Confidentiality Breach Prevention – Health System Example

Download free paperFile format: .doc, available for editing

"Confidentiality Breach Prevention" is a delightful example of a paper on the health system. Confidentiality is an ethical principle that all health workers should adhere to. In scenario 1, the male nurse employee breached confidentiality by visiting the female patient who had previously been admitted to the hospital. In principles of ethics in the duty of care by health care professionals, information about the patient should not be used for ulterior motives without the patient’ s consent (Carman & Britten, 2009). This paper will address the ethical and legal issues identified in the case scenario, identify appropriate legislation that can be employed and review risk management strategies that can be employed to prevent breaches of confidentiality in the future.

Finally, it will identify communication strategies to reduce the risk of breaches in confidentiality. Although the male nurse is to blame for the use of the medical records information for purposes not meant for patient care and management, the hospital records management team has a fair share of the blame. Medical records containing patient information are to be stored in a safe place with no unauthorized access (McGowan, 2012).

As Beech (2007) suggests, there should be policies that stipulate the safe storage and retrieval of patient information from the premises in order to avoid unnecessary access to data that do not benefit the patient directly. Secondly, medical records should not be left lying around in publicly accessible areas. The records can find their way in the hands of unscrupulous individuals who may use the information in ways worse than what the male nurse did. Ethically, the nurse would have sought consent from the patient, and this would be more relevant if the information the nurse wanted from the patient was to directly aid further care and management of the patient.

Any other reason would be unethical. Dickens and Cook (2010), concur that if consent was not sought, then the data could as well be anonymized in order to uphold the ethical principle of confidentiality. In medico-legal, medical consultations are protected by statutory policies that uphold the confidentiality of information between the healthcare professional and the patient. In the case of breach of confidentiality, the patient may sue the health care professional for being negligent in the use of information not directly related to his/her care and management.

In addition, the visit was a breach of the patient’ s human rights. The patient had a right to respect his/her private life, family, correspondence, and home. The piece of information given to the nurse should only be used for the purpose for which it was intended (Steward, 2005). Legislation The appropriate legislation was for the hospital administration to dismiss the employee. After discharge from the hospital facility, neither the hospital nor its employees have any right to inquire about personal details of the patient not related to follow-up care or rehabilitative treatment of the patient(Baker, 2009 ).

Therefore, it was a breach of contract between the male nurse and the patient. Besides, he did not inform the hospital administration about his intentions of inquiring about the patient’ s personal information from the records department. Secondly, the male nurse breached the nurse-patient relationship. The visit compromised the mutual respect that existed between the two parties. To the patient, it was a surprise; to the nurse, it was undermining the professional relationship. As McCarthy (2008)observes, advances in technology such as the use of computerized databases like telehealth, computerized medical records database, and the internet have led to a breach of confidentiality inpatient health information.

Therefore, appropriate safeguards should be put in place to ensure that the disclosure, use, and storage of patient’ s personal health information are maintained. In this scenario, the law relating to confidentiality requires that concerns and legislative action be taken against individuals who breach patient’ s confidentiality and privacy. It stipulates that the hospital’ s management has a duty to take action against an individual who through his/her behavior or otherwise, puts the patient at risk (Haynes, Cook & Jones, 2007).

It is the duty of the hospital administration to ensure that patients directly under their care are protected; therefore, failure on their part would amount to professional misconduct (Baker, 2009). Risk management strategies in preventing breach of confidentiality Risk management in preventing breach of confidentiality in future practice is a three-pronged approach that entails identification of the risk, minimizing the risk of loss, and minimizing the impact of the losses if they occur.

Medical risk management is a process that is aimed at improving patient care. Confidentiality is part of the quality of care and management. To begin with, identification of the risk of breach of confidentiality is the first step in its management. In this scenario, it is achieved by safe storage of patient information through the prevention of unauthorized access. Access should be allowed on the basis of an effect on patient care and management by those directly involved in the care of the patient (Virshup, Oppenberg, & Coleman, 2008). Secondly, minimizing the risk of loss pretty much entails unauthorized access to personal health information.

With computerized database storage, information can be safely safeguarded, although it has its fair share of risks compared to manual record-keeping. Finally, minimizing the impact of the losses entails minimizing the legal implications of the breach of confidentially on the hospital's reputation. This is achieved by training employees on the importance of patient confidentiality and the effect of its breach on the hospital’ s reputation and the individuals (Irving, 2009).

