Privacy is the right of an individual to keep oneself and one’s information concealed from unauthorized access and view by others.
As the world moves to electronic health records, albeit at varying stages, health data is being used for a wider range of purposes, including improving population health, disease surveillance, and the study of health economics. There also have been dramatic changes in how patients, consumers, and individuals access and use their health data. While health information is first about delivering health and wellness services, it is increasingly shared across platforms and providers. Unfortunately, sometimes, this sharing is without the knowledge, understanding, or consent of the patient. Headlines in the U.S. over the past year certainly affirm these concerns.
While this transformation is good for the advancement of healthcare, through goals like improving access, reducing costs, and empowering consumers/patients with better access to their own data, it presents new challenges for health information professionals.
New technologies such as machine learning, artificial intelligence, and biometric authentication will no doubt further compound these issues, leading to new policies and regulations to support the privacy of health information. And, as is obvious, regulations and policies can’t keep pace with new technology and the innovation that is unfolding.
These changes require principled stewardship by health information management (HIM) professionals and policymakers to implement good privacy practices across the healthcare continuum, by private, public, and community healthcare providers and data users.
The International Federation of Health Information Management Associations’ (IFHIMA’s) recent white paper was published with the intent to assist HIM professionals, policymakers, and regulators navigate the changing landscape of health information privacy.
Throughout the paper, we discuss some principles that guide how information is managed, and the impact of not attending to these principles. One of the key tenets is that privacy and trust go hand in hand.
Trust and Stewardship
Trust between the patient/consumer and their provider, healthcare organization, or pharmacy is essential to health and well-being. When personal health information (PHI) is compromised, trust is eroded, and a loss of trust can be detrimental to the patient-provider relationship.
Effective stewardship is an important obligation for all who create, use, and manage health information. Preserving confidentiality of health information is an indisputable stewardship obligation.
Standards for crafting stewardship frameworks for governing health and other sensitive information in physical or even digital form have been around since the 1970s, with the Caldecott Principles of the United Kingdom, the Principles of Fair Information Practice (FIPPS) of the United States, and the Organization for Economic Co-operation and Development (OECD) Privacy Framework.
These decades-old principles continue to serve privacy practices around the globe.
Our Mobile, Digital World
We live in an increasingly mobile world. Data, like individuals, move from country to country, adding to the challenge of keeping health information private across boundaries. Healthcare organizations are obligated to understand and respond to regulations outside of their service areas, as health information is increasingly shared across jurisdictions and nations.
Recommendations
IFHIMA recommends that HIM professionals consider the following when privacy regulations are being explored or revised in your countries:
EDITOR’S NOTE: The author of this article used AI-assisted tools in its composition, but all content, analysis, and conclusions were based on the author’s professional
The recent settlement between Kaiser Permanente and the federal government marks a pivotal moment in the ongoing debate over risk-adjustment practices in Medicare Advantage (MA)
Please log in to your account to comment on this article.
Sepsis sequencing continues to challenge even experienced coding and CDI professionals, with evolving guidelines, documentation gaps, and payer scrutiny driving denials and data inconsistencies. In this webcast, Payal Sinha, MBA, RHIA, CCDS, CDIP, CCS, CCS-P, CCDS-O, CRC, CRCR, provides clear guideline-based strategies to accurately code sepsis, severe sepsis, and septic shock, assign POA indicators, clarify the relationship between infection and organ dysfunction, and align documentation across teams. Attendees will gain practical tools to strengthen audit defensibility, improve first-pass accuracy, support appeal success, reduce denials, and ensure accurate quality reporting, empowering organizations to achieve consistent, compliant sepsis coding outcomes.
Expert presenters Kathy Pride, RHIT, CPC, CCS-P, CPMA, and Brandi Russell, RHIA, CCS, COC, CPMA, break down complex fracture care coding rules, walk through correct modifier application (-25, -57, 54, 55), and clarify sequencing for initial and subsequent encounters. Attendees will gain the practical knowledge needed to submit clean claims, ensure compliance, and stay one step ahead of payer audits in 2026.
Accurately determining the principal diagnosis is critical for compliant billing, appropriate reimbursement, and valid quality reporting — yet it remains one of the most subjective and error-prone areas in inpatient coding. In this expert-led session, Cheryl Ericson, RN, MS, CCDS, CDIP, demystifies the complexities of principal diagnosis assignment, bridging the gap between coding rules and clinical reality. Learn how to strengthen your organization’s coding accuracy, reduce denials, and ensure your documentation supports true medical necessity.
Denials continue to delay reimbursement, increase administrative burden, and threaten financial stability across healthcare organizations. This essential webcast tackles the root causes—rising payer scrutiny, fragmented workflows, inconsistent documentation, and underused analytics—and offers proven, data-driven strategies to prevent and overturn denials. Attendees will gain practical tools to strengthen documentation and coding accuracy, engage clinicians effectively, and leverage predictive analytics and AI to identify risks before they impact revenue. Through real-world case examples and actionable guidance, this session empowers coding, CDI, and revenue cycle professionals to shift from reactive appeals to proactive denial prevention and revenue protection.
Federal auditors are intensifying their focus on inpatient psychiatric facilities, using advanced data analytics to spotlight outliers and pursue high‑dollar repayments. In this high‑impact webcast, Michael Calahan, PA, MBA, Compliance Officer and V.P., Hospital & Physician Compliance, breaks down what regulators are really targeting in IPF-PPS admissions, documentation, treatment and discharge planning. Attendees will learn practical steps to tighten processes, avoid common audit triggers and protect reimbursement and reduce the risk of multimillion-dollar repayment demands.
In this timely session, Stacey Shillito, CDIP, CPMA, CCS, CCS-P, CPEDC, COPC, breaks down the complexities of Medical Decision Making (MDM) documentation so providers can confidently capture the true complexity of their care. Attendees will learn practical, efficient strategies to ensure documentation aligns with current E/M guidelines, supports accurate coding, and reduces audit risk, all without adding to charting time.
Join Ronald Hirsch, MD, FACP, CHCQM for The PEPPER Returns – Risk and Opportunity at Your Fingertips, a practical webcast that demystifies the PEPPER and shows you how to turn complex claims data into actionable insights. Dr. Hirsch will explain how to interpret key measures, identify compliance risks, uncover missed revenue opportunities, and understand new updates in the PEPPER, all to help your organization stay ahead of audits and use this powerful data proactively.
Stay ahead of the 2026-2027 audit surge with “Top 10 Audit Targets for 2026-2027 for Hospitals & Physicians: Protect Your Revenue,” a high-impact webcast led by Michael Calahan, PA, MBA. This concise session gives hospitals and physicians clear insight into the most likely federal audit targets, such as E/M services, split/shared and critical care, observation and admissions, device credits, and Two-Midnight Rule changes, and shows how to tighten documentation, coding, and internal processes to reduce denials, recoupments, and penalties. Attendees walk away with practical best practices to protect revenue, strengthen compliance, and better prepare their teams for inevitable audits.
Prepare for the 2025 CMS IPPS Final Rule with ICD10monitor’s IPPSPalooza! Click HERE to learn more
Get 15% OFF on all educational webcasts at ICD10monitor with code JULYFOURTH24 until July 4, 2024—start learning today!
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 1 with code CYBER25
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24
