1. What are the covered entities under HIPAA Privacy and Security Rules?

(10 marks).

Covered entities are the HIPPA-compliant privacy and security rules

that apply to health plans, healthcare providers, and healthcare
clearing houses to transmit health-related information in an electronic
format. Healthcare providers transmit electronic health data to other
facilities such as nursing homes, pharmacies, and hospitals or to
professionals such as physicians, clinics, physiologists, dentists, and
chiropractors. Health plans include health insurance companies, health
maintenance organizations, and company health plans. But the health
plan will not cover companies with less than 50 employees (Foltz &
Lankisch, 2022).
Government healthcare plans such as Medicare, Medicaid and military
and veteran’s healthcare programs are also included under this
section. A system that helps to process health information between
different organizations such as billing services, repricing companies,
value-added networks, and community health management
information systems converts health information from a nonstandard
format into a standard format and converts standard health data into a
nonstandard format for another organization. Those covered entities
should protect the privacy and confidentiality of health information and
should provide professional accessibility rights to certain trustworthy
professionals regarding health-related information (Foltz & Lankisch,
2022; Villanueva, 2024).
Business associates should also follow the privacy and security rules if
they handle personal health information while providing services (Foltz
& Lankisch, 2022). As an example, if a person has gone through a
serious car accident resulting in a spinal cord injury, accurate clinical
documentation plays a crucial role in verifying the validity of an
insurance claim. If the insurance company disputes the claim by
arguing that the injury was pre-existing, medical records from the
healthcare facility that treated the patient immediately after the
accident serve as objective evidence. These records, including
diagnostic test results (MRI, CT scans, X-rays), physician assessments,
surgical reports, and progress notes, establish a clear timeline
confirming whether the injury resulted directly from the accident.
The healthcare facility must provide the necessary medical records in
compliance with legal and regulatory requirements while maintaining
patient confidentiality. A legal broker, acting as an intermediary,
 ensures that the medical documentation is reviewed and submitted to
the insurance company, validating the evidence to support the claim.
With clear, well-documented medical records proving that the injury
was a direct consequence of the accident, the insurance provider is
legally obligated to process the claim accordingly. The presence of
timely and accurate documentation significantly strengthens the
victim’s case, ensuring transparency, fairness, and proper healthcare
management in legal disputes and insurance approvals.
2. Under HIPAA, explain required disclosures and provide a practical
healthcare example for each. (10 marks).

There are two situations where a covered entity must disclose personal
health information (PHI). The first situation is disclosing PHI to the
individual or their representative, if they request access to their health
records or a list of who has seen their PHI (Foltz & Lankisch, 2022). An
example of this situation is a parent who is asking for her minor child’s
vaccination records from the hospital. The hospital must share the
information with her.
The second situation is disclosing PHI to the Department of Health and
Human Services (HHS), if HHS is investigating or reviewing compliance
with privacy laws (Foltz & Lankisch, 2022). When a complaint is filed
against a health insurance company regarding privacy violation, the
facility must share the PHI with the HHS to do the review.

3. What is the clinical documentation cycle? (10 marks).

The clinical documentation cycle is a continuous process that is

available in all healthcare settings. It includes assessment, plan of
care, progress notes, and reassessment. Assessment is the initial
patient evaluation, whereas the plan of care is the procedure of
establishing patient health goals and treatment steps. Progress notes
are the documentation and periodic reassessment to adjust the care
plan as needed, and then the reassessment is done, where the patient
is assessed again (Foltz & Lankisch, 2022).
This whole cycle is available to make the diagnosis successful. Clinical
documentation is also known as clinical input. Those contain data
about a patient’s clinical status, that can be presented in electronic
health records (EHRs) or paper records. There are two types of data as
structured and unstructured. Structured data are stored in a systematic
 format within a database, such as sex, race, date of birth, lab results,
and ICD codes. In contrast, the information that is stored without any
format, including progress notes, operative reports, and test
interpretations, is known as unstructured data (Foltz & Lankisch, 2022).
Both data types are equally important to progress in the clinical
documentation cycle with different benefits.
Those data can be collected manually or automatically. Healthcare
professionals manually collect demographic and insurance information
in manual data collection into the EHR. They collect information
through pre-printed forms, in-person interviews, or telephone
interactions. However, some hospitals or facilities allow patients to
enter their data through confidential links. In automated data
collection, the patient information is copied from initial encounters to
subsequent visits. The benefits of automated data collection are
reduced manual entry, minimized errors, and maximized efficiency
(Foltz & Lankisch, 2022).

4. Using the theory provided on clinical documentation, identify two (2)

documentation examples whereby artificial intelligence can be used to
help healthcare professionals in documentation. In this response, be
specific with the documentation, the AI, an explanation of the AI,
and exactly how it will help. (20 marks)

Artificial intelligence (AI) is integrated into healthcare clinical

documentation widely to assist healthcare workers in managing and
streamlining their documentation tasks. One such instance where AI is
used is in automated medical scribes. It helps to transcribe and
summarize patient-physician interactions and the medical stuff they
talk into the patient’s electronic health record (EHR). AI-powered
medical scribe platforms such as Axbridge are used to make this
easier. Axbridge uses natural language processing (NLP) to transcribe
and process medical conversations between the physician and the
patient ("How Dr. Shivdev Rao," 2023).
This AI technology has helped to reduce the administrative burden
falling on doctors and helped to create a patient-centered environment
that is more focused on patient care. Around 50000 clinicians have
adopted Axbridge, which has partnerships with popular health systems
such as Kaiser Permanente ("How Dr. Shivdev Rao," 2023). The
benefits of this setup are saving significant time for doctors, reducing
 burnout, consistency of medical records, and maximizing the accuracy
of the decision-making and treatment process.
Another important process that uses AI to help clinical documentation
is that it helps in clinical note generation and summarization from
unstructured data sources. AI applications such as Microsoft’s Dragon
Ambient eXperience (DAX) Copilot leverage listens to patient visits and
creates automatic clinical notes. These tools could use advanced
speech recognition and NLP to capture the patient's speech. It gathers
information, processes it, and develops structured clinical
documentation without manual data from doctors ("Microsoft's New
Dragon Copilot," 2025).
This technology enhances efficiency, minimizes documentation errors,
and helps create a patient-centered environment with full focus on the
patient ("Microsoft's New Dragon Copilot," 2025).

References
1. Foltz, D., & Lankisch, K. (2022). Exploring Electronic Health Records in
Cirrus 2.0 Ed:3 (3rd ed.). Paradigm Education Solutions, a division of
Kendall Hunt. January 16, 2025

2. How Dr. Shivdev Rao is bringing AI to the doctor's office. (2023). Time.
https://time.com/7012716/shiv-rao/

3. Microsoft's new Dragon Copilot is an AI assistant for healthcare. (2025).

The Verge. https://www.theverge.com/news/622528/microsoft-dragon-
copilot-ai-healthcare-assistantThe Verge+2

4. Villanueva, J. C. (2024, May 29). A guide to HIPAA compliant file

transfers - Part 1. JSCAPE. https://www.jscape.com/blog/guide-to-hipaa-
compliant-file-transfers-part-1