Individual differences |
Methods | Statistics | Clinical | Educational | Industrial | Professional items | World psychology |
- Main article: Medical record
An electronic health record (EHR) is an evolving concept defined as a systematic collection of electronic health information about individual patients or populations. It is a record in digital format that is theoretically capable of being shared across different health care settings. In some cases this sharing can occur by way of network-connected enterprise-wide information systems and other information networks or exchanges. EHRs may include a range of data, including demographics, medical history, medication and allergies, immunization status, laboratory test results, radiology images, vital signs, personal stats like age and weight, and billing information.
- 1 Terminology
- 2 Philosophical views of the EHR
- 3 Implementation, end user and patient considerations
- 4 Governance, privacy and legal issues
- 5 Medical Data Breach
- 6 Technical issues
- 7 eHealth and teleradiology
- 8 European Union: Directive 2011/24/EU on patients' rights in cross-border healthcare
- 9 National contexts
- 10 See also
- 11 References
- 12 External links
The terms EHR, EPR (electronic patient record) and EMR (electronic medical record) are often used interchangeably, although differences between them can be defined. The EMR can, for example, be defined as the patient record created in hospitals and ambulatory environments, and which can serve as a data source for the EHR. It is important to note that an EHR is generated and maintained within an institution, such as a hospital, integrated delivery network, clinic, or physician office, to give patients, physicians and other health care providers, employers, and payers or insurers access to a patient's medical records across facilities.
A personal health record (PHR) is, in modern parlance, generally defined as an EHR that the individual patient controls.
Philosophical views of the EHR
Within a meta-narrative systematic review of research in the field, Prof. Trish Greenhalgh and colleagues defined a number of different philosophical approaches to the EHR. The health information systems literature has seen the EHR as a container holding information about the patient, and a tool for aggregating clinical data for secondary uses (billing, audit etc.). However, other research traditions see the EHR as a contextualised artifact within a socio-technical system. For example, actor-network theory would see the EHR as an actant in a network (e.g.), while research in computer supported cooperative work (CSCW) sees the EHR as a tool supporting particular work.
Several possible advantages to EHRs over paper records have been proposed, but there is debate about the degree to which these are achieved in practice (e.g.).
Implementation, end user and patient considerations
Several studies call into question whether EHRs improve the quality of care. However, a recent multi-provider study in diabetes care, published in the New England Journal of Medicine, found evidence that practices with EHR provided better quality care.
The steep price of EHR and provider uncertainty regarding the value they will derive from adoption in the form of return on investment has a significant influence on EHR adoption. In a project initiated by the Office of the National Coordinator for Health Information (ONC), surveyors found that hospital administrators and physicians who had adopted EHR noted that any gains in efficiency were offset by reduced productivity as the technology was implemented, as well as the need to increase information technology staff to maintain the system.
The U.S. Congressional Budget Office concluded that the cost savings may occur only in large integrated institutions like Kaiser Permanente, and not in small physician offices. They challenged the Rand Corp. estimates of savings. "Office-based physicians in particular may see no benefit if they purchase such a product—and may even suffer financial harm. Even though the use of health IT could generate cost savings for the health system at large that might offset the EHR's cost, many physicians might not be able to reduce their office expenses or increase their revenue sufficiently to pay for it. For example. the use of health IT could reduce the number of duplicated diagnostic tests. However, that improvement in efficiency would be unlikely to increase the income of many physicians." One CEO of an EHR company has argued if a physician performs tests in the office, it might reduce his or her income. "Given the ease at which information can be exchanged between health IT systems, patients whose physicians use them may feel that their privacy is more at risk than if paper records were used."
Software quality and usability deficiencies
The Healthcare Information and Management Systems Society (HIMSS), a very large U.S. healthcare IT industry trade group, observed that EHR adoption rates "have been slower than expected in the United States, especially in comparison to other industry sectors and other developed countries. A key reason, aside from initial costs and lost productivity during EMR implementation, is lack of efficiency and usability of EMRs currently available." The U.S. National Institute of Standards and Technology of the Department of Commerce studied usability in 2011 and lists a number of specific issues that have been reported by health care workers. The U.S. military's EHR, AHLTA, was reported to have significant usability issues.
However, physicians are embracing mobile technologies such as smartphones and tablets at a rapid pace. According to a 2012 survey by Physicians Practice, 62.6 percent of respondents (1,369 physicians, practice managers, and other healthcare providers) say they use mobile devices in the performance of their job. Mobile devices are increasingly able to synch up with electronic health record systems thus allowing physicians to access patient records from remote locations. Most devices are extensions of desk-top EHR systems, using a variety of software to communicate and access files remotely. The advantages of instant access to patient records at any time and any place are clear, but bring a host of security concerns. As mobile systems become more prevalent, practices will need comprehensive policies that govern security measures and patient privacy regulations.
A 2008 Sentinel Event Alert from the U.S. Joint Commission, the organization that accredits American hospitals to provide healthcare services, states that "As health information technology (HIT) and 'converging technologies'—the interrelationship between medical devices and HIT—are increasingly adopted by health care organizations, users must be mindful of the safety risks and preventable adverse events that these implementations can create or perpetuate. Technology-related adverse events can be associated with all components of a comprehensive technology system and may involve errors of either commission or omission. These unintended adverse events typically stem from human-machine interfaces or organization/system design." The Joint Commission cites as an example the United States Pharmacopeia MEDMARX database where of 176,409 medication error records for 2006, approximately 25 percent (43,372) involved some aspect of computer technology as at least one cause of the error.
The National Health Service (NHS) in the UK reports specific examples of potential and actual EHR-caused unintended consequences in their 2009 document on the management of clinical risk relating to the deployment and use of health software.
In a Feb. 2010 U.S. Food and Drug Administration (FDA) memorandum, FDA notes EHR unintended consequences include EHR-related medical errors due to (1) errors of commission (EOC), (2) errors of omission or transmission (EOT), (3) errors in data analysis (EDA), and (4) incompatibility between multi-vendor software applications or systems (ISMA) and cites examples. In the memo FDA also notes the "absence of mandatory reporting enforcement of H-IT safety issues limits the numbers of medical device reports (MDRs) and impedes a more comprehensive understanding of the actual problems and implications."
