Chapter 18 Legal Reporting Requirements Learning Objectives Describe various forms of child abuse, how to recognize it, and reporting requirements. Describe various forms of elder abuse, how to recognize it, and reporting requirements. Explain why it is important to report communicable diseases, adverse drug reactions, & infectious diseases. Learning Objectives (cont’d) Discuss the importance of reporting births and deaths. Explain how & why physician incompetency is reported. Understand the importance of incident reporting, sentinel events, & the purpose of root cause analyses. Abuse Abuse in the healthcare setting often occurs to those who are most vulnerable and dependent on others for care. Abuse can take many forms, such as physical, psychological, medical, and financial. Abuse is not always easy to identify because injuries can often be attributed to other causes. Child Abuse Intentional serious mental, emotional, sexual, &/or physical injury inflicted by family or other person responsible for care. Child Abuse Prevention & Treatment Act (CAPTA) Minimum standards states must incorporate in their statutory definitions of child abuse and neglect. Child Abuse Who Should Report Healthcare setting Administrators, physicians, interns, registered nurses, chiropractors, social service workers, psychologists, dentists, osteopaths, optometrists, podiatrists, mental health professionals, & volunteers in residential facilities Penalties for failure to report States vary on penalties Child Abuse How to Detect Indicators of abuse and maltreatment that appear to be part of a pattern Physical indicators Bruises Sprains Fractures Cigarette burns Child Abuse How to Detect (cont’d) Behavioral indicators Diminished psychological or intellectual functioning Failure to thrive No control of aggression Self-destructive impulses Decreased ability to think and reason Acting out and misbehavior, or habitual truancy Child Abuse (cont’d) Good faith reporting Psychologist Immune to Liability Failure to report child abuse Psychologist’s Failure to Report Abuse Nurse’s Failure to Document and Report Physician Entitled to Immunity Child Abuse Can Be Elusive Senior Abuse Mistreatment: Results in Harm or Loss It can involve Physical & Sexual Abuse Domestic & Psychological Abuse Financial abuse Neglect Failure to provide needed care Senate Select Committee on Aging Less Likely to be Reported than Child Abuse Most Instances of Senior Abuse Repeated Events Not One-Time Occurrences Senate Select Committee on Aging (cont’d) Victims are often 75 years of age or older, & women more likely to be abused than men. Seniors often ashamed to admit their loved ones abuse them. may fear reprisals if they complain. Family members are resentful of a frail & dependent senior parent. Majority of abusers are relatives. Signs of Senior Abuse Unexplained or Unexpected Death Development of “Pressure S ...

1. Chapter 18
Legal Reporting Requirements
Learning Objectives
Describe various forms of child abuse, how to recognize it, and
reporting requirements.
Describe various forms of elder abuse, how to recognize it, and
reporting requirements.
Explain why it is important to report communicable diseases,
adverse drug reactions, & infectious diseases.
Learning Objectives (cont’d)
Discuss the importance of reporting births and deaths.
Explain how & why physician incompetency is
reported.
Understand the importance of incident reporting, sentinel
events, & the purpose of root cause analyses.
Abuse
Abuse in the healthcare setting often occurs to those who are
most vulnerable and dependent on others for care.
Abuse can take many forms, such as physical, psychological,
medical, and financial.
Abuse is not always easy to identify because injuries can often
be attributed to other causes.

2. Child Abuse
Intentional serious mental, emotional, sexual, &/or physical
injury inflicted by family or other person responsible for care.
Child Abuse Prevention & Treatment Act (CAPTA)
Minimum standards states must incorporate in their statutory
definitions of child abuse and neglect.
Child Abuse
Who Should Report
Healthcare setting
Administrators, physicians, interns, registered nurses,
chiropractors, social service workers, psychologists, dentists,
osteopaths, optometrists, podiatrists, mental health
professionals, & volunteers in residential facilities
Penalties for failure to report
States vary on penalties
Child Abuse
How to Detect
Indicators of abuse and maltreatment that appear to be part of a
pattern
Physical indicators
Bruises
Sprains
Fractures
Cigarette burns

