User login
EHRs and medicolegal risk: How they help, when they could hurt
Survey: Many physicians plan to leave or scale down practice
Janelle Yates (February 2012)
Is private ObGyn practice on its way out?
Lucia DiVenere, MA (October 2011)
The medical record has evolved considerably since it originated in ancient Greece as a narrative of cure.1 For one thing, it’s now electronic. For another, it’s no longer a medical record but a health record. According to the US Department of Health and Human Services, the distinction is not a trivial one. A medical record is used by clinicians mostly for diagnosis and treatment, whereas the health record focuses on the total wellbeing of the patient.2 The medical record is used primarily within a practice. The electronic health record (EHR) reaches across borders to other offices, institutions, and clinicians.
Use of the EHR has been stimulated by the Health Information Technology for Economic and Clinical Health Act,3 which offers grants and incentives for “meaningful use” of electronic records.4 After 2014, medical practices that do not use EHRs will face a financial penalty that amounts to 2% of 2013 clinical revenue.
EHRs have been hailed as a panacea and derided as anathema. Whatever your perspective, there is no denying that they dramatically increase the immediate and easy availability of information and, therefore, influence decision-making in regard to medical care, cost-effectiveness, and patient safety. EHRs have the potential to improve communication, broaden access to information, and help guide clinical decision-making through the use of best-practice algorithms. When used properly—which means taking advantage of the EHR’s full potential and adapting to the way information is organized and analyzed—the EHR can reduce adverse events and help defend the appropriateness of the care provided. This lowers your medicolegal risk. When used improperly or haphazardly, they may increase that risk. In this article, we elaborate on both.
EHRs have many benefits
Improved communication. EHRs facilitate communication between healthcare providers. A primary care physician can access a consultant’s report practically as it is written. Providers also can carry on a dialogue electronically, planning together for care that will best serve the patient, with less redundancy and time.
The EHR also facilitates communication between physician and patient, allowing the physician to see the patient’s recent history and plan her management while speaking to her on the phone. Issues can be addressed with greater accuracy and expediency, leading to reduced anxiety for the patient and increased compliance.
Seamless integration. Information can be entered into the EHR and integrated into the full record more seamlessly than it is with written records. And data can be entered once and used many times.
Enhanced decision-making. Decision-making depends on careful analysis of a clinical scenario. Protocols, templates, and order sets embedded in the EHR can reduce medical errors by identifying scenarios for the physician to review.5,6
The EHR can also highlight adverse drug-drug interactions and help avoid potential allergic reactions. Murphy and colleagues reported a reduction of medical errors by utilizing a pharmacy-driven EHR component—a reduction from 90% to 47% on the surgical unit and from 57% to 33% on the medicine unit.7
Improved documentation. The EHR can enhance documentation by offering specific and detailed templates for informed consent, making it more comprehensive than a handwritten notation of the risks and benefits.
Decipherability is another strength of the EHR. Because physicians are notorious for poor handwriting skills, some hospitals now require a writing sample as part of their privileging process. The EHR avoids this issue entirely.8 Typos and grammatical errors are minimized by spellchecking and grammar-correcting programs written into the EHR.
Quality assurance. Timely evaluation of approaches to clinical care is available to physicians as well as hospitals that use EHRs.9 An individual physician can perform personal quality-assurance audits. And hospital management can gather cumulative statistics more quickly and easily.5,6,10,11
Patient data can be accessed independent of medical department, with lab tests, imaging studies, and pathology reports readily available for review. And accessibility is available regardless of geographic location.
EHRs are not perfect, and neither are their users. EHRs present the potential for problems related to absent or erroneous data entry, patient privacy issues, misunderstanding and misuse of software, and development of metadata.
With initial use, EHRs can create documentation gaps with the transition from paper to electronic records. In addition, inadequate provider training can create new error pathways, and a failure to use EHRs consistently can lead to loss of data and communication errors. These gaps and errors can increase medicolegal risk, as can the more extensive documentation often seen with early use, which creates more discoverable data. The temptation to cut and paste risks repeating earlier errors and omitting new information.
Another area of risk involves communication with the patient via email. A failure to reply could result in claims of negligence, and information overload could obscure pertinent pieces of information. And a departure from clinical decision support could be used by the patient to defend allegations of negligence.
With widespread use of EHRs, improved access to data could change the “duty” owed to the patient. In addition, clinical decision support embedded within the software could become the de facto “standard of care.”
The learning curve can be steep
The learning curve for EHRs may be steep and, at times, discouraging. One reason is that data are organized differently than in the conventional paper record, where information is read and analyzed in a progressive and stepwise manner, as in an analog or vertical system. The EHR is a digital format, so finding information requires digital (horizontal) inquiry. Information is, therefore, utilized in both horizontal and vertical formats in everyday situations. If data are entered incorrectly, all subsequent decisions could be flawed. And if the EHR suggests a plan, and that plan is not performed by the provider, the risk of liability could increase.
