EHR-GO Terms and Information
by improving quality of care screenings: breast, DM, chlamydia, colorectal cancer and by increasing services: blood pressure control for patients with HTN, breast cancer screenings, recording of BMI and blood testing for patients with DM
How can EHR improve the quality of patient care?
template
In the EHR, a document with instructions, pre-defined documentation choices, and/or narrative documentation in a format that has not been produced yet
what does ICD-10-CM stand for? and what does it do?
International Classification of Diseases, Tenth Revision, Clinical Modification - for diagnosis coding
what does ICD-10-PCS stand for? and what does it do?
International Classification of Diseases, Tenth Revision, Procedure Coding System - for inpatient hospital procedure coding
what did the meaningful use program do?
it incentivized healthcare providers to use EHRs
Health Information Technology (HIT)
the use of information and communication technology in health care
key part of the HITECH law
"meaningful use" standards for interoperable EHR
good chart documentation by all members of the team should:
-consistency and coordination -completeness -accuracy -timeliness -objectivity -use of accepted abbreviation and terminology
what can EHR's do?
-contain patient's medical history, diagnoses, medications, treatment plans, immunization dates, allergies, radiology images, laboratory and test reults -allow access to evidence-based tools that providers can use to make decisions about a patient's care -automate and streamline provider workflow
what must an accounting of disclosures include?
-date of disclosure -name of person or entity who received the PHI and the person or entity's address, if known -brief description of the PHI that was disclosed -one of the following: -- brief statement of the purpose of the disclosure --copy of a written request for disclosure by US DHHS or a person or entity authored to receive PHI for national priority uses
other improved patient safety measures that take place when the full capabilities of an EHR are utilized
-environmental allergies -latex allergies -food allergies or intolerance -risks: falls, aspiration, bleeding, suicide, wandering -incomplete orders -duplication of medication orders
5 pillars of meaningful use
-improving quality, safety, efficiency and reducing health disparities -engaging patients and families in their health -improving care coordination -improving population and public health -ensuring adequate privacy and security protection for personal health information (PHI)
what are some important features of an EHR?
-it can be created and managed by authorized providers in a digital format capable of being shared with other providers across more than one health care organization (involve all clinicians involved in pt care) -ability to communicate through the patient's chart with other members of the healthcare team
advantages of electronic health records sytems
-providing accurate, up-to-date, and complete information about patients a the point of care -enabling quick access to pt records for more coordinated, efficient care -securely sharing electronic information with patients and other clinicians -helping providers more effectively diagnose patients, reduce medical errors, and provide safer care -improving patient and provider interaction and communication, as well as health care convenience -enabling safer, more reliable prescribing -helping promote legible, complete documentation and accurate, streamlined coding and billing -enhancing privacy and security of patient data -helping providers improve productivity and work-life balance -enabling providers to improve efficiency and meet their business goals -reducing costs through decreased paperwork, improved safety, reduced duplication of testing, and improved health
what are some way that the EHR can improve risk management?
-providing clinical alerts and reminders to healthcare providers -improving aggregation, analysis and communication of patient information -making it easier to consider all aspects of a patient's condition -supporting diagnostic and therapeutic decision making -gathering all relevant information (lab results) in one place -support for therapeutic decisions -enabling evidence-based decisions at point of care -preventing adverse events with built in safeguards -enhancing research and monitoring for improvements in clinical quality
examples of unreasonable measures to verify identity of individual or entity who is inquiring PHI
-requiring patient to physically provide proof or request access in person -using only a web portal for requesting access, when not all individuals have access to computer or internet -using only mail to receive and deliver access requests, as this would cause unreasonable delay
EHR has many components that are used to improve patient safety and decrease healthcare costs. Recent studies have revealed that the EHR looks at the needs of groups of patient who:
-suffer form a specific condition -are eligible for specific preventative measures -are currently taking specific medications
covered entity
A health plan, a healthcare clearinghouse, or a healthcare provider who transmits any health information in electronic form in connection with a transaction
patient encounter
CMS defines it as any encounter (ex. office visit) where a medical treatment is provided and/or an evaluation and management services are provided
clinical data
Captured during the process of diagnosis and treatment, supports direct patient care and is used for health care reimbursement, planning and research purposes
True or False: All data in an EHR must be structured.
