Transition to Electronic Medical Records (EMR)

Transcription

1 Transitin t Electrnic Medical Recrds (EMR) CPSA Guideline September 2004 This infrmatin is prvided t assist practitiners in making decisins related t the transitin t using electrnic medical recrds in their practice. These cmments are nt intended t answer all questins r cver all ptential situatins nr shuld this dcument be interpreted as legal advice. Physicians are encuraged t cnsult specific references and surces fr detailed guidance regarding selectin f hardware, sftware and practice management issues. In this dcument electrnic medical recrd (EMR) refers t the physician s ffice system fr the management f their patients recrds as distinct frm an electrnic health recrd (EHR) which is a health system resurce f widely shared clinical infrmatin. A. Intrductin Medical recrds are an integral part f medical practice. The cntent and standards fr medical recrds are described in a separate Plicy f the Cllege f Physicians and Surgens f Alberta entitled Physicians Office Medical Recrds 1. The purpse f this guideline is t address quality f care, patient safety, ethical, and medic-legal aspects f the transitin f a medical practice frm paper based medical recrds t using an electrnic medical recrd (EMR). Within a physician s ffice, the medical recrd perfrms multiple functins in that it: Maintains the histry f patient care. Supprts the wrkflw f the clinical and administrative functins within the ffice fr physicians and staff. Supprts the cmmunicatin with external surces f medical infrmatin such as hspitals, labratry and radilgy clinics as well as cnsultatins and referrals with clleagues. Mving t an electrnic medical recrd represents a paradigm change fr the physician, bth in the ability t manage patient infrmatin, and in the design f clinical prcesses. It als establishes new and/r changing respnsibilities fr the use, disclsure and security f the medical recrd. As a result, the transitin frm paper t electrnic medical recrds is a cmplex task and must be managed frm many aspects - clinically, administratively, culturally and rganizatinally. The transitin activity must include nt nly the prcess changes inherent in the use f a new tl, but als the technical and prcedural training, and the resultant changes t physician and staff rles within the ffice. While the change in medical recrd mdality frm paper t electrnic systems represents a majr transitin, care shuld be taken nt t impact the patient-physician relatinship. Nr shuld the integrity f the clinical prcesses r the cntinuity f care be impaired during the transitin perid. Five key principles have been identified t guide the transitin prcess: Patient infrmatin must be secure. Privacy f patient infrmatin must be maintained. The integrity f the medical recrd cntent must be maintained. The integrity f the clinical wrkflw supprted by the medical recrd must be maintained. Cntinuity and quality f care must be maintained thrugh the transitin perid.

2 Transitin t Electrnic Medical Recrds: CPSA Guideline Page 2 f 8 Each principle has recmmendatins as well as cnsideratins fr their applicatin. Nte that the principles are nt discrete - they are intended t wrk interdependently. This dcument deals with a cmplex undertaking and has many technical references which may at first glance be verwhelming fr thse physicians at the beginning f the transitin r cntemplating a transitin. External resurces may be useful t assist in yur understanding f these recmmendatins and their applicatin t yur practice. These recmmendatins can be a valuable checklist befre, during and after the transitin t evaluate and guide yur implementatin. B. Principles and Implementatin 1. Patient infrmatin must be secure. The security f paper-based medical recrds is primarily based n physical security while electrnic medical recrds present many new issues and threats that must be cnsidered (e.g. denial f service with viruses, lss f data due t crruptin f cmputer hardware, theft f data due t intrusin, etc.). Effective security is a cmbinatin f administrative practices, physical security and technical security and shuld ensure the integrity, cnfidentiality and availability f the medical recrd. Recmmendatins: Practices shuld undertake a frmal risk assessment that cnsiders lcal risk factrs and dependencies, and develp a practice security plicy and system management practices. Standards are available t prvide guidance in these areas 9. Each practice shuld establish an initial assessment f the security risks including administrative practices, physical security and technical security t ensure the integrity, cnfidentiality and availability f the medical recrd. Security plicies and staff educatin shuld be implemented t address specific security threats. Mnitring f security lgs and reprts shuld be perfrmed n a regular basis t assess the perfrmance f the security measures. Majr security events r technical changes shuld trigger a security review. Physical security measures must be implemented t prevent unauthrized access r ptential lss r failure t the system. Risk factrs include theft, pwer failure, natural disasters and deliberate tampering. Access t hardware, sftware and strage media shuld be cntrlled, particularly t centralized data strage. Hardware that is accessible by unattended patients (i.e. in an examining rm) shuld always be explicitly lcked dwn t prevent access. Screens that are viewable by patients shuld nt display sensitive infrmatin f ther patients (i.e. scheduling infrmatin with diagnstic infrmatin). Access and authrizatin prcesses must be implemented t ensure nly legitimate users have access t the medical recrd and that each user has the apprpriate level f access t the medical recrd. Every user including staff, students, and lcums must have a unique identificatin and user-id with apprpriate passwrd cntrls. Audit lgging must be enabled t recrd actins taken by each user. Authrizatin rules are defined and implemented by user-id (r ID s attached t security grups) t prvide access t the medical recrd. Adequate netwrk security (such as firewalls, Virtual Private Netwrks, secnd factr authenticatin, etc.) is implemented t ensure that nly authrized and authenticated users can access the medical recrd.