A 2010 Board Position Paper by the American Medical Informatics Association (AMIA) contains recommendations on EHR-related patient safety, transparency, ethics education for purchasers and users, adoption of best practices, and re-examination of regulation of electronic health applications. Beyond concrete issues such as conflicts of interest and privacy concerns, questions have been raised about the ways in which the physician-patient relationship would be affected by an electronic intermediary.
Privacy and confidentiality
In the United States in 2011 there were 380 major data breaches involving 500 or more patients' records listed on the website kept by the United States Department of Health and Human Services (HHS) Office for Civil Rights. So far, from the first wall postings in September 2009 through the latest on Dec. 8 this year, there have been 18,059,831 "individuals affected," and even that massive number is an undercount of the breach problem. The civil rights office has not released the records of tens of thousands of breaches it has received under a federal reporting mandate on breaches affecting fewer than 500 patients per incident.
Governance, privacy and legal issues
In the United States, Great Britain, and Germany, the concept of a national centralized server model of healthcare data has been poorly received. Issues of privacy and security in such a model have been of concern.
Privacy concerns in healthcare apply to both paper and electronic records. According to the Los Angeles Times, roughly 150 people (from doctors and nurses to technicians and billing clerks) have access to at least part of a patient's records during a hospitalization, and 600,000 payers, providers and other entities that handle providers' billing data have some access also. Recent revelations of "secure" data breaches at centralized data repositories, in banking and other financial institutions, in the retail industry, and from government databases, have caused concern about storing electronic medical records in a central location. Records that are exchanged over the Internet are subject to the same security concerns as any other type of data transaction over the Internet.
The Health Insurance Portability and Accountability Act (HIPAA) was passed in the US in 1996 to establish rules for access, authentications, storage and auditing, and transmittal of electronic medical records. This standard made restrictions for electronic records more stringent than those for paper records. However, there are concerns as to the adequacy of these standards.
Threats to health care information can be categorized under three headings:
- Human threats, such as employees or hackers
- Natural and environmental threats, such as earthquakes, hurricanes and fires.
- Technology failures, such as a system crashing
These threats can either be internal, external, intentional and unintentional. Therefore, one will find health information systems professionals having these particular threats in mind when discussing ways to protect the health information of patients. The Health Insurance Portability and Accountability Act (HIPAA) has developed a framework to mitigate the harm of these threats that is comprehensive but not so specific as to limit the options of healthcare professionals who may have access to different technology.
Personal Information Protection and Electronic Documents Act (PIPEDA) was given Royal Assent in Canada on April 13, 2000 to establish rules on the use, disclosure and collection of personal information. The personal information includes both non-digital and electronic form. In 2002, PIPEDA extended to the health sector in Stage 2 of the law's implementation. There are four provinces where this law does not apply because its privacy law was considered similar to PIPEDA: Alberta, British Columbia, Ontario and Quebec.
One major issue that has risen on the privacy of the US network for electronic health records is the strategy to secure the privacy of patients. Former US president Bush called for the creation of networks, but federal investigators report that there is no clear strategy to protect the privacy of patients as the promotions of the electronic medical records expands throughout the United States. In 2007, the Government Accountability Office reports that there is a "jumble of studies and vague policy statements but no overall strategy to ensure that privacy protections would be built into computer networks linking insurers, doctors, hospitals and other health care providers."
The privacy threat posed by the interoperability of a national network is a key concern. One of the most vocal critics of EMRs, New York University Professor Jacob M. Appel, has claimed that the number of people who will need to have access to such a truly interoperable national system, which he estimates to be 12 million, will inevitable lead to breaches of privacy on a massive scale. Appel has written that while "hospitals keep careful tabs on who accesses the charts of VIP patients," they are powerless to act against "a meddlesome pharmacist in Alaska" who "looks up the urine toxicology on his daughter's fiance in Florida, to check if the fellow has a cocaine habit." This is a significant barrier for the adoption of an EHR. Accountability among all the parties that are involved in the processing of electronic transactions including the patient, physician office staff, and insurance companies, is the key to successful advancement of the EHR in the US Supporters of EHRs have argued that there needs to be a fundamental shift in "attitudes, awareness, habits, and capabilities in the areas of privacy and security" of individual's health records if adoption of an EHR is to occur.
According to the Wall Street Journal, the DHHS takes no action on complaints under HIPAA, and medical records are disclosed under court orders in legal actions such as claims arising from automobile accidents. HIPAA has special restrictions on psychotherapy records, but psychotherapy records can also be disclosed without the client's knowledge or permission, according to the Journal. For example, Patricia Galvin, a lawyer in San Francisco, saw a psychologist at Stanford Hospital & Clinics after her fiance committed suicide. Her therapist had assured her that her records would be confidential. But after she applied for disability benefits, Stanford gave the insurer her therapy notes, and the insurer denied her benefits based on what Galvin claims was a misinterpretation of the notes.
Within the private sector, many companies are moving forward in the development, establishment and implementation of medical record banks and health information exchange. By law, companies are required to follow all HIPAA standards and adopt the same information-handling practices that have been in effect for the federal government for years. This includes two ideas, standardized formatting of data electronically exchanged and federalization of security and privacy practices among the private sector. Private companies have promised to have "stringent privacy policies and procedures." If protection and security are not part of the systems developed, people will not trust the technology nor will they participate in it. So, the private sector know the importance of privacy and the security of the systems and continue to advance well ahead of the federal government with electronic health records.
Legal liability in all aspects of healthcare was an increasing problem in the 1990s and 2000s. The surge in the per capita number of attorneys and changes in the tort system caused an increase in the cost of every aspect of healthcare, and healthcare technology was no exception.
Failure or damages caused during installation or utilization of an EHR system has been feared as a threat in lawsuits. Similarly, it's important to recognize that the implementation of electronic health records carries with it significant legal risks.
This liability concern was of special concern for small EHR system makers. Some smaller companies may be forced to abandon markets based on the regional liability climate.[unreliable source?]
Larger EHR providers (or government-sponsored providers of EHRs) are better able to withstand legal assaults.
While there is no argument that electronic documentation of patient visits and data brings improved patient care, there is increasing concern that such documentation could open physicians to an increased incidence of malpractice suits. Disabling physician alerts, selecting from dropdown menus, and the use of templates can encourage physicians to skip a complete review of past patient history and medications, and thus miss important data.