False: there is still a need for unstructured comment boxes and narrative notes - these "fill in the blank" areas enable the interdisciplinary use and coordination of care that is important to healthcare
HITECH Act of 2009
Health Information Technology for Economic and Clinical Health Act -passed into law as part of the American Recovery and Reinvestment Act of 2009 (ARRA) -promotion and funding of HIT in US -incentivised the adoption and use of EHR systems by healthcare providers -goals: improve medical outcomes for individual and population health, increase the transparency and efficiency of healthcare systems, improve ability to study healthcare through connected systems and reporting
what is HIPAA?
Health Insurance Portability and Accountability Act (1996) -US law designed to provide privacy standard to protect patient's medical records and information -standards developed by HHS- provided patient with access to their medical records and more control over how their personal information is used and disclosed
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
US law that provides patients with access to their medical records and provides privacy standards to protect patients' medical records and other health information -federal protection of privacy for protected health information (PHI) defined as "individually identifiable health information" -include Privacy Rule and Security Rule
Diagnosis-related groups (DRGs)
a classification system that groups patients according to diagnosis, type of treatment, age and other relevant criteria -under the prospective payment system, hospitals are paid a set fee for treating patients in a single DRG category, regardless of the actual cost of care for the individual (CMS)
diagnosis cade
a code describing the principal diagnosis, additional conditions that coexisted at the time admission, or developed subsequently, and which had an effect on the treatment received or the length of stay -referred to as ICD-10
Current Procedural Terminology (CPT)
a coding system used to provide uniform language that accurately describes medical, surgical and diagnostic services
court order
a covered entity can divulge PHI if it receives a court order but must only disclose the information specifically provided in the courts order
subpoena
a covered entity may divulge PHI ti a party that issues a subpoena, but only if the individual whose information to be released has been notified about the request and given the chance to object to the disclosure
verification
a covered entity must take reasonable steps to verify the identity of an individual requesting access to PHI under the privacy rule -rule does not require any specific form of verification (driver's license or state identification care) the type and manner of verification is at the discretion of the covered entity -must not "create barriers to or unreasonably delay the individual from obtaining his or her PHI (must have multiple options offered to patients to request access to PHI)
what is an electronic health record (EHR)?
a digital version of a patient's paper medical chart -provides real-time information instantly and securely to authorized users
Plan of care
a doctor or practitioner's written plan saying what kind of services and care needed for a health problem
Centers for Medicare and Medicaid Services (CMS)
a federal agency within the U.S. Department of Health and Human Services that is responsible for Medicare and Medicaid, Children's Health Insurance Program, and the Health Insurance Marketplace
Medicaid
a joint federal and state program that help with medical costs for some people with low incomes and limited resources -programs will vary from state to state, but most health care costs are covered if you quality for both Medicaid and Medicare
standard
a model or an example established by authority or general consent, or by a rule established by an authority, as a measure of quantity, quality or value
The Joint Commission (TJC)
a nonprofit tax-exempt organization that accredits more than 21,000 health care organizations and programs in the US -majority of state governments recognize this accreditation as a condition of licensure and the receipt of Medicaid reimbursement
Patient account number
a number used assigned by a healthcare facility for billing purposes -unique to particular episode of care -new number is assigned each time the patient received care or services at the facility
healthcare provider
a person who is trained and licensed to give health care -also, a place that is licensed to give health care -includes: doctors, nurses, and hospitals
Quanititative analysis
a review of the health record to determine its completeness and accuracy
Continuity of Care Record (CCR)
a snapshot in time of relevant medical information, or data about a specific condition, that can be transferred as part of a health information exchange organization
care plan
a standardized written plan for the patient's care for the health care team to follow
health factor
a type of coded data that captures patient health information for which no standard diagnostic code exists -ex. Family History of Alcohol Abuse, Lifetime Non-smoker, No Risk Factors for Hepatitis C, etc
Medical record number (health record number)
a unique numeric or alphanumeric identifier assigned to each patient's record upon admission to a healthcare facility
role-based security elements