3 Transitin t Electrnic Medical Recrds: CPSA Guideline Page 3 f 8 The integrity and cnfidentiality f the medical recrd must be ensured. Audit lgs are maintained t supprt the authenticity f medical recrd additins, r updates. Access t files r databases underlying the medical recrd sftware is restricted. Changes t lcally created data within the medical recrd are by addendum r strike-thrugh as per the medical recrds plicy 1. External dcuments stred in the medical recrd shuld be in read-nly frmats. Disclsures f the medical recrd via t patients r t prviders must have adequate prtectin. The CMPA has specific recmmendatins fr t patients r t ther health care prviders 12 including that messages that cntain patient infrmatin are encrypted and are supprted by a patient cnsent t utilize . Other ptins include the use f passwrd prtected attachments within an . Adequate virus prtectin must be in place t ensure data is nt mdified r destryed by external prcesses. Dispsal f strage media (including redundant hardware, temprary strage, back-up media, etc.) must be cmplete. This wuld include physical destructin f the media and/r re-frmatting t prevent unauthrized access deleting the infrmatin des nt physically delete the data, nly the indexing infrmatin. The reliability and accessibility f the applicatin hardware and sftware must be ensured. A back-up f the medical recrds shuld be perfrmed n a regular schedule (at least daily). There shuld be a cycle f back-up media t minimize expsure t failed backup media. Back-up media shuld be stred at a secure ff-site lcatin. Testing f the restre prcess and back-up media shuld be dne n a regular schedule. A cntingency plan shuld be in place fr disaster recvery and denial f service attacks. In the event f an emergency r disruptin t data accessibility, a predefined plan f actin shuld cme int play including technical and clinical resurces, data recvery plans, manual scheduling and charting, fllw-up n reprts, etc. Hardware and sftware (applicatin and perating systems) shuld be maintained at reasnable levels f currency fr supprt and maintenance by the vendr. Pearls The public visibility and emtinal threat f hackers are ften seen as the majr security threat hwever the vast majrity f security breaches ccur within rganizatinal dmains by persnnel with legitimate authrizatin. System back-ups are an integral part f system management, hwever the testing f the backups thrugh a recvery prcess is ften less rigid and may nt be fully understd. It is gd practice t ensure recvery testing is perfrmed n a regular basis, especially after a system upgrade (hardware r sftware), and that the prcess is dcumented. Enhanced security is required where netwrks are mre expsed (i.e. thse with wireless devices and remte access), r where equipment that stre infrmatin n lcal drives which are at risk f lss r theft (i.e. prtable devices such as laptps, PDA s, tablets). In these instances additinal encryptin r authenticatin prcesses are usually required. 2. Privacy f patient infrmatin must be maintained. Electrnic recrds enable a dramatically enhanced capacity fr the management f patient infrmatin. This increased ptential needs t be evaluated in terms f the prfessinal/ethical respnsibility t maintain patient recrds and als the legal respnsibilities as a custdian f health infrmatin. Recmmendatins: Physicians shuld establish frmal prtcls and prcedures t ensure that patient infrmatin is dcumented, maintained, and disclsed in accrdance with the current laws and standards set frth by the Health Infrmatin Act 3. The Office f the Infrmatin and Privacy Cmmissiner has prvided guidelines fr health infrmatin custdians and the Physician Office System Prgram have established a reference guide which can prvide guidance n specific

