Electronic Medical Records in Correctional Health Report to the National Commission on Correctional Healthcare Contact Information Todd R. Wilcox, MD, MBA, CCHP Medical Director, Salt Lake County 256 South 1200 East Salt Lake City, UT 84102 801-582-2376 trwilcox@wellcon.net www.wellcon.net Nina F. Dozoretz, MA, RHIA, CCHP 801 I Street, NW Suite 800 Washington, DC, 20536 202-353-9823 ndozoretz@hrsa.gov The Mission Provide objective overview of the current state of EMR s in the marketplace Provide guidance on the interplay between HIPAA and EMR s Provide a workplan for the preparation, selection, and implementation of an EMR Provide an overview of HIPAA and resources to assist with compliance Who Should Be On An EMR? Generally ADP > 800 HIPAA Compliance! If you need to enforce formulary / practice guidelines If you need to defend budget / staffing More than one healthcare delivery site If you need relief from lawsuits Typical Correctional Scenario Charts unavailable at MD encounter Filing backed up for months Ran out of storage space for paper charts Paper charts a fire hazard Non-existent nursing documentation because they couldn t find charts Multiple charts created as path of least resistance Perceived Barriers--Study by Medical Record Institute Lack of resources Lack of support by clinicians Difficulty creating a migration plan Can t find an integrated software solution with just 1 vendor Difficulty evaluating / validating real capabilities of vendors 1
Cost-Benefit of an EMR Each MD will generate >300 filerelated tasks per day on paper Primary areas of savings Typically need only 1/3 of medical records staff to run EMR vs. paper MDs and nurses produce more work product SLC return on investment = 1.5 years Step 1 Hire An EMR Expert In-house staff almost never has adequate expertise or experience Comparative example: Would you ask your warden to design and build a new jail? Number 1 cause of failure is lack of expert help Your expert must understand both healthcare processes and EMR s to be successful Your expert should assist with all subsequent steps to keep you out of trouble Step 2 What Kind of EMR Do You Need? Tier 1: Automated Medical Records Tier 2: Computerized Medical Records Tier 3: Electronic Medical Record Tier 4: Electronic Integrated Health Record Step 3 Hardware and Infrastructure Determined by Step 2 Pick the right computers, servers, intranet, internet, pull transmission lines On average, takes a year to complete Coordinate with purchasing, governmental IS, 3 rd party vendors, governmental telephone services Step 4 Redefine Business Practices Every healthcare function must be redesigned for efficiency Many new processes must be contemplated (dictation vs. typing) MUST avoid reverse engineering your efficiency This is why your expert needs to know both healthcare and computers Business Process Examples Process Intake screen MR filing lag MD note 14-day assessment Nursing documentation Before EMR 6.91 min / 24 items 13 days 9.6 minutes / 14 lines text 43% on time / 23 data points 6% After EMR 6.71 min / 56 items < 24 hours 2.1 minutes / 29 lines text 99%+ on time / 70 data points 96% 2
Step 5 Selecting the Right System Writing a good RFP / Requirement Matrix is critical to success Your expert will earn his pay at this step Identify the right type of system Identify clearly the scope of the project What you need vs. what you want Communicate rational timelines Establish an effective selection process Selection Criteria and Process Functionality is more important than price Create a matrix of requirements and demand to see them demonstrated Vaporware is everywhere--don t believe anything said or shown by salesman Been in business > 5 years 3 rd Party add-ons (pharmacy, dental, etc) should be avoided. Software must be fully integrated Pay attention to timelines DO SITE VISITS to facilities using the software and talk to their staff System Design Features Infinitely-scalable system (i.e., Oracle relational database, not MS Access, etc) GUI interface (mouse, keyboard, touch) ASP (active server pages) database Chart-driven tracking of healthcare costs and productivity Fully integrated across all disciplines Customizable by end-user Patient record designed to be longitudinal Efficiency Issues