Needless to say, risk management is an important initiative that all hospitals should consider in order to avoid unnecessary litigation lawsuits and damage to the reputation. Communication strategies to assist in reducing the risk of confidentiality breaches Background and introduction Confidentiality is both an ethical and legal principle that deserves to be given the weight commensurate to the effects of its breach. Health care professionals need to be informed about the effects of breach of confidentiality on the hospital’ s reputation and the individuals involved. Apart from damaging the hospital's and the individual’ s reputation, breach of confidentiality is a legal issue and the individual and/or the hospital can be sued in a court of law.

Therefore, there is a need for the hospital to develop a communication strategy that will serve as a tool of information in educating its employees about it. Objectives To create awareness on the definition of confidentiality and its various aspects To create awareness on the effects of breach of confidentiality at the health professional’ s level To create awareness effects of breach of confidentiality on the individual patient To create awareness on the effects of breach of confidentiality on the hospital’ s reputation To identify risk management strategies practical in the institution of care To bring a change in behavior among the employees with regards to confidentiality issues Audiences The target audiences are: The hospital administration staff The hospital’ s non-medical employees The hospital's medical employees The community and Patients Messages Definition of confidentiality and its various aspects Effects of breach of confidentiality at the health professional’ s level Effects of breach of confidentiality on the individual patient Effects of breach of confidentiality on the hospital’ s reputation Risk management strategies practical in the institution of care Change in behavior among the employees with regards to confidentiality issues Tools and activities The tools to be used for communication are: Six media releases in a period of 10 weeks through radio and television to reach a wider population A social media site to reach out to the technologically savvy population Public forums with keynote speakers being the area medical health officer and other leaders in health administration Health leaflets educating people on the effects and importance of confidentiality during their care and management as well as their rights Newspaper and newsletters advertisements Evaluation and amendment The success of the communication strategy will be measured by: When over 10,000 likes on the social media sites (including Twitter and Facebook) is achieved When over 100 leaflets are distributed in different areas in a day The feedback received from the newsletter and newspaper advertisements When the public forums record attendance of more than 1000 people per session The number of positive comments and likes recorded from our social media sites The potential risks to the communication strategy include:   Potential risk to the communication strategy Mitigation response to the risk Heavy financial costs Partner with the health officials in the ministry of health, funding from collaborative non-governmental organizations. Physical and mental exhaustion Proper nutrition and engaging in regular physical exercises.

Low protein and high energy giving meals, soft drinks given in between the sessions. Hacking of our social media sites Password to be case-sensitive and no unauthorized access. Insecurity in the public forums Engage the local security personnel in the provision of adequate security.  


Baker, R. (2009 ). Confidentiality in professional medical ethics. American Journal of Bioethics, 6(2), 39-41. Retrieved from

Beech, M. (2007). Confidentiality in health care: conflicting legal and ethical issues. Nursing Standard, 21(21), 42-6.Retrieved from

Carman, D., & Britten, N. (2009). Confidentiality of medical records: the patient's perspective. The British Journal of General Practice, 45(398), 485–488.Retrieved from

Dickens, B., & Cook, R. (2010). Law and ethics in conflict over confidentiality? The International Journal of Obstetrics and Gynaecology, 70(3), 385-91.Retrieved from

Haynes, C., Cook, G., & Jones, M. (2007). Legal and ethical considerations in processing patient-identifiable data without patient consent: lessons learned from developing a disease register. Journal of Medical Ethics, 33(5), 302-7.Retrieved from

Irving, A. (2009). Twenty strategies to reduce the risk of a malpractice claim. The Journal of Medical Practice Management, 14(3):130-3.Retrieved from

McCarthy, R. (2008 ). Ethics and patient privacy. Journal of the American Pharmacists Association, 48(6), DOI: 10.1331/JAPhA.2008.07144

McGowan, C. ( 2012). Patients' confidentiality. Critical Care Nurse, 32(5), 61-4. DOI: 10.4037/ccn2012135.

Steward, M. (2011). Electronic medical records. Privacy, confidentiality, liability. The Journal of Legal Medicine, 26(4), 491-506.Retrieved from

Virshup, B., Oppenberg, A., & Coleman, M. (2008). Strategic risk management: reducing malpractice claims through more effective patient-doctor communication. American Journal of Medical Quality, 14(4):153-9.Retrieved from

Download free paperFile format: .doc, available for editing
Contact Us