BSN Programs

To find out more

CONTACT KPU for admission information.

Learning Activities
Confidentiality and Security of Health Data


"Ethical conflicts over the nature and appropriate use of personal health information are not new. Unauthorized and inappropriate disclosures of personal health information have occurred probably for as long as detailed records have been kept. However, advances in information technology that allow the rapid assembly and dissemination of information have magnified the ethical problems inherent in keeping personal health records secure and private. As information networks and databases slowly penetrate into every aspect of the health care sector, the opportunities for unethical disclosure of personal health information will increase accordingly."

- (Mullen & Lavery, 1998).

The privacy and confidentiality of data, as well as the security and safety of hospital and other health information systems are protected by policies and procedures initiated by the involved agencies. Included in these procedures are precautions taken by individual health care providers, including nurses. Agencies are required to protect data from unauthorized use, and from destruction and disclosure. They also control data input and output, depending on health care providers to be responsible and accountable for managing client data.

"The security of health information is distinct from individual interests in privacy and confidentiality. Security refers to technological, organizational, or administrative processes designed to protect data systems from unwarranted access, disclosures, modification, or destruction. Maintaining the security of health information is not synonymous with preserving its privacy. Absolute privacy of health information can never be assured even with maximum security protections because no security system can safeguard against access by those who are authorized to use the data system. Thus, authorized users can invade patient privacy even in the most secure data systems. The purpose of security is to ensure that data systems are accessed only by those persons having authorization." (Gostin & Hodge, 1999).

Ends in View

This learning activity is intended to give the learner the opportunity to:

1. Explore the legal, ethical, moral and political implications of using computer systems to manage client health data.

2. Gain awareness of security measures used in health care agencies to maintain confidentiality and data integrity.

3. Understand the link between confidentiality, security and caring in nursing.

4. Recognize the utility of databases for storing data.

In Preparation

1.READ: Canadian Institute for Health Information (2020) Privacy Impact Assessment Policy.

2. READ: Canadian Institute for Health Information. (2013). Privacy Policy on the Collection, Use, Disclosure and Retention of Personal Health Information and De-Identified Data

3. READ: Canadian Nurses Association (2011). Fact Sheet: Privacy of Personal Health Information.

4. VIEW VIDEO: Capital Health Ethics Support Privacy and Confidentiality.

In Practice

1. Consider the following situation:

You are using a computer to access your client's chart at the nurses' work station. You are called away from the desk suddenly, and forget to log off the system. By the time you get back to finish with the computer, someone else is using it. You realize that they are using your logged on user I.D.

What immediate action would you take?

What measures would you take to ensure your client's data and confidentiality were protected?

2. Read the following statement:

"The health care agency owns the data in it's computer system and is therefore free to do whatever it chooses with that data."

Is this accurate?

What issues does this statement raise?

3. How can a health care agency control and monitor their:

a) hardware security
b) software security
c) data security
d) communication and electronic security
e) technical security
f) physical and environmental security
g) personal security

What is the differences between these varied levels of security? Are they related?

4. a) Create a set of directives for university college students and health care professionals to use for effective legal and ethical use of computers on campus and in health care settings.

b) Using a wordprocessing or desktop publishing program, create a one page catchy flyer to present the directives in (a). Save and print out your directives for your colleagues.

5. What possible complications arise when using a database to harbour client data? What accountability issues result for nurses and other health care professionals?

In Reflection

1. Reflect on how a nurse's level of computer literacy can influence a client's right to privacy, confidentiality and data security.

2. What consequences might a nurse face if he/she acts unethically with client health data?


Gostin, L. & Hodge, J. (1999). Privacy and Security of Public Health Information. Model State Public Health Privacy Project. National Center for Health Statistics - White Paper. Washington, DC: Georgetown University Law Center. http://www.critpath.org/msphpa/ncshdoc.htm

NEXT: Visual/Multimedia Teaching In Pathophysiology....Next.

Nursing Informatics Integration for the BSN and BSN-AE Nursing Programs at Kwantlen Polytechnic University
Design & Content by June Kaminski, RN MSN PhD(c) - 1999 - 2021
All rights reserved. No reproduction without written permission