Electronic health records (EHRs) are an electronic version of a patient’s medical history. The records are maintained over time by a provider. EHRs can be shared across various health organizations and authorized clinicians involved in the patients care.[i] EHRs assist in centralizing the medical record keeping process along with making it more accessible.[ii]
Information that can be input into EHRs can include:
- Family medical history[iii]
- Patient demographics
- Allergy information
- Vital signs
- Lab test results
- Physician notes
- Immunization records[iv]
- Records of medical treatments[v]
EHRs vs. EMRs
Electronic Medical Records (EMRs) are the digital equivalent of traditional paper medical records.[vi] EMRs can contain all the same information as EHRs such as medications, allergies, prescriptions, etc. The main difference is that EMRs are maintained by one provider, while EHRs are interoperable, meaning they can share information and data with different systems. This allows providers to have access to a patient’s complete medical history from various providers. Since EMRs are not shared with, or updated by various providers, they often include less information than EHRs.[vii]
Switching to EHRs
The use of electronic health records has increased dramatically in U.S. medical field over the last few years, with the use of both basic and certified EHR systems increasing in office-based practices and nonfederal acute care hospitals.[viii]
A practice or hospital has adopted a Basic EHR system when the practice or hospital has a computerized system with the capabilities in the following areas: view lab and radiology results, physician notes, patient demographics, lists of medications, orders for medications, nursing assessments, and discharge summaries. By comparison, for an EHR system to being considered certified it must meet the functionality, security, and technological capability requirements set by the federal government.[ix]
By adopting a certified EHR system, it is ensured that HIPPA requirements set by the Centers for Medicare and Medicaid Services (CMS) are met. Both the CMS and Office of the National Coordinator for Health Information Technology (ONC) determine the requirements for an EHR to be certified.
There are eight main categories that an EHR must meet to be certified:
- Clinical Processes
- Care Coordination
- Clinical Quality Measurement
- Privacy and Security
- Patient Engagement
- Public Health
- Health IT Design and Performance
- Electronic exchange[x]
Clinical processes can include an EHR capturing family history, demographics, behavioral, social, and psychological data, and patient education resources. Clinical processes can also include a provider ordering lab tests, diagnostic imaging, and medications.
Care coordination includes care plans, electronic prescribing, referral summaries and transition of care and the ability to export data to be used in another electronic health system.
Quality improvement is part of clinical quality measurement. Privacy and security can include authorization and authentication, automatic time-out access and encryption. Secure messaging and patient access to health information in part of patient engagement.
Public health is also part of certified EHR, this includes transmission of health care surveys to public health agencies, and reportable lab tests and results. Accessibility and safety-enhanced design are part of the Health IT Design and Performance category. Lastly, secure mechanisms to exchange health information is part of the electronic exchange requirements.[xi]
By adopting a certified EHR system, a practice ensures that HIPAA and other federal privacy, care coordination, public health, patient engagement and other requirements are met.[xii]
Benefits and Drawbacks of EHRs
There are many benefits to EHRs, one of the main benefits being that EHRs are a centralized system that makes it easier for multiple organizations to share information and to acquire patient information in an efficient manner. This allows for an easier flow of information between organizations and staff. EHRs can also be used for clinics, hospitals and health care organizations to analyze data collectively to see if there are any trends among patients in a geographical area.[xiii]
EHRs can also assist in improving medical billing and coding at an administrative level. In addition, EHRs can reduce and prevent medical errors and improve a doctor’s ability to provide better care by providing a more holistic view of the patient’s health. EHRs also allow for clearer records of each treatment.[xiv]
There are some drawbacks of EHRs, one of the main drawbacks is that hospitals and practices may be reluctant to adopt EHRs as they are a large financial investment, and it takes time to train staff how to use the system. Another drawback of EHRs is that facilities that use different EHRs may face some difficulties sharing information if systems are not compatible.[xv]
Cybersecurity and EHRs
A large concern with EHRs is ensuring patient information is secure. Security breaches can compromise patient data and be costly to healthcare organizations.[xvi]
In 2018, 29.3% of data breaches involved unauthorized access of healthcare or medical records. In 2018, the Identity Theft Resource Center found that on average, the cost of a data breach is $3.86 million, amounting to $148 per record lost or stolen.[xvii]
EHRs have become common practice over the last few years, creating an easy way for medical facilities, clinics, and hospitals to record, keep, utilize, and share patient information and easily compile data to view trends. With both benefits and drawbacks to EHRs, medical organizations, facilities, clinics, and hospitals will have to continue to access the risks and rewards of using EHRs.