4 Transitin t Electrnic Medical Recrds: CPSA Guideline Page 4 f 8 plicies required by legislatin 2. Nte that the cmpletin and submissin f a Privacy Impact Assessment is required under the Health Infrmatin Act prir t the implementatin f an Electrnic Medical Recrd system 2,3,5. Physicians have a fiduciary and prfessinal respnsibility t cllect patient infrmatin with sufficient infrmatin t allw anther practitiner t assume the patient s care at any pint in the curse f treatment withut the lss f cntinuity 1. This respnsibility extends t disclsures fr the release and transfer f medical recrds and the cnfidentiality in the intra-prfessinal exchange f infrmatin. The Health Infrmatin Act 3 defines the parameters fr the disclsure and use f health infrmatin and the requirements fr the cllectin f cnsent. Physicians shuld be prepared t advise patients what their access cntrl plicies are within the practice. Patients requests t apply restrictins r t suppress infrmatin t ne r mre named clinicians shuld be cnsidered carefully, althugh ther legal r ethical factrs must be cnsidered. Electrnic medical recrds dramatically increase the ability f physicians t use patient infrmatin fr new purpses, based n the ability t search, aggregate, crrelate and therwise manipulate individual infrmatin. Care must be taken t ensure that any use r disclsure f health infrmatin cmplies with the Health Infrmatin Act and as such, apprpriate measures such as patient cnsents and ethics reviews are undertaken when utilizing this enhanced functinality. Persnal health infrmatin shuld nly be used fr the purpse it was cllected unless additinal cnsent is btained. Release f medical infrmatin is permitted r required in certain circumstances as defined by legislatin. Uses and disclsures f persnally identifiable health infrmatin fr the secndary purpse f research must have apprpriate ethics review and apprval, and patient cnsent if required. Pearls A patient handut n the privacy plicies f the practice may assist in the understanding and assurance f patients that their privacy is still being maintained. Sme individuals may have a limited understanding f the privacy framewrk and infrmatin exchange that exists tday in a paper-based envirnment (i.e. higher expectatins f the infrmatin sharing than what exists tday, and als miscnceptins f hw an EMR is used). Many may als cnfuse the physician s EMR with the Electrnic Health Recrd, a shared health system tl which has had sme media expsure. 3. The integrity f the medical recrd cntent must be maintained. Managing health infrmatin in a transitinal envirnment carries the risk that the quality f care may be adversely affected if the transitin is nt effectively managed. There will be a perid f time within mst practices where bth paper and electrnic recrds will be in use until all relevant patient data has been established in the EMR and all physicians in the practice use the electrnic recrd. Recmmendatins: As physicians remain the custdian f infrmatin regardless f the media in which the infrmatin is maintained, it is the respnsibility f the physician t ensure that: The cmplete medical recrd is accessible at all key clinical decisin pints. The infrmatin is current, accurate and cmprehensive fr the purpse fr which it is required. There must be an audit trail t ensure that if infrmatin is altered, there will be a recrd f the riginal, the date and time f the alteratin, and the identity f the persn wh made the change 1. Changes t the EMR are made either by a new nte r addendum r by a strke thrugh, r bth. If relevant patient infrmatin is maintained externally t the electrnic medical recrd (i.e. in a shared recrd such as a Prvincial r Reginal Electrnic Health Recrd), the physician must: Maintain prcedures and dcumentatin t supprt cntrls ensuring the receipt f result reprts and ther relevant rders and that apprpriate fllw-up actins have been taken 10. Ensure that defined prcedures are in place t prvide care in the event that the external surces f infrmatin are nt accessible.

