Most medical practices are making the transition from paper to electronic records. Although electronic medical record (EMR) systems have many benefits, in some ways an EMR may actually increase the practice’s liability risk. Privacy, security, documentation, medication prescribing, and tracking test results are all potential problem areas. The following tips may help reduce these risks.
Privacy and security
All data on all computers, including laptops and portable devices (ie, USB drives), should be encrypted. In the event of theft or loss, encryption will help protect patient information.
Do not leave computers on or running in areas where unauthorized access might occur.
Practices that use patient questionnaires should update and review them frequently. These forms may include issues that require follow-up, particularly for surgical patients.
Beware of auto-populated fields that automatically carry forward information; they can perpetuate inaccurate information from visit to visit.
Staff should update medications and allergies on every visit. EMR systems do not do this automatically, especially if the changes come from an outside source.
Beware of copying and pasting from previous notes, especially in the present illness and physical exam portions of the record. This leads to risk management problems if the notes all look the same and to potential issues with Medicare, which requires that every visit be “unique.”
Electronic prescribing systems will flag drug interactions, allergies, and other potential problems. Don’t fall victim to “alert fatigue” and ignore warnings that pop up on the screen. The result could be a medication error.
Establish a routine that ensures that each physician sees and signs off on all diagnostic test results, either by initialing the paper copy before the document is scanned or requiring an electronic signature on the document after it is scanned.
Be sure that staff know that each physician must personally follow up on the diagnostic tests that he or she ordered, ensuring that the results are received and the patient contacted on a timely basis.
Having a computer “between” the provider and the patient disrupts physician–patient communication and interaction. In exam rooms, the patient—not the computer—should be the focus of attention. It’s not only good customer service, it’s risk management.
Computers in exam rooms may enable patients to view radiographs and other images. If the physician or other provider has to leave the room, however, the patient should not have access to the computer.
All electronic interactions with a computer can be tracked and, in the event of a lawsuit, the records are discoverable. If the complete record is requested, staff should be aware that some parts of the chart (such as medication records) may not automatically print and will have to be printed separately. All electronic notes should be reviewed and signed in a timely manner in case they are ever under scrutiny in a legal matter.
Medical practices may be gradually adapting to electronic records, but the legal system has not yet made this transition. In legal matters, paper is still the primary record.
To avoid unhappy patients, lawsuits, or regulatory issues with government agencies, review all EMR processes in regard to privacy and security, documentation, prescribing, and tracking test results to address these concerns.
D. Kay Kirkpatrick, MD, is a member of the AAOS Practice Management Committee. She can be reached at email@example.com