STANDARD 5.3Objective 3Students will explain and understand the need for confidentiality.

CONFIDENTIALITY Customers have a right to expect privacy and

confidentiality This applies to all industries

Health Travel Entertainment Education Etc….

WHAT HAPPENS AT THE DR. OFFICE STAYS AT THE DR. OFFICE How would you feel if…

You went to the Doctor expecting your information to stay confidential, and the Doctor shared your information with others. Now your family may know of your situation, or you receive junk mail for treating ___ disease. Or people saying congratulations, when you haven’t told anyone you are pregnant. Awkward…….

HEALTH INDUSTRY Most of us believe that our medical and other health

information is private and should be protected, and we want to know who has this information. The Privacy Rule, a Federal law, gives you rights over your health information and sets rules and limits on who can look at and receive your health information. The Privacy Rule applies to all forms of individuals' protected health information, whether electronic, written, or oral. The Security Rule, a Federal law that protects health information in electronic form, requires entities covered by HIPAA to ensure that electronic protected health information is secure.

HIPAA Health Insurance Portability and Accountability Act, a

1996 Federal law that restricts access to individuals' private medical information

Protects individuals information Strict punishments for violations You usually are asked to sign different forms at the Dr.

office to allow them to share information, in certain ways to a select group of people. This protects under HIPAA requirements

Doctors and Health care professionals want your business and want to stay in business and must follow policies put in place to protect individuals private information.

EDUCATION Like many other areas, you have right to expect

confidentiality. Along with other things, teachers can’t disclose your grades or

behaviors to your neighbors or others. Colleges and Universities can’t release information to spouses, or other family members without written permission.

FERPA Family Education Rights and Privacy act of 1974- Federal Law Gives students access to their education records, an opportunity to

seek to have the records amended, and some control over the disclosure of information from the records. With several exceptions, schools must have a student's consent prior to the disclosure of education records

Examples of situations affected by FERPA include school employees divulging information to anyone other than the student about the student's grades or behavior, and school work posted on a bulletin board with a grade. Generally, schools must have written permission from the parent or eligible student in order to release any information from a student's education record.

OSHA Occupational Safety and Health Administration

(OSHA) With the Occupational Safety and Health Act of

1970, Congress created the Occupational Safety and Health Administration (OSHA) to assure safe and healthful working conditions for working men and women by setting and enforcing standards and by providing training, outreach, education and assistance.

TRAVEL INDUSTRY Today’s world requires a lot of documentation when

traveling. Passports, Id’s, tickets, reservations and plenty of confirmation

numbers Booking trips involves many individuals, in several states

or even countries. It is vital that during the booking, travel and billing

process all information is kept safe. Having theft while traveling (robbery, id theft…… any

form of losing money) is already a huge concern for those who travel. Companies must do everything they can to ensure customers’ information will say secure.

RETAIL STORES/ RESTAURANTS/ENTERTAINMENT Customers use debit and credit cards on a daily basis as

a variety of retail locations. They expect their financial information to stay safe and

secure. Breeches in security, have caused companies $$$ to fix

and resolve the issue as well as lose customer business and relations.

Customers also do not want records of their purchases made available

LIABILITIES FACED BY COMPANIES Lawsuits Fines Imprisonment Loss of permit/license Pay for corrective services

ID Theft Credit Score

……..It all comes back to making money, company image and future business.

EXAMPLE FINES FOR HIPAA General Penalty for failure to comply

100 a time Wrongful Disclosure of Individually Identifiable Health

Information 50-250 Thousand dollars

Those in the health industry do want to be fined and pay money out.

Not only do fines hurt the companies revenue, it also can look bad to patients and/or future patients, which could decrease future business.

LAWSUITS Can happen for any reason Major liability for companies who violate privacy laws Costly to the company in payouts, or premiums for

insurance. Messy court situations and not wanted to drag the

company name through the mud, cause companies to settle before court dates.

LOSS OF SAFE REPUTATION Customers want to ensure their information is secure As companies have breeches in private/secure

information, in order to keep a positive image companies Issue Statements notifying all that might be effected Pay for reconciliation services Do all they can to reassure their current and future

customers/clients that they have a secure system.

SECURITY Since confidentiality is viewed as high importance to both

customer and business it is imperative to secure private information

Protecting customer’s private information, must be top priority.

Private information includes Name Address Phone Social Security Number Family Information Medical Records Purchase Records Bank Information- Credit Card #

TYPES OF THREAT Internal

Employees/ people within the company or with access Leaking information for personal gain Selling contacts to other parties Misplacing or losing information

i.e. Losing company laptop while on a business trip Janitors or other personnel with access to secure information Giving access codes to unauthorized individuals

THREATS External –people outside of the company

Computer Hackers Large Variety of ways to attack systems and information

Buyers trying to purchase information Theft of

computers Records Documents