access to health information must be designed in a way that grants access to only people who need to know it -user class: classifying and individual user by professional scope of practice (nurse, doctor, medical assistant, etc) which determines the user's privileges and what they can access in the EHR -menu options: controls where a user can go and what the user has access to security keys: controls what a user can and cannot do in any area of the EHR
administrative safeguards
administrative functions that should be implemented to enure that security standards are met: -designating responsibility for security management, adoption of polices and procedures, and privacy and security training for an organization's staff
accounting of disclosures
an individual has a right to receive an accounting of disclosures of that individual's protected health information made by a covered entitiy, or its business associates, in the 6 years prior to the data on which the accounting is requested, with some exception included under the HIPAA Privacy Rule
adverse event
any undesirable experience associated with the use of medical product or pharmaceutical in a patient
technical safeguards
automated controls used to protect electronic data to control access -include: using authentication control to ensure the identity of a person accessing the EHR, encryption standards for data stored in HIT systems and transferred between them
user class
classifying an individual user by professional scope of practice -ex. Nurse, Doctor, Medical Assistant, etc
research chart
collected as a part of care or gathered for specific research purposes of clinical trials
data mining
compiling and reporting of data from coded fields within the EHR for accurate biosurveillance, publich health reporting, quality improvement and performance measurement
health information exchange model (HIE)
contain 3 architectures: centralized, federated (or decentralized), and hybrid -choice of architectures is driven by the organization's privacy and security practices
coded data
controlled data entered into specific fields in the EHR via a computerized form which enable the search, retrieval, or data mining, of the entered information -ex. ICD diagnostic codes, CPT procedural codes =, order number for medication and the numbered barcode associated with it
physical safeguards
controls put in place to protect electronic systems and hardware and the data stored there, from threats such as natural disasters and unauthorized intrusion -include: locks on doors, special rooms, and back-ups to ensure that the data can be retrieved
International Classification of Diseases, Tenth Revision (ICD-10)
created in 1992 as the successor to the previous ICD-9 system -in the US, an official use of the ICD-10 system began in 2014 -split into 2 systems: --ICD-10-CM (clinical modification) for diagnosis coding --ICD-10-PCS (procedure coding system) for inpatient hospital procedure coding
cybersecurity
creating safeguard systems to prevent, detect, and responsd to attacks against or unauthorized access against a computer system and its information -protects information or any form of digital asset stored in computer or any digital memory device
non-coded data
data entered in a field where the EHR cannot recognize the entry -very similar to unstructured data -will NOT trigger prompts to show up in searches of linked terms --ex. comment boxes, where there is no use of a drop-down lists or check boxes
meaningful use
describes the use of health information technology (HIT) that leads to improvements in healthcare and furthers the goals of information exchange among health care professionals
all PHI disclosures must be included in the accounting, with these exceptions:
disclosures: -made prior to April 14, 2003 or prior to the entity's data of compliance with the privacy standards -to law enforcement or correctional institutions -facility directories -individual patient -national security or intelligence purposes -people involved in patient care -notification purposes including identifying and locating family member -for treatment, payment, and healthcare operations -pursuant to the individual authorization
Electronic Medical Record (EMR)
electronic patient records that are developed by individual health care providers/organization -composed of whole files as opposed to individual data elements -data from this is the source of data for the electronic health record
Medicare
federal health insurance program -for people: -- 65 years or older -- certain younger people with disabilities -- people with End-Stage Renal Disease (ESRD)
quality improvement
formal approach to the analysis of performance and systematic efforts to improve it
Privacy rule of HIPAA
gives individuals rights with respect to their protected health information (PHI) -explains how covered entities (must comply with HIPAA) can use and disclose PHI -main goal: assure that individual's health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public's health and well-being --allows important uses of information, while protecting the privacy of people who seek care
policies
governing principles that describe how a department or an organization is supposed to handle a specific situation
authorization
granting permission to disclose confidential information -as defined in terms of the HIPAA privacy rule, an individual's written permission to use or disclose his or her personally identifiable health information for purposes other than treatment, payment or health care operations -must be in plain language and include specific information about the information to be disclosed, the person or entity receiving and disclosing the information, and an expiration date
inpatient
health care you receive when you are admitted to the hospital
how do you become a "meaningful user"?
