Syllabus

Schedule

Course learning modules are divided into weeks. Each week starts on Wednesday at 12:00 am Eastern Time (ET) and closes on Wednesday at 11:59 pm ET, with the exception of Week 8, which ends on Sunday. All assignments must be submitted by 11:59 pm ET on the due date.

Course Schedule at a Glance

Learning Modules	Topics	Assignments and Due Dates
Week 1 10/24 – 10/31	Introduction to the Fundamentals of Law for Health Informatics The Legal System in the United States	Discussion – Initial post by Sunday 10/28, responses by Wednesday 10/31 Case Study – Wednesday 10/31
Week 2 10/31 – 11/7	Consent and Release of Information	Discussion – Initial post by Sunday 11/4, responses by Wednesday 11/7 Case Study – Wednesday 11/7
Week 3 11/7 – 11/14	Legal Health Record	Discussion – Initial post by Sunday 11/11, responses by Wednesday 11/14 Case Study – Wednesday 11/14
Week 4 11/14 – 11/21	Corporate Compliance/Medical Staff Compliance	Discussion – Initial post by Sunday 11/18, responses by Wednesday 11/21 Case Study – Wednesday 11/21
Week 5 11/21 – 11/28	HIPAA Privacy and Security Rules	Discussion – Initial post by Sunday 11/25, responses by Wednesday 11/28 Case Study – Wednesday 11/28
Week 6 11/28 – 12/5	Information Risk and Management	Discussion Forum – Initial post by Sunday 8/5, responses by Wednesday 12/5
Week 7 12/5 – 12/12	Information Rights vs. Protection	Discussion – Initial post by Sunday 12/09, responses by Wednesday 12/12 Research Paper – Wednesday 12/12
Week 8 12/12 – 12/16	Cybersecurity Management	Discussion – Initial post by Friday 12/14, responses by Sunday 12/16

Weekly Course Schedule

Week 1 — Introduction to the Fundamentals of Law and our Legal System for Health Informatics

Learning Outcomes:

• Discuss health record and data ownership
• Analyze various options to mitigate malpractice

Readings:

• Brodnik, Chapters 1 – 5
  • Introduction to the Fundamentals of Law for Health Informatics and Information Management
  • Law and Ethics
  • The Legal System in the United States
  • Legal Proceedings
  • Evidence
• HeathIT.gov Website: Protecting Your Privacy & Security (https://www.healthit.gov/patients-families/your-health-information-privacy)
• Website to accompany the video found below: Get My Health Data (https://getmyhealthdata.org/about-us/)

Video:

• National Partnership for Women & Families. (2016, Feb 26). Get My Health Data. [Video File]. Retrieved from https://www.youtube.com/watch?v=n5bsLCZZsCs

Assignments:

Discussion Prompt: Who owns the patient health record and who controls the use of the information within the record? How does digital and mobile health complicate this? Think about a time when you (or someone you know) requested a copy of your health record. What format was it in — paper or digital? Please provide a short narrative about that experience.

Case Study Assignment (Read the case study and answer the questions that follow. Use APA formatting.):

A member of the hospital’s medical staff has been accused of improperly billing Medicare for treatments done in his office that were not medically necessary. A subpoena for copies of patient records was received but the subpoena does not include a patient authorization for the release of records. In addition, the subpoena requests all “peer review committee” records pertaining to this physician. Consider the following questions:

1. What must you check before releasing the patient records?
2. What legal concept described in this chapter will determine the admissibility of the hospital records into evidence?
3. The defendant’s lawyer objects to the subpoena, arguing that the patient records are “hear-say”. To resolve this issue, identify at least one element will likely be required in your testimony.
4. Your hospital attorney objects to the subpoena of the peer review committee materials, citing state law that protects peer review records from discovery. What legal concept describes this protection?
5. While acting on the subpoena, you discover that one of the patient records (which are electronic) has had major sections deleted. Your review of the audit trails determines that a hospital staff member was responsible for the deletions. Under what legal concept could the hospital be subject to liability for the deletions? What should have been done to protect the records?

Week 2 — Consent and Release of Information

Learning Outcomes:

• Discuss laws regarding release of information and consent
• Analyze scenarios for possible HIPAA violations

Reading:

• Brodnik, Chapters 8 & 15
  • Consent to Treatment
  • Access, Use, and Disclosure and Release of Health Information

Assignments:

Discussion Question:

In the early 2000s, the Terri Schiavo case brought the attention to the people of America the importance of Advanced Directives, Living Wills, and DNR orders.

