SESSION 5:

• NMT 04210: Basics of

Health Information
Management

5.3.1 Describe legal, ethical and

security concepts in relation to health
information management
Prerequisite modules :Basic Computer
Application
Resources Needed:
• Flip charts, marker pens, and masking tape
• Black/white board and chalk/whiteboard
markers
• LCD Projector and computer
• Note Book and Pen
 Methods of study
• e-leaning
• Lecture and discussion
• Tutorials
 Learning Materials and Teaching Aids

• Books, Journals
• Multimedia Projectors
• Computers
• Smart phones
• Audio and video files
 Learning Tasks

• By the end of this session a learner is expected to be able

to
• Define common terms related to legal, ethical and
security(privacy, confidentiality, legal, ethical, information
security)
• Explain the medico-legal principles of patient/client
information
• Explain legal implication in handling patient/client
information
• Describe instances in which medical records are used as legal
evidence
 Question

Define the common terms

• Privacy
• Confidentiality
• Legal
• Ethical
• Information security

5Minutes
 Definition of privacy, confidentiality,
legal, ethical, information security
• Privacy is a person’s right to control access
to his or her personal information, is the right
to be free from intrusion or interference.
• Confidentiality refers to personal
information shared with an attorney,
physician, therapist, or other individual that
generally cannot be disclose to third parties
without the express consent of the client
• Legal legitimate mean being in accordance with law,
this may apply to conformity with law of any sort (such
as natural, divine, common, or canon).
• Ethical refers to information security maintains
information in a safe and secured area.
• Safeguards to prevent loss, destruction and tampering
will be maintained as appropriate.
• Records will be released from the health information
management service only in accordance with the
provisions of this policy.
 Medico-legal principles of
patient/client information
• The following are medical-legal principles of
patient/client information;
• Data relating to an identifiable individual should
be held securely, in accordance with the Data
Protection Act 1998 and guidance on
confidentiality.
• The information held should be accurate, relevant
and up-to-date, and kept only as long as necessary
for the purpose of providing healthcare.
• Avoid unintentional disclosure for example,
by ensuring that any consultations with
patients cannot be overheard. When
disclosing information in any of the
situations outlined below, you should
ensure that the disclosure is proportional
anonymised if possible and includes only
the minimum information necessary for the
purpose.
• Responsibility to keep patient information
secure and protected against improper
disclosure at all times. The Information
Commissioner can impose a Civil Monetary
Penalty if data controllers seriously contravene
the Data Protection Act in a deliberate or
reckless way, or of a kind likely to cause
substantial distress or damages to an
individual.
• Confidentiality relates to all information
you hold about your patients, including
demographic data, the dates and times of
any appointments the patients may have
made, and the fact that an individual may be
a patient of yours or registered with your
practice.
 Question

Discuss
• Legal Implication in Handling
Patient/Client Information

10 Minutes
 Legal Implication in Handling
Patient/Client Information
• Legal awareness
• Accurate, content documentation should give legal
protection to the nurse, the client, the health care facility
and the client.
• Types of legal protection:-
• Adherence to professional standards of nursing care
• Agency (institution) policy
• Adherence to procedures for interventions and
documentation in all situations.
• Improving privacy and security practices
• Legal issues
• Some of the legal issues which can be observed in healthcare
delivery system are:-
• Failure to keep records as required
• Inappropriate destruction of documentation
• Falsification of clinical records
• Documenting care that never occurred
• Signing a document that is known to contain false or misleading
information
• Signing for care that was carried out by another person
•
• Maintenance of the medical records
• A medical record shall be maintained for every
individual who is evaluated or treated as an
inpatient, outpatient or emergency patient of the
hospital or any health facility. The medical
records are considered a hybrid record,
consisting of both electronic and paper
documentation.
• Documentation that comprises the medical
records may physically exist in separate and
multiple locations in both paper-based and
electronic format. The medical record
contents can be maintained in either paper
(hard copy) or electronic formats, including
digital images, and may include patient
identifiable source of information.
• Confidentiality
• The Nurses and other health personnel should
respect the patient confidential information,
except where disclosure is required by a court, or
justified in the public interest .The patients has
the right to believe that the private and personal
information he/she gives will be only be used for
the purposes for which it is given and will not be
released to others without his permission.
• In case the information is required for students
learning or for research purposes ,in such case
care must be taken to obtain permission,
protect the identity of the patient and ensure
that the notes are not left lying around in
public places where access cannot be
monitored. There is a need to obtain the
explicitly consent of a patient before
disclosure of the specific information.
• The death of a patient does not give you the right
to disclose information or to break the
confidentiality.
• Disclosure of information should only occurs:
With the consent of the patient Without the
consent of patient when the disclosure is required
by law or by order of court. Without the consent
of the patient when the disclosure is considered
to be necessary in the public interest.
• Content:
• All hospital records and hospital- based
clinic records must comply with the
applicable hospital’s medical staff rules and
regulations requirements for content and
timely completion.
• All documentation and entries in the medical
records, both paper and electronic must be
identified with the patient’s full name and medical
record number. All medical records entries should
be made as soon as possible after the care is
provided, or an event or observation is made.
Entries should never be made in the medical record
in advance of the service provided to the patient
Pre dating or back dating an entry is prohibited.
 Security of medical records