3. Child Abuse
How to Detect (cont’d)
Behavioral indicators
Diminished psychological or intellectual functioning
Failure to thrive
No control of aggression
Self-destructive impulses
Decreased ability to think and reason
Acting out and misbehavior, or habitual truancy
Child Abuse (cont’d)
Good faith reporting
Psychologist Immune to Liability
Failure to report child abuse
Psychologist’s Failure to Report Abuse
Nurse’s Failure to Document and Report
Physician Entitled to Immunity
Child Abuse Can Be Elusive
Senior Abuse
Mistreatment: Results in Harm or Loss
It can involve
Physical & Sexual Abuse
Domestic & Psychological Abuse
Financial abuse
Neglect
Failure to provide needed care

4. Senate Select Committee on Aging
Less Likely to be Reported than Child Abuse
Most Instances of Senior Abuse
Repeated Events
Not One-Time Occurrences
Senate Select Committee on Aging (cont’d)
Victims are often 75 years of age or older, & women more
likely to be abused than men.
Seniors often ashamed to admit their loved ones abuse them.
may fear reprisals if they complain.
Family members are resentful of a frail & dependent senior
parent.
Majority of abusers are relatives.
Signs of Senior Abuse
Unexplained or Unexpected Death
Development of “Pressure Sores”
Heavy Medication & Sedation
Inadequate nursing staff
Occurrence of Broken bones
Sudden Emotional Outbursts/Agitation/Withdrawal
Signs of Senior Abuse (cont’d)
Bruises, welts, discoloration, and burns
Absence of hair
Hemorrhaging below the scalp

5. Dehydration and malnourishment without illness-
related cause
Hesitation to talk openly
Implausible stories
Signs of Senior Abuse (cont’d)
Unusual or inappropriate activity in bank accounts.
Signatures on checks and other written materials that do not
resemble patient’s signature.
Power of attorney given, or recent changes or creation of a
will, when person is incapable of making such decisions.
Signs of Senior Abuse (cont’d)
Missing personal belongings, such as silverware or jewelry.
An untreated medical condition.
Patient unable to speak for himself or herself, or see others,
without presence of caregiver (suspected abuser).
National Center on Elder Abuse
The National Center on Elder Abuse (NCEA), directed by the
U.S. Administration on Aging, is committed to helping national,
state, and local partners in the field be fully prepared to ensure
that older Americans will live with dignity, integrity,
independence, and without abuse, neglect, and exploitation.
Preventing Abuse
Policies and Procedures
Prohibition of Mistreatment

6. Description of Reporting Procedures Regarding Alleged
Abuse
Maintenance of Evidence of Alleged Abuse
Investigation of Alleged Abuse
Prevention of further potential abuse while investigation is in
progress
Abuse
Documentation
Suspected abuse should be defined clearly and
objectively.
Witnesses: Reporters of abuse must describe statements made
by others as accurately as possible.
What actions were taken, by whom, when, where, etc.
Information should be included about how witnesses may be
contacted.
Abuse
Documentation (cont’d)
Photographs: It may be necessary to photograph wounds or
injuries.
Hospital emergency room or the police department can be asked
to photograph in emergency situations.
Communicable Diseases
Reported to Protect citizens from Infectious Diseases
Reporting Required by Statutes
AIDS
State HIV Required Reporting

7. Mandatory Testing
Births and Deaths
Reportable by Statute
Necessary to Maintain Accurate Census
Medical Examiner
Suspicious Deaths
Determines Cause of Death
Adverse Drug Reactions
Harmful Drug Reactions
Result of Administration of a Drug or Combination of Drugs
MedWatch
FDA Program for Reporting Harmful Reactions
Physician Competency
Health Care Quality Improvement Act
Authorizes National Practitioner Data Bank to collect & release
information on professional competence & conduct of health
care practitioners.
National Practitioner Data Bank
Created by Congress as national repository of information with
primary purpose of facilitating a comprehensive review of
healthcare practitioners’ professional credentials
Operates Under Authority of the Secretary of DHHS
Established to protect public by restricting ability of unethical

8. or incompetent practitioners from moving state to state without
disclosure or discovery of previously damaging or incompetent
performance
National Data Bank Reporting
Reporting Requirements
Required Queries
Required Reporting
Data bank Queries
Query Fees
Penalties for Failing to Report
Confidentiality of Data Bank Information
Incident Reporting
States Reportable Incidents
Serious Injury or Death
Hospital Acquired Infections
Fires
Loss of Power
Employment Strikes
Incident Reporting, cont’d
The Deficit Reduction Act, amended in 2008, cites hospital -
acquired infections Medicaid and Medicare will not reimburse
hospitals for.
Catheter-associated urinary tract infections
Surgical site infections following bariatric surgery
Surgical site infections following certain elective surgery, &

