One person, two scenarios: the first almost effortless, the second chock-full of hassles. And with those hassles comes the danger of a malpractice event and a preventable patient injury. Consider:
Our Patient — we’ll call her OP — had an appointment for a chest X-ray in the morning, and an appointment for a blood draw in the afternoon. The radiologist was on time, the procedure took mere minutes and it required only a small co-pay. Can a medical visit get any better?
Yes! When OP asked for a copy of the image for her own records, the office manager offered to put it online via an IT service that manages their office records on the cloud–an Internet data storage system accessed by log-in, enabling patients and doctors to share information.
Now for Scenario No. 2: After Our Patient had the blood drawn at the doctor’s office, she was told to wait three days before calling for the lab results. When she asked that copies of the whole blood panel be sent to her for her records, she was told there would a processing charge unless she wished to make an appointment to make her own copies at the office. There was no option for online file sharing.
Lots of patients at that point would say to heck with it and would skip getting the lab results, with possible negative consequences for their health if the results showed something abnormal and the test result slipped through the cracks at the office of the ordering doctor — a frequent problem with offices deluged with paper test results.
Last autumn, we reported about a study by the Institute of Medicine (IOM) to identify best policies and practices for improving health-care safety and reducing malpractice when using electronic health records. Its focus is the prevention of health IT-related errors, rapid reporting of patient safety concerns and methods to promote safety-enhancing features of electronic health records. Although the study results and recommendations are several months away, electronic record-keeping remains front and center.
Despite a vigorous campaign by the federal government and some large health-care providers to move the nation’s patient records from the Jurassic Age of paper to the Electronic Age of digital communication, most physicians and clinics have been slow to embrace the transfer. Apart from radiology, which the Los Angeles Times notes leads the digital charge, there are two overriding reasons for the health-care establishments to lag other industries in digital record-keeping.
The concern for patient privacy resonates with many people, especially in light of what seem to be daily disclosures of hackers compromising the customer data base of a bank, a social media platform, a large retailer… Both health-care providers and patients rightfully wonder about privacy and security.
The second impediment to efficiently computerizing medical records reflects the labyrinthian nature of codifying a wide variety of medical specialties and medical office practices to be organized by a myriad of IT companies vying for the business. According to MarketWatch, “Critics say the architects of the plan left out a means of ensuring that the systems in the emerging patchwork of proprietary software will be able talk to each other. On top of that, the very act of digitizing millions of patient histories represents a technological leap for the legions of doctors who remain attached to paper record-keeping.”
Because health care represents one-sixth of federal spending, and because, according to federal estimates, 80% of doctors and hospitals had yet to embrace even rudimentary measures to computerize records, the federal economic stimulus in 2009 included incentives for doctors to digitize their records. It’s hardly been a resounding success, and one physician’s experience might indicate why: His practice purchased a system from a small vendor for $400,00 ($80,000 per doctor), but looks to recover only one-sixth of the cost from the feds. “There’s no uniform code by which the medical community is operating, and no widely used software standard like Microsoft’s Windows being used,” MarketWatch reported.
So it might be a while before patients and their caregivers can access all of their records with efficiency and security. If you are considering keeping and transferring your records in electronic form, here, according to the Los Angeles Times, is what you need to ask to ensure they’re secure:
- *Is the IT company managing the records legitimate? Find out from the practitioner or facility that recommended it whether they have a “business associate agreement” with the vendor. This is a contract required by the federal Health Insurance Portability and Accountability Act (HIPAA), which spells out when health-care providers may share protected health information with other people or companies. The details of how that information is secured are established in a business associate agreement. Such a contract signals that the company that stores your medical information is HIPAA-compliant and that your privacy is being protected.
- *Will your data will be stored in the United States? Will all information will be encrypted before being sent across the network? “Yes” is the only acceptable answer to both.
- *Is contact information available on the vendor’s website? If the company’s site does not include staff member names, a company address and telephone number, decline its services.
- *What happens if something goes wrong? If the company goes bankrupt or is acquired by another, what happens to your data and who owns it? If the contingency isn’t clear or treats your records like a tradable commodity, decline its services.
Article first published as The Too-Slow Evolution of Electronic Medical Records on Technorati.