Journal of Health Care and Research
ISSN: 2582-8967
Article Type: Original Article
DOI: 10.36502/2024/hcr.6233
J Health Care and Research. 2024 May 27;5(1): 26-38
Impact of Electronic Health Records on Patient Confidentiality, Measuring the Perception of Health Care Professionals in Eastern Saudi Arabia
Reem Alzamaie1*, Shaima Miraj1
1Master Degree, Healthcare Adminstration/ Management, King Fahad Specialist Hospital, Dammam, Saudi Arabia
Corresponding Author: Reem Alzamaie
Address: Master Degree, Healthcare Adminstration/ Management, King Fahad Specialist Hospital, Dammam, Saudi Arabia.
Received date: 12 July 2023; Accepted date: 11 February 2024; Published date: 27 May 2024
Citation: Alzamaie R, Miraj S. Impact of Electronic Health Records on Patient Confidentiality, Measuring the Perception of Health Care Professionals in Eastern Saudi Arabia. J Health Care and Research. 2024 May 27;5(1): 26-38.
Copyright © 2024 Alzamaie R, Miraj S. This is an open-access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium provided the original work is properly cited.
Keywords: Health Records, Electronic Records, Patient Confidentiality, Healthcare, Cross-Sectional
Abstract
Background: Patient information in the hospital and any healthcare set up is very important, storing information appropriately ensures that the quality of the patient records is top notch. So, the main objectives were deeply understanding the use of information technology in ensuring that the patient’s confidentiality is in eastern Saudi Arabia is highly elevated.
Methods: The study is a qualitative, descriptive, and cross-sectional to explore various healthcare’s’ perception on the importance of electronic health records in improving patients’ confidentiality in the major hospitals in eastern Saudi Arabia. Qualitative data was obtained from surveying bathe response of the responses of different questions regarding electronic health records. The surveys conducted have been analyzed using Cronbach’s alpha tool that was adopted from the Agency for Healthcare Research and Quality.
Results: 144 healthcare personnel were surveyed through questionnaires. 144 of them took part effectively in the survey. From the survey, 98% of the research participants acknowledged that the use of electronic health records improves confidentiality of the healthcare workers. 70% of the participants agree that they have been issues regarding electronic health records and confidentiality. All the research participants agree that being secretive in keeping patient information.
Conclusion: Electronic health records are very important in the healthcare set up, it is greatly evident that various healthcare workers from various hospitals in eastern Saudi Arabia have weighed in on their perception of the use of electronic health records in the eastern said Arabia. Most of them have shown that the healthcare workers should treat healthcare information with the utmost dignity.
Background
Healthcare records are very crucial in any given organization that deals with healthcare service provision. All the organizations must capture the details about the patients and the workers effectively to ensure that the quality of the healthcare service is at an optimum level. Effective capturing of data has done wonders in most healthcare institutions since it has reduced the cases of data loss. A good example is a scenario where a patient gets to the hospital. When their data is not captured appropriately, the kind of medical services that such a client is likely to get may not be of higher expectation [1].
The healthcare system has been facing many challenges in the past decades because data has always been taken manually. For example, this outdated method has curtailed confidentiality, security, retrievability, and data transfer speed. Eastern Saudi Arabia has not been left out of this challenge. Research from the Centre for Disease Control and the World Health Organization have been among the platforms that have been listed as sections of the Asian continent that should review how they collect information. Ethics and morals in healthcare management highly regard confidentiality [2]. Confidentiality can be defined as keeping the secret about the details of the healthcare workers or the patients collected in the healthcare setup. Leakage or sharing information about clients can have very severe consequences [3].
The changes that have been heightened to improve the confidentiality process include the fact that each healthcare personnel can only be allowed to access the appropriate data relevant to his practice. For example, the record keeper is not eligible to access information from the physician or the pharmacy department. The perception of most of the healthcare workers based on this process has been an impressive one since all of them have realized the importance of the job that they do since the confidentiality, quality and the security of the information from the electronically collected data has become a top-notch [4]. Some of the transformations that have been witnessed in this include the stigmatization that some of the patients used to face. Good examples are HIV and cancer patients.
