Some pitfalls when using electronic medical records

Health Law Update

September 1, 2017

Jonathan P. Rossall, QC, LLM | Partner, McLennan Ross LLP

Contributed by: Jonathan P. Rossall, QC, LLM | Partner, McLennan Ross LLP

Given the theme of this edition of Alberta Doctors’ Digest (and the fact that this is a medical/legal column), I thought it might be helpful to reflect on some of the risk factors associated with electronic medical records (EMRs).

I recently participated in a panel of doctors and lawyers speaking to physicians on a variety of risk management issues, including EMRs. At the outset it should be made clear that, used properly, an EMR is a valuable tool that is very effective in improving patient care. The discussion, though, was focused on pitfalls. It was very animated and helpful, and I took away six specific aspects of EMRs that could, if not used properly, give rise to potential liability or at a minimum, investigation by the Office of the Information and Privacy Commissioner. The information outlined in this article, however, is intended as a high level overview of these issues; other resources should be accessed for a more in-depth review.1

Use of templates/check boxes

EMRs are designed by their vendors to make life easier on record keepers. Many, if not most, will feature templates for various medical conditions with associated check boxes reflecting identified symptoms, risk factors, imaging and other options. Again, used properly, these can create efficiencies in record keeping. The problem with moving in this direction is the potential to create “cookie-cutter” charts and the possibility of the physician becoming so dedicated to ticking off the boxes that the ability to look outside the boxes is lost. The use of free text options, where appropriate, should be encouraged to ensure that the record continues to be unique to individual patients.

Also, users should be cautious with regard to default settings and the dreaded auto-fill function, which may inadvertently add information that was not actually obtained from the patient.

A February 2015 article in the Ontario Medical Review made a few suggestions that make common sense:

  • Delete fields that are not applicable such as prostate exam results for female patients.
  • Delete fields or contents that do not reflect what you have actually done.
  • Avoid unrealistic, overly detailed templates that are not typical of your practice.

Sound advice.

Copy/paste function

It is tempting to copy entries from previous visits and paste them into an EMR narrative, rather than take the time to type an entirely new entry. Or, on occasions there are descriptions of clinical examinations or techniques available in electronic versions of publications that can be copied and pasted into an EMR, again to make life easier. Great caution should be used with such an approach, as the overt similarity of the entries from visit to visit will erode the impression that a unique and individual assessment occurred. This is especially so if the cut and pasted paragraph contains details that were not common to the two visits. And, most assuredly, a chart review by the college which reveals identical entries on different dates may raise suspicions as to how much time was actually spent with the patient and what was actually done.

Audit trails

Most computer users have heard the term “metadata.” This is the background information which confirms when, by whom and for what purpose data entries were made. It is essentially an electronic log of all data entry. Reverting to metadata, an investigator can confirm exactly when a chart note was made, by whom, using what password and whether changes/alterations have occurred. All of which should serve as a caution when considering corrections or alterations to an EMR.

Alerts

Most EMRs will have a system of pop-up alerts which vary from notifications of incoming messages, to advice regarding office issues (patients waiting) to more serious issues such as significantly deviant test results. These can be distracting and some might be tempted to delete alerts, forgetting that some can be more serious or clinically relevant than others. Physicians should avoid that habit, because the system assumption is usually “dismissal equals acknowledgement.” They should either carefully read each alert, modify their EMR so that only serious and clinically relevant alerts come through, or check if there is an “Are you sure?” feature that prompts second thoughts about deletion.

Drop-down menus

Who hasn’t inadvertently sent an email to the wrong person from their drop-down menu of email contacts? This might result in embarrassment to the author or potentially a privacy breach. However, drop-down menus on EMRs raise a host of other potential issues, including the inadvertent identification of the wrong patient, misfiling of results or inadvertent signing off of results. Drop-down menus are useful tools, but caution should be exercised by physicians and staff in using them.

Privacy

Finally, overall caution should be exercised in using and storing electronic data. The newspapers are replete with stories of stolen or lost laptops or media storage tools such as memory sticks. The lessons learned are typically not to take such devices from the office or, if removal from the office is necessary, ensuring that they are encrypted and password protected. However, in larger practices or hospitals, risks are also associated with sharing laptops or computers or failing to properly log off when use is completed. Inadvertently allowing another user to access information can lead to consequences.

Overall, EMRs have made communication between physicians and other health care providers easier and quicker, quite aside from the fact that entries are more legible! However, caution must still be exercised with these systems and their hardware to avoid medical misadventures and to protect the privacy and the integrity of the information stored on the EMR.

Thank you

My thanks to the Canadian Medical Protective Association (CMPA) for allowing the use of material generated by the CMPA for their ongoing CME/Risk Management purposes. More information: www.cmpa-acpm.ca/static-assets/pdf/advice-and-publications/risk-management-toolbox/com_electronic_records_poster_11x17-e.pdf 

References available upon request.

The Alberta Medical Association stands as an advocate for its physician members, providing leadership & support for their role in the provision of quality health care.