Information Technology and Ethics/Privacy and Health Care



Three significant ideas are regularly utilized in the assurance of healthcare data inside the United States medicinal services framework: classification, protection, and security. However, every one of these ideas has an alternate vital significance and one-of-a-kind job. The most important part of health care records is privacy. Healthcare records contain detailed information about the patient’s medical history to his data.

The protection and security of patients’ healthcare data is a top need for patients and their families, medical insurance companies, and experts. Government laws require a significant number of people and associations that can handle health care data and can also provide security, ensuring the privacy of patients’ health care data regardless of whether it is put away on paper or electronically.

In the USA, most now and again, “HIPAA” rings a bell when medical records security is concerned with “The Health Insurance Portability and Accountability Act of 1996”. It was passed as the internet was becoming a larger presence in everyday life. It sought to enable the transfer of medical records from paper to electronic data. [2] HIPAA is responsible for privacy, security, and breach notifications about healthcare data. The Privacy Rule gives rights regarding healthcare data, which was developed by the Department of Health and Human Services (HHS) to protect the confidentiality of personal health information. The HIPAA also allows patients to the constraint on how their healthcare data can be used, and the security rule offers patients the freedom to choose and know how their medical records must be kept secure with authoritative, specialized, and physical protections. The patients must consent in order to disclose personal health information through a contract. The patients may have extra insurance and medical records rights under their State’s laws. There are likewise federal laws that secure health care records.[3]

Why privacy in health care is important


Health care research and security assurances both give significant advantages to society. Medical research is crucial to improving human health and medicinal services. Protecting patients engaged with the study and saving their privileges is a fundamental moral duty. The necessary legitimation for securing individual privacy is to ensure the interests of people in providing their data for research. Patients must provide their medical data for further study; it can drastically speed up the research process and will be very beneficial to society. Simultaneously, clinical research can profit people; for instance, it encourages access to new treatments, improved diagnostics, and increasingly compelling approaches to forestall disease.[4]

Without medical privacy, patients may avoid needed healthcare and physicians may not enter important information into the patient's records. [5] Medical records contain sensitive information about every individual that could be used to negatively affect a person’s life. This includes fertility, abortions, substance/physical abuse, STDs, etc. Access to such information can damage a person’s reputation which can permanently affect their lives. Our medical records also contain mundane content such as height, weight, or if any bones were ever broken. Physicians need access to our complete medical records to provide an accurate diagnosis. Without an accurate diagnosis, patients may pay for an expensive treatment that was unnecessary or be given the incorrect medicine for a disease.

What includes in privacy


Securing data gathered with the consideration of the patient is a fundamental belief in social insurance. Protecting different structures is an essential key to trust. Enhanced privacy includes various angles, including personal space (physical security), individual information (enlightening protection), own decisions including social and strict affiliations (decisional protection), and personal associations with relatives and different lingerie (associational security).

Doctors must look to ensure privacy protection in all settings to the best degree conceivable and should:

  • (a) Minimize outsider interruption in health care records.
  • (b) Inform the patient if there has been a breach, which can affect the patient directly or indirectly.
  • (c) Be careful that singular patients may have exceptional worries about security in any of these zones.[6]

Protecting health care information can be broken down into three concepts:

  • Privacy: Protecting one’s privacy is essential and the patient has the right to keep their medical record confidential. [7]
  • Confidentiality: Selective control of sharing personal health information to a care provider or guardian under an agreement that limits what information may be released. [5]
  • Security: Policies and principles that help maintain the integrity and availability of information access.

Ways to Protect Health care information

  • (a) Ensure the system

As hackers have an assortment of techniques for breaking to medicinal services associations’ networks, health care IT divisions need to utilize a variety of devices to attempt to keep them out. In many cases, most firms spend a lot on edge security, for example, firewalls and antivirus programming, while specialists caution, they ought likewise to be embracing advancements that limit the harm when assaults do happen.

  • (b) Train staff individuals for security

Regardless of any ill will, the staff members are mostly involved in data breaches because of carelessness. Subsequently, all the IT security programs are dependable upon staff training, including Preparing on what does and doesn’t compromise a HIPAA infringement. Staff should be educated about phishing, social engineering, and different other attacks that target representatives, and also choose a very very very strong password.

  • (c) Secure remote systems

Most of the Medical institutions are progressively depending on the remote operating system for their offices. Yet, sadly, those remote systems regularly present security to many vulnerabilities. Information can be taken by hacking into those systems, for instance, mainly if the association depends on obsolete technology, for example, if medical institutions utilize the very “Wired Equivalent Privacy (WEP) security standard.” Hacking these systems will be a piece of cake for hackers.

  • (d) Erase pointless information

The more information that is held by an association the more there is for hackers to take. Medical institutions should remove the redundant data, which is, at this point, not required or useful. Moreover, it consumes more energy and resources to routinely review the data that is not useful, so the association realizes what’s there and can recognize what might be erased.

  • (e) Improve physical security controls

Even as electronic health records become progressively typical, the medical institution may keep a great deal of sensitive information on paper. Thus, suppliers must ensure entryways and file organizers are locked and secured, and cameras and other physical security controls are utilized. Moreover, associations should make sure about IT hardware by locking server rooms and using link locks or different gadgets to keep PC and workstations joined to office furniture.

  • (f) Incident Response plan

It is essential to get ready for the worst; there is very little probability that the associations can always forestall each conceivable IT security occurrence. That is the reason it’s essential to build up a game plan for when a break occurs.[8]



It is very clear from the above sections that most people want to protect their information; most of them want to live a very private life. Apart from it, there is a lot of data breach that happened in medical institutions, which leads patients to conceal compassionate information from doctors; as a consequence, they could not get a proper cure for their disease. So protecting health care information is not just about protecting the information from hackers. Keeping medical information secret encourages patients to provide detailed information about their medical condition. Protecting health information will also help patients to come forward and offer their medical records for further research, which can increase the standard of care in hospitals. By using the recommendation provided in this article, a lot of data breach attacks can be stopped from being successful. Patients want to provide their medical information, but due to a lack of privacy, they do not. If an exceptional level of privacy can be achieved in medical institutions, it can be very beneficial for the whole of humanity.


  1. Health Information Privacy. Retrieved from
  2. Bodie, M. T. (2022). HIPPA. Cardozo L. Rev. De-Novo, 118.
  3. Health Information Policy and Laws Retrieved from
  4. Appari, A., & Johnson, M. E. Information Security, and Privacy in Healthcare.
  5. a b Rindfleisch, T. C. (1997). Privacy, Information Technology, and Health Care. Communications of the ACM, 40(8), 92-100.
  6. Health Information Privacy. Retrieved from
  7. George, J., & Bhila, T. (2019). Security, confidentiality and privacy in health of healthcare data. International Journal of Trend in Scientific Research and Development, 3(4), 2456-6470.
  8. Moore, I., Leason, S., Miller, S. C., & Hickson, G. B. Confidentiality and privacy in health care from the patient's perspective: does HIPAA help?