According to Evans (2016) [5], electronic health records have had a journey from 1992, when most countries launched them up to 2015. Indeed, it shows how the use of this method has made significant steps in providing healthcare services. The author of this paper gives a holistic view of how the ancient Egyptian hieroglyphic inscriptions were used to keep medical records. However, these medical records were not steady since they experienced data loss and to some extent, the data was obtained by the wrong users. In recent years, most of the medical records information has been stored on pieces of paper. It therefore has been facing the risks associated with the early hieroglyphics and cuneiforms [5]. Electronic health records have become more successful just because of the emergence of computers at their peak in the 1960s and 1970s. Evans states that the emergence of computers has made health records successful and has also made the patients’ information easier to read and understand.
The government of Saudi Arabia implemented the use of electronic health records entirely in 2008. The major aim was to target the public healthcare institutions that were doing badly off in terms of storing the patient’s data. Even though at the point of introduction, there were a lot of negative perceptions from the healthcare workers about the use of this platform, later it grew into something very invaluable to the healthcare workers. Some of the negative attitudes arose from the fact that some h healthcare workers were ignorant about using computers. Therefore, they developed a phobia of electronically using machines to transfer data [4]. From 2009, electronic data use stabilized in the country since it has accommodated even the ease of the mobile phones with high-resolution cameras to take pictures at the bedside. The captured images can be sent to the appropriate healthcare workers, even those far away. A typical is the instance where a laboratory imaging report can be taken and sent to an experienced radiology doctor for proper interpretation of the results. Electronic health records have improved service delivery, especially in the hospitals in Saudi Arabia that have a low number of healthcare workers. A laboratory result can be sent to a doctor online and later may give prescriptions to that patient more readily and quickly [4].
Electronic health records have been associated with confidentiality and the privacy of medical records. In the past two decades, there have been a lot of instances related to data confidentiality and privacy. Electronic health records have shown that people only access the information that is rightfully important to them. According to justices Brandeis and Warren, privacy is a fundamental right, just like any other form of the universal moral principle. They define it as the right to be left alone. Amir, N., 2020, defines privacy as the ability of individuals to keep information about them from being disclosed to any third party [6]. The individual’s information should not even be shared with the organizations or the government agencies even though it may appear very important. Information to be safeguarded can take various forms including identification data, treatment, diagnosis and progress notes and laboratory results. To protect confidentiality, this data can be stored in various forms, such as videos and electronic files. The identity of the patient should be encrypted in the form of codes. This will ensure that the patient’s Name is not disclosed in case of chronic diseases to avoid cases of stigmatization m among such patients. Patients’ information can only be released to those allowed by the law, such as insurance agencies. However, the agencies should not be given very critical information about patients unless it is essential to them [7]. The incidences that require such permissions may include the instances where the patient information is necessary for the purpose of payment.
Confidentiality about the patient has got some limitations in some instances for example in cases where the state needs the data about the patient to conduct a criminal investigation that the patient might have been involved in. other reason could be due to the instance of research when the patient information can be too important to determine the scope of the study. There are several cases of cyber security nowadays. Therefore, the information generated should be protected through proper encryption [8]. Encryption options involve using solid passwords and biometric encryptions such as using thumbprints, voice patterns and cornea identification. To the health insurance and portability and accountability act of 1996, employers are held accountable for any form of blunder that the employees might commit in their work areas. It therefore urges all the employers to ensure that they train their employees to safeguard patient data.
A good example is an instance where a pulse of 74 may be recorded as a pulse of 47. It can be very difficult to identify this kind of error in the manual system [9]. If left to go unnoticed. It can create a very big error that can lead to a very gracious misdiagnosis in the patient. The electronic health record system comes very much in handy since it has very important software’s that can be used to create the alerts on any form of poor data entry made.
Electronic data breach may be committed unknowingly gee the healthcare workers who do not have the proper knowledge of the type of knowledge of the healthcare workers, may have. For instance, in the scenario where a system is newly launched in an organization and there is no proper training about that particular system, healthcare workers may erroneously send the information to the wrong platforms. Some healthcare workers usually work with their associates in the same room. Some of the associates may get very credible information about some of the high end clients. in some cases, some healthcare workers usually allow some unauthorized people in their offices. Some of them get information that is very sensitive. This is the avenue of the leak of the information that needs to be effectively solved based on the self-discipline that the healthcare workers may have.
