A plus in the operating room, EHRs can cause trouble for providers in the courtroom

Electronic health records have been touted as – and have proven to be – beneficial to healthcare organizations in terms of cost savings and efficacy of medical treatment.  They are not, however, unalloyedly beneficial in the courtroom.  As might be expected, the most important evidence in malpractice cases is medical records and now that they are digitized these records tend to be in EHR form.   According to defense attorneys, electronic medical records come with their own set of problems for the provider facing a malpractice lawsuit.  One striking issue is the “autofill” feature in EHR templates which automatically populates fields with data that may not be pertinent to the situation at hand.  Other issues include technical glitches, as well as users not using the software correctly.

See Business Insurance article at "Malpractice suits often tap electronic medical records"

CHIME comments on EHR certification NPRM

In a letter to Dr. David Blumenthal, the College of Healthcare Information Executives (CHIME), an organization which represents1,400 healthcare chief information officers, offered some criticism of ONC's recent notice of proposed rulemaking (NPRM) regarding the EHR certification program.  While CHIME expressed general support for a two-stage approach for creating the certifying bodies, the CIO's are worried about any destabilizing effects such rule may have on the health IT market.  Via Healthcare IT News:

We are very concerned that the introduction of a two-stage approach for certification will prolong the current instability in the health IT marketplace, which exists because of the un-finalized status of meaningful use and certification regulations," CHIME wrote. "The introduction of two separate certification schemes – one temporary and one permanent – carries a risk of continuing the uncertainty and promoting needless product replacement in the marketplace.

CHIME issued a few recommendations to combat such uncertainty, which you can find after the jump.

CHIME called for:

  • Temporary process to be a provisional or interim one that builds on current certification strategies and is "harmonized" with the eventual permanent certification process. According to CHIME, certification process should be the responsibility of the vendor, and that the purpose of certification should be to provide healthcare providers and professionals with assurance that the product they are purchasing can help them achieve meaningful use.
  • More specificity in language to define what constitutes a self-developed EHR. Current wording in the regulation suggests that any complete EHR or EHR module that's modified by a healthcare provider or a contractor could require certification.
  • Changes in certification requirements be made only when they are necessary to meet meaningful use evolution or advance interoperability, not just because a certain amount of time has passed.
  • If CMS maintains the "adoption year" approach originally advanced in proposed regulations, providers should not be required to have products certified for capabilities not required in their current adoption year.
  • Individual EHR modules be certified to ensure that they can communicate according to adopted standards, and that the interoperability of those modules as used by providers be deemed as certified.
  • HIT vendors fully disclose functions for which their products are certified and fully disclose known compatibility issues.
  • In the event of a certification body losing its authority to certify products, vendors should have six months to recertify products, and providers should not be penalized for a change in a product's certified status if they are still able to demonstrate the meaningful use of the technology.

"CHIME raises concerns about EHR certification," Healthcare IT News (April 9, 2010).

CBS News reports on EHR efforts

By popular demand, here is the video of David Pogue's report on the Obama Administration's efforts to digitize patient records in the U.S. 


Watch CBS News Videos Online

"Charting a New Course," CBS News (September 13, 2009).

FTC Issues Final Breach Notification Rule for Electronic Health Information

Pursuant to the American Recovery and Reinvestment Act of 2009 (ARRA), the Federal Trade Commission (FTC) issued the final rule regarding notification requirements for breaches of electronic health information by vendors of personal health records and certain affiliated entities:

The rule applies to both vendors of personal health records – which provide online repositories that people can use to keep track of their health information – and entities that offer third-party applications for personal health records. These applications could include, for example, devices such as blood pressure cuffs or pedometers whose readings consumers can upload into their personal health records. Consumers may benefit by using these innovations, but only if they are confident that their health information is secure and confidential.

<...>

The Final Rule requires vendors of personal health records and related entities to notify consumers following a breach involving unsecured information. In addition, if a service provider to one of these entities has a breach, it must notify the entity, which in turn must notify consumers. The Final Rule also specifies the timing, method, and content of notification, and in the case of certain breaches involving 500 or more people, requires notice to the media. Entities covered by the rule must notify the FTC, and they may use a standard form, which can be found along with additional information about the rule at www.ftc.gov/healthbreach.

You can find the full text of the rule here.

"FTC Issues Final Breach Notification Rule for Electronic Health Information," FTC Press Release (August 17, 2009).