Inadvertent violation of the Health Insurance Portability and Accountability Act (HIPAA) with an EHR could increase medicolegal risk. For example, HIPAA allows for patients to make corrections to inaccurate information in their personal documents, but access by the patient could require the physician to review all records viewed by the patient after visit notes have been entered. This could drive up the cost of practice and reduce face-to-face time between physician and patient. Patients are not necessarily the best judges of which information is most important in their medical records.
Internet access raises concerns about the privacy of sensitive issues and misuse of information. Making a patient’s protected health information accessible electronically leaves physicians and hospitals at risk for a government fine or lawsuit. In several instances, the US Department of Health and Human Services (HHS) has levied fines against small practices and government agencies.
In one case, HHS fined Phoenix Cardiac Surgery in Phoenix, Arizona, $100,000 for posting surgery and appointment schedules on an Internet-based calendar that was accessible to the public.12 In another, HHS fined the Massachusetts Eye and Ear Infirmary in Boston $1.5 million after it reported the loss of an encrypted personal laptop containing the protected health information of patients and research subjects.13 The Alaska Department of Health and Social Services (DHSS) agreed to pay HHS $1.7 million after it reported the loss of a USB drive—possibly containing protected health information—from the vehicle of a DHSS employee.14
In traditional physician practices that employ handwritten records, the potential for compromise of patient information is limited. An organization may lose a few patient charts in the office and recover from the loss without incident. With the EHR, the loss poses a significant threat. The cases mentioned above were attributed to negligence or ignorance. The consequences could be worse if the compromise of EHR data is determined to be intentional. On September 4, 2010, hackers may have exposed the personal information of approximately 9,493 patients at Southwest Seattle Orthopaedics and Sports Medicine in Burien, Washington. Even with the best encryption technology, any electronic system remains vulnerable to external attack.
Metadata reveal how original data are used
Another concern regarding EHRs involves metadata—”data about data content.”15 Metadata is structured information that describes, locates, explains, or manages information. Metadata relevant to the EHR includes the data and time it was reviewed by the provider and whether it was manipulated in any way. Clearly, there is a potential for use and misuse by third-party reviewers.
Specialty-specific EHRs are recommended
Many ObGyns have found that most EHR systems are inadequate to the task of recording and analyzing information relevant to their specialty. Obstetric care is episodic and frequent. Data are added into the flow that must be considered at each visit, such as gestational age, fetal growth, labs (and normative values), prenatal diagnostic studies, and so on, representing both vertical and horizontal processing.16
The legal discovery process poses challenges that have not yet been resolved
The legal discovery process grants all parties to a lawsuit equal access to information. Under ideal circumstances, the EHR can provide comprehensive data more quickly than traditional records can. The problem is determining what constitutes relevant data and which party has the burden or benefit of making that decision. Uncontrolled access has the potential to violate privacy and privilege requirements.
Rules regarding discovery are still being debated in regard to their applicability to digital discovery.17 Even before a lawsuit is filed, the potential for “data mining” by third parties could lead to allegations of malpractice.
How to use EHRs responsibly without increasing risk
Good communication between patient and provider is paramount in the provision of quality medical care. Adherence to evidence-based standards with thorough documentation always serves the best interests of both patients and providers. The EHR can facilitate this process.
Our recommendations for appropriate use of your EHR include:
- Spend time learning the ins and outs of your particular EHR, and make sure your staff does the same. This will help reduce the likelihood that errors will be introduced into the record and ensure consistent use.
- Use individual sign-ons for anyone involved in data entry. This step facilitates the identification of users responsible for inaccurate use or errors, so that the situation can be addressed efficiently.
- Do not let third parties enter or manipulate data. This could jeopardize patient privacy, as well as the integrity of the record itself.
- Track all data entry on a regular basis. The frequency of tracking should be a function of routine as well as clinical circumstance. All new data from the previous interval should be reviewed at the time of the subsequent visit in order to direct care and ensure proper data entry.
Because of the considerable risk of liability claims in ObGyn practice, it is critical that the medical record accurately and precisely reflects the circumstances of each case. The EHR can be an effective and useful tool to document what occurred (and when) in a clinical scenario.18 As with all medical records, completeness and accuracy are the first and best defense against allegations of medical malpractice.
1. The Casebooks Project. History of Medical Record-keeping. http://www.magicandmedicine.hps.cam.ac.uk/on-astrological-medicine/further-reading/history-of-medical-record-keeping/. Accessed February 26 2013.
2. US Department of Health and Human Services. EMR vs EHR—What is the difference? Health IT Buzz. http://www.healthit.gov/buzz-blog/electronic-health-and-medical-records/emr-vs-ehr-difference/. Accessed February 20, 2013.
