Dr Brian Fisher of the Record Access Collaborative , UK has some excellent tips for doctors who are concerned about the downsides of patients being able to read their own medical records. This wisdom is based on years of practical experience !
" 1.3.3 Safety Issues and recommended actions
Whilst accepting the benefits of record access, practices also worry about the safety of full record access. The commonest concerns centre on third party information, litigation, seeing bad news and children. Our experience has been that the following simple precautions avoid much risk. It does mean that whoever reads the letters or results needs to see them from a lay point of view.
• Third party information: the identity of the provider of third party information.must remain concealed from the patient The data that a third party provides can be seen by the patient, (for instance, if a wife reports the drinking of the husband but does not want herself to be identified) but the identity of the giver of that information must be kept from the patient reading the record.
We recommend that records are checked for third party information before access is enabled. We have further documentation on this issue if you need. Practices will be able to allow record access to consultations after a date of their choosing. This will allow practices to ensure appropriate recording practices are in place.
• Serious test results and potentially frightening letters should probably be excluded until a face-to-face meeting. When reading letters or checking results, look for new frightening information that you feel patients should not be expected to see on their own without discussion and putting into context.
We recommend that the practice should ensure that clinicians read letters and results before they are included in the records. If this is not possible, the practice will be enabling patients to see information before it can be put into context by the practice.
• Children. There are no legal precedents that cover this area, except for the usual “Gillick competence” approach. It is essential that children’s records are only seen by the parents/carers with the child’s permission. Different surgeries have developed different policies. The simplest is that record access is only allowed for children over a certain age, say 10 years old.
We recommend that access should be disabled when a child reaches 10. We shall be consulting on the best approach to this issue over the next few months.
• Carers. Patients are often keen for their family to have access to their records. Sometimes younger members can use the computer more easily, sometimes access to the data could make care a great deal safer. In our view, so long as people are not being coerced, it is up to the patient.
1.3.4 Changes in style and culture that may be needed.
• It would be helpful to write notes in as clear a style as possible. However, patients reading even handwritten records say that they understand 60% of what they read.
• Derogatory comments are always unacceptable.
• All clinicians should be writing anyway as if patients can see whatever they write. Current legislation enables patients to obtain access to records on request, though GPs are allowed to charge for this access. Doctors can only censure access if:
It may cause serious harm to the physical or mental health, or condition of the patient or any other person
It may relate to or be provided by a third person who had not consented to the disclosure.
• Third party information given to clinicians needs to be handled carefully, for instance when a mother tells you about her son’s behaviour and asks you to intervene without revealing your source.
• Recording speculative differential diagnoses is only a problem if they have not been discussed with the patient.
• Do not write anything you don’t want the patient to see. This open style does put a premium on honesty. It is best to explain that a colonoscopy is looking for cancer rather than write notes to yourself that a patient may see in the future.
• It is worth every member of the practice obtaining a reasonable understanding of the PAERS system in order to answer patient queries.
1.3.5 Ways by which the system can save time
• Patients can look at their results on computer (if you get your results by electronic links) without contacting reception.
• Patients can look at their immunisations on computer without contacting reception.
• Patients can read their letters without contacting a clinician.
• Patients can share information with family, carers and other healthcare professionals, reducing the requests for clinical information from the practice.
• We shall, in the future, be enabling the system to remind patients about key appointments, such as BP and medication reviews
Will there be an increase in consultation time?
There may be concerns that patients will want more explanation and ask more questions. Our experience is that access appears to be time-neutral. Some patients do take longer, but research also shows that:
• access is used by patients to keep consultations short. They do this by looking at the data beforehand and only asking about things they need to ask
• one paper showed that there was no increase in time taken.
• The practice will save time when people can look up their information without consulting anyone at the practice: allergies, immunisations – for forms etc
1.3.6 Will there be an increase in complaints?
There is no evidence for an increase in litigation as a result of access. On the contrary, the evidence is good that relationships are improved
1.3.7 Are patients made anxious?
A small minority are, most are reassured. The group of patients who have the most difficulties are patients with psychiatric problems. Research suggests that this group is still pleased to have seen the information even if it upset them. Upset can be therapeutic.
1.3.8 What if patients see errors in the records?
Research suggests that, at the moment, if patients see errors, they tell no-one. We see access as improving record-keeping. Patients should be encouraged to report errors. The commonest are simple demographic errors (evidence suggests that most practices have 10% demographic errors). If patients can tell us about them, accurate mobile numbers for instance, that can help practices significantly.
Patients do misunderstand entries sometimes. The vast majority are easily dealt with by simple explanation.
1.3.9 Is the record secure?
The main risk to security in the current system is that an attacker might guess or steal a patient’s account log-in information and use it to log-in themselves. This risk is higher if patients use weak passwords, fail to keep their passwords secret, use public computers or do not keep their home systems patched up to date and protected from viral and trojan software. Token based two factor authentication will mitigate much of this risk.
A simple study conducted in two surgeries suggests that about 3/4 of patients are content with a pin and password , while a quarter would prefer 2 factor authentication.
It is possible that members of the family, for instance, will be able to see records, perhaps by glancing over patients’ shoulders or by coercing them. As with internet banking and other protected sites, once the record has been delivered, we can assume that the patient becomes fully responsible for its security.
No comments:
Post a Comment