health professionals need to demonstrate they're using certified EHR technology in ways that can be measured in quantity and in quality -ex. recording and tracking of key patient health factors to enable the planning and delivery of timely and effective care
by showing alerts in the EHR allowing the physician to be notified if a patient has as medication allergies
how can the EHR prevent contraindication with certain medications or treatments?
by presenting the alerts (allergies, fall risk, aspiration, etc) on the header for someone to see as soon as they open the patients EHR
how does the EHR help the healthcare team get important data quickly and easily?
HIPAA Violations
including minimum and maximum penalties
structured data
information entered in a structured or pre-determined field within a record, file or note -this information, or data, is understood by other functions in the EHR, because it is built with a universal set of protocols
unstructured data
information that is entered in an unstructured format, such as nurse's narrative note or the free text in a comment box -considered free form and does NOT follow any sort of organizational pattern (similar to entering information to a word document) -EHR is NOT able to easily read and interpret information that is free form
why is correctly entering data so important?
it has the potential to lower healthcare costs, improve patient safety and decrease healthcare errors
Electronic Health Record (EHR)
longitudinal patient records that are maintained electronically in a manner that is accessible to caregiver, the patient and other who need access to specific information or to aggregate information to prevent illness and improve future treatment
HITECH provided health care providers with higher payments if they were able to demonstrate compliance with what?
meaningful use
Outpatient
medical or surgical care that does not include an overnight hospital stay -typically provided in ambulatory surgery centers, clinics, doctor's offices, urgent care clinics
Unsigned
note has not been signed by the author, on paper or electronically
addendum
note that is added (and attached to) to a complete notes after it has been finalized (signed by the author)
International Classification of Disease, Ninth Revision, Clinical Modification (ICD-9-CM)
official system used in the US prior to 2014 -classify and assign codes to health conditions and related information -use of standardized codes improves consistency among physicians in recording patient symptoms and diagnoses
forms or mediums of health information
paper, electronic, or oral (verbal)
patient record
primary sources of health data and information for the health care industry -can be paper-based, electronic or a combination of both (hybrid record) -the legal documentation of care provided to an individual by the medical or health care professional who practice in the setting
EHRs and the ability to exchange health information electronically can help...
provide higher quality and safer care for patients, while creating tangible enhancements for the organization -help providers better manage care and provide better health care
Outcome
result of performance (or nonperformance) of a function or process
encoder
specialty software used to facilitate the assignment of diagnostic and procedural codes according to the rules of the coding system
Security Rule of HIPAA
takes the protections set forth by the Privacy Rule and outlines the safeguards that organizations must put in place to secure the patients electronic protected health information (e-PHI) -specially addresses health information in electronic form groups security standards into three categories: administrative safeguards, physical safeguards, and technical safeguards
medical transcription
the conversion of verbal medical reports dictated by healthcare providers into written form for inclusion in patient's health records
what is the cost associated with accounting of disclosures?
