An electronic health record (EHR) is the systematized collection of patient and population electronically-stored health information in a digital format. These records can be shared across different health care settings. Records are shared through network-connected, enterprise-wide information systems or other information networks and exchanges. EHRs may include a range of data, including demographics, medical history, medication and allergies, immunization status, laboratory test results, radiology images, vital signs, personal statistics like age and weight, and billing information.
A decade ago, electronic health records (EHRs) were touted as key to increasing of quality care. Today, providers are using data from patient records to improve quality outcomes through their care management programs. Combining multiple types of clinical data from the system's health records has helped clinicians identify and stratify chronically ill patients. EHR can improve quality care by using the data and analytics to prevent hospitalizations among high-risk patients.
EHR systems are designed to store data accurately and to capture the state of a patient across time. It eliminates the need to track down a patient's previous paper medical records and assists in ensuring data is accurate and legible. It can reduce risk of data replication as there is only one modifiable file, which means the file is more likely up to date, and decreases risk of lost paperwork. Due to the digital information being searchable and in a single file, EMRs (electronic medical record) are more effective when extracting medical data for the examination of possible trends and long term changes in a patient. Population-based studies of medical records may also be facilitated by the widespread adoption of EHRs and EMRs.
The terms EHR, electronic patient record (EPR) and EMR have often been used interchangeably, although differences between the models are now being defined. The electronic health record (EHR) is a more longitudinal collection of the electronic health information of individual patients or populations. The EMR, in contrast, is the patient record created by providers for specific encounters in hospitals and ambulatory environments, and which can serve as a data source for an EHR.
While there is still a considerable amount of debate around the superiority of electronic health records over paper records, the research literature paints a more realistic picture of the benefits and downsides.
The increased transparency, portability, and accessibility acquired by the adoption of electronic medical records may increase the ease with which they can be accessed by healthcare professionals, but also can increase the amount of stolen information by unauthorized persons or unscrupulous users versus paper medical records, as acknowledged by the increased security requirements for electronic medical records included in the Health Information and Accessibility Act and by large-scale breaches in confidential records reported by EMR users. Concerns about security contribute to the resistance shown to their adoption.[weasel words]
Handwritten paper medical records may be poorly legible, which can contribute to medical errors. Pre-printed forms, standardization of abbreviations and standards for penmanship were encouraged to improve the reliability of paper medical records. Electronic records may help with the standardization of forms, terminology and data input. Digitization of forms facilitates the collection of data for epidemiology and clinical studies. However, standardization may create challenges for local practice. Overall, those with EMRs, that have automated notes and records, order entry, and clinical decision support had fewer complications, lower mortality rates, and lower costs.
EMRs can be continuously updated (within certain legal limitations - see below). If the ability to exchange records between different EMR systems were perfected ("interoperability"), it would facilitate the coordination of health care delivery in non-affiliated health care facilities. In addition, data from an electronic system can be used anonymously for statistical reporting in matters such as quality improvement, resource management, and public health communicable disease surveillance. However, it is difficult to remove data from its context.
Ambulance services in Australia, the United States and the United Kingdom have introduced the use of EMR systems. EMS Encounters in the United States are recorded using various platforms and vendors in compliance with the NEMSIS (National EMS Information System) standard. The benefits of electronic records in ambulances include: patient data sharing, injury/illness prevention, better training for paramedics, review of clinical standards, better research options for pre-hospital care and design of future treatment options, data based outcome improvement, and clinical decision support.
Automated handwriting recognition of ambulance medical forms has also been successful. For example, Intermedix TripTix offers handwriting support across all elements of the NEMSIS 3.3.4 and 3.4.0 standard as well as custom forms on Windows devices. These systems allow traditionally paper-based medical documents to be converted to digital at the time of entry with substantially less cost overhead. The data can then be efficiently used for epidemiological analysis, including de-identified data at the National level.
Health Information Exchange
Using an EMR to read and write a patient's record is not only possible through a workstation but, depending on the type of system and health care settings, may also be possible through mobile devices that are handwriting capable, tablets and smartphones. Electronic Medical Records may include access to Personal Health Records (PHR) which makes individual notes from an EMR readily visible and accessible for consumers.
Some EMR systems automatically monitor clinical events, by analyzing patient data from an electronic health record to predict, detect and potentially prevent adverse events. This can include discharge/transfer orders, pharmacy orders, radiology results, laboratory results and any other data from ancillary services or provider notes. This type of event monitoring has been implemented using the Louisiana Public health information exchange linking statewide public health with electronic medical records. This system alerted medical providers when a patient with HIV/AIDS had not received care in over twelve months. This system greatly reduced the number of missed critical opportunities.