This monumental case involved a woman in an irreversible vegetative state and her husband attempting to remove her feeding tube.

After reviewing the Schiavo case in the provided link below, discuss your thoughts.

• From this case and your readings, what have you learned about advanced directives, living wills, and DNR orders that can be taught to your patients and loved ones that you may not have known or considered before?
• Research and discuss another prominent case that involve Advance Directives, Living Wills, or DNRs and discuss your findings with your classmates. How does it compare and contrast with the Schiavo case?

Quill TE. Terri schiavo — A tragedy compounded. N Engl J Med. 2005;352(16):1630-1633. https://doi.org/10.1056/NEJMp058062. Accessed September 10, 2018. doi: 10.1056/NEJMp058062.

Case Study (Read the following case study and answer the questions which follow. Use APA formatting.

In December 1981, Darrell Burch was found wandering along a Florida state highway with bruises, cuts and was disoriented. A person driving by picked him up and took him to a mental health center in Tallahassee which found that he was suffering from paranoid schizophrenia and in need of long-term treatment. A few days later Burch was transferred to Florida State Hospital. While at these facilities, Burch signed voluntary admission and consent-to-treatment forms. He remained at Florida State Hospital for five months, and soon after his release, he filed a complaint, stating he was inappropriately committed. He also stated that he did not remember signing any admission or treatment forms during or before his stay at the hospital. The complaint reached the Florida Human Rights Advocacy Committee which encouraged Burch to proceed with his grievance. In February of 1985, Burch filed a lawsuit in federal district court against both Apalachee Community Mental Health Services (the community mental health center in Tallahassee where he was first taken) and Florida State Hospital. In the lawsuit he stated that his constitutional rights had been violated when he was treated as a voluntary patient: because of evidence that his mental condition made him incapable of giving voluntary consent, he was entitled to the procedural safeguards of the involuntary placement procedure.

1. 1. At the time Mr. Burch was first admitted to Florida State Hospital, who ultimately had the power to make the final decision to admit him? Why?
2. Was Mr. Burch’s consent actually necessary for him to be admitted to either facility? If so which one(s)?
3. Do you believe that Mr. Burch was “non compos mentis”, and that the hospital should have followed a different route? Explain.
4. After reading through the case, do you think the Supreme court decision has had any impact on the treatment of mentally ill patients in similar situations?

Read more at: https://mentalillnesspolicy.org/legal/informed-consent-zinermon-burch.html

Week 3 — Legal Health Record

Learning Outcomes:

• Discuss the implications of printing legal medical records
• Identify procedures for ensuring consistency in legal records
• Compile and annotate literature about medical record regulations

Readings:

• Brodnik, Chapter 9
  • Legal Health Record

Assignment:

Discussion Question: Please describe how the implementation of electronic medical records has changed healthcare professionals’ charting habits.

Consider the following actions: cut and pasting (cloning), the use of abbreviations, making changes and/or revisions to the health record, late entries, deletions, and any other bad or good habits from your reading. In your post and discussion with other, consider the following:

• Why have these new habits have come about with the implementation of EMRs?
• What are their implications?
• Propose a case where these habits have a beneficial outcome.
• Propose a case where these habits have a negative outcome.

Case Study (Read the case study and answer the question that follows.Use APA formatting.):

The director of health information management, as the custodian of medical records, is having a great deal of difficulty responding to subpoenas for patient records. The facility is in the midst of converting from a paper-based to an electronic patient record. Some information is on paper (such as consents), some information is scanned immediately following discharge (such as nurses’ notes), some information is automatically (COLD) fed into the EHR system (such as transcription reports) and some information resides only within electronic systems (such as lab results and physician orders). The process of finding and identifying the various parts of the patient’s record from the various sources is time-consuming and there is concern about ensuring the same response (that is, that the legal health record is produced) each time a record is requested. An attorney requested a record, followed by an additional request. What he received from the organization the first time was substantially different from what he received the second time. When the attorney deposed the custodian, many questions were raised about how record requests were handled. Questions were also raised about daily operational processes including how the patient’s legal health record was compiled in response to a subpoena, and if the resulting report was the true and complete record for the patient.

1. What steps should the director take to ensure that responses to subpoenas consistently result in the true and complete health record of a patient?