9. surgical site infections
Incident Reporting
Incident/Occurrence Reports Discoverable.
Incident Reports
Should Not be Placed in the Medical Record
Sentinel Events
Unexpected occurrences involving death or serious physical or
psychological injury, or the risk thereof.
“Or the risk thereof” includes any process variation for which a
recurrence would carry a significant chance of a serious adverse
outcome.
Unanticipated Death
Major Permanent Loss of Function
Sentinel Events (cont’d)
Suicide
Unanticipated death of a full-term infant
Infant abduction
Rape
Hemolytic transfusion reaction
Surgery on the wrong patient or wrong body part
Root Cause Analysis

10. Process for identifying basic or causal factors that underlie the
variation in performance including the occurrence or possible
occurrence of a sentinel event.
Root Cause Analysis, cont’d
Thorough
Credible
Investigation involves general and special causes
Researching Literature
Search for Best Practices
Implementing & Monitoring Change
Review Questions
Describe various forms of child abuse, how to recognize it, &
reporting requirements.
Describe various forms of elder abuse, how to recognize it, &
reporting requirements.
Discuss importance of reporting births & deaths.
Review Questions (cont’d)
Explain why it is important to report communicable diseases,
adverse drug reactions, & infectious diseases.
Explain how & why physician incompetency is
reported.
Explain the importance of incident reporting, sentinel events, &
the purpose of root cause analyses.

12. 12345678910111213141516171819202122232425262728293031
32
Chapter 13
Information Management &
Patient Records
Learning Objectives
Describe the contents of medical records.

13. Explain the importance of maintaining complete and accurate
records.
Explain the ownership of and who can access a patient’s
medical record.
Describe the advantages and disadvantages of electronic
medical records.
Learning Objectives, cont’d
Describe why the medical record is important in legal
proceedings.
Describe a variety of ways in which medical records have been
falsified.
Explain what is meant by the medical record
battleground.
Information Management
Determine Customer Needs
Set Goals & Establish Priorities
Improve accuracy of data collection
Provide Uniformity in Data Collection Definitions
Limit Duplication of Entries
Information Management, cont’d
Deliver Timely & Accurate Information
Provide Easy Access to Information
Maintain Security & Confidentiality of Information
Enhance Patient Care Activities
Improve Collaboration through Information Sharing
Information Management, cont’d

14. Establish Disaster Plans for Information Recovery
Provide Orientation & Staff Training
Annual Review of Information Management Plan
Scope
Organization
Objectives
effectiveness
Medical Record
Means of Communication
Documentation of Patient’s
Illness
Symptoms
Diagnosis
Treatment
Medical Record
Means of Communication, cont’d
Communication Tool (e.g., progress notes)
Protect Legal Interests of Patient & Provider
Provide Database for Use in Statistical Reporting
Continuing Education
Research
Provide Information for Billing
Medical Record Contents
Admission record

15. Age
Address
Reason for admission
Social security number
Marital status
Religion
Health insurance
Medical Record Contents, cont’d
Consent Authorization for Treatment
Advance Directives
History & Physical Exam
Diagnosis
Information that Supports the Diagnosis
Patient Screenings & Assessments
Medical Record Contents, cont’d
Treatment plan
Physicians‘Orders
Progress Notes
Nursing Notes
* Integrated record includes physician progress & nursing
notes along with the notes of other disciplines
Medical Record Contents, cont’d
Diagnostic Reports
e.g., EKG, EEG, laboratory & imaging
Consultation Reports
Vital Signs
Fluid Intake & Output

16. Pain Management Records
Anesthesia Assessment
Medical Record Contents, cont’d
Operative reports
Medication Administration Records
Discharge Planning
Patient education
Discharge summaries
Documentation of Care
Record Accurate Entries
Nurse’s Charting
Documentation & Reimbursement
Charting by Exception
Failure to Maintain Records
Medical Record Battleground
Privacy Act of 1974
5 U.S.C. 552
Enacted to safeguard individual privacy from misuse of federal
records, to give individuals access to records concerning
themselves that are maintained by federal agencies, & to
establish a Privacy Protection Safety Commission.
Health Insurance Portability & Accountability Act (HIPAA)
Designed to protect the privacy, confidentiality, & security of
patient information.
Standards apply to all health information in all formats.