The articles provided in the literature review have all affirmed that indeed the electronic health records is a trend in the healthcare sector. It improves the quality of their healthcare service by embracing parameters such as confidentiality, security, reliability and integrity of the data collected. Apart from these, electronic health records have a role in improving the attitude of the healthcare workers in their areas of work. all the authors of the published articles acknowledge stakeholder’s ion governments should embrace electronic health records very graciously.
Therefore, the objectives of this deeply understand the use of information technology in ensuring that the patient’s confidentiality is in eastern Saudi Arabia is highly elevated. This was prompted by a number of data security concerns that was witnessed in eastern Saudi Arabia.
Methodology
The study is a qualitative, descriptive, and cross-sectional which involves selecting a particular group of cases from various populations that present the interest of the research. This research was done by research participants who represented the hospitals in eastern Saudi Arabia. The information obtained acted as the presentation of the entire region.
Study Population
The study population involved all the healthcare workers in hospitals that interacted directly with the patients. The sectors that were under focus included the receptionists, physicians, pharmacists, nutritionists, laboratory technologists, nurses, radiologists and other essential areas in the hospital [10]. The opinions taken from the research participants were taken with lots of consideration to help in understanding the role of healthcare workers in fostering patient confidentiality.
All the healthcare workers in various hospitals who were free to participate in the research were included in the study. The major sections included the physicians, health record keepers, pharmacists, radiologists, nurses, laboratory technologists and nutritionists [11]. The healthcare workers who were on leave or sick were excluded from taking part in this research. There is no way they could have contributed adequately to the research if they were away from their place of work. More importantly, the healthcare workers who appeared not to be sound mind were excluded from this research. They were excluded because of their inability to make proper decisions [11].
Ethical Permission to Carry Out Research
The department of health sciences guaranteed me the chance to take part in the research since the topic under study was one of those which proved to be very important for the study.
Results and Discussion
The response rate of the research participants was 98% (n=144/145). The responses came from different workers from different workers in different departments in the hospitals that use the electrochromic way of conveying data. These responses came in formats ranging from the pharmacists, physicians, clinical officers, dents and other important participants from different parts of the hospitals. The respondents came from different parts of eastern Saudi Arabia and had different years of experience in the respective departments. Below is the set of representation of different responses from the participants (Table-1).
Table-1: Frequency Distribution of the Respondents’ Background Information
144 responses were received from question (Have you previously learned something about data sharing and patient confidentiality?). Of those who responded YES were 130 while 14 gave a NO response. Out of the responses, 82 participants responded YES, this translates to 56.94% while 62 gave a NO response, this translates to 43.09% for question (Have you received any training in ethical data sharing practices?).
The healthcare workers gave their responses on the role of electronic health records on confidentiality and patient care. Various questions arose on how the varied parameters affected confidentiality. The results were given in three sections as either “YES, NO or I DON’T KNOW.” In other words, the questionnaire sought to address the stand of the research participants on the questions asked. The research was conducted among the 144 participants from different parts in eastern Saudi Arabia Below is the highlight of the responses that were provided (Table-2).
Table-2: Responses from Participants
The results displayed in this section was in different categories, the questionnaire directly targeted the response of the interviewees on how the usually respond to issues affecting patient data in their daily practice. Based on the questions asked, the parameters for the response were from the following options.
- NEVER
- SOMETIMES
- RARELY
144 participants took part in this. The researcher provided some choices concerning this question. They included: rarely which only attracted one response, “sometimes” 17 responses, “always” attracted 125 responses while “never” attracted 1 response (Table-3).
Table-3: Table Showing Responses from Research Participants
144 participants took part in this process, the responses to this question were provided in Table-4.
Table-4
The results that were received from this questionnaire are in Table-5.
Table-5
From the survey results, it is very easy to relate to some of the studies that were previously done by different scholars. The responses participants participated in the study shows how the healthcare workers in eastern Saudi Arabia embrace different findings from different research participants. 145 people were to take part in the research. Out of these, 144 participants accepted to be part of the research while 1 person declined. This translated to a representation of 98 and 1% respectively. There were 15 different workstations in the eastern Saudi Arabia where the research participants came from. There was a fair distribution of the research participants from all over the region. From this survey, it is easy to ascertain that the outcomes were a proper distribution of the thoughts of all the healthcare workers from eastern Saudi Arabia.