3. Health Information Technology for Economic and Clinical Health Act of 2009. HITECH Act. Pub L No 111-5 Div A tit XIII Div B tit IV Feb 17 2009, 123 stat 226, 467. Codified in scattered sections of 42 USCA.
4. Mangalmurti S, Murtagh L, Mello M. Medical malpractice liability in the age of electronic health records. N Engl J Med. 2010;363(21):2060-2067.
5. Reid P, Compton D, Grossman J, et al. Building a Better Delivery System: A New Engineering/Healthcare Partnership. Committee on Engineering and the Health Care System, Institute of Medicine and the National Academy of Engineering. Washington, DC: National Academies Press; 2005.
6. Grossman J. Disruptive innovation in healthcare: challenges for engineering. The Bridge. 2008;38:10-16.
7. Murphy E, Oxencis C, Klauck J, et al. Medication reconciliation at an academic medical center; implementation of a comprehensive program from admission to discharge. Am J Health-System Pharmacy. 2009;66(23):2126-2131.
8. Schuler R. The smart grid: a bridge between emerging technologies society and the environment. The Bridge. 2010;40:42-49.
9. Haberman S, Feldman J, Merhi Z, et al. Effect of clinical decision support on documentation compliance in an electronic medical record. Obstet Gynecol. 2009;114(2 Pt 1):311-317.
10. Hasley S. Decision support and patient safety: the time has come. Am J Obstet Gynecol. 2011;204(6):461-465.
11. Lagrew D, Stutman H, Sicaeros L. Voluntary physician adoption of an inpatient electronic medical record by obstetrician-gynecologists. Am J Obstet Gynecol. 2008;198(6):690.e1-e6.
12. Dolan PL. $100,000 HIPAA fine designed to send message to small physician practices. American Medical News. 2012. http://www.ama-assn.org/amednews/2012/04/30/bisd0502.htm. Accessed February 26, 2013.
13. US Department of Health and Human Services. Massachusetts provider settles HIPAA case for $1.5 million [news release]. September 17 2012. http://www.hhs.gov/news/press/2012pres/09/20120917a.html. Accessed February 26, 2013.
14. US Department of Health and Human Services. Alaska settles HIPAA security case for $1,700,000 [news release]. June 26, 2012. http://www.hhs.gov/news/press/2012pres/06/20120626a.html. Accessed February 26, 2013.
15. National Information Standards Organization. Understanding Metadata. Bethesda MD: NISO Press; 2004. http://www.niso.org/publications/press/UnderstandingMetadata.pdf. Accessed February 26, 2013.
16. McCoy M, Diamond A, Strunk A. Special requirements of electronic medical record systems in obstetrics and gynecology. Obstet Gynecol. 2010;116(1):140-143.
17. The Berkman Center for Internet and Society at Harvard Law School. The Federal Rules of Civil Procedure: The Impact of Digital Discovery. http://cyber.law.harvard.edu/digitaldiscovery/digdisc_library_4.html. Accessed February 26 2013.
18. Quinn M, Kats A, Kleinman K, et al. The relationship between electronic health records and malpractice claims. Arch Intern Med. 2012;172(15):1187-1188.
Survey: Many physicians plan to leave or scale down practice
Janelle Yates (February 2012)
Is private ObGyn practice on its way out?
Lucia DiVenere, MA (October 2011)
The medical record has evolved considerably since it originated in ancient Greece as a narrative of cure.1 For one thing, it’s now electronic. For another, it’s no longer a medical record but a health record. According to the US Department of Health and Human Services, the distinction is not a trivial one. A medical record is used by clinicians mostly for diagnosis and treatment, whereas the health record focuses on the total wellbeing of the patient.2 The medical record is used primarily within a practice. The electronic health record (EHR) reaches across borders to other offices, institutions, and clinicians.
Use of the EHR has been stimulated by the Health Information Technology for Economic and Clinical Health Act,3 which offers grants and incentives for “meaningful use” of electronic records.4 After 2014, medical practices that do not use EHRs will face a financial penalty that amounts to 2% of 2013 clinical revenue.
EHRs have been hailed as a panacea and derided as anathema. Whatever your perspective, there is no denying that they dramatically increase the immediate and easy availability of information and, therefore, influence decision-making in regard to medical care, cost-effectiveness, and patient safety. EHRs have the potential to improve communication, broaden access to information, and help guide clinical decision-making through the use of best-practice algorithms. When used properly—which means taking advantage of the EHR’s full potential and adapting to the way information is organized and analyzed—the EHR can reduce adverse events and help defend the appropriateness of the care provided. This lowers your medicolegal risk. When used improperly or haphazardly, they may increase that risk. In this article, we elaborate on both.