17. HIPAA
Privacy Provision
Patients are able to access their records & request correction of
errors.
Patients must be informed of how personal information will be
used.
Patient consent for release of information for marketing
purposes required.
Patients can ask insurers & providers to take reasonabl e steps to
ensure their communications are confidential.
Patients can file privacy-related complaints.
HIPAA
Privacy Provision, cont’d
Health insurers or providers document their privacy
procedures.
Health insurers or providers designate a privacy officer and
train their employees.
Providers may use patient information without patient consent
for
Purposes of providing treatment
Obtaining payment for services
Performing non-treatment operational tasks of the
provider’s business
HIPAA
Security Provision
Policies and procedures are designed to show how the entity
will comply with the act.
Entities must adopt a written set of privacy policies &
procedures.

18. The privacy officer develops and implements policies and
procedures.
Policies and procedures must reference management oversight &
organization buy-in to comply with documented security
controls.
Procedures identify employees who will have access to
protected health information.
Access to protected health information (PHI) in all forms is
restricted to employees who have a need for it to complete job
function.
HIPAA
Security Provision, cont’d
Procedures address access authorization, establishment,
modification, & termination.
There is an ongoing training program.
Entities that outsource business processes to a third party
ensure vendors have framework to comply with HIPAA.
Care is taken to determine if the vendor further outsources any
data handling functions to other vendors, while monitoring
whether appropriate contracts & controls are in place.
There is a contingency plan for responding to emergencies.
Covered entities are responsible for backing up their data &
having disaster recovery procedures in place.
HIPAA
Security Provision, cont’d
Recovery plan should document data priority & failure analysis,
testing activities, and change control procedures.
Internal audits review operations with goal of identifying
potential security violations.
Policies & procedures document scope, frequency, & procedures
of audits.
Audits are routine & event based.

19. Procedures document instructions for addressing & responding
to security breaches.
HIPAA
Physical Safeguards
Responsibility for security must be assigned to a specific person
or department.
Controls must govern the introduction & removal of hardware
and software from the network.
When equipment is retired, it must be disposed of properly to
ensure that PHI is not compromised.
Access to equipment containing health information should be
carefully controlled and monitored.
Access to hardware & software must be limited to properly
authorized individuals.
HIPAA
Physical Safeguards, cont’d
Required access controls consist of facility security plans,
maintenance records, & visitor sign-in and escorts.
Policies are required to address proper workstation use.
Workstations should be removed from high-traffic areas &
monitor screens should not be in direct view of the public.
If the covered entities utilize contractors or agents, they
too must be fully trained on their physical access
responsibilities.
HIPAA
Technical Safeguards
Information systems housing PHI must be protected from

20. intrusion.
When information flows over open networks, some form of
encryption must be utilized.
If closed systems/networks are utilized, existing access controls
are considered sufficient and encryption is optional.
Each covered entity is responsible for ensuring data within its
systems has not been changed or erased in an unauthorized
manner.
HIPAA
Technical Safeguards, cont’d
Data corroboration, including use of check sum, double-keying,
message authentication, & digital signature may be used to
ensure data integrity.
Covered entities must also authenticate entities with which they
communicate.
Authentication consists of corroborating that an entity is who it
claims to be.
Covered entities must make documentation of their HIPAA
practices available to the government to determine compliance.
HIPAA
Technical Safeguards, cont’d
Information technology documentation should also include a
written record of all configuration settings on components of
the network because these components are complex,
configurable, & always changing.
Documented risk analysis & risk management programs are
required.

21. HITECH Act
Provides Secretary of HHS must post a listing of breaches of
unsecured protected health information affecting 500 or more
individuals
Medical Records
Ownership and Release
News: Hospital Workers Punished for Peeking at Clooney File
Ownership resides with the organization or professional
rendering treatment.
Right to Privacy
Medical Records
Ownership and Release, cont’d
Request by patients
Failure to release records
Legal action
Requests: Third parties
Insurance carriers processing claims
Medical researchers
Educators
Government agencies
Privacy exceptions
Criminal investigations
Medicaid fraud
Substance abuse records
Use Of Patient Data Gathered
Provider mistakes often occur because of unwieldy,

