This page contains a Flash digital edition of a book.
aging center, or lab if a report is not received;


• Make sure the physician reviews the report;


• Communicate results to the patient; • Arrange for follow-up if needed; and • Document all these steps with dates and electronic signatures.


TMLT strongly recommends physi- cians investigate and employ electronic tracking systems when available. Ensure that all prescribed medica-


tions are captured in the EMR. E-pre- scribing can be very helpful if it saves the information as part of the patient’s medical record. If physicians who use EMRs are not e-prescribing, prescriptions should be captured by documenting the name, dose, quantity, instructions, and refill amount. If necessary, scanning the paper prescription into the EMR may help, but the prescription should also be electronically added to the medica- tions module so the information is read- ily available. Documenting only the name of the medication does not meet the guidelines set by the Texas Medical Board. The same is true when dispensing sample medications to a patient. Check and double-check that your re-


cords are backed up reliably. The HIPAA Security Rule requires that patient data be backed up to ensure it can be retrieved if a hardware failure or other event occurs. The risk management de-


partment received several calls from phy- sicians whose backups have failed. One physician lost 600 patient records due to a hardware failure. He had been dili- gently backing up the data on a regular basis and storing copies off-site. How- ever, when the backup was set to restore, the data was unavailable. The backup process he followed since setting up the EMR system did not adequately capture the patient data. Creating a backup data set is only the first step. Test the backup record regular- ly to ensure that all appropriate data is copied and that data restoration is pos- sible. Testing should occur for all backup types, including in-house creation on a removable hard drive, or for processes that send the information over the Inter- net for off-site storage. Even if an EMR vendor provides off-site backup, TMLT advises physicians to confirm that the data is captured appropriately and can be easily re-created if necessary. Make sure the records are complete


when providing printed copies. Many physicians using an EMR do not regular- ly print a patient record and may be un- aware that clicking the print button does not always provide a complete record. A patient or subsequent treating physician could receive an incomplete record as the result of an EMR’s automated print- ing protocols. If an attorney requests a record and receives an incomplete record, he or she could accept and file a liability


claim based on incomplete information. After printing what one assumes to be a complete record, ask these questions:


• Does the record show the electronic signature and date the physician signed the progress note?


• Does the record indicate when the staff made entries showing their ini- tials or unique identifier?


• Does the record show all diagnostic reports, lab results, and consult re- ports and include information demon- strating the physician’s timely review?


• Does the record show all medications prescribed, refills authorized, and samples given (if relevant)?


• Are patient consent forms included in the printed record?


• Are patient telephone calls included in the printed record?


In some EMRs, all this information


is available on the screen but does not show up on the printed record when clicking the general print button. It may be necessary to go to phone notes, pre- scription refills, and other documents and print them individually to ensure that they are included in the complete record. Confirming that a complete re- cord is sent is a prudent risk manage- ment practice.


When implementing systems to have a patient’s paper records scanned, test the print function to make sure it cap- tures everything from the scanned docu- ments. Items often overlooked include documentation of phone calls or re- quests for medication refills. Establish a system to appropriately


Coverage for a security breach


HIPAA and the Health Information Technology for Economic and Clinical Health (HITECH) Act require physicians to have certain administrative, technical, and physical protections to protect the privacy of patients’ health information. TMLT policies include an endorsement — cyber liability cover- age — that covers these privacy-related risks and any regula- tory fines and penalties that result from a breach. To learn more about TMLT’s cyber liability coverage, visit www.tmlt.org/cyberliability.


16 TEXAS MEDICINE April 2013


capture paper and other external clinical documents. Optimally, all paper docu- ments should be scanned into the elec- tronic record for easy accessibility. These documents could include paper records used before implementing an EMR, di- agnostic test results, consultant reports, hospital reports, records from other phy- sician offices, etc. Additionally, a process should be implemented to ensure that, once scanned, the paper documents are properly stored and/or destroyed. Alternatives exist for practices work- ing with systems with limited memory or scanning capability. Because some pa-


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68