Another potential problem is electronic time stamps. Many physicians are unaware that EHR systems produce an electronic time stamp every time the patient record is updated. If a malpractice claim goes to court, through the process of discovery, the prosecution can request a detailed record of all entries made in a patient's electronic record. Waiting to chart patient notes until the end of the day and making addendums to records well after the patient visit can be problematic, in that this practice could result in less than accurate patient data or indicate possible intent to illegally alter the patient's record.
In some communities, hospitals attempt to standardize EHR systems by providing discounted versions of the hospital's software to local healthcare providers. A challenge to this practice has been raised as being a violation of Stark rules that prohibit hospitals from preferentially assisting community healthcare providers. In 2006, however, exceptions to the Stark rule were enacted to allow hospitals to furnish software and training to community providers, mostly removing this legal obstacle.[unreliable source?]
In cross-border use cases of EHR implementations, the additional issue of legal interoperability arises. Different countries may have diverging legal requirements for the content or usage of electronic health records, which can require radical changes of the technical makeup of the EHR implementation in question. (especially when fundamental legal incompatibilities are involved) Exploring these issues is therefore often necessary when implementing cross-border EHR solutions.
- Consumer Credit Act 2006
- Health Level 7
Medical Data Breach
The Security Rule, according to Health and Human Services (HHS), establishes a security framework for small practices as well as large institutions. All covered entities must have a written security plan. The HHS identifies three components as necessary for the security plan: administrative safeguards, physical safeguards, and technical safeguards.
However, medical and healthcare providers have experienced 767 security breaches resulting in the compromised confidential health information of 23,625,933 patients during the period of 2006-2012.
The majority of the counties in Europe have made a strategy for the development and implementation of the Electronic Health Record Systems. This would mean greater access to health records by numerous stakeholders, even from countries with lower levels of privacy protection. The forthcoming implementation of the Cross Border Health Directive and the EU Commission's plans to centralize all health records are of prime concern to the EU public who believe that the health care organizations and governments cannot be trusted to manage their data electronically and expose them to more threats.
The idea of a centralized electronic health record system has been poorly received by the public who are wary that the governments may extend the use of the system beyond its purpose. There is also the risk for privacy breaches that could allow sensitive health care information to fall into the wrong hands. Some countries have enacted laws requiring safeguards to be put in place to protect the security and confidentiality of medical information as it is shared electronically and to give patients some important rights to monitor their medical records and receive notification for loss and unauthorized acquisition of health information. The United States and the EU have imposed mandatory medical data breach notifications. The United States and the EU have imposed mandatory medical data breach notifications.
The Health Insurance Portability and Accessibility Act (HIPAA) requires safeguards to limit the number of people who have access to personal information. However, given the number of people who may have access to your information as part of the operations and business of the health care provider or plan, there is no realistic way to estimate the number of people who may come across your records.
Additionally, law enforcement access is authorized under HIPAA. In some cases, medical information may be disclosed without a warrant or court order.
The purpose of a personal data breach notification is to protect individuals so that they can take all the necessary actions to limit the undesirable effects of the breach and to motivate the organization to improve the security of the infrastructure to protect the confidentiality of the data. The US law requires the entities to inform the individuals in the event of breach while the EU Directive currently requires breach notification only when the breach is likely to adversely affect the privacy of the individual. Personal health data is valuable to individuals and is therefore difficult to make an assessment whether the breach will cause reputational or financial harm or cause adverse effects on one's privacy.
The Security Rule that was adopted in 2005 did not require breach notification. However, notice might be required by state laws that apply to a variety of industries, including health care providers. In California, a law has been in place since 2003 requiring that a HIPAA covered organization's breach could have triggered a notice even though notice was not required by the HIPAA Security Rule. Since January 1, 2009, California residents are required to receive notice of a health information breach.
Federal law and regulations now provide rights to notice of a breach of health information. The Health Information Technology for Economic and Clinical Health (HITECH) Act requires HHS and the Federal Trade Commission (FTC) to jointly study and report on privacy and data security of personal health information. HITECH also requires the agencies to issue breach notification rules that apply to HIPAA covered entities and Web-based vendors that store health information electronically. The FTC has adopted rules regarding breach notification for internet-based vendors.
The Breach notification law in the EU provides better privacy safeguards with fewer exemptions, unlike the US law which exempts unintentional acquisition, access, or use of protected health information and inadvertent disclosure under a good faith belief.
- ANSI X12 (EDI) - transaction protocols used for transmitting patient data. Popular in the United States for transmission of billing data.
- CEN's TC/251 provides EHR standards in Europe including:
- EN 13606, communication standards for EHR information
- CONTSYS (EN 13940), supports continuity of care record standardization.
- HISA (EN 12967), a services standard for inter-system communication in a clinical information environment.
- Continuity of Care Record - ASTM International Continuity of Care Record standard
- DICOM - an international communications protocol standard for representing and transmitting radiology (and other) image-based data, sponsored by NEMA (National Electrical Manufacturers Association)
- HL7 - a standardized messaging and text communications protocol between hospital and physician record systems, and between practice management systems
- ISO - ISO TC 215 provides international technical specifications for EHRs. ISO 18308 describes EHR architectures
The U.S. federal government has issued new rules of electronic health records.
- openEHR: an open community developed specification for a shared health record with web-based content developed online by experts. Strong multilingual capability.
- Virtual Medical Record: HL7's proposed model for interfacing with clinical decision support systems.
- SMART (Subsitutable Medical Apps, reusable technologies): an open platform specification to provide a standard base for healthcare applications.
Each healthcare environment functions differently, often in significant ways. It is difficult to create a "one-size-fits-all" EHR system.
An ideal EHR system will have record standardization but interfaces that can be customized to each provider environment. Modularity in an EHR system facilitates this. Many EHR companies employ vendors to provide customization.
This customization can often be done so that a physician's input interface closely mimics previously utilized paper forms.
At the same time they reported negative effects in communication, increased overtime, and missing records when a non-customized EMR system was utilized. Customizing the software when it is released yields the highest benefits because it is adapted for the users and tailored to workflows specific to the institution.
Customization can have its disadvantages. There is, of course, higher costs involved to implementation of a customized system initially. More time must be spent by both the implementation team and the healthcare provider to understand the workflow needs.
Development and maintenance of these interfaces and customizations can also lead to higher software implementation and maintenance costs.[unreliable source?]
Long-term preservation and storage of records
An important consideration in the process of developing electronic health records is to plan for the long-term preservation and storage of these records. The field will need to come to consensus on the length of time to store EHRs, methods to ensure the future accessibility and compatibility of archived data with yet-to-be developed retrieval systems, and how to ensure the physical and virtual security of the archives.