• Medical records shall be maintained in a safe and

secured area. Safeguards to prevent loss, destruction
and tampering will be maintained as appropriate.
• Records will be released from the health information
management service only in accordance with the
provisions of this policy. Chronology is essential and
close attention shall be given to assure that
documents are filed properly, and that information is
entered in the correct encounter record for the correct
patient.
• Maintenance and Legibility of Record
• All medical records, regardless of form or
format, must be maintained in their entirety,
and no documents or entry may be deleted
from the record, unless with accordance
with the destruction policy.
• Corrections and Amendments to Records
• When an error is made in a medical record
entry, the original entry must not be
obliterated, and the inaccurate information
should still be accessible.
 Question

Describe Research evidences in Which

Medical Records are Used As Legal
Evidence

ten minutes
Research evidences in Which Medical Records are Used As Legal Evidence

• The following are some research evidences on the use

of medical records as legal evidence;
• Research to date in this field has focused on women
victims of sexual assault. Among the observations that
have been made is that it is almost exclusively in cases
involving sexual violence that personal records of
women are appropriated, raising a concern about
gender inequality. The reality facing female victims of
sexual crime within a court of law when personal
records are used has been effectively.
• Records containing intensely private aspects of their
lives, possibly containing thoughts and statements
which have never even been shared with the closest
of friends or family. Aside from sexual assault
cases, little research has been undertaken to
understand how health records are used in criminal
and civil cases specifically involving violence
against women in relationships. In general, there is
a lack of consensus over how useful health
• Records are for women who experience abuse or
violence. On the one hand, there has been a push
to improve medical documentation so that it
becomes more useful in a court of law
• Aside from sexual assault cases, little research
has been undertaken to understand how health
records are used in criminal and civil cases
specifically involving violence against women in
relationships
• The majority of lawyers see health records as a form
of evidence to be used in legal proceedings. In
family law, the leading reasons reported for
accessing health records have to do with:
substantiating or dismissing claims of abuse, records
are helpful to exonerate and likewise confirm
experiences of abuse they work for both sides,
determining relevant health and medical issues
relating to spousal support and child
custody……..cont
• When there is a suggestion of mental health
issue that affects self sufficiency and ability
to care for children and for determine
consistency and reliability in recall of
female patients.
 Key Points
• In medical-legal principles of patient/client
information;
• Data relating to an identifiable individual should
be held securely, in accordance with the Data
Protection Act and guidance on confidentiality.
• The information held should be accurate, relevant
and up-to-date, and kept only as long as
necessary for the purpose of providing
healthcare.
• Avoid unintentional disclosure for example, by
ensuring that any consultations with patients
cannot be overheard. When disclosing
information in any of the situations outlined
below, you should ensure that the disclosure is
proportional anonymised if possible and includes
only the minimum information necessary for the
purpose.
•
• Responsibility to keep patient information
secure and protected against improper
disclosure at all times. The Information
Commissioner can impose a Civil Monetary
Penalty if data controllers seriously
contravene the Data Protection Act in a
deliberate or reckless way, or of a kind
likely to cause substantial distress or
damages to an individual.
 Session Evaluation.
• What is Privacy and confidentiality?
• What is legal and ethics?
 Assignment

1.Explain legal implication in handling

patient/client information
2.Describe instances in which medical records
are used as legal evidence
• References
• MHSW, (2008). Basic Nursing Procedures. ( 3rd ed).
Ministry of Health and Social Welfare: Dar Es-
Salaam, Tanzania.
• Craven, F. R. & Constance J. Hirnle, (2000).
Fundamentals of Nursing, (3rd).Philadelphia, USA:
Lippincott Williams & Wilkins
• Kozier, B., Glenora, E.R.B., Audrey B.,(2004).
Fundamentals of Nursing (7th ed). New Jersey, USA:
Pearson Education Inc.
• Potter, P. A & Anne Griffin Perry. (2005).
Fundamentals of Nursing (6th ed.)
USA:Mosby Inc.
• Efoghor, J. E. (2010, October 20). 20
Qualities of a Professional Nurse. Retrieved
End of section five