Within a meta-narrative systematic review of research in the field, there exist a number of different philosophical approaches to the EHR. The health information systems literature has seen the EHR as a container holding information about the patient, and a tool for aggregating clinical data for secondary uses (billing, audit etc.). However, other research traditions see the EHR as a contextualised artifact within a socio-technical system. For example, actor-network theory would see the EHR as an actant in a network, while research in computer supported cooperative work (CSCW) sees the EHR as a tool supporting particular work.
Several possible advantages to EHRs over paper records have been proposed, but there is debate about the degree to which these are achieved in practice.
Several studies call into question whether EHRs improve the quality of care. One 2011 study in diabetes care, published in the New England Journal of Medicine, found evidence that practices with EHR provided better quality care.
EMRs may eventually help improve care coordination. An article in a trade journal suggests that since anyone using an EMR can view the patient's full chart, it cuts down on guessing histories, seeing multiple specialists, smooths transitions between care settings, and may allow better care in emergency situations. EHRs may also improve prevention by providing doctors and patients better access to test results, identifying missing patient information, and offering evidence-based recommendations for preventive services.
The steep price of EHR and provider uncertainty regarding the value they will derive from adoption in the form of return on investment has a significant influence on EHR adoption. In a project initiated by the Office of the National Coordinator for Health Information (ONC), surveyors found that hospital administrators and physicians who had adopted EHR noted that any gains in efficiency were offset by reduced productivity as the technology was implemented, as well as the need to increase information technology staff to maintain the system.
The U.S. Congressional Budget Office concluded that the cost savings may occur only in large integrated institutions like Kaiser Permanente, and not in small physician offices. They challenged the Rand Corporation's estimates of savings. "Office-based physicians in particular may see no benefit if they purchase such a product--and may even suffer financial harm. Even though the use of health IT could generate cost savings for the health system at large that might offset the EHR's cost, many physicians might not be able to reduce their office expenses or increase their revenue sufficiently to pay for it. For example, the use of health IT could reduce the number of duplicated diagnostic tests. However, that improvement in efficiency would be unlikely to increase the income of many physicians." One CEO of an EHR company has argued if a physician performs tests in the office, it might reduce his or her income.
The implementation of EMR can potentially decrease identification time of patients upon hospital admission. A research from the Annals of Internal Medicine showed that since the adoption of EMR a relative decrease in time by 65% has been recorded (from 130 to 46 hours).
The Healthcare Information and Management Systems Society, a very large U.S. healthcare IT industry trade group, observed in 2009 that EHR adoption rates "have been slower than expected in the United States, especially in comparison to other industry sectors and other developed countries. A key reason, aside from initial costs and lost productivity during EMR implementation, is lack of efficiency and usability of EMRs currently available." The U.S. National Institute of Standards and Technology of the Department of Commerce studied usability in 2011 and lists a number of specific issues that have been reported by health care workers. The U.S. military's EHR, AHLTA, was reported to have significant usability issues. Furthermore, studies such as the one conducted in BMC Medical Informatics and Decision Making, also showed that although the implementation of electronic medical records systems has been a great assistance to general practitioners there is still much room for revision in the overall framework and the amount of training provided. It was observed that the efforts to improve EHR usability should be placed in the context of physician-patient communication.
However, physicians are embracing mobile technologies such as smartphones and tablets at a rapid pace. According to a 2012 survey by Physicians Practice, 62.6 percent of respondents (1,369 physicians, practice managers, and other healthcare providers) say they use mobile devices in the performance of their job. Mobile devices are increasingly able to sync up with electronic health record systems thus allowing physicians to access patient records from remote locations. Most devices are extensions of desk-top EHR systems, using a variety of software to communicate and access files remotely. The advantages of instant access to patient records at any time and any place are clear, but bring a host of security concerns. As mobile systems become more prevalent, practices will need comprehensive policies that govern security measures and patient privacy regulations.
When a health facility has documented their workflow and chosen their software solution they must then consider the hardware and supporting device infrastructure for the end users. Staff and patients will need to engage with various devices throughout a patient's stay and charting workflow. Computers, laptops, all-in-one computers, tablets, mouse, keyboards and monitors are all hardware devices that may be utilized. Other considerations will include supporting work surfaces and equipment, wall desks or articulating arms for end users to work on. Another important factor is how all these devices will be physically secured and how they will be charged that staff can always utilize the devices for EHR charting when needed.
The success of eHealth interventions is largely dependent on the ability of the adopter to fully understand workflow and anticipate potential clinical processes prior to implementations. Failure to do so can create costly and time-consuming interruptions to service delivery.