Additionally, considerations about long-term storage of electronic health records are complicated by the possibility that the records might one day be used longitudinally and integrated across sites of care. Records have the potential to be created, used, edited, and viewed by multiple independent entities. These entities include, but are not limited to, primary care physicians, hospitals, insurance companies, and patients. Mandl et al. have noted that "choices about the structure and ownership of these records will have profound impact on the accessibility and privacy of patient information."
The required length of storage of an individual electronic health record will depend on national and state regulations, which are subject to change over time. Ruotsalainen and Manning have found that the typical preservation time of patient data varies between 20 and 100 years. In one example of how an EHR archive might function, their research "describes a co-operative trusted notary archive (TNA) which receives health data from different EHR-systems, stores data together with associated meta-information for long periods and distributes EHR-data objects. TNA can store objects in XML-format and prove the integrity of stored data with the help of event records, timestamps and archive e-signatures."
In addition to the TNA archive described by Ruotsalainen and Manning, other combinations of EHR systems and archive systems are possible. Again, overall requirements for the design and security of the system and its archive will vary and must function under ethical and legal principles specific to the time and place.
While it is currently unknown precisely how long EHRs will be preserved, it is certain that length of time will exceed the average shelf-life of paper records. The evolution of technology is such that the programs and systems used to input information will likely not be available to a user who desires to examine archived data. One proposed solution to the challenge of long-term accessibility and usability of data by future systems is to standardize information fields in a time-invariant way, such as with XML language. Olhede and Peterson report that "the basic XML-format has undergone preliminary testing in Europe by a Spri project and been found suitable for EU purposes. Spri has advised the Swedish National Board of Health and Welfare and the Swedish National Archive to issue directives concerning the use of XML as the archive-format for EHCR (Electronic Health Care Record) information."
Synchronization of records
When care is provided at two different facilities, it may be difficult to update records at both locations in a co-ordinated fashion.
Two models have been used to satisfy this problem: a centralized data server solution, and a peer-to-peer file synchronization program (as has been developed for other peer-to-peer networks).
Synchronization programs for distributed storage models, however, are only useful once record standardization has occurred.
Merging of already existing public healthcare databases is a common software challenge. The ability of electronic health record systems to provide this function is a key benefit and can improve healthcare delivery.
eHealth and teleradiology
The sharing of patient information between health care organizations and IT systems is changing from a "point to point" model to a "many to many" one. The European Commission is supporting moves to facilitate cross-border interoperability of e-health systems and to remove potential legal hurdles, as in the project www.epsos.eu/. To allow for global shared workflow, studies will be locked when they are being read and then unlocked and updated once reading is complete. Radiologists will be able to serve multiple health care facilities and read and report across large geographical areas, thus balancing workloads. The biggest challenges will relate to interoperability and legal clarity. In some countries it is almost forbidden to practice teleradiology. The variety of languages spoken is a problem and multilingual reporting templates for all anatomical regions are not yet available. However, the market for e-health and teleradiology is evolving more rapidly than any laws or regulations.
European Union: Directive 2011/24/EU on patients' rights in cross-border healthcare
The European Commission wants to boost the digital economy by enabling all Europeans to have access to online medical records anywhere in Europe by 2020. With the newly enacted Directive 2011/24/EU on patients' rights in cross-border healthcare due for implementation by 2013, it is inevitable that a centralised European health record system will become a reality even before 2020. However, the concept of a centralised supranational central server raises concern about storing electronic medical records in a central location. The privacy threat posed by a supranational network is a key concern. Cross-border and Interoperable electronic health record systems make confidential data more easily and rapidly accessible to a wider audience and increase the risk that personal data concerning health could be accidentally exposed or easily distributed to unauthorised parties by enabling greater access to a compilation of the personal data concerning health, from different sources, and throughout a lifetime.
Template:Pie chart In a 2008 survey by DesRoches et al. of 4484 physicians (62% response rate), 83% of all physicians, 80% of primary care physicians, and 86% of non-primary care physicians had no EHRs. "Among the 83% of respondents who did not have electronic health records, 16%" had bought, but not implemented an EHR system yet. The 2009 National Ambulatory Medical Care Survey of 5200 physicians (70% response rate) by the National Center for Health Statistics showed that 51.7% of office-based physicians did not use any EMR/EHR system.
2009 HITECH Act
The Health Information Technology for Economic and Clinical Health Act (Template:Uspl,§2.A.III & B.4) (a part of the 2009 stimulus package) set meaningful use of interoperable EHR adoption in the health care system as a critical national goal and incentivized EHR adoption. The "goal is not adoption alone but 'meaningful use' of EHRs — that is, their use by providers to achieve significant improvements in care."
Title IV of the act promises maximum incentive payments for Medicaid to those who adopt and use "certified EHRs" of $63,750 over 6 years beginning in 2011. Eligible professionals must begin receiving payments by 2016 to qualify for the program. For Medicare the maximum payments are $44,000 over 5 years. Doctors who do not adopt an EHR by 2015 will be penalized 1% of Medicare payments, increasing to 3% over 3 years. In order to receive the EHR stimulus money, the HITECH Act requires doctors to show "meaningful use" of an EHR system. As of June 2010, there are no penalty provisions for Medicaid.
Health information exchange (HIE) has emerged as a core capability for hospitals and physicians to achieve "meaningful use" and receive stimulus funding. Healthcare vendors are pushing HIE as a way to allow EHR systems to pull disparate data and function on a more interoperable level.
Starting in 2015, hospitals and doctors will be subject to financial penalties under Medicare if they are not using electronic health records.
The main components of Meaningful Use are:
- The use of a certified EHR in a meaningful manner, such as e-prescribing.
- The use of certified EHR technology for electronic exchange of health information to improve quality of health care.
- The use of certified EHR technology to submit clinical quality and other measures.
In other words, providers need to show they're using certified EHR technology in ways that can be measured significantly in quality and in quantity.
The meaningful use of EHRs intended by the US government incentives is categorized as follows:
- Improve care coordination
- Reduce healthcare disparities
- Engage patients and their families
- Improve population and public health
- Ensure adequate privacy and security
The Obama Administration's Health IT program intends to use federal investments to stimulate the market of electronic health records:
- Incentives: to providers who use IT
- Strict and open standards: To ensure users and sellers of EHRs work towards the same goal
- Certification of software: To provide assurance that the EHRs meet basic quality, safety, and efficiency standards
The detailed definition of "meaningful use" is to be rolled out in 3 stages over a period of time until 2015. Details of each stage are hotly debated by various groups. Only stage 1 has been defined while the remaining stages will evolve over time.