EHRs have many benefits
Improved communication. EHRs facilitate communication between healthcare providers. A primary care physician can access a consultant’s report practically as it is written. Providers also can carry on a dialogue electronically, planning together for care that will best serve the patient, with less redundancy and time.
The EHR also facilitates communication between physician and patient, allowing the physician to see the patient’s recent history and plan her management while speaking to her on the phone. Issues can be addressed with greater accuracy and expediency, leading to reduced anxiety for the patient and increased compliance.
Seamless integration. Information can be entered into the EHR and integrated into the full record more seamlessly than it is with written records. And data can be entered once and used many times.
Enhanced decision-making. Decision-making depends on careful analysis of a clinical scenario. Protocols, templates, and order sets embedded in the EHR can reduce medical errors by identifying scenarios for the physician to review.5,6
The EHR can also highlight adverse drug-drug interactions and help avoid potential allergic reactions. Murphy and colleagues reported a reduction of medical errors by utilizing a pharmacy-driven EHR component—a reduction from 90% to 47% on the surgical unit and from 57% to 33% on the medicine unit.7
Improved documentation. The EHR can enhance documentation by offering specific and detailed templates for informed consent, making it more comprehensive than a handwritten notation of the risks and benefits.
Decipherability is another strength of the EHR. Because physicians are notorious for poor handwriting skills, some hospitals now require a writing sample as part of their privileging process. The EHR avoids this issue entirely.8 Typos and grammatical errors are minimized by spellchecking and grammar-correcting programs written into the EHR.
Quality assurance. Timely evaluation of approaches to clinical care is available to physicians as well as hospitals that use EHRs.9 An individual physician can perform personal quality-assurance audits. And hospital management can gather cumulative statistics more quickly and easily.5,6,10,11
Patient data can be accessed independent of medical department, with lab tests, imaging studies, and pathology reports readily available for review. And accessibility is available regardless of geographic location.
EHRs are not perfect, and neither are their users. EHRs present the potential for problems related to absent or erroneous data entry, patient privacy issues, misunderstanding and misuse of software, and development of metadata.
With initial use, EHRs can create documentation gaps with the transition from paper to electronic records. In addition, inadequate provider training can create new error pathways, and a failure to use EHRs consistently can lead to loss of data and communication errors. These gaps and errors can increase medicolegal risk, as can the more extensive documentation often seen with early use, which creates more discoverable data. The temptation to cut and paste risks repeating earlier errors and omitting new information.
Another area of risk involves communication with the patient via email. A failure to reply could result in claims of negligence, and information overload could obscure pertinent pieces of information. And a departure from clinical decision support could be used by the patient to defend allegations of negligence.
With widespread use of EHRs, improved access to data could change the “duty” owed to the patient. In addition, clinical decision support embedded within the software could become the de facto “standard of care.”
The learning curve can be steep
The learning curve for EHRs may be steep and, at times, discouraging. One reason is that data are organized differently than in the conventional paper record, where information is read and analyzed in a progressive and stepwise manner, as in an analog or vertical system. The EHR is a digital format, so finding information requires digital (horizontal) inquiry. Information is, therefore, utilized in both horizontal and vertical formats in everyday situations. If data are entered incorrectly, all subsequent decisions could be flawed. And if the EHR suggests a plan, and that plan is not performed by the provider, the risk of liability could increase.
Inadvertent violation of the Health Insurance Portability and Accountability Act (HIPAA) with an EHR could increase medicolegal risk. For example, HIPAA allows for patients to make corrections to inaccurate information in their personal documents, but access by the patient could require the physician to review all records viewed by the patient after visit notes have been entered. This could drive up the cost of practice and reduce face-to-face time between physician and patient. Patients are not necessarily the best judges of which information is most important in their medical records.
Internet access raises concerns about the privacy of sensitive issues and misuse of information. Making a patient’s protected health information accessible electronically leaves physicians and hospitals at risk for a government fine or lawsuit. In several instances, the US Department of Health and Human Services (HHS) has levied fines against small practices and government agencies.
In one case, HHS fined Phoenix Cardiac Surgery in Phoenix, Arizona, $100,000 for posting surgery and appointment schedules on an Internet-based calendar that was accessible to the public.12 In another, HHS fined the Massachusetts Eye and Ear Infirmary in Boston $1.5 million after it reported the loss of an encrypted personal laptop containing the protected health information of patients and research subjects.13 The Alaska Department of Health and Social Services (DHSS) agreed to pay HHS $1.7 million after it reported the loss of a USB drive—possibly containing protected health information—from the vehicle of a DHSS employee.14
In traditional physician practices that employ handwritten records, the potential for compromise of patient information is limited. An organization may lose a few patient charts in the office and recover from the loss without incident. With the EHR, the loss poses a significant threat. The cases mentioned above were attributed to negligence or ignorance. The consequences could be worse if the compromise of EHR data is determined to be intentional. On September 4, 2010, hackers may have exposed the personal information of approximately 9,493 patients at Southwest Seattle Orthopaedics and Sports Medicine in Burien, Washington. Even with the best encryption technology, any electronic system remains vulnerable to external attack.