Intelligent Scanning capability (bar coded) Clinical images scanning (Xray, EKG s) Off-site internet access Email system must be integrated into patient chart to avoid separate charting Software has fully-integrated clinical rules engine (chronic care clinics!) Efficiency Issues Lab values graphed Bar-coded entry of documents and data 1 and 2-way interface capability Lab, radiology, offender management Software-generated clinical summaries Order-generated to-do lists Vendor does own training, not 3 rd party Security Issues Absolute, unalterable data integrity Keystroke tracking Document security grades User security grades Multi-level backup / offsite secure storage Persistent server-side state Encryption 3
Step 6 Implementation Create a team, put your expert in charge of it All programming changes, additions, subtractions must be approved by one person Learn how to manage your own system TRAIN, TRAIN, TRAIN Step 7 Daily Operation and Maintenance Identify local system administrator Budget for maintenance Expect daily issues Create a mirror paper backup system Work out system support with vendor in the contract and lock it in for as long as they will allow Escrow the software Resources Conglomerate list of EMR vendors available on www.ncchc.org Slide Set Available at: www.wellcon.net HIPAA: What s All the Buzz? CAPT Nina Dozoretz 2002 NCCHC NASHVILLE CONFERENCE 22 HIPAA What Is It? What is HIPAA? Health Insurance Portability and Accountability Act (HIPAA, Public Law 104-191), signed on August 21, 1996. Improve quality of health care Encourage development of information systems based on exchange of standard management and financial data using EDI. Require organizations to follow national implementation guidelines for EDI 4
Standards for Privacy - 1 PRIVACY RULE HHS, Office of Civil Rights (OCR) Enforcement civil monetary penalties, criminal prosecution Respond to Questions Secure Voluntary compliance Technical Assistance Respond to State requests for exception determinations Investigate complaints Conduct compliance reviews Effective April 14, 2001 Most Covered Entities must comply by April 2003 Gives patients more control over their information Sets limits on use and release of health records Establishes safeguards to protect privacy Holds violators accountable 27 Standards for Privacy - 2 No extension for compliance April 14, 2003 health care providers April 14, 2003 health plans, other than small April 14, 2004 small health plans April 14, 2004 clearinghouses Does HIPAA Apply to You? Covered entity Is a health plan, a health care clearinghouse, or a provider who transmits health information in electronic form (45 C.F.R. Part 162) Use the Covered Entity Decision Tools Health care provider (45 C.F.R. 160.103) 5
Administrative Simplification provisions - 1 Protect and enhance rights of consumers Improve quality of health care by restoring trust Improve efficiency and effectiveness of health care delivery by creating a national framework Administrative Simplification provisions - 2 Association for Electronic Health Care Transactions (AFEHCT) an industry action group, member companies include health claims clearinghouses, value added networks, software vendors, practice management companies, health care data processing EDS; IBM; McKesson HBOC; Per Se Technologies; National Data Corp; Siemens Medical Solutions; Perot Systems; Web MD; UNISYS; Ernst & Young, LLP; Aetna US Healthcare; and more 31 Administrative Simplification provisions - 3 October 15, 2002 Deadline for Extension Applies to entities that generate, process and/or receive electronic medical claims,including eligibility and referral authorizations, EOBs, payments Compliance Officer Monitoring/auditing Education/training Conduct effectiveness evaluations Develop and/or update P&P Employee awareness Compliance with government regs Compliance Officer Training Sources for Information November 12, 2002 HIPAA Privacy Rule Compliance: A Simplified Explanation by Michael Fleischman (Gates, Moore & Co) www.coding/institute.com/offer/752 HCCA: 2002 Profile of Health Care Compliance Officers survey www.hcca-info.org/documents/hccasurvey9_02.pdf www.cms.gov/hipaa www.hhs.gov/ocr/hipaa www.ahima.org HCPro Healthcare Marketplace (www.hcmarketplace.com) 6