One of the important observations that can be made out of this observation is that there is an improvement on how the participants took part in the research. the compliant rate of 98% of the research participants shows that many healthcare workers in eastern Saudi Arabia have started changing their mind set on the research. It should be noted that from the previous studies for instance the study done by Wade (2007) on the impacts of electronic health records, there were limited people who came out to take part in the research study [12]. However, from the displayed findings, it can be noticed that people have learned the importance of the research.
Based on work specialty, it is easier to note that all that nearly all the critical departments in the healthcare system that effectively interact with the electronic health record system took part in this research. However, this option somehow varies from the research carried out by Wade (2007) [12]. It did not attract many research participants from all the departments that directly interacted with the patients. For example, the pharmacists 4.86%, physicians 16.67%, technicians 24.31%, administrators 11.11%, nurses 17.36%, health informatics specialists 2.08%, lab specialists, lab specialists, play therapists, dentists 4.17%, physiotherapists and other representatives from different departments. Indeed, they demonstrate all the healthcare sectors that interact effectively with the patient data. The research from the world health, it is advisable that when one is carrying out research in the healthcare organization, the researcher should explore all the sectors of the healthcare institutions [12]. Doing so enables the researcher to get more information from different sections in the research. All the departments have divergent views about the impacts of electronic health records in the republic of Saudi Arabia. It gives the environment to explore all the types of challenges and the strengths of different types of institutions. For one to capture all the important sections required in the research, they have to explore all the departments of a healthcare facility.
From this survey, 110 participants representing 76%, came from the government institutions, 26 participants (18%) came from the private institutions, and 8 participants (6%) came from the hybrid institutions. The healthcare institutions from the government setup were chosen because they deal with many cases due to increased patient overload. The hybrid institutions had a small number of participants because such institutions are few. The same case is similar to the hybrid institutions. These are institutions that partially depend on the support from the government and at the same time partially rely on their own. The above findings are supported by similar findings of the electronic research done in Kenya [13]. The scholars found out that a research carried out in government institutions attract a lot of participants because they have more number of employees. Hybrid and private institutions have fewer number of employees in most of the cases.
The research participants that took part in this research were from different participants of different kinds of patience. Some had less than 1-year of experience representing 10% of the research participants. The participants with the highest experience were more than 5 years representing 57% of the research participants. From this survey, it is worth noting that the research was a holistic one that captured all types of experiences, including the amateurs. Conducting the research in these different types of institutions provides the researcher with divergent results that does not only rely on one side. Most of the challenges faced by the healthcare workers regarding the use of electronic health records are largely available in the government institutions. Private hospitals enjoy the use of electronic services in their service delivery to the patients. However, the guideline from the Africa CDC on the scope of the research participants that should be selected slightly differed with this research. It advises that the research participants should be evenly selected. The number of those who are highly experienced should be on the balance with those who are not highly experienced. Sometimes the less experienced healthcare workers give their honest opinions about the questions asked. On the other hand, some experienced workers do not give their sincerest answers.
The results from the survey showed that 90.28% of the research participants have previously learned about data sharing and confidentiality. Contrarily 9.72% of the research participants have never had something concrete bout data sharing and confidentiality. It shows that the researcher targeted the right audience with the proper knowledge on how they could answer the questions correctly [12]. Training forms a very integral part of growth of an employee. When employees are given basic form of training, they are able to contemplate and articulate the issues that they know about a particular subject of study. From this research, it shows that 90.28% of the researchers would actively take part in the study knowing what they are supposed to answer. The remaining percentage would participate in the research without knowing much about what they are supposed to be talking about. Similar view is supported by Amir (2019) in his research about patient data confidentiality and protection, he urges that healthcare workers should have more information about the data confidentiality and protection [6]. It boosts their level of confidence when giving their opinion about the importance of electronic health records on patient confidentiality and opinion.
Regarding the ethical training, the responses indicated that 56.94% knows that handling the patient data recruiters some ethics, 43.09% did not receive the training. This is a serious loophole that can greatly cost the healthcare organization. Ethical aspects considered in data management include confidentiality and informed consent for the clients before they take part in research. This finding borrows some information from the research conducted by Bull et al. (2015) on best practices for ethical sharing of patient data [14]. The research findings show that healthcare workers who do not undergo serious ethical training usually face complains of social justice from the clients that they serve. Some of them, who do not know how to handle patient data may share them with wrong people. Eventually it can lead to lack of trust between the patient and healthcare workers. Bull et al (2015) suggests that healthcare workers should have good sharing practices [14]. They should understand what is worth sharing and what is not worth sharing; the right information should be shared with the right people.