Metadata reveal how original data are used
Another concern regarding EHRs involves metadata—”data about data content.”15 Metadata is structured information that describes, locates, explains, or manages information. Metadata relevant to the EHR includes the data and time it was reviewed by the provider and whether it was manipulated in any way. Clearly, there is a potential for use and misuse by third-party reviewers.
Specialty-specific EHRs are recommended
Many ObGyns have found that most EHR systems are inadequate to the task of recording and analyzing information relevant to their specialty. Obstetric care is episodic and frequent. Data are added into the flow that must be considered at each visit, such as gestational age, fetal growth, labs (and normative values), prenatal diagnostic studies, and so on, representing both vertical and horizontal processing.16
The legal discovery process poses challenges that have not yet been resolved
The legal discovery process grants all parties to a lawsuit equal access to information. Under ideal circumstances, the EHR can provide comprehensive data more quickly than traditional records can. The problem is determining what constitutes relevant data and which party has the burden or benefit of making that decision. Uncontrolled access has the potential to violate privacy and privilege requirements.
Rules regarding discovery are still being debated in regard to their applicability to digital discovery.17 Even before a lawsuit is filed, the potential for “data mining” by third parties could lead to allegations of malpractice.
How to use EHRs responsibly without increasing risk
Good communication between patient and provider is paramount in the provision of quality medical care. Adherence to evidence-based standards with thorough documentation always serves the best interests of both patients and providers. The EHR can facilitate this process.
Our recommendations for appropriate use of your EHR include:
- Spend time learning the ins and outs of your particular EHR, and make sure your staff does the same. This will help reduce the likelihood that errors will be introduced into the record and ensure consistent use.
- Use individual sign-ons for anyone involved in data entry. This step facilitates the identification of users responsible for inaccurate use or errors, so that the situation can be addressed efficiently.
- Do not let third parties enter or manipulate data. This could jeopardize patient privacy, as well as the integrity of the record itself.
- Track all data entry on a regular basis. The frequency of tracking should be a function of routine as well as clinical circumstance. All new data from the previous interval should be reviewed at the time of the subsequent visit in order to direct care and ensure proper data entry.
Because of the considerable risk of liability claims in ObGyn practice, it is critical that the medical record accurately and precisely reflects the circumstances of each case. The EHR can be an effective and useful tool to document what occurred (and when) in a clinical scenario.18 As with all medical records, completeness and accuracy are the first and best defense against allegations of medical malpractice.
Survey: Many physicians plan to leave or scale down practice
Janelle Yates (February 2012)
Is private ObGyn practice on its way out?
Lucia DiVenere, MA (October 2011)
The medical record has evolved considerably since it originated in ancient Greece as a narrative of cure.1 For one thing, it’s now electronic. For another, it’s no longer a medical record but a health record. According to the US Department of Health and Human Services, the distinction is not a trivial one. A medical record is used by clinicians mostly for diagnosis and treatment, whereas the health record focuses on the total wellbeing of the patient.2 The medical record is used primarily within a practice. The electronic health record (EHR) reaches across borders to other offices, institutions, and clinicians.
Use of the EHR has been stimulated by the Health Information Technology for Economic and Clinical Health Act,3 which offers grants and incentives for “meaningful use” of electronic records.4 After 2014, medical practices that do not use EHRs will face a financial penalty that amounts to 2% of 2013 clinical revenue.
EHRs have been hailed as a panacea and derided as anathema. Whatever your perspective, there is no denying that they dramatically increase the immediate and easy availability of information and, therefore, influence decision-making in regard to medical care, cost-effectiveness, and patient safety. EHRs have the potential to improve communication, broaden access to information, and help guide clinical decision-making through the use of best-practice algorithms. When used properly—which means taking advantage of the EHR’s full potential and adapting to the way information is organized and analyzed—the EHR can reduce adverse events and help defend the appropriateness of the care provided. This lowers your medicolegal risk. When used improperly or haphazardly, they may increase that risk. In this article, we elaborate on both.
EHRs have many benefits
Improved communication. EHRs facilitate communication between healthcare providers. A primary care physician can access a consultant’s report practically as it is written. Providers also can carry on a dialogue electronically, planning together for care that will best serve the patient, with less redundancy and time.
The EHR also facilitates communication between physician and patient, allowing the physician to see the patient’s recent history and plan her management while speaking to her on the phone. Issues can be addressed with greater accuracy and expediency, leading to reduced anxiety for the patient and increased compliance.