Meaningful use Stage 1
The first steps in achieving meaningful use are to have a certified electronic health record (EHR) and to be able to demonstrate that it is being used to meet the requirements. Stage 1 contains 25 objectives/measures for Eligible Providers (EPs) and 24 objectives/measures for eligible hospitals. The objectives/measures have been divided into a core set and menu set. EPs and eligible hospitals must meet all objectives/measures in the core set (15 for EPs and 14 for eligible hospitals). EPs must meet 5 of the 10 menu-set items during Stage 1, one of which must be a public health objective.
Full list of the Core Requirements and a full list of the Menu Requirements.
- Use computerized order entry for medication orders.
- Implement drug-drug, drug-allergy checks.
- Generate and transmit permissible prescriptions electronically.
- Record demographics.
- Maintain an up-to-date problem list of current and active diagnoses.
- Maintain active medication list.
- Maintain active medication allergy list.
- Record and chart changes in vital signs.
- Record smoking status for patients 13 years old or older.
- Implement one clinical decision support rule.
- Report ambulatory quality measures to CMS or the States.
- Provide patients with an electronic copy of their health information upon request.
- Provide clinical summaries to patients for each office visit.
- Capability to exchange key clinical information electronically among providers and patient authorized entities.
- Protect electronic health information (privacy & security)
- Implement drug-formulary checks.
- Incorporate clinical lab-test results into certified EHR as structured data.
- Generate lists of patients by specific conditions to use for quality improvement, reduction of disparities, research, and outreach.
- Send reminders to patients per patient preference for preventive/ follow-up care
- Provide patients with timely electronic access to their health information (including lab results, problem list, medication lists, allergies)
- Use certified EHR to identify patient-specific education resources and provide to patient if appropriate.
- Perform medication reconciliation as relevant
- Provide summary care record for transitions in care or referrals.
- Capability to submit electronic data to immunization registries and actual submission.
- Capability to provide electronic syndromic surveillance data to public health agencies and actual transmission.
To receive federal incentive money, CMS requires participants in the Medicare EHR Incentive Program to "attest" that during a 90-day reporting period, they used a certified EHR and met Stage 1 criteria for meaningful use objectives and clinical quality measures. For the Medicaid EHR Incentive Program, providers follow a similar process using their state's attestation system.
Meaningful use Stage 2
The government released its final ruling on achieving Stage 2 of meaningful use in August 2012. Eligible providers will need to meet 17 of 20 core objectives in Stage 2, and fulfill three out of six menu objectives. The required percentage of patient encounters that meet each objective has generally increased over the Stage 1 objectives.
While Stage 2 focuses more on information exchange and patient engagement, many large EHR systems have this type of functionality built into their software, making it easier to achieve compliance. Also, for those eligible providers who have successfully attested to Stage 1, meeting Stage 2 should not be as difficult, as it builds incrementally on the requirements for the first stage.
Barriers to adoption
In a survey by DesRoches et al. (2008), 66% of physicians without EHRs cited capital costs as a barrier to adoption, while 50% were uncertain about the investment. Around 56% of physicians without EHRs stated that financial incentives to purchase and/or use EHRs would facilitate adoption. In 2002, initial costs were estimated to be $50,000–70,000 per physician in a 3-physician practice. Since then, costs have decreased with increasing adoption. A 2011 survey estimated a cost of $32,000 per physician in a 5-physician practice during the first 60 days of implementation.
One case study by Miller et al. (2005) of 14 small primary-care practices found that the average practice paid for the initial and ongoing costs within 2.5 years. A 2003 cost-benefit analysis found that using EMRs for 5 years created a net benefit of $86,000 per provider.
Some physicians are skeptical of the positive claims and believe the data is skewed by vendors and others with an interest in EHR implementation.
Brigham and Women's Hospital in Boston, Massachusetts, estimated it achieved net savings of $5 million to $10 million per year following installation of a computerized physician order entry system that reduced serious medication errors by 55 percent. Another large hospital generated about $8.6 million in annual savings by replacing paper medical charts with EHRs for outpatients and about $2.8 million annually by establishing electronic access to laboratory results and reports.
Furthermore, software technology advances at a rapid pace. Most software systems require frequent updates, often at a significant ongoing cost. Some types of software and operating systems require full-scale re-implementation periodically, which disrupts not only the budget but also workflow. Costs for upgrades and associated regression testing can be particularly high where the applications are governed by FDA regulations (e.g. Clinical Laboratory systems). Physicians desire modular upgrades and ability to continually customize, without large-scale reimplementation.
Training of employees to use an EHR system is costly, just as for training in the use of any other hospital system. New employees, permanent or temporary, will also require training as they are hired.
In the United States, a substantial majority of healthcare providers train at a VA facility sometime during their career. With the widespread adoption of the Veterans Health Information Systems and Technology Architecture (VistA) electronic health record system at all VA facilities, few recently-trained medical professionals will be inexperienced in electronic health record systems. Older practitioners who are less experienced in the use of electronic health record systems will retire over time.
In the United States, the Department of Veterans Affairs (VA) has the largest enterprise-wide health information system that includes an electronic medical record, known as the Veterans Health Information Systems and Technology Architecture (VistA). A key component in VistA is their VistA imaging System which provides a comprehensive multimedia data from many specialties, including cardiology, radiology and orthopedics. A graphical user interface known as the Computerized Patient Record System (CPRS) allows health care providers to review and update a patient's electronic medical record at any of the VA's over 1,000 healthcare facilities. CPRS includes the ability to place orders, including medications, special procedures, X-rays, patient care nursing orders, diets, and laboratory tests.
The 2003 National Defense Authorization Act (NDAA) ensured that the VA and DoD would work together to establish a bidirectional exchange of reference quality medical images. Initially, demonstrations were only worked in El Paso, Texas, but capabilities have been expanded to six different locations of VA and DoD facilities. These facilities include VA polytrauma centers in Tampa and Richmond, Denver, North Chicago, Biloxi, and the National Capitol Area medical facilities. Radiological images such as CT scans, MRIs, and x-rays are being shared using the BHIE. Goals of the VA and DoD in the near future are to use several image sharing solutions (VistA Imaging and DoD Picture Archiving & Communications System (PACS) solutions).
