Healthcare CIOs are struggling to balance the needs to doctors and patients as they work out the governance of electronic medical records. While healthcare providers need access to information on a fast and flexible basis, patient privacy must also be preserved.
Glenn Mamary, CIO of Hunterdon Healthcare System, in, Flemington, N.J., says he has worked out a series of governance policies designed to address the practical challenges he has faced while transitioning to electronic medical records. He has contended with problems such as doctors not getting sufficient access to those records, and with curious personnel looking at medical histories they should not be seeing.
Mamary strikes the balance by employing password protected access along with the ability to “break the glass,” to bypass protections in case of an emergency where instant access might be needed to save a life.
“We have to create the right balance,” Mamary said. “If we lock it down too much we will be prohibiting [practitioners] from treating patients.”
Want to publish your own articles on DistilINFO Publications?
Send us an email, we will get in touch with you.
A new EMR system Mamary is rolling out this year, will allow doctors at the in-patient hospital, to enter data concerning patient symptoms and complaints into electronic records. By shifting to EMRs, the hospital’s 178-bed inpatient facility can qualify for federal incentive payments that encourage the transition nationwide.
The hospital’s compliance board has made him responsible for ensuring that the new systems comply with federal laws protecting patient privacy.
To ensure quick access, practitioners can read the records for all patients on their floor, even those not currently under their care, Mamary said. But practitioners are forbidden from opening the files of patients for whom they are not directly responsible.
A full-time privacy officer at Hunterdon continually audits who has viewed patient records. If he finds a practitioner has viewed the health record of a patient under someone else’s care, the nurse or doctor may be questioned. There have been a few cases in which practitioners looked at records without good reason, and those individuals faced disciplinary actions that included more training or suspension.
But hospitals have fluid assignments, with staff shifting quickly to work as emergencies strike or when patients need the care of different specialists. That makes it difficult to properly assign the right passwords to every staff member.
After beginning installation of an updated EMR system last October, Mamary saw a spike of complaints from doctors who said they weren’t able to access their patient’s records. Those access issues have never harmed patient care and are usually quickly resolved by a 24-hour IT staff, Mamary said.
To ensure doctors are able to quickly access outside electronic health records in case of emergency – like a patient who arrives at the hospital unconscious – doctors are able to “break the glass” and gain immediate access. The emergency measure works in cases where the record is stored at another hospital in an electronic health information exchange. Doctors who “break the glass” immediately trigger a review.
Spikes in complaints are common when new systems are rolled out and Mamary says he has learned to prepare for them through extensive testing. Before the rollout, Mamary says he is always sure to include the most difficult users – “doctors who are not in favor of the system” in the dry runs. He tries to “get them to blow-up the system,” to test for potential user errors and system access problems.
Mamary’s team also does a lot of hand-holding with staff to be sure they are comfortable using the new system. “We’re here to help the people that help the patients.”