Seamless integration. Information can be entered into the EHR and integrated into the full record more seamlessly than it is with written records. And data can be entered once and used many times.
Enhanced decision-making. Decision-making depends on careful analysis of a clinical scenario. Protocols, templates, and order sets embedded in the EHR can reduce medical errors by identifying scenarios for the physician to review.5,6
The EHR can also highlight adverse drug-drug interactions and help avoid potential allergic reactions. Murphy and colleagues reported a reduction of medical errors by utilizing a pharmacy-driven EHR component—a reduction from 90% to 47% on the surgical unit and from 57% to 33% on the medicine unit.7
Improved documentation. The EHR can enhance documentation by offering specific and detailed templates for informed consent, making it more comprehensive than a handwritten notation of the risks and benefits.
Decipherability is another strength of the EHR. Because physicians are notorious for poor handwriting skills, some hospitals now require a writing sample as part of their privileging process. The EHR avoids this issue entirely.8 Typos and grammatical errors are minimized by spellchecking and grammar-correcting programs written into the EHR.
Quality assurance. Timely evaluation of approaches to clinical care is available to physicians as well as hospitals that use EHRs.9 An individual physician can perform personal quality-assurance audits. And hospital management can gather cumulative statistics more quickly and easily.5,6,10,11
Patient data can be accessed independent of medical department, with lab tests, imaging studies, and pathology reports readily available for review. And accessibility is available regardless of geographic location.
EHRs are not perfect, and neither are their users. EHRs present the potential for problems related to absent or erroneous data entry, patient privacy issues, misunderstanding and misuse of software, and development of metadata.
With initial use, EHRs can create documentation gaps with the transition from paper to electronic records. In addition, inadequate provider training can create new error pathways, and a failure to use EHRs consistently can lead to loss of data and communication errors. These gaps and errors can increase medicolegal risk, as can the more extensive documentation often seen with early use, which creates more discoverable data. The temptation to cut and paste risks repeating earlier errors and omitting new information.
Another area of risk involves communication with the patient via email. A failure to reply could result in claims of negligence, and information overload could obscure pertinent pieces of information. And a departure from clinical decision support could be used by the patient to defend allegations of negligence.
With widespread use of EHRs, improved access to data could change the “duty” owed to the patient. In addition, clinical decision support embedded within the software could become the de facto “standard of care.”
The learning curve can be steep
The learning curve for EHRs may be steep and, at times, discouraging. One reason is that data are organized differently than in the conventional paper record, where information is read and analyzed in a progressive and stepwise manner, as in an analog or vertical system. The EHR is a digital format, so finding information requires digital (horizontal) inquiry. Information is, therefore, utilized in both horizontal and vertical formats in everyday situations. If data are entered incorrectly, all subsequent decisions could be flawed. And if the EHR suggests a plan, and that plan is not performed by the provider, the risk of liability could increase.
Inadvertent violation of the Health Insurance Portability and Accountability Act (HIPAA) with an EHR could increase medicolegal risk. For example, HIPAA allows for patients to make corrections to inaccurate information in their personal documents, but access by the patient could require the physician to review all records viewed by the patient after visit notes have been entered. This could drive up the cost of practice and reduce face-to-face time between physician and patient. Patients are not necessarily the best judges of which information is most important in their medical records.
Internet access raises concerns about the privacy of sensitive issues and misuse of information. Making a patient’s protected health information accessible electronically leaves physicians and hospitals at risk for a government fine or lawsuit. In several instances, the US Department of Health and Human Services (HHS) has levied fines against small practices and government agencies.
In one case, HHS fined Phoenix Cardiac Surgery in Phoenix, Arizona, $100,000 for posting surgery and appointment schedules on an Internet-based calendar that was accessible to the public.12 In another, HHS fined the Massachusetts Eye and Ear Infirmary in Boston $1.5 million after it reported the loss of an encrypted personal laptop containing the protected health information of patients and research subjects.13 The Alaska Department of Health and Social Services (DHSS) agreed to pay HHS $1.7 million after it reported the loss of a USB drive—possibly containing protected health information—from the vehicle of a DHSS employee.14
In traditional physician practices that employ handwritten records, the potential for compromise of patient information is limited. An organization may lose a few patient charts in the office and recover from the loss without incident. With the EHR, the loss poses a significant threat. The cases mentioned above were attributed to negligence or ignorance. The consequences could be worse if the compromise of EHR data is determined to be intentional. On September 4, 2010, hackers may have exposed the personal information of approximately 9,493 patients at Southwest Seattle Orthopaedics and Sports Medicine in Burien, Washington. Even with the best encryption technology, any electronic system remains vulnerable to external attack.