Clinical Data Repository/Health Data Repository (CDHR)is a program that allows for sharing of patient records, especially allergy and pharmaceutical information, between the Department of Veteran Affairs (VA) and the Department of Defense (DoD) in the United States. The program shares data by translating the various vocabularies of the information being transmitted, allowing all of the VA facilities to access and interpret the patient records. The Laboratory Data Sharing and Interoperability (LDSI) application is a new program being implemented to allow sharing at certain sites between the VA and DoD of "chemistry and hematology laboratory tests." Unlike the CHDR, the LDSI is currently limited in its scope.
One attribute for the start of implementing EHRs in the States is the development of the Nationwide Health Information Network which is a work in progress and still being developed. This started with the North Carolina Healthcare Information and Communication Alliance founded in 1994 and who received funding from Department of Health and Human Services.
The Department of Veterans Affairs and Kaiser Permanente has a pilot program to share health records between their systems VistA and HealthConnect, respectively. This software called 'CONNECT' uses Nationwide Health Information Network standards and governance to make sure that health information exchanges are compatible with other exchanges being set up throughout the country. CONNECT is an open source software solution that supports electronic health information exchange. The CONNECT initiative is a Federal Health Architecture project that was conceived in 2007 and initially built by 20 various federal agencies and now comprises more than 500 organizations including federal agencies, states, healthcare providers, insurers, and health IT vendors.
The US Indian Health Service uses an EHR similar to VistA called RPMS. VistA Imaging is also being used to integrate images and co-ordinate PACS into the EHR system.
- See also: NHS Connecting for Health
In 2005 the National Health Service (NHS) in the United Kingdom began deployment of EHR systems. The goal was to have all patients with a centralized electronic health record by 2010. However, there was no central architecture, and it was not developed by physicians and end users, but by external consultants. The estimated cost to the UK taxpayer was over $24Billion (12 Billion GPB) without delivery of any of its primary goals.
Australia is dedicated to the development of a lifetime electronic health record for all its citizens. PCEHR - the Personally Controlled Electronic Health Record - is the major national EHR initiative in Australia, being delivered through territory, state, and federal governments. This electronic health record was initially deployed in July 2012, and is under active development and extension. The record can be found at www.ehealth.gov.au.
MediConnect is an earlier program that provides an electronic medication record to keep track of patient prescriptions and provide stakeholders with drug alerts to avoid errors in prescribing.
The Canadian province of Alberta started a large-scale operational EHR system project in 2005 called Alberta Netcare, which is expected to encompass all of Alberta by 2008.
The College of Dental Surgeons of British Columbia has compiled the Dental Records Management document which lays out the requirements, for records for their industry within the province of British Columbia.
The five regions each use their own setup of electronic health record systems. However, all patient data is registered in the national e-journal.
Estonia is the first country in the world that has implemented a nationwide EHR system, registering virtually all residents' medical history from birth to death.
In November 2011 a planned national electronic patient record for the Netherlands was shelved.
Abu Dhabi is leading the way in using national EHR data as a live longitudinal cohort in the assessment of risk of cardiovascular disease.
Arab Health Awards 2010 recognizes Saudi Arabia National Guard Health Affairs for greatest advancement in EHR development.
- Canada Health Infoway
- Certification Commission for Healthcare Information Technology
- Continuity of Care Record
- European Institute for Health Records (EuroRec)
- TC 251
- Good European Health Record (GEHR)
- Health informatics
- Health information management
- Healthcare Information and Management Systems Society
- EN 13606
- Health Level 7
- Psychological record
- Personal health record
- Record keeping
- Veterans Health Information Systems and Technology Architecture (VistA)
- List of open source healthcare software
- Comparison of EHR software solutions
- Gunter T.D., Terry N.P. (2005). The Emergence of National Electronic Health Record Architectures in the United States and Australia: Models, Costs, and Questions. J Med Internet Res 7.
- Habib JL. EHRs, meaningful use, and a model EMR. Drug Benefit Trends. May 2010;22(4):99-101.
- Patrick Kierkegaard (2011) Electronic health record: Wiring Europe's healthcare, Computer Law & Security Review, Volume 27, Issue 5, September 2011, Pages 503-515, ISSN 0267-3649, 10.1016/j.clsr.2011.07.013. Retrieved Dec 15, 2011
- Electronic Health Records Overview
- Greenhalgh T, Potts HWW, Wong G, Bark P, Swinglehurst D (2009). Tensions and paradoxes in electronic patient record research: A systematic literature review using the meta-narrative method. Milbank Quarterly, 87(4), 729-88
- Berg, M. 1997. Of Forms, Containers, and the Electronic Medical Record: Some Tools for a Sociology of the Formal. Science, Technology, & Human Values 22(4):403–33
- http://www.bmj.com/cgi/content/full/340/jun16_4/c3111 Greenhalgh T, Stramer K, Bratan T, Byrne E, Russell J, Potts HWW (2010). Adoption and non-adoption of a shared electronic summary care record in England: A mixed-method case study. BMJ, 340, c3111
- Gabriel, Barbara (2008). Do EMRs Make You a Better Doctor?. Physicians Practice. URL accessed on 2009-08-23.
- Electronic health records not a panacea
- Silverstein, Scot (2009). 2009 a pivotal year in healthcare IT. Drexel University. URL accessed on 2010-01-05.
- Greenhalgh T, Potts HWW, Wong G, Bark P, Swinglehurst D (2009). Tensions and paradoxes in electronic patient record research: A systematic literature review using the meta-narrative method. Milbank Quarterly, 87(4), 729-88 (full text)
- Himmelstein DU, Wright A, Woolhandler S (2009). Hospital Computing and the Costs and Quality of Care: A National Study. American Journal of Medicine, DOI:10.1016/j.amjmed.2009.09.004 (full text)
- Cebul, Randall Electronic health records and quality of diabetes care.. New England Journal of Medicine. URL accessed on 2012-08-22.
- RWIF,GWUMC, and IHP Staff: "Health Information Technology in the United States: The Information Base for Progress", Robert Wood Johnson Foundation, George Washington University Medical Center, and Institute for Health Policy, 2006 , Retrieved February 17, 2008
- Evidence on the costs and benefits of health information technology. Congressional Budget Office, May 2008.