Week 4 — Corporate Compliance/Medical staff Compliance

Learning Outcomes:

• Hypothesize the underlying reasons for health care fraud
• Analyze non-compliance in billing procedures to determine potential ramifications

Readings:

• Brodnik, Chapters 15 & 16
  • Access, Use, and Disclosure and Release of Health Information
  • Required Reporting and Mandatory Disclosure Laws

Reference:

• US Department of Health and Human Services. (n.d.). Office of Inspector General Retrieved from http://oig.hhs.gov/

Assignments:

Discussion Question:Is healthcare fraud and abuse is on the rise, or the decline? In what ways? How is fraud or abuse related, if at all, to the nationwide adoption of electronic medical records? Can you identify potential improvements?
Please provide citations for your evidence-based responses.

Case Study Read the case study from page 470 in your text, and then answer the questions which follow. Use APA formatting.

A hospital compliance auditor noticed during a routine audit that an unusually high number of pressure ulcers submitted on claims over the last six months were coded as state 3 or 4. A deeper analysis of the medical records revealed that an upgrade in the computer-assisted coding software had resulted in a glitch whereby the system was automatically assigning the codes for either a stage 3 or 4 pressure ulcer regardless of the stage identified in the clinical documentation. While the coders were supposed to review auto-assigned codes, they had missed the errors in the pressure ulcer codes. Since a stage 3 or 4 pressure ulcer is a major complication/comorbidity in the Medicare MS-DRG system, the coding error had led to inappropriate higher-paying MS-DRGs in some cases.

1. What should the auditor do?
2. What should be the next step to confirm whether incorrect does were submitted and resulted in overpayment?
3. If overpayment did occur, should the hospital just keep quiet about it and assume that other errors likely resulted in underpayments, so the overpayments and underpayments would probably balance each other out? If not, what actions should be taken?
4. Failure to report overpayments may result in liability under what federal satute(s) and / or law(s)?

Week 5 — HIPAA Privacy and Security Rules

Learning Outcomes:

• Discuss how HIPAA affects the ability of consumers to access their healthcare records
• Analyze healthcare scenario in order to assess whether HIPAA policies are being followed

Readings:

• Brodnik, Chapters 10, 11, 12
  • Chapter 10: HIPAA Privacy Rule, Part I
  • Chapter 11: HIPAA Privacy Rule, Part II
  • Chapter 12: The HIPAA Security Rule
  •  

Videos:

• Part 1 – Office of the National Coordinator for Health IT. (2016, June 3) Your Health Information, Your Rights Retrieved from https://www.youtube.com/watch?v=3WsRzlutBQk
• Part 2 – Office of the National Coordinator for Health IT. (2016, June 3) Your Health Information, Your Rights Retrieved from https://www.youtube.com/watch?v=y1BOc9HN0TA
• Part 3 – Office of the National Coordinator for Health IT. (2016, June 3) Your Health Information, Your Rights Retrieved from https://www.youtube.com/watch?v=bonloqeOrAg

Assignments:

Discussion Question: This week you watched a series of short videos entitled Your Health Information, Your Rights which were designed for healthcare consumers. You have read and thought a lot about healthcare records from the perspective of healthcare providers, but it is important to consider them from the perspective of consumers as well. Please comment on something that jumped out at you from the videos. Was there anything in the videos that surprised you?

Case Study Read the following case study and answer the questions which follow. Use APA formatting.

Employee Unlawful Access to Hospital Records – A former UCLA Health System employee became the first person in the nation to be sentenced to federal prison for violating HIPAA. Huping Zhou, 47, of Los Angeles, was sentenced to four months in prison on April 27 after pleading guilty in January to four misdemeanor counts of accessing and reading the confidential medical records of his supervisors and high-profile celebrities, according to the US Attorney’s Office for the Central District of California. Zhou was also fined $2,000.

In 2003, Zhou, who was a licensed cardiothoracic surgeon in China before immigrating to the United States, was employed as a researcher with the UCLA School of Medicine.On October 29, 2003, Zhou received notice that UCLA intended to dismiss him for job performance reasons unrelated to the illegal access of medical records. That night, Zhou accessed and read his immediate supervisor’s medical records as well as those of other co-workers. Over the next three weeks, Zhou abused his access to the organization’s electronic health record system to view the medical records of celebrities and high-profile patients, including Drew Barrymore, Arnold Schwarzenegger, Tom Hanks, and Leonardo DiCaprio. According to court documents, Zhou accessed the UCLA record system 323 times during the three-week period. In the plea agreement, Zhou admitted he obtained and read patient health information on four specific occasions—with no legitimate reason, medical or otherwise—after he was terminated from his job. Zhou did not improperly use or attempt to sell any of the information he illegally accessed, according to the press release. In January Zhou’s attorney Edward Robinson was quoted in the UCLA student newspaper saying Zhou did not know that accessing the records was a federal crime.

