Chapter 11Information Management                         2
Medical Record     Means of Communication - I• Documentation of a patients  – Illness  – Symptoms  – Diagnosis  – Treatmen...
Medical Record     Means of Communication - II• Planning tool for patient care• Document communication (e.g., progress  no...
Medical Record    Means of Communication - III• Continuing education• Research• Provide info necessary for 3rd-party billi...
Managing Information - I• Determine customer needs• Set goals & establish priorities• Improve accuracy of data collection•...
Managing Information - II• Deliver timely & accurate information• Provide easy access to information• Maintain security & ...
Managing Information - III• Establish disaster plans for recovery of info• Orient & train staff on information mgmt  syste...
Contents of Medical Record – lAdmission record  •   Age  •   Address  •   Reason for admission, social security number  • ...
Contents of Medical Record – lI• Consent and authorization for treatment forms  allowing the healthcare facility to perfor...
Contents of Medical Record – lII• Medical history and physical examination,  including diagnosis, and findings that suppor...
Contents of Medical Record – lV•   Treatment plan•   Physicians’ orders•   Progress notes•   Nursing notes (where an integ...
Contents of Medical Record – V• Diagnostic reports (e.g., laboratory and  imaging)• Consultation reports• Vital signs char...
Contents of Medical Record – VI• Operative reports• Medication administration records• Discharge planning/social service n...
Ownership & Release of          Medical Records• “Hospital Workers Punished for Peeking at  Clooney File”• Ownership resid...
Privacy Act of 1974Privacy Act of 1974 enacted to safeguard individual  privacy from misuse of federal records, to give  i...
Ownership & Release of Records• Request by Patients           • Privacy Exception• Failure to Release Records       – crim...
Retention of Information• Length of time medical records must be retained  varies state to state• Retention of X-Rays: Fai...
Computerized Medical Records           Advantages – I• Retrieve demographic information & consultants  reports, as well as...
Computerized Medical Records           Advantages – II• Allow for interactive computer-assisted diagnosis &  treatment• Ge...
Computerized Medical Records           Disadvantages• Increased risk of lost confidentiality & unauthorized  disclosure of...
Medical Record Battleground• Tampering• Angry recordings  – registering complaints by other caregivers & the    organizati...
Text Cases – I• Patient Objects to Record Notations• Failure to Record Patient’s Condition• Falsification of Records   • F...
Text Cases – II• Tampering with Record Entries   • Maintaining Integrity of Patient Records   • Inaccurate Record Entries•...
Text Cases – III•   Failure to Maintain Records•   Improper Record Keeping•   Charting by Exception•   Charting & Reimburs...
Confidential Communications – I• Breach of Physician-Patient Confidentiality• Reports of the Joint Commission Privileged f...
Confidential & Privileged Communications                     II• Some Committee Minutes Not Privileged• Peer-Review Docume...
HIPAA• Designed to protect the  privacy, confidentiality, and security of patient  information• Standards apply to all hea...
HIPAA             Privacy Provision – I• Patients able to access their record & request  correction of errors.• Patients m...
HIPAA             Privacy Provision – II• Health insurers or providers document their privacy  procedures.• Health insurer...
HIPAA            Security Provision– I• P & Ps designed to show how entity will comply with  the act.• Entities must adopt...
HIPAA            Security Provision – II• Procedures address access  authorization, establishment, modification, &  termin...
HIPAA            Security Provision – III• Recovery plan should document data priority &  failure analysis, testing activi...
HIPAA            Physical Safeguards – I• Responsibility for security must be assigned to a  specific person or department...
HIPAA            Physical Safeguards – II• Required access controls consist of facility security  plans, maintenance recor...
HIPAA            Technical Safeguards – I• Information systems housing PHI must be protected  from intrusion.• When info f...
HIPAA           Technical Safeguards – II• Data corroboration, including use of check sum,  double-keying, message authent...
HIPAA         Technical Safeguards – III• Information technology documentation should  also include a written record of al...
Charting: Some Helpful Advice - I• Complete & pertinent entries• Timely entries• Legible entries• Clear & meaningful entri...
Charting & Helpful Advice - II• Avoid  • defensive & derogatory notes  • erasures & correction fluids  • Criticism  • Comp...
Charting & Helpful Advice - III• Secure records pending legal action• Obtain legal advice• Entries made by others must not...
Charting & Helpful Advice - IV• Reasoning for not following the advice of a  consultant should be noted in the medical  re...
REVIEW QUESTIONS1. What is information management as itrelates to health care?2. What are the basic purposes of medicalrec...
REVIEW QUESTIONS, con’t4. The medical record is sole property of the patient& should never be released. Discuss your opini...
REVIEW QUESTIONS, con’t7. What records or parts thereof should be protectedfrom discovery?8. Should information gathered p...
5530: Chapter 11
Upcoming SlideShare
Loading in …5
×

