Electronic Health Records refers to a electronic systematic medical record or history of individual patients or the population (Gunter & Terry,2005). The record contain the data of the patient which may include the information about the care provider, demographics, notes about progress, patients medication, vital stats, information about health insurance, information related to any surgeries or procedures performed on the patient, past medical history, record of immunization of the patient, laboratory and radiology records (Electronic Health Records,2012).
The record is kept in a digital form and can be shared among the clinicians in across different health care organizations. It helps in the automation of the access of the information and has an ability to streamline the work flow of the clinician. In addition to this, it also possesses various interfaces through which it supports the care related activities directly or indirectly. These include the decision support based on evidences, management of quality and reporting of outcomes.
Benefits of Electronic Health records
Some of the benefits of Electronic Health Record are listed below;
· It has a capability to automatically update the information and share that with other clinics and organizations.
· It supports more efficient storage and retrieval of information.
· It can share the multimedia information with other organizations such as results of medical imaging.
· It possesses the capability to create a link between the records and the sources of relevant information and research.
· It makes service standardization and patient care, much easier.
· It improves the accuracy and the clarity of medical records which results in minimizing incidence of medical error.
· It provides and supports the Decision Support System for the healthcare professionals.
· Once implemented and completed, it significantly lowers the cost to the medical organizations (Electronic Health Record, 2013).
Background of Electronic Health Records (EHR)
The efforts for the development of Electronic Health Records began in the 1960’s and 1970’s. This was the time when the academic medical centers made efforts to develop their own medical records systems. In 1980s, leaders started viewing the benefits of the standards to the whole industry. They started making efforts by forming organizations that analyze the issues which could facilitate the extensive use of information related to electronic medical records (Atherton,2011).
The EHR system was developed by Lockheed in mid 1960s. That was then handed forward to the vendor, Technicon, then towards TDS Healthcare, and then to Eclipsys and now it became a part of Allscripts (Amatayakul, 2007). It had a processing speed and flexibility that alloed many users to connect at once so it influenced the systems which followed (Dick, Steen & Detmer, 1997).
Nearly during the same time, University of Utah along with the collaboration of 3M started to develop Health Evaluation through Logical Processing (HELP) which was one of the first kind of clinical decision supporting system. In 1986, Massachusetts General Hospital started the Computer Stored Ambulatory Record (COSTAR). This system was developed with the collaboration of Harvard and included some of the new features. It had a modular design which enabled the division of the system in parts.
Along with this it had flexible vocabulary system which enabled it to recognize various different terms for the same disease. This helped the health care workers to recognize the disease across the system regardless of the difference in terminology across different institutions ( Dick, Steen & Detmer,1997).
In 1970s, the Federal government of America started to use the EHR, in collaboration with the Department of Veteran Affairs’ implementation of VistA. At that time it was recognized as Decentralized Hospital Computer Program (DHCP). Due to its access to the federal resources, EHR took complete advantage. It was extensively used by the former physicians and the medical students (Dick,Steen & Detmer,1997).
More and more efforts have been made since 1980s to spread the use of EHR. The first report regarding the analysis of the paper health records was published in 1991 under the Institute of Medicine (IOM). It was revised in 1997 (Dick,Steen & Detmer,1997). This was the first report that which argued in favor of using the EHR. It also pointed out the problems in its implementation and suggested that public and private funds should be invested for that purpose.
With the awareness of the private industry about the findings of IOM, Computer-Based Patient Record Institute (CPRI) was formed by its supporters which helped in the breakdown of barriers towards development of EMR.
Another study was published by IOM in 2000, which concluded that with the help of such systems as EMR health care could be much safer and secure (Kohn, Corrigan, et.al., 1999). Electronic Standards Organization, HL7, had also been developed with the collaboration of IOM.
HL7 started working in 1987 as an international, non-profit Standard Developing Organization (SDO). The work of HL7 is the development of the electronic standards to make it sure that the communication between the components of EHR become more easy which will ultimately results in a working electronic health record system. As the components of EHR system are often made by different vendors, standards are needed to be set for its optimum performance (About HL7, 2013). A commission was developed in 2006, named the Certification Commission for Healthcare Information (CCHIT), which is responsible for certifying vendors (CCHIT,2006).
