Policy formation
There is need to have change of patient record access. With the advent of technology, it is now possible for anybody to gain access to patient data and records using their mobile devices. with the advent of wireless networks, anybody with the credentials of the wireless networks and has patient data access credentials can have access to this sensitive data. There is a problem which has been discovered in that any device is being used. An authorized person may use a device which is not his/hers and access the networks and sets the device to remember password.
There is need for a policy regarding data access using EMR technology. There will need to monitor and regulate the extent in which devices can be used to access the data. If this is not done, the patient records will be compromised. This will mean that the device will be used by strangers (the real owners of the devices) to gain access the data because the access credentials are in the phone. There is a problem of unauthorized access to this data; for this reason, patient data is no longer safe. They are the breach of privacy.
There are alternative solutions to the problem. One is that there is need to have registration of all mobile devices that access the wireless network. These devices will be associated with individuals who are the owners of these devices. If a device is found to be accessing and using the data illegally, they will be liable and will be responsible for the offence. Another alternative solution is that the wireless networks should be disabled so that no one can access the network. This is not a good one because the efficiency of using technology in data access and manipulation is defeated. Another alternative solution is changing the password every day. This will be an inconvenience to the nurses and doctors for they have to remember the passwords every day.
The criteria that will be used to select the policy will be based on the efficiency and ease of use of systems. The choice should not kill the use of technology but should encourage its use responsibly.
The use of a policy will enable the use of information and electronic health records in a responsible way. It will enhance the privacy of the data that is being accessed.
If there will be no policy implemented, this will lead to compromise of data and patient data privacy. It will lead to loss of data privacy as patient data will be accessed by strangers. It will mean that any device that authorized staff use to access he network and the Remember password feature is enabled and does not belong to the staff will be used by strangers in future. Hackers may make use of them to access the data and therefore compromise the security and privacy of the data. Patient data can be altered.
I recommend the first alternative to the solution. All mobile devices should be registered and all owners of these devices should be told to disable the remember password. If these devices are found to be contravening data access and security, the owners will be responsible.
References
American Society fo Nephrology. (2010). Policy and public affairs: Patient care and clinical practice. Retrieved November 23, 2011, from American Society fo Nephrology: http://www.asn-online.org/policy_and_public_affairs/patient-care.aspx
Janssen, W. (1981). The story of the laws behind the lables. Retrieved November 23, 2011, from FDA Consumer: http://www.fda.gov/AboutFDA/WhatWeDo/History/Overviews/ucm056044.htm
Young, J. (1981, June). The long struggle for the 1906 law. Retrieved November 23, 2011, from FDA consumer: http://www.fda.gov/AboutFDA/WhatWeDo/History/CentennialofFDA/TheLongStrugglefortheLaw/default.htm