Metadata reveal how original data are used
Another concern regarding EHRs involves metadata—”data about data content.”15 Metadata is structured information that describes, locates, explains, or manages information. Metadata relevant to the EHR includes the data and time it was reviewed by the provider and whether it was manipulated in any way. Clearly, there is a potential for use and misuse by third-party reviewers.
Specialty-specific EHRs are recommended
Many ObGyns have found that most EHR systems are inadequate to the task of recording and analyzing information relevant to their specialty. Obstetric care is episodic and frequent. Data are added into the flow that must be considered at each visit, such as gestational age, fetal growth, labs (and normative values), prenatal diagnostic studies, and so on, representing both vertical and horizontal processing.16
The legal discovery process poses challenges that have not yet been resolved
The legal discovery process grants all parties to a lawsuit equal access to information. Under ideal circumstances, the EHR can provide comprehensive data more quickly than traditional records can. The problem is determining what constitutes relevant data and which party has the burden or benefit of making that decision. Uncontrolled access has the potential to violate privacy and privilege requirements.
Rules regarding discovery are still being debated in regard to their applicability to digital discovery.17 Even before a lawsuit is filed, the potential for “data mining” by third parties could lead to allegations of malpractice.
How to use EHRs responsibly without increasing risk
Good communication between patient and provider is paramount in the provision of quality medical care. Adherence to evidence-based standards with thorough documentation always serves the best interests of both patients and providers. The EHR can facilitate this process.
Our recommendations for appropriate use of your EHR include:
- Spend time learning the ins and outs of your particular EHR, and make sure your staff does the same. This will help reduce the likelihood that errors will be introduced into the record and ensure consistent use.
- Use individual sign-ons for anyone involved in data entry. This step facilitates the identification of users responsible for inaccurate use or errors, so that the situation can be addressed efficiently.
- Do not let third parties enter or manipulate data. This could jeopardize patient privacy, as well as the integrity of the record itself.
- Track all data entry on a regular basis. The frequency of tracking should be a function of routine as well as clinical circumstance. All new data from the previous interval should be reviewed at the time of the subsequent visit in order to direct care and ensure proper data entry.
Because of the considerable risk of liability claims in ObGyn practice, it is critical that the medical record accurately and precisely reflects the circumstances of each case. The EHR can be an effective and useful tool to document what occurred (and when) in a clinical scenario.18 As with all medical records, completeness and accuracy are the first and best defense against allegations of medical malpractice.
1. The Casebooks Project. History of Medical Record-keeping. http://www.magicandmedicine.hps.cam.ac.uk/on-astrological-medicine/further-reading/history-of-medical-record-keeping/. Accessed February 26 2013.
2. US Department of Health and Human Services. EMR vs EHR—What is the difference? Health IT Buzz. http://www.healthit.gov/buzz-blog/electronic-health-and-medical-records/emr-vs-ehr-difference/. Accessed February 20, 2013.
3. Health Information Technology for Economic and Clinical Health Act of 2009. HITECH Act. Pub L No 111-5 Div A tit XIII Div B tit IV Feb 17 2009, 123 stat 226, 467. Codified in scattered sections of 42 USCA.
4. Mangalmurti S, Murtagh L, Mello M. Medical malpractice liability in the age of electronic health records. N Engl J Med. 2010;363(21):2060-2067.
5. Reid P, Compton D, Grossman J, et al. Building a Better Delivery System: A New Engineering/Healthcare Partnership. Committee on Engineering and the Health Care System, Institute of Medicine and the National Academy of Engineering. Washington, DC: National Academies Press; 2005.
6. Grossman J. Disruptive innovation in healthcare: challenges for engineering. The Bridge. 2008;38:10-16.
7. Murphy E, Oxencis C, Klauck J, et al. Medication reconciliation at an academic medical center; implementation of a comprehensive program from admission to discharge. Am J Health-System Pharmacy. 2009;66(23):2126-2131.
8. Schuler R. The smart grid: a bridge between emerging technologies society and the environment. The Bridge. 2010;40:42-49.
9. Haberman S, Feldman J, Merhi Z, et al. Effect of clinical decision support on documentation compliance in an electronic medical record. Obstet Gynecol. 2009;114(2 Pt 1):311-317.
10. Hasley S. Decision support and patient safety: the time has come. Am J Obstet Gynecol. 2011;204(6):461-465.
11. Lagrew D, Stutman H, Sicaeros L. Voluntary physician adoption of an inpatient electronic medical record by obstetrician-gynecologists. Am J Obstet Gynecol. 2008;198(6):690.e1-e6.
12. Dolan PL. $100,000 HIPAA fine designed to send message to small physician practices. American Medical News. 2012. http://www.ama-assn.org/amednews/2012/04/30/bisd0502.htm. Accessed February 26, 2013.
