis from her employer.

b. The medical office should not have given out information about radiology appointments.

A healthcare worker is handling hundreds of medical records. One day he decides to take the work home to finish, even though he knows this is not in accordance with HIPAA. He leaves the records in his car, and his car is stolen. All of the information is taken. What are the consequences under HIPAA? a. The worker did not know he violated HIPAA and may face a $100 fine. b. The worker committed willful neglect and may face a fine of $50,000. c. The worker may face up to five years in prison.

b. The worker committed willful neglect and may face a fine of $50,000. - The worker failed on purpose by not caring enough about HIPAA requirements.

A patient is taking a pain medication for her shoulder. The patient has questions about her treatment plan. Which example of healthcare-focused technology could the patient consult for more information? a. an app from the pharmacy b. a virtual RN c. an insurance website d. a database of doctors

b. a virtual RN - A patient would most likely contact a virtual RN to get treatment information and ask about the medication.

A student is using the Internet to complete an online course to become an X-ray technician. This is an example of using the Internet for a. public health. b. Education. c. decision making. d. medical records.

b. education

What is patient anonymity? a. not releasing any information about a patient b. keeping the patient name unknown c. protecting patient information from unauthorized access d. using a code number to identify patients

b. keeping the patient name unknown

An employee is entering health information on a computer. An MRI technician receives the medical record from the database, but he decides to download a piece of software to speed up the reading of the record. Why is this inappropriate? a. The MRI technician could lose the medical record. b. The software could cause a virus or harm the database. c. The hospital's computer is not fast enough, so the record will be damaged.

b. the software could cause a virus or harm the database - Downloading software to a work computer puts the hospital system, networks and patient information at risk.

A physical therapist is scheduling an appointment in the database. He decides to check his personal e-mail on the computer. Why is this an inappropriate use of technology in the workplace? a. The computer database should not be used to schedule appointments. b. The worker should not be accessing his personal e-mail at work. c. The worker did not open his own personal computer and the workplace computer at the same time. d. No inappropriate action has taken place.

b. the worker should not be accessing his personal e-mail at work - The workers used the technology inappropriately because personal use is not permitted.

Which is an example of a physical safeguard? a. filing all data electronically b. using separate computer networks for personal and business data

b. using separate computer networks for personal and business data

If the doctor is not available, whom can she contact online? a. tutorial b. virtual RN

b. virtual RN

A tornado strikes a hospital. What records must be accessible even in a disaster? a. emergency list records b. vital records c. data backup records d. staff personnel records

b. vital records - In a disaster situation, vital records must be available for healthcare workers.

Which of the following strategies are appropriate uses of technology? Check all that apply. a. using a personal cell phone to text about a patient who needs help b. using personal e-mail to contact a patient c. using e-mail to schedule doctor appointments d. coding medical records using company policy e. filing a record using a protocol

c, d, and e

Which of the following strategies are inappropriate uses of technology for a healthcare worker? a. using an online healthcare website to find an answer to a condition b. giving information about telemedicine to a patient c. giving out personal data to an employer d. using a personal laptop to work at home e. using a personal phone to call a coworker

c, d, and e

In an organization's contingency plan, what is done periodically? a. The records are reviewed. b. The data is encrypted. c. The staff is trained. d. The system is tested.

d. the system is tested