5 Transitin t Electrnic Medical Recrds: CPSA Guideline Page 5 f 8 Take adequate steps t ensure that the custdian f the external infrmatin surce has, and can demnstrate an adequate plicy and prcedure in place regarding privacy, security, and peratinal integrity t ensure apprpriate standards fr netwrk access. Ensure that the custdian can and will supprt the retentin and subsequent access requirements as per the medical recrd plicy as defined by the CPSA 1. If external electrnic interfaces are integrated with the electrnic medical recrd, adequate testing must be perfrmed t ensure that cntrls are in place t ensure that all recrds are prcessed, accunted fr, and that existing data cannt be crrupted r lst during the integratin. Standards fr data quality, accuntability, and integrity need t be incrprated int the EMR within each practice and adpted t prmte unifrmity in the data fr grup practices. The features f quality data elements include: Accessibility data items shuld be easily btainable and legal t cllect Accuracy data are the crrect values and are valid Cmprehensiveness all required data items are included Cnsistency data is recrded in a cnsistent manner Currency the data shuld be up t date Definitin each data element shuld have a clear meaning and acceptable values Granularity the attributes and values f data shuld be defined at the crrect level f detail Relevancy data are meaningful fr the purpse fr which they were cllected In the initial transitin perid (which culd last frm 6 mnths t tw years) there will likely be a cmbinatin f electrnic and paper charts. A defined prcess and transfer date shuld be identified fr the EMR t becme the fficial medical recrd (the surce f truth) versus the paper chart r ther clinical recrd in use, t prevent failures in the receiving r fllwing up f medical reprts 10. Each type f dcument/reprt that is received int the ffice shuld have a defined prcess and destinatin t either the paper chart r the electrnic recrd, r bth. There must be a prcess in place t ensure that there are cntrls in place t specifically manage the changever perid f the handling f a dcument/reprt. All individuals using the recrds must understand the cntent and limitatins f each f the recrds in the perid f transitin. Each recrd must be clearly identifiable as t its status as the primary medical recrd, parallel recrd, r partial recrd. Fr the electrnic recrd t be deemed the primary medical recrd, relevant histry frm the paper chart must be transferred and/r referenced directly. This is ften dne in cnjunctin with a cmprehensive review f the chart (i.e. as part f a cmplete physical, r an insurance reprt) and shuld have a standardized prcess and cntent. The dispsitin f paper charts nce transitined t an electrnic chart must still fllw the parameters established in the Physician Office Medical Recrds plicy 1. If the paper chart has been transferred in its entirety in nn-editable frm (i.e. the entire chart has been scanned int the electrnic chart), the paper chart can be dispsed as per nrmal dispsitin guidelines and the electrnic frmat becmes the clinical histry. If paper charts have been summarized with the relevant histry transferred after a diligent ascertainment that the clinically relevant material frm the past ten years (r further if deemed necessary) has been included, the paper chart may be archived r destryed. The physician may find it useful t dcument the prcedure used in the transfer indicating the type r ratinale f material mitted frm the transfer as well as any summarizatins.

6 Transitin t Electrnic Medical Recrds: CPSA Guideline Page 6 f 8 Pearls Be cautius f features embedded within the sftware applicatin which may set default values that may create data in the medical recrd that was nt an actual bservatin, r the use f a template which may limit the additin f relevant data. Evaluate the requirements yu may have t create reprts r utging dcuments t determine the structure f yur input data (i.e. defining what is text, discrete data elements, scanned reprts, etc) s that future data analysis r practice review is enabled. Fr example, including a prescriptin within a textual cmment in a prgress nte may render it inaccessible when searching the recrd fr a specific drug based n a recall ntice. The Electrnic Health Recrd is an evlving tl which in time may alter the types f infrmatin which has traditinally been held within the physician s medical recrd (i.e. lab results) as this infrmatin may be held in centralized surce. Given the relative newness f these prcesses, extra diligence shuld be taken t evaluate the maturity f these tls, the retentin f data by the custdian, and the access prcesses fr histrical and medic-legal requirements prir t making the decisin t nt maintain this data in the physician s medical recrd. Cnfrmance with Vendr Cnfrmance and Usability Requirements (VCUR)-apprved prducts will help t ensure that acceptable prvince-wide standards are achieved The integrity f the clinical wrkflw supprted by the medical recrd must be maintained. There are many clinical prcesses directly r indirectly supprted by the medical recrd. The transitin t electrnic recrds may alter these prcesses which may include imprtant safety precautins r ther critical wrkflw items. Recmmendatins: The implementatin f an electrnic medical recrd will necessitate prcess changes in the practice wrkflw and ften the rles that the physician and assciated staff perfrm. Many f the wrkflw prcesses designed n the mvement f the paper chart will n lnger be valid and shuld be frmally evaluated and ptimized fr patient safety and quality f care. The tasks assigned t individuals must fall within guidelines fr prfessinal scpes f practice and have a defined delegatin f authrity. The implementatin f the technlgy t supprt electrnic medical recrds is ften accmpanied with the capability fr electrnic mail. can be used fr internal cmmunicatin within an ffice, physician t physician cmmunicatin, and fr patient t physician cmmunicatin. s are an explicit frm f cmmunicatin and therefre are part f the medical recrd. Care shuld be taken t ensure the is attached t the medical recrd in the same frmat and lcatin as ther external cmmunicatin. The CMPA has prvided guidelines regarding the use f 12 which shuld be cnsulted. At a minimum: handling rules (including service levels and purpse limitatins) shuld be explicit and clearly articulated t patients. Cnsent shuld be btained frm the patient t clarify the expectatins and prcessing f s. Physicians shuld be aware that emplyers and Internet Service Prviders can (and d) stre and read s. Therefre the cnfidentiality f s must be taken int accunt, and text and attachments shuld have adequate encryptin. Physicians shuld have prcedures fr the timely receipt, respnses and an escalatin prcess where standards fr management are nt met. Text based cmmunicatin can lack the cntext and dynamic nature f persnal cmmunicatin therefre the physician needs t recgnize the limitatins f this type f cmmunicatin. Clinical management prcesses and cntrls have traditinally been linked t the physical lcatin and transfer f the paper chart. The lack f a physical chart necessitates the implementatin f ther cntrl mechanisms t prevent fllw-up failures. Specific recmmendatins fr fllw-up failures are identified in a separate guideline 10, hwever the electrnic recrd shuld at a minimum factr in the fllw items:

7 Transitin t Electrnic Medical Recrds: CPSA Guideline Page 7 f 8 Fllw-up appintments Referral appintments Reprts received Reprts handled, signed ff and filed Cmmunicatin attempts Prcesses shuld be develped t ensure the integratin, inclusin, and update f multiple recrds as they becme available at all clinical decisin pints. Data and charting standards fr shared recrds via netwrks within and between practitiners shuld be develped t ensure that anther practitiner can assume care f the patient with full understanding f the cntent f the medical recrd. Pearl Planning fr the implementatin f an EMR prvides tremendus pprtunity fr imprvements in wrkflw f the practice, as well as with individual prcedures. Remember t balance explring pprtunities t imprve current prcesses, rles r timing based n the paradigm f the paper chart with the limits f the capacity fr change by the peple invlved. 5. Cntinuity and quality f care must be maintained thrugh the transitin perid. The verriding issue during this perid f transitin is that the level f patient care cannt suffer in a manner that risks patient safety r the quality f care. First, d n harm Recmmendatins: A gd management strategy is essential t ensure that the implementatin f the electrnic medical recrd des nt expse the patient t risk. This shuld include at a minimum: A readiness assessment Educatin & administrative needs Clinical practice and wrkflw definitins An evaluatin f technical requirements Definitin f staff rles & delegatin f authrity Design f the cnversin and hybrid system prcesses Implementatin f safety and cntrl prcesses There must be an assurance f the cmpetency f resurces in the use f the technlgy and f the prcess changes that have been implemented. Pearls Critical fr the successful implementatin is the appintment f a clinical technlgy leader fr the practice. This persn must have a dedicated allcatin f time t prvide technical supprt, design and manage enhancements t wrkflw and t develp data and charting standards. The intrductin f any frm f change usually is accmpanied by a perid f lst efficiency during the implementatin perid, and is als a perid f high stress. Care t manage the verall wrklad during this perid is essential. C. Cnclusin The transitin t electrnic medical recrds (beynd the implementatin f the hardware and sftware) represents a significant change t the clinical prcesses in a medical practice. These changes must be carefully cnsidered t ensure patient safety and quality f care thrughut the transitin perid, primarily thrugh the cntinued integrity f the medical recrd and the clinical

8 Transitin t Electrnic Medical Recrds: CPSA Guideline Page 8 f 8 prcesses that are supprted by the medical recrd. In additin, changes that are inherent with the change t electrnic recrds such as patient privacy and infrmatin security must be managed. The transitin t electrnic recrds is a majr step in its wn right. Hwever, this transitin is als the beginning step in a much larger transitin perid bth within the practice and in the health system as a whle. Once the medical recrd is in electrnic frm, there will be further pprtunities t initiate clinical practice changes at an individual patient level, at the practice level as well as at the ppulatin level. Imprtant Reference Surces 1. Physicians Office Medical Recrds. CPSA June HIA Guide t Plicies and Prcedures fr Physician Offices. POSP February 2003 HIA Guide t Privacy Impact Statements. POSP February Health Infrmatin Act f Alberta. OIPC Release f Medical Infrmatin: A Guide fr Alberta Physicians. CPSA. March Privacy Impact Assessments Release f Data fr Research Purpses CMA Health Infrmatin Privacy Cde Vendr Cnfrmance and Usability Requirements COACH Guidelines fr the Prtectin f Health Infrmatin Preventing Fllw-up Failures when Caring fr Patients. CPSA August The Referral/Cnsultatin Prcess. CPSA June Physician-Patient Cmmunicatin: Legal Risks. Canadian Medical Prtective Assciatin Infrmatin Letter. December