From the results, 53.47 agree that confidentiality and access to medical records is governed by law. on the other hand, 26.39 do not agree while 6.25% do not accept. The findings however do not sound more realistic. Most of the known scholars that have written articles on electronic data security have actually embraced the fact there are laws that govern medical access of data. Some of the laws that protect access to medical records include data protection act of 1998. This act protects against disclosure of data relating to the living patients. Another law the freedom of information act of the year 2000. This act regulates the access of information held by public authorities for instance the government hospitals. The third most important law relating to access to medical records aces to medical reports acts of 1988. This act gives the patients the right to access medical records especially those that have been prepared for employment or insurance purposes. The access to deceased person’s records is another important law. if the client has asked for his information to be kept confidential after death. The same may apply to the information of their loved ones if they die [15]. The research participants who do not have a lot of information regarding.
This is one of the avenues through which data loss or stigmatization among the patients with serious medical conditions such as HIV AIDS. From the research participants’ response, it could be deduced that 67% of them responded that indeed confidentiality and access to medical records is governed by law. one of the cats that highly govern this law is the HIPPA (insurance profitability and accountability act) of 1996 [16]. It gives a suggestion that even the bodies such as the insurance bodies have to follow the right protocol before they get patient data. Not all data about patients should be given to them. by all means, confidentiality should be highly embraced during research, most of the known research that have been successful or those that have formed a fulcrum in research process.
Non-medical information forms a synergistic part of the medical health records. They should be treated with very great importance as the medical health records. A good example is usually the bills of medical treatments. The results from this research show that 72.91% of the research participants embraced that non-medical in the research are confidential. On the contrary, 11.81 percent do not agree with this. Non-medical records are not usually directly linked to the medical records, however, they give a true reflection of the information that might have been taken by the type of medical treatment. The bills are supposed to be kept very confidential, none should know how much a particular patient has used in the treatment. From the data displayed by the research participants regarding the importance of the non-medical records in the research participants [17].
In as much as non-medical health records are of no more value to the diagnosis of the patient, they add value since they make the data transmitted about the patient from one department to another have more meaning. HEATHER MUELLER (2020) support the fact that non-medical records should be kept confidential because without them some medical information may lack importance [17]. Non-medical information includes the identity card, the insurance card, client’s place of residence, resources and number of dependents. Knowing this information may guide through the scope of treatment. Exposing them may endanger several details about the patient.
From the contents of health insurance portability and accountability act (HIPAA) of 1966, there is great information on the importance of confidentiality of data that are shared with insurance companies and government officials. Police officers are at times allowed to access information about patients freely, sometimes there are very sensitive information that must be given to the government. For instance, if the medical details about the patient is to be used in providing the evidenced to the security team who are conducting investigations. In this case, the duty of confidentiality is not absolute. From the survey, 65% of the research participants gave a response that the police are not allowed to access the patient’s data [17]. The remaining percentage reasoned on the pointy that they can be allowed tom access patient data under those special circumstances.
The policy highlights that patients should be exempted from falling victims of exposed data. It could lead to leakage of some information that could lead to stigmatization of the patient. Police officers form part of the third parties that are not allowed to access patient’s information some of them are not professional enough to be trusted with such kind of information. However, confidentiality to medical records has limitations top some extent. The police can somehow be allowed to access medical information in case the information about the patient must be used for other beneficial duties for example in a court case, the police may sometimes be required to provide a proof that the victim in court suffers from any alleged condition [17]. In this case, the police officers may be allowed to access the patient data. Otherwise, under ordinary conditions, the police should not access the patient data.
