One of the largest problems with information security in healthcare has been inappropriate use by authorized users. Let’s discuss the fact that staff (RN, unlicensed personnel, etc) may have system access to view healthcare information of patients that they are not directly responsible for the care.

Is it appropriate for the staff to view patient’s information even though they are not directly caring for the patient? Why or why not?

How does HIPAA and the HITECH Act help to alleviate this problem?

How does this information impact your role as a nursing administrator/nurse educator and how can it be applied to nursing administration/education?