• As a member of the UCLA workforce, would Zhou have a legitimate right to view patient records in his normal course of employment?
• In managing access and disclosure of PHI how do you think UCLA discovered Zhou’s infractions?

Source: AHIMA. “Californian Sentenced to Prison for HIPAA Violation.” August 29, 2010. http://journal.ahima.org/2010/04/29/californian-sentenced-to-prison-for-hipaa-violation/

Week 6 — Information Risk and Management

Learning Outcomes:

• Discuss the rise of ransomware attacks on healthcare
• Examine the current state of cybercrime in healthcare to determine possible solutions

Readings:

• Murphy, Chapters 4, 5 & 6
  • Information Risk Decision Making
  • Third-Party Risk Management and Promoting Awareness
  • Information Security and Privacy Events Management

Assignments:

Discussion Question: With ransomware attacks on the rise, each healthcare organization must consider how they will deal with these attacks. Please offer your thoughts both for and against paying for healthcare data that is held ransom.

Preview of week 7, Research Paper: You should begin work on your research paper this week (week 6). You will turn in the paper next week (week 7). The description of the research paper is found under week 7.

Week 7 — Information Rights vs. Protection

Learning Outcomes:

• Contemplate the ethical issues around the sharing of health data by state-level exchange systems
• Conduct a risk analysis to determine areas of vulnerability

Readings:

• Murphy, Chapters 7 & 8
  • Information Privacy: Patient Rights and Healthcare Responsibilities
  • Protecting Digital Health Information: Cybersecurity Fundamentals

Assignments:

Discussion Question: Most states now have Health Information Exchange systems. The systems are either set-up as “opt-in” or “opt-out”. Determine what your state does (or what a neighboring state does). Do you know if your personal data is shared in your state? Discuss your thoughts and opinions about the ethics of this. Pay particular attention to the “tricky” areas of underage consent, mental health services, and HIV status.

Research Paper: Please review the current media coverage of the cybersecurity/hacking epidemic and consider potential resolution options. Your paper should include:

1. A survey of the current state of affairs in the US. This should include, but not be limited to:
   • -Explanation of cyber attacks
   • -Brief summary of the most recent media coverage around the attacks
   • -A review of the government’s input into the crisis
2. A review of potential solutions to this problem

Students are encouraged to dig into any strategy that might work – even if not widely applied today. Consider both technology and policy approaches. Submission Requirements: 5-7 pages with at least 5 references. Please use at least two academic journals references and the other three or more can be any combination of industry articles/website, mainstream media (examples: New York Times, CNN, PBS, NPR) or other resources. Follow APA guidelines.

Week 8 — Cybersecurity Management

Learning Outcomes:

• Reflect on Security Risk Analysis tool to evaluate its usefulness
• Conduct a risk analysis to determine areas of vulnerability

Readings:

• Murphy, Chapters 9, 10 & 11
  • Impact of Information Privacy and Security on Health IT
  • Workforce Competency in Healthcare
  • Administering Risk Management and Cybersecurity

Assignment:

Discussion Question: In this week’s reading, you considered how other parts of the world think about the privacy of healthcare data. Please discuss the different ways healthcare information is managed and the pros/cons to the different processes. Along with countries mentioned in your textbook, please research and find one more country (preferably a “third-world” or poverty-stricken location) and consider how that country may see privacy of healthcare information differently.

Student Resources

Online Student Support

Your Student Support Specialist is a resource for you. Please don't hesitate to contact them for assistance, including, but not limited to course planning, current problems or issues in a course, technology concerns, or personal emergencies.

Questions? Visit the Student Support Health Informatics page

APA Style Guide

• https://www.apastyle.org

UNE Libraries:

• Library Access for all students: Your library login ID and password are the same as the ones you use to log into Blackboard/Brightspace.
• MSIN Databases: https://library.une.edu/library-materials/find/research-by-subject/health-informatics/
• Library Tutorial: Find an article
• Library Questions: Ask a librarian or phone library staff at (207) 602-2361 or (207) 221-4330.