Billing protection at the insurance and the protection at the healthcare institutions is very important. Insurance companies play a vital role in the healthcare sector, for them to settle the patient’s bill, they have a right to get some information, however, critical information cannot just be given to them. they need the consent from the clients before they are allowed to access the patient information. Patients consent is very important since it gives them the freedom to choose which kind of information should always be released to the insurance companies and which ones should not [18]. Patients’ confidentiality is still very paramount. Even if the patient dies, their information should be put as confidential as possible because they still have a name and a dignity to protect. Meaning that, their images should not be distorted just because they have died. From the survey, 65% of the participants had a perception that patient’s confidentiality should not be abused in death. 26% do not know while 9% think that it should be revoked at death. Patients’ information should not be abused during death; people should be respected whether dead or alive [19]. Even the dead people have a dignity to protect because most of their family member may not want that their next of kin gets a given kind of mistreatment. Recently, the Coved 19 disease attacked the whole world, it is one of the most contagious diseases that was hard to control. However, this disease required update of data on everyday basis [18]. This enabled the healthcare workers to know how they would prepare to tackle the challenge of this disease. In the event of handling a contagious disease, no critical data about the patient needs to be exposed. This is only given out in the exceptions where the credentials from the healthcare workers can effectively help in solving the challenges rendered buy the disease. From the survey, it showed that 41% for the participants do not agree with this concept.
According to Ishaq (2014), there are circumstances for disclosing patient information. He explains that patient’s information should only be disclosed under the situation where the patient gives consent or where there is a legal agreement that justify the disclosure of the information [20]. The findings from Ishaq, (2014) differs from the results from this research which shows that only 37.50 % of the research participants acknowledge that patient data can be disclosed in case the type of disease under control is a contagious one. 62.28% does not agree to this finding. It is advisable that sensitive information should only be displayed in case they are very useful to the public or the healthcare workers such that without them, a very vital concept is likely to be lost to the healthcare professional. In the process of achieving all these, professionalism should be highly being put in place.
Patients’ condition should remain very confidential, healthcare workers should not discuss other patient’s condition confront of other patients. This is a show of lack of professionalism that may be witnessed among the healthcare workers. No patient’s information should be disclosed to others. Such an act reduces the self-esteem of such patients and in the long run promote the aspect of stigmatization. Under serious conditions, for example if a patient suffers from a highly contagious disease, it can be accepted for the healthcare workers to alert other patients but this should take place in a very professional manner. This kind of reasoning is reflected on the types of responses that 71% of the respondents cannot discuss the patients’ information with other patients. The finding is very similar to those obtained from research conducted by M Beth Shanholtzer & Ensign (2021) [21]. Majority of the respondents agreed that they never participate in such acts. 12 % sometimes do so while 12% rarely do so. In other words, for appropriate data security and patient’s protection, none should trespass into the room where the healthcare workers are carrying out a medical examination.
Bayer et al (2015) agrees that Storage of information about the patients should be done in a very professional manner [22]. For instance, storing the information in a secured platform is a very important aspect. data should not be stored in platforms which are not protected. Unprotected storage sources may include those that are not encrypted or those that are not protected with strong passwords. In the survey, it the participant’s responses show that the most healthcare wr4kers do not store data in open storage sources like the bus storage platform. The healthcare workers should not use their personal computers to store patients’ information. Most of these computers are handled by different types of people. Sometimes the people who access such laptops may have ill intentions that may sabotage the patients’ data security [22]. Some of them may access this kind of data and eventually expose very critical information that can expose highly sensitive patients’ information.
From the survey conducted, a questionnaire that targeted how the healthcare workers deal with patient’s data of those who have mental health problems showed that a good number of the healthcare workers deal with such issues in a very sensitive way, for instance, these are people whose really require a lot of attention, their data should always be protected and stored in very sensitive manners. From the data surveyed, it actually showed that 104 (72.22%) of the participants agreed to the fact that that they always treat such information with a lot of discipline. Exposing data belonging to such patients can tract very heavy punishment on the healthcare worker. Sharing patient’s information with colleague healthcare worker can only be accepted if that that healthcare worker can provide very critical help to the success of a medical treatment. Otherwise, if the healthcare workers cannot provide any substantive help, then it can be very needless for any healthcare worker to share information with other colleagues [8]. Some of these healthcare workers are very less confidential in their personality and they can be the source of data leaks.