22. unorganized, & voluminous amounts of information gathered on
patients.
Caregivers who fail to use information collected when assessing
patient needs may & themselves in a lawsuit.
Todd v. Sauls
Physician breached his duty of care for Failure to Read Nursing
Notes
Retention of Records
Varies State to State.
Failure to Preserve X-rays
Illinois Supreme Court held hospitals must retain X-rays &
other such photographs or films as part of their regularly
maintained records for a period of 5 years.
Rodgers v. St. Mary's Hosp. of Decatur
Electronic Medical Records
Advantages
Retrieves patient information
Improves productivity and quality
Reduces costs
Supports clinical research
Education
Computer-assisted diagnosis & treatment
Electronic Medical Records
Advantages, cont’d
Allows for computer-generated prescriptions
Generates reminders for follow-up testing
Assists in decision-making process
Aids in standardizing treatment protocols

23. Assists in identification of drug-drug & food-drug interactions
Telecommunications
Electronic Medical Records Disadvantages
Increased risk of lost confidentiality & unauthorized disclosure
of information
Technology crime & related illegal activities
Increase in cyber crime
Costs to protect networks & critical infrastructures from cyber -
based threats
One checkmark on a computer form can populate many fields &
multiple pages giving the impression that a thorough patient
assessment was conducted.
Legal Proceedings
& the Medical Record
Complete, Accurate, & Timely Records
Reconstructs Events Surrounding Alleged Negligence
Aid Police in Investigations
Provides Information as to the Cause of Death
Aids in Information Recall for Witnesses
Falsification of Medical Records
Falsifying Medical Records
Alteration & Destruction of Medical Records
Tampering with Medical Records
Falsifying Business Records
Nurse Changes Record Entries

24. Falsification of Medical Records, cont’d
Alteration of Records
News: Falsified Patient Records Are Untold Story Of California
Nursing Home Care
Failure to Record Patient’s Condition
Illegible Handwriting
Poor penmanship can lead to patient injury.
The American Medical Association encourages physicians to
print, type, or computerize their orders.
A Harvard study found that penmanship was among the causes
of 220 prescription errors out of 30,000 cases.
Timely Completion
Medical Records
Caregivers must promptly complete records.
Failure to timely record patient information can lead to
forgetfulness and documenting the wrong information on the
wrong record.
Failure to complete records as required by policy can be the
basis for suspension of privileges.
Confidential & Privileged
Communications
Attorney-client privilege
Physician-patient confidentiality
HIV Confidentiality
Disclosure of Physician’s HIV Status
Disclosure of Physician’s HIV Status
HIV Status “Improperly” Disclosed to Employer

25. Confidential & Privileged
Communications, cont’d.
HIV Status “Properly” Disclosed to Employer
News Media
Reports of the Joint Commission Privileged from
Discovery
Privileged Information: Statements Protected
Credentialing Files Privileged
Ordinary Business Documents
Confidential and Privileged
Communications, cont’d
Committee minutes discoverable
Peer review documents privileged
Peer review documents not privileged
Staff privileging documents discoverable
Case: Illinois
Staff credentialing documents not discoverable
Case: South Carolina
Charting
Helpful Advice
Complete and pertinent entries
Timely entries
Legible entries
Clear and meaningful entries
Complete

26. Charting
Helpful Advice, cont’d
Avoid
Defensive and derogatory notes
Erasures and correction fluids
Criticism
Complaints
Tampering with the chart
Secure records pending legal action
Charting
Helpful Advice, cont’d
Obtain legal advice
Entries made by others must not be ignored
Patient care is a collaborative interdisciplinary team effort
Entries made by healthcare professionals provide valuable
information in treating the patient
Charting
Helpful Advice, cont’d
Reasoning for not following the advice of a consultant should
be noted in the medical record, not so as to discredit the
consultant, but to show the reasoning why a consultant’s advice
was not followed.
Review Questions
Describe the importance of information management

27. planning.
Describe the importance & contents of medical
records.
Explain the importance of maintaining complete & accurate
records.
Review Questions, cont’d
Discuss how the Privacy Act of 1974 & the HIPAA of 1996
safeguard a patient’s privacy.
Explain the ownership of & who can access a patient’s medical
record.
Describe the advantages & disadvantages of electronic medical
records.
Review Questions, cont’d
Describe why the medical record is important in legal
proceedings.
Describe a variety of ways in which medical records have been
falsified.
Explain what is meant by the medical record
battleground.