Healio
Healio
Issue: September 2009
September 01, 2009
4 min read
Save

Technology ownership, data privacy control critical aspects of EMR adoption

Users suggest understanding all data regulations and to have an attorney review agreements.

Issue: September 2009
EMRs in the Orthopedic Practice

More health systems, hospitals and orthopedic practices are expected to soon be using electronic medical record systems after large amounts of federal economic stimulus money were earmarked for them this year, giving a veritable “shot in the arm” to U.S. adoption of paperless medical records.

While many hospitals and physicians are now exploring the features and functionality of electronic medical record (EMR) systems more intently, those versed in the pros and cons of EMR adoption recommend that those looking into these systems consider the equally important issues of privacy, ownership and control of EMR data.

Because technology ownership, security and legal factors can impact information exchange, transactions and access to EMR records, is imperative to be proactive when dealing with these areas. They are just as important as the system’s financial, productivity and other benefits, according to EMR proponents.

Privacy at risk

Louis F. McIntyre, MD, of Westchester Orthopaedic Associates, White Plains, N.Y., who has written and lectured about incorporating EMRs in orthopedic practices, told Orthopedics Today he is concerned about the possible negative effects the expected increase in EMR implementation may have.

McIntyre, whose practice implemented an EMR system in 2002, believes EMR privacy issues present a significant problem in today’s health care environment.

“I think every American should be concerned that with the widespread implementation of EMR, coupled with some of the regulatory apparatus envisioned in the health care reform act currently in Congress, that electronic records may lead to a serious erosion of privacy in the future,” he said.

Concerns over health record privacy have led to questions about the ownership of EMR data, who controls the information, who can access it, and how EMR systems address these areas.

“Now that digitizing information frees it from particular storage media, confusion reigns,” faculty members at Wake Forest University and Duke University said in an article on electronic medical information in the Journal of the American Medical Association.

Furthermore, “This impending legal issue must be addressed very soon if we are to both protect patients’ interests in their medical information and ensure that new information systems are put to their best use,” Mark A. Hall, JD, professor of law and public sciences at Wake Forest University, co-author of the JAMA commentary, stated in a press release.

Ownership

Some predict these areas could become barriers to EMR adoption or produce legal hurdles if not clarified soon.

Health information residing on McIntyre’s practice’s computer server is the practice’s property and no one else can currently access it, which is typically the case.

“Patients, of course, also ‘own’ their medical records and can request them at any time,” McIntyre explained.

Most of the orthopedic practices that Bojan Gospavic, EMR product manager for Stryker Imaging, works with prefer owning their EMR patient data because it ensures them access to it should their relationship with the EMR vendor change.

“We have seen exceptions to this, particularly with solo physician practices,” Gospavic noted.

Owning the data is often less important to solo practitioners than the system’s cost so they are more likely to purchase an EMR system from an outside source, like an application service provider, to reduce investment costs for computers, servers and information technology maintenance, he said.

“In this scenario, the EMR vendor has control over the data. Legally they would be obligated to provide the practice with access to the data in the event the EMR vendor went out of business. However, it is a risk that a physician would have to take.”

Hospital EMRs

Robert Cimasi, president of Health Capital Consultants in St. Louis and Gospavic agree a degree of caution is needed when an orthopedic practice’s EMR purchase is funded by their hospital. The information is rendered less portable should a physician leave the practice or the practice ends its relationship with the hospital.

Furthermore, clinics with hospital-funded systems can encounter major implementation challenges related to security issues and accessing EMR data on hospital-based systems, Gospavic explained.

Another downside of a hospital EMR system is clinics may have to alter their orthopedic workflow to correspond with the hospital’s, which could affect practice productivity, he said.

The clinical aspects of an EMR belong to the patient, Cimasi noted. “Patients have certain rights to that data.”

However, various state and federal laws regarding privacy of medical records and patient rights may affect that. So he urged practices to fully understand and assess those laws before implementing an EMR system.

A privacy protection study by Massachusetts Institute of Technology and University of Virginia researchers showed state privacy regulations reduced aggregate adoption of EMRs at more than 24% of hospitals. But, in states that eliminated some of those regulations, the adoption rates increased 21% per year compared to 11% in states where privacy regulations were unchanged.

Although record keeping and sharing of clinical information among caregivers constitutes the main focus of an orthopedic practice’s EMR system, they absolutely need to be aware of issues of ownership and control of data and its security, he said.

To avoid a costly mistake, Cimasi recommended having competent outside counsel review all license, vendor, service and other agreements, whether considering an in-house, out-of-house or hospital-based EMR system. Know where the obligations, liabilities and exposures lie for keeping data private and confidential, particularly when EMRs are incorporated into an overall practice management bundle, he said.

“This process could be one of the most important changes that has ever happened in their practice. It deserves being accorded a significant amount of disciplined consideration.”

For more information:
  • Robert James Cimasi can be reached at Health Capital Consultants, 9666 Olive Blvd., Suite 375, St. Louis, Mo 63132; 314-994-7641; e-mail: rcimasi@healthcapital.com.
  • Bojan Gospavic can be reached at Stryker Imaging, 1410 Lakeside Blvd., #600, Flower Mound, TX 75028; 972-410-5092; e-mail: bojan.gospavic@stryker.com.
  • Louis F. McIntyre, MD, can be reached at Westchester Orthopaedic Associates, 222 Westchester Ave., Suite 101, White Plains, NY 10604; 914-946-1010; e-mail: lfm@woapc.com.

References:

  • Hall MA, Schulman KA. Ownership of medical information. JAMA. 2009;301(12):1282-1284.
  • Miller AR, Tucker C. Privacy protection and technology diffusion: The case of electronic medical records (February 2009). Net Institute Working Paper No. 07-16. http://ssrn.com/abstract=960233. Accessed August 17, 2009.