Virus protection should be highly enhanced in the promotion of data security. Virus protection prevents the loss of data. Data protection software such as sky flow helps in the encryption. Other encryption mechanisms include the use of passwords, the use of biometrics such as thumbprints or face identification techniques, firewalls also play a very candid role in the identification of this process [23]. the survey conducted showed that among the participants that took part in the research, a good number of them usually embrace the use4 of the encryption.67% of the participants gave a response that they always encrypt the data that contains patient information.16% does the same sometimes while 9% never encrypt their data. The percentage that does not encrypt the data can also be referred as the avenue through which the patient information is leaked in the healthcare institutions. Apart from encryption, patients’ data should not be discussed with other healthcare worriers unless it is very important to do so. There are very minimal circumstances that allow such. For instance, if the health condition of the patient is complicated, the healthcare workers is ethically allowed to invite his or her colleague for the advice [23]. However, any discussion should not be held out of the work session, some healthcare workers who do not have a great knowledge of ethics in healthcare. It is unethical to expose patient’s information in the public since it may lead to criminal charges. To conclude on this, it is worth recording that the patient data should be protected from anything that can expose the data to any form of attack from the virus. Therefore, all the relevant departments in the healthcare set up should develop the respective software to counteract the effects of the virus. Developing the virus protective devices enable the healthcare facility to be able to keep the patient data for a very long period without interference. In case the software does not function effectively, the use of cloud computing can be very effective.
From the survey conducted, the healthcare workers interviewed gave different opinions on how they usually handle the notes that they get from the patients. When asked whether they usually leave patients notes on the table, the gave different responses. 85 responses from the participants showed that they never leave notes about the patients on the desk. None of the participants always does that. On the other hand, 27 participants rarely do so while 32 sometimes do so. From the ethical point of view, leaving notes on the desk is not bad except if it is done for ill intention. Healthcare workers in the public hospitals usually have doctors working on different shifts. For this reason, it may be realized that a patient may be given service by two or more doctors. This may prompt the doctor top leave notes about the patient on the table to their next doctor so that they may easily access the file [23]. However, if this is not the case, therefore, the healthcare workers should not leave notes on the table. It may act as an avenue of the leakage of the information since some people may access the doctor’s office and get the critical information from the desk. In addition to that, it can also be an avenue for data loss in the healthcare institutions.
Amir (2019) explores more on the proper conduct is very important in a healthcare institution. Making phone calls or receiving phone calls about a patient when the healthcare worker is near other patients is not acceptable. The researcher’s investigation showed that 58% of the participants hardly do so, 1% always does that, while 22% sometimes does that. Calling in the presence of other patients may make some of them who suffer from chronic indications feel demoralized, stigmatized and dejected [6]. Healthcare workers should act professionally and only discuss other patient’s information at the appropriate places. It is good to minimize interference from the cell phones or other forms of distractions that may cause jeopardy to them. The healthcare institutions and the government sectors should develop certain rules that guides the healthcare workers on the type of behaviors that they should emulate while they should emulate while they are at workplace. Such measures have effectively worked in the countries which have effectively converted them into laws. From the research, if around 42% of the healthcare practitioners make phone calls while attending to patients, it therefore means that the possibility of them giving the patient full attention is highly limited.it could be the source of errors that majority of the healthcare practitioners commit as a result of the destruction from the cell phones or from other electronic devices in their lines of duty.
Conclusion
Health records has been exercised greatly in eastern Saudi Arabia. This has been prompted by a number of cases where data used to get lost in the hospitals. In order tom address such challengers, the healthcare workers and the management of various hospitals in eastern Saudi Arabia have come up with various strategies to solve such challenges. The ultimate solution to this is the electronic healthy records. Electronic health records do a number of roles that helps in befitting such challenges. Data protection and encryption should be highly regarded in the essence of promoting data protection. Data encryption involves the use of software that is able to detect any challenge on the data. Other encryption methods include use of strong passwords, use of biometric detection accesses and the use of firewalls.
References
[1] Marlow ML. Should government subsidize and regulate electronic health records. SSRN Electronic Journal. 2017;40:26.
[2] Alshammari MH. Adoption of unified electronic health record in Saudi Arabia: The residents perspective. International Journal of Advanced and Applied Sciences. 2021 Jan;8(5):14-19.
[3] NHS. A Guide to Confidentiality in Health and Social Care – NHS Digital. United Kingdom: NHS 75 Digital; 2022. Available from: https://digital.nhs.uk/data-and-information/looking-after-information/data-security-and-information-governance/codes-of-practice-for-handling-information-in-health-and-care/a-guide-to-confidentiality-in-health-and-social-care
[4] AlSadrah SA. Electronic medical records and health care promotion in Saudi Arabia. Saudi Med J. 2020 Jun;41(6):583-89. [PMID: 32518923]
[5] Evans RS. Electronic Health Records: Then, Now, and in the Future. Yearb Med Inform. 2016 May 20;Suppl 1(Suppl 1):S48-61. [PMID: 27199197]
[6] Amir N. Legal Protection of Patient Data Confidentiality Electronic Medical Records. SOEPRA. 2019;5(2):198-208.