5530: Chapter 11

2,019 views

Published on

Published in: Health & Medicine, Business
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,019
On SlideShare
0
From Embeds
0
Number of Embeds
16
Actions
Shares
0
Downloads
0
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

5530: Chapter 11

  1. 1. Chapter 11Information Management 2
  2. 2. Medical Record Means of Communication - I• Documentation of a patients – Illness – Symptoms – Diagnosis – Treatment 3
  3. 3. Medical Record Means of Communication - II• Planning tool for patient care• Document communication (e.g., progress notes)• Protect legal interests of patient, organization, & practitioner• Provide database for use in statistical reporting 4
  4. 4. Medical Record Means of Communication - III• Continuing education• Research• Provide info necessary for 3rd-party billing 5
  5. 5. Managing Information - I• Determine customer needs• Set goals & establish priorities• Improve accuracy of data collection• Provide uniformity of data collection & definitions• Limit duplication of entries 6
  6. 6. Managing Information - II• Deliver timely & accurate information• Provide easy access to information• Maintain security & confidentiality of information• Enhance patient care activities• Improve collaboration across organization through information sharing 7
  7. 7. Managing Information - III• Establish disaster plans for recovery of info• Orient & train staff on information mgmt system• Provide annual review of information plan to include its scope, org, objectives, & effectiveness 8
  8. 8. Contents of Medical Record – lAdmission record • Age • Address • Reason for admission, social security number • Marital status • Religion • Health insurance . . . 9
  9. 9. Contents of Medical Record – lI• Consent and authorization for treatment forms allowing the healthcare facility to perform various procedures, such as routine diagnostic testing• Advance directives 10
  10. 10. Contents of Medical Record – lII• Medical history and physical examination, including diagnosis, and findings that support the diagnosis• Patient screenings and assessment – (e.g., nursing, functional, nutritional, social, and discharge planning) 11
  11. 11. Contents of Medical Record – lV• Treatment plan• Physicians’ orders• Progress notes• Nursing notes (where an integrated record exists, nursing notes are often placed in the progress notes, along with the notes of other disciplines) 12
  12. 12. Contents of Medical Record – V• Diagnostic reports (e.g., laboratory and imaging)• Consultation reports• Vital signs charts• Fluid intake and output charts• Pain management records• Anesthesia assessment 13
  13. 13. Contents of Medical Record – VI• Operative reports• Medication administration records• Discharge planning/social service notes and reports• Patient education• Discharge summaries 14
  14. 14. Ownership & Release of Medical Records• “Hospital Workers Punished for Peeking at Clooney File”• Ownership resides with organization or professional rendering treatment• Right to privacy 15
  15. 15. Privacy Act of 1974Privacy Act of 1974 enacted to safeguard individual privacy from misuse of federal records, to give individuals access to records concerning themselves that are maintained by federal agencies, & to establish a Privacy Protection Safety Commission. 16
  16. 16. Ownership & Release of Records• Request by Patients • Privacy Exception• Failure to Release Records – criminal – can lead to legal action investigations• Requests: 3rd Parties – medicaid fraud – insurance carriers – substance abuse processing claims records – medical researchers – educators – gov. agencies 17
  17. 17. Retention of Information• Length of time medical records must be retained varies state to state• Retention of X-Rays: Failure to Preserve – Illinois Supreme Court held that a private cause of action existed under the X-ray retention act, & that the plaintiff stated a claim under the act. The act provides that hospitals must retain X-rays & other such photographs or films as part of their regularly maintained records for a period of five years. • See text case: Rodgers v. St. Marys Hosp. of Decatur 18
  18. 18. Computerized Medical Records Advantages – I• Retrieve demographic information & consultants reports, as well as lab, radiology, & other test results• Improve productivity & quality• Reduce costs• Support clinical research• Play an ever-increasing role in education p• Allow for computer-generated prescriptions (integrated computer systems & clinical pharmacy services are associated with reducing the incidence of medication errors). 19