- Shahid Shah. Column: Why MDs Dread EMRs. Journal of Surgical Radiology.
- David U. Himmelstein, MD, Adam Wright, PhD, Steffie Woolhandler, MD, MPH. The American Journal of Medicine.
- Information Technology: Not a Cure for the High Cost of Health Care. Knowledge@Wharton, June 10, 2009.
- Abraham Verghese. The Myth of Prevention. The Wall Street Journal, June 20, 2009.
- Defining and Testing EMR Usability. Healthcare Information and Management Systems Society (HIMSS), June 2009.
- NISTIR 7804: Technical Evaluation, Testing and Validation of the Usability of Electronic Health Records, p. 9-10. National Institute of Standards and Technology, Sept. 2011.
- U.S. Medicine - The Voice of Federal Medicine, May 2009.
- "EHRs Go Mobile" Marisa Torrieri, Physicians Practice, July/August 2012.
- Kling, Rosenbaum, Sawyer, Indiana University. Understanding And Communicating Social Informatics: A Framework For Studying And Teaching The Human Contexts Of Information And Communication Technologies, pg. 23. Information Today Inc (September 15, 2005), ISBN 978-1-57387-228-7, 
- Sawyer and Rosenbaum. Social Informatics in the Information Sciences: Current Activities and Emerging Directions, p. 94.Informing Science: Special Issue on Information Science Research, Vol. 3 No. 2, 2000.
- Tenner, Edward. Why Things Bite Back: Technology and the Revenge of Unintended Consequences. ISBN 978-0-679-74756-7, 1997 .
- Safely implementing health information and converging technologies, The Joint Commission, Issue 42, December 11, 2008 
- MEDMARX Adverse Drug Event Reporting database
- Health informatics - Guidance on the management of clinical risk relating to the deployment and use of health software (formerly ISO/TR 29322:2008(E)). DSCN18/2009, Examples of potential harm presented by health software, Annex A, p. 38 .
- FDA memo. H-IT Safety Issues, table 4, page 3, Appendix B, p. 7-8 (with examples), and p. 5, summary. Memo obtained and released by Fred Schulte and Emma Schwartz at the Huffington Post Investigative Fund, now part of the Center for Public Integrity, in an Aug. 3, 2010 article FDA, Obama digital medical records team at odds over safety oversight, memo itself 
- Goodman KW, Berner ES, Dente MA, et al. Challenges in ethics, safety, best practices, and oversight regarding HIT vendors, their customers, and patients: a report of an AMIA special task force. J Am Med Inform Assoc (2010). DOI:10.1136/jamia.2010.008946 
- Rowe JC. Doctors Go Digital. The New Atlantis (2011). 
- Ash, JS, Sittig, DF; Poon, EG; Guappone, K; Campbell, E; Dykstra, RH (2007 Jul-Aug). The extent and importance of unintended consequences related to computerized provider order entry.. Journal of the American Medical Informatics Association : JAMIA 14 (4): 415-23.
- (2007). Opposition calls for rethink on data storage. e-Health Insider (UK).
- (2008). German doctors say no to centrally stored patient records. e-Health Insider (UK).
- includeonly>Health & Medicine. "At risk of exposure: In the push for electronic medical records, concern is growing about how well privacy can be safeguarded.", Los Angeles Times, 2006-06-26. Retrieved on 2006-08-08.
- CNN.com (May 23, 2006): FBI seeks stolen personal data on 26 million vets Retrieved July 30, 2006
- Tim Wafa (J.D.). How the Lack of Prescriptive Technical Granularity in HIPAA Has Compromised Patient Privacy. Northern Illinois University Law Review, Volume 30, Number 3, Summer 2010.
- Wager, K., Lee, F., & Glaser, J. Health care information systems: A practical approach for health care management (2nd ed.)Jossey-Bass,pages 253-254, 2009
- European Parliament and Council (24 October 1995): EU Directive 95/46/EC - The Data Protection Directive Retrieved July 30, 2006
- Personal Information Protection and Electronic Documents Act - Implementation Schedule. Office of the Privacy Commissioner of Canada. URL accessed on February 12, 2008.
- Pear, Robert. "Warnings Over Privacy of U.S. Health Network." New York Times, February 18, 2007.
- JM Appel. Why shared medical database is wrong prescription. Orlando Sentinel, December 30, 2008. http://www.orlandosentinel.com/news/opinion/views/orl-opappel3008dec30,0,4065787.story
- Nulan C (2001). HIPAA--a real world perspective. Radiol Manage 23 (2): 29–37; quiz 38–40.
- Theo Francis, Spread of records stirs fears of privacy erosion, The Wall Street Journal, December 28, 2006 
- Lawyers Per 100,000 Population 1980-2003. Congressional Budget Office. URL accessed on 2007-07-10.
- Tort reform. News Batch.
- Bigger focus on compliance needed in EMR marketplace. Health Imaging News.
- Ben Kerschberg, Electronic Health Records Dramatically Increase Corporate Risk. The Huffington Post.
- Medical Manager History
- "Can Technology Get You Sued?" Shelly K. Schwartz, Physicians Practice, March 2012.
- Laura Dunlop. Electronic Health Records: Interoperability Challenges and Patient's Right for Privacy. Shidler Journal of Computer and Technology 3:16.
- (2006). Newly Issued Final Rules under Stark and Anti-kickback Laws Permit Furnishing of Electronic Prescribing and Electronic Health Records Technology. GKLaw.
- (2006). New Stark Law Exceptions and Anti-Kickback Safe Harbors For Electronic Prescribing and Electronic Health Records. SSDlaw.
- European Patient Smart Open Services Work Plan: epSOS: Legal and Regulatory Issues Retrieved May 4, 2008
- Privacy Rights Clearinghouse's Chronology of Data Security Breaches involving Medical Information
- Kierkegaard, P. (2012) Medical data breaches: Notification delayed is notification denied, Computer Law & Security Report , 28 (2), p.163–183.
- HIPAA Basics: Medical Privacy in the Electronic Age from the Privacy Rights Clearinghouse www.privacyrights.org
- DEPARTMENT OF HEALTH AND HUMAN SERVICES Breach Notification for Unsecured Protected Health Information
- includeonly>Pear, Robert. "U.S. Issues Rules on Electronic Health Records", The New York Times, July 13, 2010.
- About. SMART Platforms. URL accessed on 20 March 2012.