[7] Harman LB, Flite CA, Bond K. Electronic health records: privacy, confidentiality, and security. Virtual Mentor. 2012 Sep 1;14(9):712-19. [PMID: 23351350].
[8] Centers for Disease Control and Prevention. Health Insurance Portability and Accountability Act of 1996 (HIPAA). United States: CDC; 2022. Available from: https://www.cdc.gov/phlp/publications/topic/hipaa.html
[9] Palmryd L, Rejnö Å, Godskesen TE. Integrity at end of life in the intensive care unit: a qualitative study of nurses’ views. Ann Intensive Care. 2021 Feb 5;11(1):23. [PMID: 33544309]
[10] Dinh-Le C, Chuang R, Chokshi S, Mann D. Wearable Health Technology and Electronic Health Record Integration: Scoping Review and Future Directions. JMIR Mhealth Uhealth. 2019 Sep 11;7(9):e12861. [PMID: 31512582].
[11] Karasneh R, Al-Mistarehi AH, Al-Azzam S, Abuhammad S, Muflih SM, Hawamdeh S, Alzoubi KH. Physicians’ Knowledge, Perceptions, and Attitudes Related to Patient Confidentiality and Data Sharing. Int J Gen Med. 2021 Mar 2;14:721-31. [PMID: 33688243]
[12] Wade D. Ethics of collecting and using healthcare data. BMJ. 2007 Jun 30;334(7608):1330-31. [PMID: 17599978]
[13] Paton C, Muinga N. Electronic health records: a case study from Kenya. Pathways Prosper. Comm. Backgr. Pap. Ser. no. 2018 Sep 13;12.
[14] Bull S, Cheah PY, Denny S, Jao I, Marsh V, Merson L, Shah More N, Nhan le NT, Osrin D, Tangseefa D, Wassenaar D, Parker M. Best Practices for Ethical Sharing of Individual-Level Health Research Data From Low- and Middle-Income Settings. J Empir Res Hum Res Ethics. 2015 Jul;10(3):302-13. [PMID: 26297751]
[15] Nicholas N, Nicholas S. Understanding confidentiality and the law on access to medical records. Obstetrics, Gynaecology & Reproductive Medicine. 2010 May 1;20(5):161-63.
[16] De Groot J. What is HIPAA Compliance? 2019 HIPAA Requirements. United States: Digital Guardian, Fortra; 2023 Feb 8. Available from: https://www.digitalguardian.com/blog/what-hipaa-compliance
[17] Mueller H. 3 HIPAA Compliance Facts Non-Medical Businesses Need to Know. United States: formstack; 2020 Feb 12. Available from: https://www.formstack.com/blog/hipaa-compliance-facts-non-medical-businesses-need-to-know
[18] English A, Lewis J. Privacy protection in billing and health insurance communications. AMA journal of ethics. 2016 Mar 1;18(3):279-87.
[19] Edemekong PF, Annamaraju P, Haydel MJ. Health Insurance Portability and Accountability Act (HIPAA). Nih.gov; StatPearls Publishing: 2019. Available from: https://www.ncbi.nlm.nih.gov/books/NBK500019/
[20] Ishaq S. When can I disclose patient information?. BDJ Team. 2014 Oct 1;1:14110.
[21] Shanholtzer MB, Ensign A. Integrated Electronic Health Records, 4th Edition. United States: McGraw Hill LLC; 2021. Available from: https://www.mheducation.com/highered/product/integrated-electronic-health-records-shanholtzer-ensign/M9781260082265.html
[22] Bayer R, Santelli J, Klitzman R. New challenges for electronic health records: confidentiality and access to sensitive health information about parents and adolescents. JAMA. 2015 Jan 6;313(1):29-30. [PMID: 25562260]
[23] George J, Bhila T. Security, confidentiality and privacy in health of healthcare data. Intern J Trend Sci Res Dev. 2019 Jun 30;4:373-77.