The other night I read an amazing story about a new rule from HHS, which will allow patients to see who has accessed and viewed their electronic medical record. Needless to say, I was fairly unimpressed with how much money, time, and energy was likely expended to produce more government red tape that doesn’t help anyone get better healthcare. Does this rule surrounding patients actually do anything to better healthcare outcomes? How does this improve anything other than the potential for patients to be able to sue a peeping Tom? Can someone help us out here? It seems like such a waste of money to me. Maybe I’m missing something.
Dr. West is an endocrinologist in private practice in Washington, DC. He completed fellowship training in Endocrinology and Metabolism at the Johns Hopkins University School of Medicine. Dr. West opened The Washington Endocrine Clinic, PLLC, as a solo practice in 2009. He can be reached at doctorwestindc@gmail.com.
On the face of it, this has good intentions. Keeps checks and balances. Unauthorized persons in the hospital may think twice from looking into a patient record if they knew someone was watching them.
That said, this has extremely limited use. As a patient, how would I know if a person is supposed to access my record? In a hospital setting, there are supposedly 100+ people who access a patients’ records.
I had a different take on how news media reported this and is creating FUD.
http://patagoniahealth.com/blog/?p=93
When MU is done right, technology should provide this “feature” for free without causing any extra burden to the doctors.
Abhi
Hi Abhi. I reviewed the article you linked above but it didn’t discuss how this was important to meaningful use and improving medical care outcomes.
Michael, to me this seems like very basic functionality that should be provided under section 164.312(b) of the HIPAA security rule (Audit logs). Granted, there’s a lot of wiggle room in how the audit log is required to function, but any system that was designed to fulfill the spirit of this HIPAA requirement should be able to easily accommodate this rule.
I realize my comment doesn’t address your question of how this is important to MU or outcomes, but I don’t envision this as adding an unreasonable amount of “money, time, and energy” to existing processes (assuming those of us who bought/built systems actually did due diligence in making sure we were HIPAA compliant).
Hi Chuck. Yes, my point is really about the MU healthcare outcomes. Although with US government projects, its always surprising how much something ends up costing. Things one would assume as surely taking not much money at all end up costing outrageous amounts. Remember the toilet seat fiasco for the US Armed Forces in the 1980s?