EHR has now become a part of the national political forum. President Bush mentioned in his State of the Union address in 2004 (Amatayakul,2007) and President Obama made it a part of the American Recovery and Reinvestment Act of 2009, in which it is referred to as Economic and Clinical Health Act (HITECH)(Policy Making, regulation and Strategy,n.d.).
Overview of the Electronic Health Records
According to one of the study conducted by Accenture it was found that the demand for EHR is increasing day by day in the international market. And it is expected that by 2013 it might become a $19.7 billion industry. The report also found out that almost 71% of the respondents viewed the efforts of the government a major factor in spreading the use of EHR (Altova Technology Primer: Electronic Health Records Technology Overview, 2013).
The same is the case with America where government has taken essential legislative steps by providing Medicare and Medicaid incentives and also penalties for the implementation and non-implementation of the EHR system.
Serious steps have been taken for the widespread use of the electronic health records. One important step is the setting of earmark of $19.2 billion by the American Recovery and Reinvestment Act of 2009 (ARRA). The most important part of this legislation is the Health IT for Economic and Clinical Health (HITECH) Act. The purpose of this Act is to develop a series of financial favors to attract Eligible professionals and to encourage hospitals for the adoption of EHRs. For getting a benefit from these incentives, the Eligible professionals and hospitals should prove that they are making a ‘Meaningful Use’ of the technology. There are certain objectives mentioned in the act which must be fulfilled by Eligible professionals and hospitals in order to fall in the category of ‘meaningful use’.
• Objective of ‘meaningful use’ of EHRs: The objectives of the ‘meaningful use’ includes, recording and parsing clinical data such as the vital signs and the interaction of drugs, security of EHRs, the exchange of clinical data inside and outside of the health care facilities, regulatory agencies and between health care providers, and the more performing clinically and technologically complex functions such as public health surveillance and support for clinical decisions. The EHR system requires certification from ONC-Authorized Testing and Certification Body (ONC-ATCB) for its technical capabilities before implementation (Altova Technology Primer: Electronic Health Records Technology Overview, 2013).
• The incentives of ‘meaningful use: the ‘ meaningful use requires that the Eligible Provider must conduct an assessment of the security risks according to the security rule set by HIPAA and use Qualified EHR technology which must be encrypted (Pritts,2012).
Instead of using a single EHR system which meets all the requirements of meaningful use, the health care professionals and organization can connect together by making use of the different certified modules that meet the objectives individually. For this purpose all vendors make use of HL7 messaging system for the exchange of clinical data.
Issue related to the use of Electronic Health Records
The key element which is required for the realization of the benefits offered by the Electronic Health records is privacy and security. If the health care professionals and other individuals in a network do not have the trust or confidence on the accuracy, completeness, security, and privacy of the information, it will affect the willingness of the consumers to disclose their personal health information. This will in turn, produce the consequences which can be threat to the life of other people. With the widespread use of EHRs and support by the government, there have been various issues which arise related to the security, reliability and privacy of EHRs. These issues will be addressed in this part of the paper.
1. Security issues: patients and the employees entrust the Health care organizations with their most private information. So this gives them a legal, moral and ethical responsibility to ensure that all their clinical and private data should be safeguarded and protected. For the prevention of unauthorized access to the information, high degrees of control are required. In the context of EHRs this is especially very important. It is the responsibility of the Health care professionals that they must be aware of the groups that are at high risk and should be able to assess that whether the EHR they are using has that required level of security build in or not. For this purpose various measures has been taken to ensure the security of the individuals.
a) Categories which require higher degrees of security of EHRs: the highly sensitive data of high profile patients and minors such as conditions, test and their records are at high risk of security. The specific implementation of security on EHRs for such kind of data presents challenges as specific type of functionality may not be available across the systems. The examples of such kind of data are the medical records of health records of high profile individuals, insurance information, and information regarding HIV/AIDS etc. The Health Insurance Portability and Accountability Act (HIPAA) 1996 privacy and security rules has been created for protection and security of the individuals data. It has set certain privacy and security rules along with standards for the privacy, confidentiality and security of the patient’s records.