  19. 19. Computerized Medical Records Advantages – II• Allow for interactive computer-assisted diagnosis & treatment• Generate reminders for follow-up testing.• Assist in the decision-making process.• Aid in standardizing treatment protocols.• Assist in the identification of drug-drug & food-drug interactions.• Used in telecommunications around the world, transporting picture graphics (e.g., computed tomography scans) between nations. 20
  20. 20. Computerized Medical Records Disadvantages• Increased risk of lost confidentiality & unauthorized disclosure of info.• Rapid growth of internet has led to an explosion of high-technology crime & related illegal activities.• Increases in cyber crime have led to a need for high- end technology products & services to combat these problems.• Billions of dollars spent annually to protect networks & critical infrastructures from cyber-based threats. 21
  21. 21. Medical Record Battleground• Tampering• Angry recordings – registering complaints by other caregivers & the organization• Rewriting & replacing notes 22
  22. 22. Text Cases – I• Patient Objects to Record Notations• Failure to Record Patient’s Condition• Falsification of Records • Falsifying Medical Records • Falsifying Business Records• Falsifying Records • Moskovitz v. Mount Sinai Med. Ctr. 23
  23. 23. Text Cases – II• Tampering with Record Entries • Maintaining Integrity of Patient Records • Inaccurate Record Entries• Rewriting & Replacing Notes • Nurse Changes Record Entries• Illegible Entries 24
  24. 24. Text Cases – III• Failure to Maintain Records• Improper Record Keeping• Charting by Exception• Charting & Reimbursement• Incomplete Records: Loss of Privileges• Legal Proceedings & the Medical Record 25
  25. 25. Confidential Communications – I• Breach of Physician-Patient Confidentiality• Reports of the Joint Commission Privileged from Discovery• Privileged Information: Statements Protected• Credentialing Files Privileged• Ordinary Business Documents• Attorney-Client Privilege 26
  26. 26. Confidential & Privileged Communications II• Some Committee Minutes Not Privileged• Peer-Review Documents Discoverable• Staff Privileging Documents Discoverable – Discoverable: Illinois• Staff Privileging Documents Not Discoverable• Search Warrant – Peer Review Documents: Michigan 27
  27. 27. HIPAA• Designed to protect the privacy, confidentiality, and security of patient information• Standards apply to all health information in all formats 28
  28. 28. HIPAA Privacy Provision – I• Patients able to access their record & request correction of errors.• Patients must be informed of how personal info will be used.• Patient consent for release of info for marketing purposes required.• Patients can ask insurers & providers to take reasonable steps to ensure their communications are confidential.• Patients can file privacy-related complaints. 29
  29. 29. HIPAA Privacy Provision – II• Health insurers or providers document their privacy procedures.• Health insurers or providers designate a privacy officer & train their employees.• Providers may use patient info without patient consent for – purposes of providing treatment – obtaining payment for services – performing non-treatment operational tasks of the providers business. 30
  30. 30. HIPAA Security Provision– I• P & Ps designed to show how entity will comply with the act.• Entities must adopt a written set of privacy p & ps.• Privacy officer for developing & implementing p & ps.• P & Ps must reference mgm’t oversight & org buy-in to comply with documented security controls.• Procedures identify employees who will have access to protected health info.• Access to PHI in all forms restricted to employees who have a need for it to complete job function. 31
  31. 31. HIPAA Security Provision – II• Procedures address access authorization, establishment, modification, & termination.• Ongoing training program.• Entities that outsource business processes to 3rd party ensure vendors have framework to comply with HIPAA.• Care taken to determine if vendor further out-sources any data handling functions to other vendors, while monitoring whether appropriate contracts & controls are in place.• Contingency plan for responding to emergencies.• Covered entities responsible for backing up their data & having disaster recovery procedures in place. 32