13. US Department of Health and Human Services. Massachusetts provider settles HIPAA case for $1.5 million [news release]. September 17 2012. http://www.hhs.gov/news/press/2012pres/09/20120917a.html. Accessed February 26, 2013.
14. US Department of Health and Human Services. Alaska settles HIPAA security case for $1,700,000 [news release]. June 26, 2012. http://www.hhs.gov/news/press/2012pres/06/20120626a.html. Accessed February 26, 2013.
15. National Information Standards Organization. Understanding Metadata. Bethesda MD: NISO Press; 2004. http://www.niso.org/publications/press/UnderstandingMetadata.pdf. Accessed February 26, 2013.
16. McCoy M, Diamond A, Strunk A. Special requirements of electronic medical record systems in obstetrics and gynecology. Obstet Gynecol. 2010;116(1):140-143.
17. The Berkman Center for Internet and Society at Harvard Law School. The Federal Rules of Civil Procedure: The Impact of Digital Discovery. http://cyber.law.harvard.edu/digitaldiscovery/digdisc_library_4.html. Accessed February 26 2013.
18. Quinn M, Kats A, Kleinman K, et al. The relationship between electronic health records and malpractice claims. Arch Intern Med. 2012;172(15):1187-1188.
1. The Casebooks Project. History of Medical Record-keeping. http://www.magicandmedicine.hps.cam.ac.uk/on-astrological-medicine/further-reading/history-of-medical-record-keeping/. Accessed February 26 2013.
2. US Department of Health and Human Services. EMR vs EHR—What is the difference? Health IT Buzz. http://www.healthit.gov/buzz-blog/electronic-health-and-medical-records/emr-vs-ehr-difference/. Accessed February 20, 2013.
3. Health Information Technology for Economic and Clinical Health Act of 2009. HITECH Act. Pub L No 111-5 Div A tit XIII Div B tit IV Feb 17 2009, 123 stat 226, 467. Codified in scattered sections of 42 USCA.
4. Mangalmurti S, Murtagh L, Mello M. Medical malpractice liability in the age of electronic health records. N Engl J Med. 2010;363(21):2060-2067.
5. Reid P, Compton D, Grossman J, et al. Building a Better Delivery System: A New Engineering/Healthcare Partnership. Committee on Engineering and the Health Care System, Institute of Medicine and the National Academy of Engineering. Washington, DC: National Academies Press; 2005.
6. Grossman J. Disruptive innovation in healthcare: challenges for engineering. The Bridge. 2008;38:10-16.
7. Murphy E, Oxencis C, Klauck J, et al. Medication reconciliation at an academic medical center; implementation of a comprehensive program from admission to discharge. Am J Health-System Pharmacy. 2009;66(23):2126-2131.
8. Schuler R. The smart grid: a bridge between emerging technologies society and the environment. The Bridge. 2010;40:42-49.
9. Haberman S, Feldman J, Merhi Z, et al. Effect of clinical decision support on documentation compliance in an electronic medical record. Obstet Gynecol. 2009;114(2 Pt 1):311-317.
10. Hasley S. Decision support and patient safety: the time has come. Am J Obstet Gynecol. 2011;204(6):461-465.
11. Lagrew D, Stutman H, Sicaeros L. Voluntary physician adoption of an inpatient electronic medical record by obstetrician-gynecologists. Am J Obstet Gynecol. 2008;198(6):690.e1-e6.
12. Dolan PL. $100,000 HIPAA fine designed to send message to small physician practices. American Medical News. 2012. http://www.ama-assn.org/amednews/2012/04/30/bisd0502.htm. Accessed February 26, 2013.
13. US Department of Health and Human Services. Massachusetts provider settles HIPAA case for $1.5 million [news release]. September 17 2012. http://www.hhs.gov/news/press/2012pres/09/20120917a.html. Accessed February 26, 2013.
14. US Department of Health and Human Services. Alaska settles HIPAA security case for $1,700,000 [news release]. June 26, 2012. http://www.hhs.gov/news/press/2012pres/06/20120626a.html. Accessed February 26, 2013.
15. National Information Standards Organization. Understanding Metadata. Bethesda MD: NISO Press; 2004. http://www.niso.org/publications/press/UnderstandingMetadata.pdf. Accessed February 26, 2013.
16. McCoy M, Diamond A, Strunk A. Special requirements of electronic medical record systems in obstetrics and gynecology. Obstet Gynecol. 2010;116(1):140-143.
17. The Berkman Center for Internet and Society at Harvard Law School. The Federal Rules of Civil Procedure: The Impact of Digital Discovery. http://cyber.law.harvard.edu/digitaldiscovery/digdisc_library_4.html. Accessed February 26 2013.
18. Quinn M, Kats A, Kleinman K, et al. The relationship between electronic health records and malpractice claims. Arch Intern Med. 2012;172(15):1187-1188.