A 2008 Sentinel Event Alert from the U.S. Joint Commission, the organization that accredits American hospitals to provide healthcare services, states that "As health information technology (HIT) and 'converging technologies'--the interrelationship between medical devices and HIT--are increasingly adopted by health care organizations, users must be mindful of the safety risks and preventable adverse events that these implementations can create or perpetuate. Technology-related adverse events can be associated with all components of a comprehensive technology system and may involve errors of either commission or omission. These unintended adverse events typically stem from human-machine interfaces or organization/system design." The Joint Commission cites as an example the United States Pharmacopeia MEDMARX database where of 176,409 medication error records for 2006, approximately 25 percent (43,372) involved some aspect of computer technology as at least one cause of the error.
The National Health Service (NHS) in the UK reports specific examples of potential and actual EHR-caused unintended consequences in their 2009 document on the management of clinical risk relating to the deployment and use of health software.
In a February 2010 US Food and Drug Administration (FDA) memorandum, FDA notes EHR unintended consequences include EHR-related medical errors due to (1) errors of commission (EOC), (2) errors of omission or transmission (EOT), (3) errors in data analysis (EDA), and (4) incompatibility between multi-vendor software applications or systems (ISMA) and cites examples. In the memo FDA also notes the "absence of mandatory reporting enforcement of H-IT safety issues limits the numbers of medical device reports (MDRs) and impedes a more comprehensive understanding of the actual problems and implications."
A 2010 Board Position Paper by the American Medical Informatics Association (AMIA) contains recommendations on EHR-related patient safety, transparency, ethics education for purchasers and users, adoption of best practices, and re-examination of regulation of electronic health applications. Beyond concrete issues such as conflicts of interest and privacy concerns, questions have been raised about the ways in which the physician-patient relationship would be affected by an electronic intermediary.
EHRs are almost invariably detrimental to physician productivity, whether the data is entered during the encounter or at some time thereafter. While it is possible for an EHR to increase physician productivity by providing a fast and intuitive interface for viewing and understanding patient clinical data, while minimizing the amount of clinically irrelevant questions, this is almost never the case. The other way to mitigate the detriment to physician productivity is to hire scribes to work alongside medical practitioners, which is almost never financially viable.
As a result, many have conducted studies like the one discussed in the Journal of the American Medical Informatics Association "The Extent And Importance Of Unintended Consequences Related To Computerized Provider Order Entry", which seeks to understand the degree and significance of unplanned adverse consequences related to computerized physician order entry and understand how to interpret adverse events and understand the importance of its management for the overall success of computer physician order entry.
In the United States, Great Britain, and Germany, the concept of a national centralized server model of healthcare data has been poorly received. Issues of privacy and security in such a model have been of concern.
In the European Union (EU), a new directly binding instrument, a regulation of the European Parliament and of the Council, was passed in 2016 to go into effect in 2018 to protect the processing of personal data, including that for purposes of health care, the General Data Protection Regulation.
Threats to health care information can be categorized under three headings:
These threats can either be internal, external, intentional and unintentional. Therefore, one will find health information systems professionals having these particular threats in mind when discussing ways to protect the health information of patients. It has been found that there is a lack of security awareness among health care professionals in countries such as Spain. The Health Insurance Portability and Accountability Act (HIPAA) has developed a framework to mitigate the harm of these threats that is comprehensive but not so specific as to limit the options of healthcare professionals who may have access to different technology.
Personal Information Protection and Electronic Documents Act (PIPEDA) was given Royal Assent in Canada on 13 April 2000 to establish rules on the use, disclosure and collection of personal information. The personal information includes both non-digital and electronic form. In 2002, PIPEDA extended to the health sector in Stage 2 of the law's implementation. There are four provinces where this law does not apply because its privacy law was considered similar to PIPEDA: Alberta, British Columbia, Ontario and Quebec.
Legal liability in all aspects of healthcare was an increasing problem in the 1990s and 2000s. The surge in the per capita number of attorneys in the USA  and changes in the tort system caused an increase in the cost of every aspect of healthcare, and healthcare technology was no exception.
Failure or damages caused during installation or utilization of an EHR system has been feared as a threat in lawsuits. Similarly, it's important to recognize that the implementation of electronic health records carries with it significant legal risks.
This liability concern was of special concern for small EHR system makers. Some smaller companies may be forced to abandon markets based on the regional liability climate.[unreliable source] Larger EHR providers (or government-sponsored providers of EHRs) are better able to withstand legal assaults.
While there is no argument that electronic documentation of patient visits and data brings improved patient care, there is increasing concern that such documentation could open physicians to an increased incidence of malpractice suits. Disabling physician alerts, selecting from dropdown menus, and the use of templates can encourage physicians to skip a complete review of past patient history and medications, and thus miss important data.
Another potential problem is electronic time stamps. Many physicians are unaware that EHR systems produce an electronic time stamp every time the patient record is updated. If a malpractice claim goes to court, through the process of discovery, the prosecution can request a detailed record of all entries made in a patient's electronic record. Waiting to chart patient notes until the end of the day and making addendums to records well after the patient visit can be problematic, in that this practice could result in less than accurate patient data or indicate possible intent to illegally alter the patient's record.
