As an advocate and
as a patient, I have my issues with electronic medical records (EMRs). It never
seems to fail that results from the previous doctor’s visit are missing from
the chart-Did they forget to enter them or are they lost in cyber space? Tests
that were suppose to be available for the specialist at the other hospital
aren’t there or the computer system is down and so it goes. However, this past
week I learned of a different but very disturbing story from someone that I’ve
been an advocate for on numerous occasions.
Long story short, a
resident placed a note in their EMR, which is not correct. Since this is electronic,
they are a lot more concerned. As the person described it, “a teenager could
hack into that hospital’s system. If this information fell into the wrong
hands, I could loose my job.”
How realistic are
these fears? What protections are there? What should you do if incorrect
information is included in your medical record?
Survey after survey
shows that Americans don’t trust the EMR. Were paper records safer? These
aren’t easy questions to answer as there are examples of breaches in
confidentiality for both methods. Ultimately though, like it or not, EMRs are
here and that’s the situation we’re faced with. So ......
Things to consider:
• Use a personal
health notebook so that missing information doesn't create a problem, or in the event of an emergency, you’ll
have the information at the ready. A friend sent me a free app for HealthspekPHR-Personal Health Record. Can’t vouch for it, but since many people
are using smart phones, and this is supposedly free, this might be a good app
to check out.
• To the
question of “can an EMR system be hacked?” Given what’s hacked on any given
day, the answer is “yes.” That noted, EMR systems use data encryption to
protect the records. Data encryption
technology protects EMR systems while they are stored and while they are being
transferred, ensuring that only the intended recipients are able to view them.
There are other EHR security systems that health providers typically have
on their computer networks, including firewalls to prevent unauthorized access. EMRSafety: Are My Medical Records Truly Safe?
Federal law requires doctors, hospitals, and other
health care providers to notify you of a “breach.” The law also requires the
health care provider to notify the Secretary of Health and Human Services. If a
breach affects more than 500 residents of a state or jurisdiction, the health
care provider must also notify prominent media outlets serving the state or
jurisdiction. This requirement helps patients know if something has gone wrong
with the protection of their information and helps keep providers accountable
for EHR protection. Privacy, Security and Electronic Health Records, Office for CivilRights.
• Who can access my medical records? Under the Health Insurance Portability and
Accountability Act (HIPAA), patients have the right to know how
their computerized medical records are used and providers are required to seek
patient permission before disclosing their personal health information to third
parties (insurers, other health providers and health care clearinghouses) in
most circumstances. Note, “You do not have the right to access a provider’s
psychotherapy notes. Psychotherapy notes are notes taken by a mental
health professional during a conversation with the patient and kept separate
from the patient’s medical and billing records. The Privacy Rule also
does not permit the provider to make most disclosures of psychotherapy notes
about you without your authorization.” Medical Records Office for Civil Rights
There
are exemptions to HIPAA privacy rights under certain circumstances. In
addition, life insurers, employers and
some school districts are exempted from these laws. Government agencies such as Medicare
or the Social Security Administration may examine your medical records for
purposes of establishing eligibility for certain programs. Who hasaccess to my medical records?
To learn more on this topic, go to the government’s
website Guidance Materials for Consumers.
• Under HIPAA
you have the right to read your medical record. Your medical provider,
including hospitals, have 30 days within which to provide you a copy of your
record after you request it. If you have concerns, you can request that amendments
be made. If your health
care provider accepts your request to amend your record, they must add
the information to your record. If your provider denies your request to amend,
they must tell you. You then have the right to add a short statement to your
record that explains your position.
The take home point is this: Know
what’s in your medical record. Make adjustments to it as you see fit and keep
your own personal health record.
No comments:
Post a Comment