the covered entity must provide the first accounting to an individual in any 12-month period free of charge -any subsequent request by the same individual within the 12-month period, the covered entity may assess a "reasonable, cost-based fee", as long as the individual was informed of the fee ahead of time and the covered entity provides the individual with an opportunity to change their request to avoid or reduce any charges
the EHR is only useful is...
the data entered by the user is correct and placed in the most appropriate data fields -this is what makes the EHR "meaningful"
Health Informatics (aka Healthcare Informatics)
the intersection of information science, medicine, and health care -deals with the resources, devices, and methods required to optimize the acquisition, storage, retrieval, and use of information in health and bio-medicine -tools include: computers, clinical guidelines, formal medical terminologies, and information and communication systems
diagnosis
the name for the health problem that you have -"medical problem" or "problem"
legal considerations of requesting PHI
the privacy rule allows for the disclosure of PHI to law enforcement officials without the patient's written authorization under certain circumstances -disclosures for law enforcement purposes may be permitted when done in compliance with court order, subpoena, or summons
Release of Information (ROI)
the process of disclosing patient-identifiable information from the health record to another party -requires a signed form by the patient allowing the release of their information -covered by HIPAA
abstracting
the process of extracting information from a document to create a brief summary of a patient's illness, treatment and outcome
why is data mining important?
through this process, the compiled data entered into the EHR it enables search, retrieval, and comparison across patient populations over time -this carefully extracted data can be used for meaningful research to improve individual patient care, patient safety and best practices in healthcare delivery
Clinical quality measures (CQMs)
tools that help measure and track the quality of health care services provided by eligible professionals, eligible hospitals and critical access hospitals (CAH) within the health care system
-email correspondance -telephone calls -use of company or person smartphone and tablets at patient encounters -written correspondance -internet use in work place -printing of patient health information -sharing of patient health information -employee acknowledgement of internal polices and procedures
types of polices a covered entity must maintain and review
-"access controls"- passwords, usernames, and PIN numbers, help limit access -"encrypting"-information cannot be read or understood except by someone who can decrypt it using special key -"audit trail"- records who accessed information, what changes were made and when
types of safety measures built in to EHR systems
health information
under HIPAA, is any information (including genetic information) that is created of received by a healthcare provide, health plan, public health authority, employer, life insurance company, school or university, or healthcare clearinghouse -includes: past, present or future physical or mental health condition; treatments provided to a person, or past, present or future payment for healthcare an individual receives
1. establishing incentive payment programs that can demonstrate meaningful use of EHRs 2. broadening the pool of entities that are bound by HIPAA 3. increasing fines for HIPAA non-compliance
what are the impacts of the HITECH Act in terms of improving quality and safety of patient care?
-adopt EHR -conduct risk assessments to demonstrate compliance with the HIPAA Security and Privacy Rules
what did providers have to do to qualify for federal funds from Medicare and Medicaid?
-adopt reasonable and appropriate polices and procedures to comply with provisions of the Security Rule -must maintain written security polices and procedure and periodically review and update its documentation in response to environmental or organizational changes that affect the security of electronic personal health information
what is a covered entity expected to adopt and maintain in terms of the Security Rule?
Individually Identifiable Health Information (IIHI)
when a covered entity creates or receives health information that identifies, or can be used to identity, a person -includes demographic and other information that identifies a person such as name, address, DOB, SS#
when the Department of Veteran Affairs Implemented VistA in the 1970s
when did the federal government become involved with EHRs?
Department of Human and Health Services
who funded HITECH's Meaningful Use program?
1. eliminate logistical problems of paper records by making clinical immediately available to authorized users wherever they are (no more unavailable or undecipherable records) 2. reduce the work of clinical book keeping required to manage patients (no more missed diagnoses when lab evidence shouts its existence, no more forgetting required preventative care) 3. to make the informational 'gold' in medical record accessible to clinical, epidemiological outcomes and management research
with the different stages of meaningful use, what were the 3 goals they wanted to solve?