• According to the confidentiality rule of HIPAA, only certain authorized people will be permitted to have an access to the confidential information who possess the complete understanding that they can only disclose that information to the authorized individuals which the law permits such as the information about substance abuse is not allowed by law to be released without particular consent.
• Privacy in according to HIPAA, gives a right to the individual to exercise control over his or her personal and protected health information.
• Security requires that all the protection measures (administrative, technical, or physical) should be used to protect and secure information about health (AHIMA e-HIM Work Group on Security of Personal Health Information,2008).
The security of issues of EHRs requires special considerations and distinct features of HER system. If these features lack in EHRs, it can restrict its use in certain areas of high risk data. The considerations which are needed for the specific areas or functions include;
• There can be a risk to the information that is accessed outside the particular organization. The unidentified user can access the information if proper security is not available in the remote connection. In case of loss or theft, the laptops should have such security system that it cannot be accessed by an unknown user.
• The transmission of confidential health data through e-mail, fax or messages can cause a threat to the information.
• The IT support should take into account the level of access needed by the technical staff, access of the system support to the application database, the blockage of sensitive information from the view and access of support staff, achieving the troubleshooting through test data usage rather than live records, assessment of means for remote support, the assessment of the vendors audit trials to check the activity of vendor staff and their access and availability of the routine maintenance of the audit trials .
• There can be a release of information through various means such as downloading or printing which needs to be checked.
• The training of the staff is very important in this context as system security alone do not ensure privacy and security (AHIMA e-HIM Work Group on Security of Personal Health Information, 2008).
Studies related to the security of EHRs
A cross sectional survey was conducted to examine the perception of the public about the security of EHRs and how to shape a stronger security systems in the light of their perceptions (Channabhai & Holt,2007). A cross sectional survey included almost 400 people who attended the health care providers during September and November 2005 in four major cities of New Zealand. the participants were surveyed related to the computer usage, relevant knowledge about the EHR-system, its issues and benefits, security issues and its demographics.
The results of the study that the consumers are ready for the acceptance of the transition but for EHRs to be completely integrated into the system, the two main issues needs to be addressed;
• The maintenance of highest level of security in EHR systems with regular maintenance and constant monitoring.
• The proactive involvement of the health care consumer in the maintenance and ownership of their records of health.
Another study conducted by Greenhalgh et al (2008) showed that people were specifically concerned about the computer security of EHRs and inappropriate access of this central excess of the records.
A project was conducted in Denmark to investigate the opinion of people concerning the development and implementation of EHRs. The results of the study showed that the people who participated in the project wanted a clear answer to the strategic, technical and attitudbal aspects of the EHRs (Zorita &Nohr,2003).
Thus, the studies discussed make it clear that people are willing for the implementation of the EHRs into the system as along as its security issues are addressed properly and securely.
2. Privacy and confidentiality issues: though physicians do support the wide spread use of the EHRs but there are concerns and issues related to breach of privacy and confidentiality. Privacy and confidentiality issues exist with both the electronic and paper records. A study was conducted that was based on the views of almost 1000 family practice physicians and specialists. The study was conducted in Massachusetts. The respondents showed widespread interest in the use of the Electronic health information exchange(HIE). Almost 86 % of the respondents said that the quality of health care has improved by the use of HIE, will cut down costs and 76% said that I would same time as well. 16% were much concerned about the privacy issues while 55% were concerned to some extent (American Medical Informatics Association,2009).
Another study showed the findings that the mental health professionals are significantly concerned with privacy and security issues of EHRs. A survey was conducted on 120 participants who included psychiatrists, nurses, psychologists and therapists. When asked about the privacy issues, almost two- third of the respondents were less willing to document and submit their record information to the EHRs (American Medical Informatics Association, 2009).
The researchers of the study also pointed that in the surveys which were previously conducted, patients and consumers showed the lack of confidence on the security and privacy of their records.
Though in the private sector, a large number of companies are moving towards the adoption of EHRs in their health care organizations by following the standards set by HIPAA but people still perceive that there are security and privacy concerns and issues.
