HIM Professionals Resolve to Lead and Promote Consistent Health Information Privacy and Security Practices


Privacy and security breaches today dominate healthcare media headlines. The magnitude and severity of these breaches encompass incidents ranging from the unauthorized access, use and disclosure of protected health information (PHI) to the lack of administrative, physical and technical safeguards. As a result, the healthcare industry has seen ever-increasing federal and state regulations impacting how organizations create, use, manage, disclose, retain, and even dispose of PHI. These new regulations have set forth greater privacy and security requirements leading to increased enforcement actions, penalties and fines impacting healthcare providers as well as their business associates (e.g., vendors, suppliers, and partners). Privacy and security practices in the healthcare industry are also greatly influenced by the dynamic nature of advancing technology, electronic health records, health information exchanges, and consumer awareness.

Health Information Management (HIM) professionals are committed to being the leader in protecting health information. HIM professionals are dedicated to ensuring the confidentiality, integrity, and availability of individually identifiable health information by establishing and maintaining privacy and security safeguards enhancing public confidence in the protection of health information.


Whereas, healthcare consumers have fundamental rights to health information privacy and security as stated in AHIMA's Consumer Bill of Rights and in accordance with federal and state privacy and security regulations;

Whereas, the Office for Civil Rights has increasingly reported the unauthorized access, use and disclosure involving all types of breaches regardless of size;,/p>

Whereas, there have been many instances of lost, stolen, and compromised media containing unsecure health information;

Whereas, health information should only be accessed and disclosed by authorized individuals for the purposes of continuity of care, payment, healthcare operations, and/or applicable laws, based on the concepts of minimum necessary and role-based access;

Whereas, health information must be kept in a secure and reliable manner ensuring its confidentiality, integrity, and availability;

Whereas, HIM professionals have the expertise in privacy and security of health information and abide by AHIMA's Code of Ethics including pertinent federal and state regulations to protect the confidentiality of health information;

Whereas, HIM professionals are advocates in leading and supporting efforts to establish consistent federal and state regulations for patient privacy, security, and health information exchange.

Therefore, be it

Resolved, that HIM professionals lead and advocate for the education, training, and awareness of users on the need for effective health information privacy and security practices.

Resolved, that AHIMA and its members encourage and engage healthcare consumers to understand their individual rights and responsibilities related to their PHI.

Resolved, that HIM professionals promote and facilitate for the continued protection of the privacy and security of health information through greater implementation of safeguards (e.g. security risk assessments, technical controls including encryption, physical protections, policies and procedures) of PHI in transit, in use, at rest and upon destruction.

Resolved, that AHIMA call on all users of PHI to institute consistent organizational sanction policies enforced equally across all disciplines when a privacy or security violation has occurred.

Resolved, that HIM professionals, AHIMA and its Component State Associations work in concert to lead and support efforts to establish consistent health information privacy and security regulations and safeguards to include standards for nationwide health information exchange, eliminating confusing and contradictory state regulations.

Approved by the 2012-2013 House of Delegates

Updated By,

Barbara Beckett, RHIT
Sheila Burgess, RN, RHIA
Nancy Davis, RHIA
Cris Ewell, PhD, CISSP, CISM
Joe Gillespie, MHS, RHIA
Judi Hofman, CHSS
Michele Kruse, MBA, RHIA, CHPS
Kelly McLendon, RHIA, CHPS
Daniel Pothen, MS, RHIA, CHPS, CCS, CCS-P
Angela Dinh Rose, MHA, RHIA, CHPS

Reviewed By,

Don Asmonga, MBA, CAE
Rebecca Buegel, RHIA, CHP, CHC
Jill Clark, MBA, RHIA
Linda Darvill, RHIT
Elizabeth A. Delahoussaye, RHIA, CHPS
Jane DeSpiegelaere-Wegner, MBA, RHIA, CCS, FAHIMA
Julie Dooling, RHIT
Kathleen A. Frawley, JD, MS, RHIA, FAHIMA
Maggie Gambill RHIA, CCS-P
Elisa R. Gorton, R.H.I.A., M.A.H.S.M.
Marlene Haglund-Hatch, RHIA
Bonnie Irzyk, RHIT
Mark Kroll, CPHIT, CPEHR
Grant Landsbach, RHIA
Chrisann Lemery, MS, RHIA, FAHIMA
Laurie Lutz, RHIA, CHPS
Emily Macko, RHIA
Patti Kritzberger, RHIT
LaVonne LaMoureaux, RHIA, CAE
Jennifer McCollum, RHIA, CCS
Monna Nabers, MBA, RHIA
Mary Poulson, MA, RHIT, CHC, CHPC
Nancy Prade, MBA, RHIA
Theresa Rihanek, MHA, RHIA, CCS
April Robertson, MPA, RHIA, CHPS, FAHIMA
Michele C. Skinner RHIT, CCS, CPC
William Thieleman, RHIA, CHP
Diana Warner, MS, RHIA, CHPS, FAHIMA
Lou Ann Wiedemann, MS, RHIA, FAHIMA, CPEHR
LaVonne Wieland, RHIA, CHP