UNE Student Academic Success Center

The Student Academic Success Center (SASC) offers a range of services to support your academic achievement, including tutoring, writing support, test prep and studying strategies, learning style consultations, and many online resources. To make an appointment for tutoring, writing support, or a learning specialist consultation, go to une.tutortrac.com. To access our online resources, including links, guides, and video tutorials, please visit:

• UNE Student Academic Success Center

Accommodations

Any student who would like to request, or ask any questions regarding, academic adjustments or accommodations must contact the Student Access Center at (207) 221-4438 or pcstudentaccess@une.edu. Student Access Center staff will evaluate the student's documentation and determine eligibility of accommodation(s) through the Student Access Center registration procedure.

Policies

Technology Requirements

Please review the technical requirements for UNE Online Graduate Programs: Technical Requirements

Turnitin Originality Check and Plagiarism Detection Tool

The College of Professional Studies uses Turnitin to help deter plagiarism and to foster the proper attribution of sources. Turnitin provides comparative reports for submitted assignments that reflect similarities in other written works. This can include, but is not limited to, previously submitted assignments, internet articles, research journals, and academic databases.

Make sure to cite your sources appropriately as well as use your own words in synthesizing information from published literature. Webinars and workshops, included early in your coursework, will help guide best practices in APA citation and academic writing.

You can learn more about Turnitin in the Turnitin Student quick start guide.

Information Technology Services (ITS)

ITS Contact: Toll Free Help Desk 24 hours/7 days per week at 1-877-518-4673

Course Evaluation Policy

Course surveys are one of the most important tools that University of New England uses for evaluating the quality of your education, and for providing meaningful feedback to instructors on their teaching. In order to assure that the feedback is both comprehensive and precise, we need to receive it from each student for each course. Evaluation access is distributed via UNE email at the beginning of the last week of the course.

Attendance Policy

Online students are required to submit a graded assignment/discussion prior to Sunday evening at 11:59 pm ET of the first week of the term. If a student does not submit a posting to the graded assignment/discussion prior to Sunday evening at 11:59 pm ET, the student will be automatically dropped from the course for non-participation. Review the full attendance policy.

Late Policy

Assignments: Late assignments will be accepted up to 3 days late; however, there is a 10% grade reduction (from the total points) for the late submission. After three days the assignment will not be accepted.

Discussion posts: If the initial post is submitted late, but still within the discussion board week, there will be a 10% grade reduction from the total discussion grade (e.g., a 3 point discussion will be reduced by 0.3 points). Any posts submitted after the end of the Discussion Board week will not be graded.

Please make every effort ahead of time to contact your instructor and your student support specialist if you are not able to meet an assignment deadline. Arrangements for extenuating circumstances may be considered by faculty.

Student Handbook Online - Policies and Procedures

The policies contained within this document apply to all students in the College of Graduate and Professional Studies. It is each student's responsibility to know the contents of this handbook.

UNE Online Student Handbook

UNE Course Withdrawal

Please contact your student support specialist if you are considering dropping or withdrawing from a course. The last day to drop for 100% tuition refund is the 2nd day of the course. Financial Aid charges may still apply. Students using Financial Aid should contact the Financial Aid Office prior to withdrawing from a course.

Academic Integrity

The University of New England values academic integrity in all aspects of the educational experience. Academic dishonesty in any form undermines this standard and devalues the original contributions of others. It is the responsibility of all members of the University community to actively uphold the integrity of the academy; failure to act, for any reason, is not acceptable. For information about plagiarism and academic misconduct, please visit UNE Plagiarism Policies.

Academic dishonesty includes, but is not limited to the following:

1. Cheating, copying, or the offering or receiving of unauthorized assistance or information.
2. Fabrication or falsification of data, results, or sources for papers or reports.
3. Action which destroys or alters the work of another student.
4. Multiple submissions of the same paper or report for assignments in more than one course without permission of each instructor.
5. Plagiarism, the appropriation of records, research, materials, ideas, or the language of other persons or writers and the submission of them as one's own.

Charges of academic dishonesty will be reviewed by the Program Director. Penalties for students found responsible for violations may depend upon the seriousness and circumstances of the violation, the degree of premeditation involved, and/or the student’s previous record of violations.  Appeal of a decision may be made to the Dean whose decision will be final.  Student appeals will take place through the grievance process outlined in the student handbook.