  32. 32. HIPAA Security Provision – III• Recovery plan should document data priority & failure analysis, testing activities, & change control procedures.• Internal audits review operations with goal of identifying potential security violations.• P & Ps document scope, frequency, & procedures of audits.• Audits routine & event based.• Procedures document instructions for addressing & responding to security breaches. 33
  33. 33. HIPAA Physical Safeguards – I• Responsibility for security must be assigned to a specific person or department.• Controls must govern the introduction and removal of hardware and software from the network.• When equipment is retired, it must be disposed of properly to ensure that PHI is not compromised.• Access to equipment containing health info should be carefully controlled & monitored.• Access to hardware & software must be limited to properly authorized individuals. 34
  34. 34. HIPAA Physical Safeguards – II• Required access controls consist of facility security plans, maintenance records, & visitor sign-in and escorts.• Policies are required to address proper workstation use.• Workstations should be removed from high-traffic areas and monitor screens should not be in direct view of the public.• If the covered entities utilize contractors or agents, they too must be fully trained on their physical access responsibilities. 35
  35. 35. HIPAA Technical Safeguards – I• Information systems housing PHI must be protected from intrusion.• When info flows over open networks, some form of encryption must be utilized.• If closed systems/networks are utilized, existing access controls are considered sufficient & encryption is optional.• Each covered entity responsible for ensuring data within its systems has not been changed or erased in an unauthorized manner. 36
  36. 36. HIPAA Technical Safeguards – II• Data corroboration, including use of check sum, double-keying, message authentication, & digital signature may be used to ensure data integrity. Covered entities must also authenticate entities with which it communicates.• Authentication consists of corroborating that an entity is who it claims to be.• Covered entities must make documentation of their HIPAA practices available to the government to determine compliance. 37
  37. 37. HIPAA Technical Safeguards – III• Information technology documentation should also include a written record of all configuration settings on components of the network because these components are complex, configurable, & always changing.• Documented risk analysis & risk management programs are required. 38
  38. 38. Charting: Some Helpful Advice - I• Complete & pertinent entries• Timely entries• Legible entries• Clear & meaningful entries• Complete 39
  39. 39. Charting & Helpful Advice - II• Avoid • defensive & derogatory notes • erasures & correction fluids • Criticism • Complaints • tampering with the chart 40
  40. 40. Charting & Helpful Advice - III• Secure records pending legal action• Obtain legal advice• Entries made by others must not be ignored • patient care is a collaborative interdisciplinary team effort • entries made by health care professionals provide valuable information in treating the patient
  41. 41. Charting & Helpful Advice - IV• Reasoning for not following the advice of a consultant should be noted in the medical record, not so as to discredit the consultant, but to show the reasoning why a consultant’s advice was not followed. 42
  42. 42. REVIEW QUESTIONS1. What is information management as itrelates to health care?2. What are the basic purposes of medicalrecord?3. Discuss the advantages & disadvantages ofcomputer-generated medical records. 43
  43. 43. REVIEW QUESTIONS, con’t4. The medical record is sole property of the patient& should never be released. Discuss your opinion onthis statement.5. What is the reasoning for the establishment ofstatutes that protect an organizations peer-reviewinfo?6. Should statements given by a defendant to ahospitals internal peer-review committee bediscoverable by a plaintiff? Explain your answer. 44
  44. 44. REVIEW QUESTIONS, con’t7. What records or parts thereof should be protectedfrom discovery?8. Should information gathered prior to a physiciansapplication for staff privileges be privileged fromdiscovery? Explain.9. How long should patient records be maintained? 45

×