Integrity: More than Just a Piece of the Healthcare Compliance Puzzle

There are many ways integrity is defined. Most of us have heard integrity defined as what you do when nobody else is around, or what you do and how you do it on a daily basis. Integrity is a concept that includes consistency in actions, expectations, measures, methods, outcomes, principles, and values. Integrity means our actions are honest and trustworthy.

Is integrity important in the medical practice? What about integrity in the workplace? Why is integrity mentioned in the HIPAA Security Rule?  This article will dig into these questions and address how integrity is more than just a piece of the healthcare compliance puzzle.

Integrity in the medical practice

For many medical providers, the relationship between medical ethics and professionalism may be what they consider to be integrity. Medical providers are asked to do what is right while using professional judgment. With professionalism comes an expectation of expertise, in a responsible and reliable manner.

I recently had a conversation with two physicians. I asked each of them what the most important factor is for their medical practice. Both physicians responded with Integrity. One of the physicians provided an excellent response when I asked her about the importance of integrity to her practice. She said integrity begins with the interactions her employees have with patients. She shared the following example:

Think of a patient who is roomed by a medical assistant. It’s common for a medical assistant to tell a patient the physician will be right with you. The medical assistant gets busy doing something else and forgets about the patient, leaving a patient unattended wondering if the physician forgot about them. Integrity is shown by the medical assistant checking in with the patient letting them know the physician is running behind, and assuring the patient the physician will be with them as soon as possible. This is just one of many examples of integrity in the medical practice.

Integrity in the workplace

Integrity also serves as an important factor for many hiring managers when deciding to hire a potential candidate. One of the first tools to measure a potential candidate’s integrity is their resume. It is common for a candidate’s resume to list integrity as one of his/her values. Other ways to determine one’s integrity include conducting a background check, an assessment that asked integrity-related questions, or asking specific questions relating to integrity during the interview process.

Integrity is so important in the workplace that Warren Buffet said that hiring “people with integrity” is a top priority when selecting a candidate.  A person’s integrity is in many ways derived from the way in which they are viewed by others. By hiring people with integrity, a workplace that has a culture of trust, respect and professionalism is established.

Integrity in the HIPAA Security Rule

Integrity in the HIPAA Security Rule by definition is concerned with data or information. Integrity means the data or information is an exact copy of the original version and has not been altered or destroyed in an unauthorized manner.

Covered entities are required to “ensure the confidentiality, integrity, and availability of all electronic protected health information the covered entity or business associate creates, receives, maintains, or transmits.”

HIPAA’s integrity standard means that you “implement policies and procedures to protect electronic protected health information (ePHI) from improper alterations or destruction.” Implemented policies and procedures should mitigate the risks or threats to ePHI by any technical and non-technical sources.

One way a covered entity can ensure integrity of ePHI is to consider various risks during the risk analysis. For example, during a risk analysis a covered entity may identify vulnerabilities such as ineffective or non-existent policies and procedures, such as a username and password policy that does not meet the recommended strong password requirements. Or a covered entity may identify weaknesses in how protected information is received, maintained or transmitted, such as not using encryption or other reasonable safeguards for storing that information. By identifying these risks and implementing preventative measures, organizations instill integrity under HIPAA.

Integrity is more than just a piece of the healthcare compliance puzzle

In terms of healthcare compliance, are we doing everything we can to ensure the integrity of all ePHI we receive, maintain or transmit? Are we following the policies and procedures that are in place to mitigate risks?  In medical practice terms, are we checking on patients to make sure they aren’t left wondering if they are ever going to be seen? Are we doing our part to ensure our workplace is one that is viewed as a culture that has trust, respect and professionalism?  These are important considerations when measuring our integrity and are more than just pieces of the healthcare compliance puzzle. Integrity is in many ways derived from the way in which we are viewed by others and a measure of what we do and how we do it on a daily basis.

If you have any questions about integrity in terms of healthcare compliance, or if you have any other questions, please do not hesitate to contact one of our professional consultants.

Return to the Home Page