- Clayton L. Reynolds MD, FACP, FACPE (March 2006): Paper on Concept Processing Retrieved July 27, 2006
- Maekawa Y, Majima Y.; "Issues to be improved after introduction of a non-customized Electronic Medical Record system (EMR) in a Private General Hospital and efforts toward improvement"; Studies in Health Technology and Informatics 2006
- Tüttelmann F, Luetjens CM, Nieschlag E.; "Optimising workflow in andrology: a new electronic patient record and database"; Asian Journal of Andrology March 2006
- The Digital Office, September 2007, vol 2, no.9. HIMSS
- Gina Rollins."The Perils of Customization." Journal of AHIMA 77, no.6 (2006):24-28.
- Mandl KD, Szolovits P, Kohane IS (February 2001). Public standards and patients' control: how to keep electronic medical records accessible but private. BMJ 322 (7281): 283–7.
- Ruotsalainen P, Manning B (2007). A notary archive model for secure preservation and distribution of electrically signed patient documents. Int J Med Inform 76 (5–6): 449–53.
- Olhede T, Peterson HE (2000). Archiving of care related information in XML-format. Stud Health Technol Inform 77: 642–6.
- (2004). Integrating the New York citywide immunization registry and the childhood blood lead registry. Journal of Public Health Management and Practice: S72–80.The Master Child Index consolidated 4,610,585 records that were contained in both databases into 2,977,290 records through a match and merge system.
- (2001). Quality improvements in pediatric well care with an electronic record. Proc AMIA Symp: 209–13.
- (2004). Perspectives on integrated child health information systems: Parents, providers, and public health. Journal of Public Health Management Practice: S57–S60.
- Pohjonen H. Images can now cross borders, but what about the legislation? Diagnostic Imaging Europe. June/July 2010;26(4):16.
- Patrick Kierkegaard (2011) Electronic health record: Wiring Europe's healthcare, Computer Law & Security Review, Volume 27, Issue 5, September 2011, Pages 503-515, ISSN 0267-3649, 10.1016/j.clsr.2011.07.013. Retrieved Dec 15, 2011
- Hsiao, Chun-Ju, et al Electronic Medical Record/Electronic Health Record Systems of Office-based Physicians: United States, 2009 and Preliminary 2010 State Estimates. NCHS Health E-Stat. CDC/National Center for Health Statistics. URL accessed on 31 October 2011.
- Simon SR, Kaushal R, Cleary PD, (2007). Correlates of electronic health record adoption in office practices: a statewide survey. J Am Med Inform Assoc 14 (1): 110–7.
- Menachemi N, Perkins RM, van Durme DJ, Brooks RG (2006). Examining the adoption of electronic health records and personal digital assistants by family physicians in Florida. Inform Prim Care 14 (1): 1–9.
- CDC. Introduction. Meaningful Use. CDC. URL accessed on 31 October 2011.
- Centers for Medicare & Medicaid Services. CMS EHR Meaningful Use Overview. EHR Incentive Programs. Center for Medicare & Medicaid Services. URL accessed on 31 October 2011.
- Torrieri, Marisa "Dealing with Meaningful Use Attestation Aggravation". Physicians Practice. January 2012.
- "Meaningful Use: Stage 2 Regulations Overview" Robert Anthony, CMS, August 30, 2012.
- "EHR Incentive Program: A Progress Report" Marisa Torrieri, Physicians Practice, September 2012.
cited in DOI:10.2147/RMHP.S12985
- (2007). A State Policy Approach: Promoting Health Information Technology in California. California Legislative Analyst Office.
- Parish, Colin (March 20, 2006). Edging towards a brave new IT world. Nursing Standard 27:15-16
-  Retrieved March 4, 2010
-  Retrieved March 4, 2010
-  Retrieved March 4, 2010
- Traynor Kate (2008). National health information network passes live test. American Journal of Health-System Pharmacy 65 (22): 2086–2087.
- Mearian, Lucas (Jan 6, 2010). VA, Kaiser Permanente launch e-health records exchange. Computerworld.
- http://www.connectopensource.org/about/what-is-CONNECT Retrieved March 4, 2010
- http://connectopensource.osuosl.org/sites/connectopensource.osuosl.org/files/CONNECTOverview.pdf Retrieved March 4, 2010
- NHS Connecting for Health:Delivering the National Programme for IT. URL accessed on Retrieved August 4, 2006.
- Ian Quinn. Electronic records are less efficient than paper, finds DH research lead.
- Health e-records 'struggling to fulfil potential'.
- Greenhalgh T, Stramer K, Bratan T, Byrne E, Russell J, Potts HWW (2010). Adoption and non-adoption of a shared electronic summary care record in England: A mixed-method case study. BMJ, 340, c3111
- Bewley S, Perry H, Fawdry R, Cumming G (2011). NHS IT requires the wisdom of the crowd not the marketplace. http://www.bmj.com/content/343/bmj.d5317.full/reply#bmj_el_270562 Accessed 16 April 2012
- Dismantling the NHS National Programme for IT. Department of Health Media Centre. URL accessed on September 29, 2011. "The government today announced an acceleration of the dismantling of the National Programme for IT, following the conclusions of a new review by the Cabinet Office's Major Projects Authority (MPA)... The MPA found that the National Programme for IT has not and cannot deliver to its original intent."
- Template:Cite article
- Mason, Moya K. (2005). What Can We Learn from the Rest of the World? A Look at International Electronic Health Record Best Practices.
- http://www.volkskrant.nl/vk/nl/5270/Zorg/article/detail/3022230/2011/11/08/Elektronisch-Patientendossier-gaat-definitief-niet-door.dhtml accessed 17 April 2012
- Can Electronic Health Record Systems Transform Health Care?
- Health Information Technology in the United States
- How to Enable Standard-Compliant Streaming of Images in Electronic Health Records a white paper by Aware Inc.
- Open-Source EHR Systems for Ambulatory Care: A Market Assessment(California HealthCare Foundation, January 2008)
- US Department of Health and Human Services (HHS), Office of the National Coordinator for Health Information Technology (ONC)
- US Department of Health and Human Services (HHS), Agency for Healthcare Research and Quality (AHRQ), National Resource Center for Health Information Technology
- ICMCC portal: EHR info and blogs
- Security Aspects in Electronic Personal Health Record: Data Access and Preservation - a briefing paper at Digital Preservation Europe
|This page uses Creative Commons Licensed content from Wikipedia (view authors).|