How To Assess Records Risk In An Ehr System

Transcription

1 EHR Records Risk Assessments An Evolving Use of the EHR System Functional Model Standard HIMSS HL7 April 15, 2015 Reed D. Gelzer, MD, MPH Co-Chair, HL7 EHR Workgroup Co-Faciltator, HL7 EHR Records Management and Evidentiary Support Workgroup and HL7 EHR/Security Vocabulary Alignment Workgroup Provider Resources, Inc.

2 Overview EHR-S FM R2: Normative Standard The HL7 EHR-S Functional Model defines a standardized model of the functions that may be present in EHR Systems. 2

3 Overview What is Records Risk? What does Records Risk look like? How does the EHR-S FM R2 (aka R2) help? 3

4 Records Risk Records: Representations of acts and events in the real world Risks to their value as accurate representations: Reliable means of origination Security Authenticity Persistence 4

5 Origination Risk A group of inexperienced and uncertified inspectors for the Department of Licenses and Inspection conducted around 600 inspections of unsafe buildings in a single week last month, the Inquirer has learned. Each of the newly hired inspectors then recorded their work in L&I s database under the name of another man, an experienced inspector with the agency. 5

6 Origination Risk 6

7 8

8 EHR Systems: Systems of Systems Recommendation: Release of Information (ROI) Risk Assessment Evaluating: 1. Authorship 2. Log ( Audit ) functions 3. Amendments 9

9 Origination For Authenticity Recommendation: Release of Information (ROI) Risk Assessment Examples: Records releases for business or clinical requests (legal process or claims support/revenue integrity) Data extracts to support Quality measures Transitions of Care Support 10

10 EHR Functional Model

11

12 R2 Checklist: Originate & Retain 13

13 R2 Checklist: Originate & Retain 1. The system SHALL provide the ability to capture (originate) a Record Entry instance corresponding to an Action instance and context. 14

14 Checklist: Evidence of Originate & Retain 15

15 Know Your Objectives Risk Identification: Keep it simple and practical Risk Mitigation Mapping -Training? -Configuration? -Design? 16

16 Objectives Risk Mitigation: Keep it actionable Medical Staff Bylaws (Hospitals) Medical Records P&P EHR FM R2-Derived Due-Diligence Templates 17

17 Notables HIMSS presentation slides for Medical-Legal Cases That Went South by Dr. Keith Klein Electronic Health Records Systems: Testing The Limits of Digital Records Reliability and Trust in Ave Maria Law Review, Summer 2014 by Drury, Gelzer, Trites, and Paul.

18 Questions Reed D. Gelzer, MD, MPH Co-Chair, HL7 EHR Standards Workgroup Co-Facilitator, HL7 Records Management and Evidentiary Support Workgroup Trustworthy EHR, LLC Newbury, NH Philadelphia, PA