Legal Concerns of Deploying EMR's
May
2
Written by:
5/2/2011 4:25 AM
The Legal Concerns of Deploying Electronic Medical Records
Electronic Medical Records (EMR) has captured the attention of practitioners, insurers and policy makers for years. With the enactment of The American Recovery and Reinvestment Act of 2009 which provides billions of stimulus dollars along with Medicare bonuses over the next 5 years, for those physicians that implement EMR systems, the interest has escalated.
EMR systems are a part of the larger patient safety debate and seen by some as a key component of any patient safety solution. EMR is a responsive effort by providers in search of new efficiencies in their medical operations. Many believe that EMR systems are essential to better clinical integration and health information sharing along with e-prescribing, a functional subset of many EMR systems
What is an EMR? A collection of electronic health information that provides immediate access by authorized users. EMR may involve knowledge and decision support tools that enhance safety as well as support of efficient processes for health care delivery.
On January of 2004, President Bush first publicly threw his support behind EMR systems. Since then Washington and President Obama’s administration have been working to make widespread, interoperable EMR systems a reality through regional record exchange organizations. That same year the federal government’s EMR vision of a national policy effort to standardize and implement a network of health information exchanges that will enable electronic health records to be shared widely in real time by physicians and others materialized.
As is often the case with cutting edge technology, the law lags behind. To those who have endeavored to implement electronic health records that can be shared with other clinically integrated practitioners, or more widely, it will come as no surprise to learn that many legal barriers to sharing electronic health records are still being debated.
- The anti-kickback Statute.
- The Stark-referral rules.
- Concerns about enhanced malpractice exposure.
- HIPAA's privacy and security regulations.
- In some contexts, the anti-trust laws.
|
The above legal issues may or may not be barriers depending upon the circumstances of any implementation of an EMR. Regulation of medical records is still based upon rules created in the era of paper records. There have been recent changes to the Department of Health rules governing hospital records written in the 1970s which neither permitted electronic records nor prohibit them. Therefore, none of these rules address the issues of the electronic era such as what is the "original record" or how does one authenticate entries. The Anti-kickback Statute, and its relevant safe-harbors, is a barrier to implementing EMRs because it prohibits remuneration in exchange for referrals in most cases. Such as when a hospital wants to make its EMR available to its medical staff and offers equipment and software that will incline physicians to refer to the hospital in exchange for the EMR.
Many EMRs will facilitate referrals between hospitals and referring physicians that could implicate the Stark rules on compensation relationships. However, the Stark rules offer interesting exceptions, if a hospital provides to its medical staff hardware to support access to the hospital’s EMR, and it was wholly dedicated to the use, there would not be a Stark problem. The Stark rules also provide for an exception for community wide health information systems. This Stark exception protects "remuneration" in the form of hardware and software used in these information sharing systems.
HIPAA’s privacy and security standards present one of the more formidable barriers to the deployment of EMR systems as envisioned by the federal government; that is, regional networks of record sharing organizations through which completely unrelated physicians can locate, request and obtain the medical records of patients. The clear bias of Privacy Rules favors disclosure and downstream use of medical information along familiar lines of medical practice and health care delivery. Sharing EMR data between a medical staff and a hospital is workable under the Privacy Rule. However, nothing in the Privacy Rules anticipates the kind of wide open, unrestricted sharing of information among completely unrelated health care providers that the federal vision embraces. The technical challenges of authentication of parties to requested sharing are substantial and maintaining the integrity of vital content cannot be over-emphasized.
One final legal barrier to shared EMR systems is seen by some in the anti-trust laws, which prohibit anti-competitive behavior, including price fixing. In the case of EMR, the anti-trust issue involves largely the content of EMR systems and what is being shared. Many proponents of EMRs expect them to include clinical information as well as related payment information. Sharing payment information could enable competing providers to collude on prices and therefore violate the anti-trust laws. Further concerns arise relating to exclusionary agreements among providers. Some anti-trust analysts believe that among competing providers, EMRs will be used to include only those who would seek to dominate a market while also excluding those who are seen as competitors.
When an EMR implementation moves out of the stand-alone model and into sharing EMR data between clinically integrated practitioners, more legal barriers arise. Here the Anti-kickback and Stark prohibitions become of paramount concern because of the underlying referral relationships. However, these concerns may improve with the development of more realistic safe harbors and exceptions to Stark. Privacy and security issues are far from negligible, but they are manageable in this still relatively closed information sharing system. The federally envisioned world of region-wide sharing of EMR systems presents most of the above issues and challenges given the complexity of this as yet-to-be-fully-defined undertaking.
Humberto Comellas is the President and CEO of
ulltium consulting, Inc.SM www.ulltium.com a technology consulting and integrator specializing on healthcare providers.