The electronic medical record (EMR) , in which all patient-related data are computerized into one record, is becoming more widespread in all aspects of health care. Data and patient records can be created, modified, authenticated, stored, and retrieved by the computer. This has made record maintenance and retrieval much more efficient and effective in medical offices, clinics, laboratories, and hospitals. However, it has resulted in increased concerns about patient privacy as so many healthcare professionals may now be able to view a patient record unless precautions are taken. A well-designed computerized system may offer better protection than a “file-drawer” storage system because there are passwords, encryptions (scrambling and encoding information before sending it electronically), and the use of firewalls (software to prevent unauthorized users) to maintain security.
Legal confidentiality obligations apply to all methods of record keeping. With a computer-based system, it is even more important to be diligent in protecting the patients’ rights because generally more people have access to the computerized records. Special safety measures should be taken, such as establishing personal identification and user verification codes for access to records. Computer-based records should be accessed only on a need-to-know basis. Not everyone in a healthcare facility should have authorization to pull up patient records on the computer screen.
Security is an ever-present concern with electronic medical records. For example, the computer should not be left on when the patient is alone in an exam room. In addition, computer “hackers” can often access and change information that is not protected with tight security systems such as firewalls.
Loss of Medical Records
As Anesha’s case at the beginning of this chapter indicates, the loss of a medical record can be a frustrating, and even a harmful experience for all those involved. It can even result in a deadly outcome if vital information relating to the patient is gone. Whether a medical record is lost through careless filing of the record or as a result of a deliberate attempt to prevent litigation, it is always preventable. There are many safeguards that a medical office, clinic, and even a hospital can implement to prevent the loss of a record. ( Figure 9.4 )
· 1. All records removed from files should be listed in a journal. The person to whom the file was given and the date should be recorded.
· 2. Place some indication in the file cabinet or EMR that a file has been removed. Many offices use a color-coded insert to alert personnel about the file removal.
· 3. If possible, designate one person responsible for maintaining a list of all records removed from files. That person then collects all files and returns them to the proper location.
· 4. Placing all medical records on microfiche is an excellent way to safeguard against record loss. The microfiche can be “backed up” with a duplicate film that is kept in a safe, fireproof area.
Figure 9.4 Medical Assistant uses a Laptop Computer for Bedside Charting
Juries tend to be unsympathetic in a court case that revolves around a lost medical document or record. For example, during the discovery phase in the case of Keene v. Brigham & Women’s Hospital, the plaintiff was told that the hospital had lost his medical records. A default judgment for the plaintiff was entered at the Appeals Court level and upheld at the Supreme Court level. The courts maintained that without the medical record containing evidence relating to the medical malpractice claim against the hospital, it was impossible to make a determination of guilt or innocence of the defendant (Keene v. Brigham & Women’s Hosp., Inc. 439 Mass. 223, 2003).