3. Legal issues: during the period of 1999 and 2000, legal issues related to the all components of health care industry were increasing. There was an increase in the health care attorneys and changes in the tort system which caused significant increases in the cost of the every component of the health care services including the health care technology. It was feared that if failure or damage occur to the EHR system it will result in a legal law suit. In the same way, the installation and implementation of EHR, carries significant legal risks with it. This issue of liability is especially of concern for the smaller companies providing EHRs systems. The larger companies are in a better position to face the legal assaults.
A practice of providing discounted version of EHRs system to the local hospitals has been adopted. It’s a violation of the Stark rule according to which do not allow the hospitals to assist the community health care providers (Laura,2007).
Legal issues are also involved in across border exchange of information through EHRs. Different countries might have different rules and regulations for the usage and implementation of EHRs which propose a challenge to the use of EHRs across borders.
4. Reliability issues: Another issue relates to the reliability of the EHR system. A study conducted by Chan, Fowles and Weiner (2010), reviewed the previous researches done on the electronic health record data quality from the year 2004. The studies laid emphasis on the attributes of data related to the quality of data. Total of 35 studies were reviewed out of which 66% reviewed the accuracy of data, 57% completeness of data and 23 % comparability of data of EHRs. Due to the diversity in the attributes of data in the study, it became difficult to draw specific conclusions related to the quality of EHR, which makes it challenging. The EHR system attributes needs to be tested and evaluated on individual basis to find out more accurate and relevant information regarding the reliability of the EHR systems.
Barriers to the adoption of EHR system
There are some barriers which might hinder the installation and implementation of EHR system in the facility.
• Cost of starting up: there may be many of the health care facilities and health care providers in the small communities or remote areas which cannot bear the startup costs of the EHR system. In such case, the government can help them by providing them funding for this purpose.
• Maintenance costs: the maintenance costs of the EHR system can be high. As with the rapid advancement in the software industry, the software of EHR system needs to be updated regularly, which requires the services of the vendors.
• Costs of staff training: the cost of training the staff for the use of EHR system is usually high. The training is needed for the new employees as well as of the other staff members which might not be affordable for a small budget health facility.
An access to the accurate and complete information of the health care providers surely improves the quality of the health care services provided to the patients. The use of EHR system may help to improve the risk management as well as use of certified and standardized EHRs can prevent any liability actions against the vendors (Bcouch,2008).
In connection to public health outcomes EHR system provides higher rate of patient’s satisfaction along with higher satisfaction of the provider (Duffy, 2010). It makes improvements in the quality of the overall care of the patients. It has significantly improved the coding and documentation of the patients (Holt, Warsy & Wright, 2010).
If the health care professionals follow the guidelines properly and be loyal to their profession the implementation of Electronic health records at all health facilities will definitely help to improve the provision of quality health care services.
Electronic Health Records are no doubt significantly helpful in maintaining the records of the patients and due to their efficiency and ease of use in the health care industry. It has a number of benefits to the health care providers, patients and to the healthcare industry at large. There are issues related to the security, privacy, reliability and the legality of the use of Electronic Health records at the health care facilities.
People are more concerned about the security and privacy of their confidential medical health information. Government has taken steps by passing certain Laws such as HIPAA H7L to ensure that the health care providers and the vendors of EHR should not violate the privacy of the people. These laws provide certain guidelines for the implementation and use of EHRs at the health care facility.
With the improvements in the EHR programming and system over the time, there has been rapid increase in the use of EHR by the health industry. The efficient and reliable use of EHR can help to solve many problems related to the documentation and data safety of the patients and health care consumers.
About HL7. (2013). Health Level International. Retrieved on 25 May 2013 from http://www.hl7.org/about/index.cfm?ref=common.
AHIMA e-HIM Work Group on Security of Personal Health Information. (2008). Ensuring Security of High-Risk Information in EHRs. Journal of AHIMA 79, no.9 (September): 67-71.
Altova Technology Primer: Electronic Health Records Technology Overview (2013). ALTOVA. Retrieved on 25th May 2013 from http://www.altova.com/ehr_technology_primer.html
Amatayakul, M.(2007). Electronic Health Records: A Practical Guide for Professionals and Organizations. 3rd ed. Chicago: American Health Information Management Association.
American Medical Informatics Association (2009). Electronic health records: Concerns about potential privacy breaches remain an issue. ScienceDaily. Retrieved on May 25, 2013, from