In some communities, hospitals attempt to standardize EHR systems by providing discounted versions of the hospital's software to local healthcare providers. A challenge to this practice has been raised as being a violation of Stark rules that prohibit hospitals from preferentially assisting community healthcare providers. In 2006, however, exceptions to the Stark rule were enacted to allow hospitals to furnish software and training to community providers, mostly removing this legal obstacle.[unreliable source]
In cross-border use cases of EHR implementations, the additional issue of legal interoperability arises. Different countries may have diverging legal requirements for the content or usage of electronic health records, which can require radical changes to the technical makeup of the EHR implementation in question. (especially when fundamental legal incompatibilities are involved) Exploring these issues is therefore often necessary when implementing cross-border EHR solutions.
The United Nations World Health Organization (WHO) administration intentionally does not contribute to an internationally standardized view of medical records nor to personal health records. However, WHO contributes to minimum requirements definition for developing countries.
The United Nations accredited standardisation body International Organization for Standardization (ISO) however has settled thorough word[clarification needed] for standards in the scope of the HL7 platform for health care informatics. Respective standards are available with ISO/HL7 10781:2009 Electronic Health Record-System Functional Model, Release 1.1 and subsequent set of detailing standards.
The majority of the countries in Europe have made a strategy for the development and implementation of the Electronic Health Record Systems. This would mean greater access to health records by numerous stakeholders, even from countries with lower levels of privacy protection. The forthcoming implementation of the Cross Border Health Directive and the EU Commission's plans to centralize all health records are of prime concern to the EU public who believe that the health care organizations and governments cannot be trusted to manage their data electronically and expose them to more threats.
The idea of a centralized electronic health record system was poorly received by the public who are wary that the governments may extend the use of the system beyond its purpose. There is also the risk for privacy breaches that could allow sensitive health care information to fall into the wrong hands. Some countries have enacted laws requiring safeguards to be put in place to protect the security and confidentiality of medical information as it is shared electronically and to give patients some important rights to monitor their medical records and receive notification for loss and unauthorized acquisition of health information. The United States and the EU have imposed mandatory medical data breach notifications.
The purpose of a personal data breach notification is to protect individuals so that they can take all the necessary actions to limit the undesirable effects of the breach and to motivate the organization to improve the security of the infrastructure to protect the confidentiality of the data. The US law requires the entities to inform the individuals in the event of breach while the EU Directive currently requires breach notification only when the breach is likely to adversely affect the privacy of the individual. Personal health data is valuable to individuals and is therefore difficult to make an assessment whether the breach will cause reputational or financial harm or cause adverse effects on one's privacy.
The Breach notification law in the EU provides better privacy safeguards with fewer exemptions, unlike the US law which exempts unintentional acquisition, access, or use of protected health information and inadvertent disclosure under a good faith belief.
The U.S. federal government has issued new rules of electronic health records.
Common Data Model (CDM) is a specification that describes how data from multiple sources (e.g., multiple EHR systems) can be combined. Many CDMs use a relational model (e.g., the OMOP CDM). A relational CDM defines names of tables and table columns and restricts what values are valid.
Each healthcare environment functions differently, often in significant ways. It is difficult to create a "one-size-fits-all" EHR system. Many first generation EHRs were designed to fit the needs of primary care physicians, leaving certain specialties significantly less satisfied with their EHR system.
An ideal EHR system will have record standardization but interfaces that can be customized to each provider environment. Modularity in an EHR system facilitates this. Many EHR companies employ vendors to provide customization.
This customization can often be done so that a physician's input interface closely mimics previously utilized paper forms.
At the same time they reported negative effects in communication, increased overtime, and missing records when a non-customized EMR system was utilized. Customizing the software when it is released yields the highest benefits because it is adapted for the users and tailored to workflows specific to the institution.
Customization can have its disadvantages. There is, of course, higher costs involved to implementation of a customized system initially. More time must be spent by both the implementation team and the healthcare provider to understand the workflow needs.
An important consideration in the process of developing electronic health records is to plan for the long-term preservation and storage of these records. The field will need to come to consensus on the length of time to store EHRs, methods to ensure the future accessibility and compatibility of archived data with yet-to-be developed retrieval systems, and how to ensure the physical and virtual security of the archives.
Additionally, considerations about long-term storage of electronic health records are complicated by the possibility that the records might one day be used longitudinally and integrated across sites of care. Records have the potential to be created, used, edited, and viewed by multiple independent entities. These entities include, but are not limited to, primary care physicians, hospitals, insurance companies, and patients. Mandl et al. have noted that "choices about the structure and ownership of these records will have profound impact on the accessibility and privacy of patient information."
The required length of storage of an individual electronic health record will depend on national and state regulations, which are subject to change over time. Ruotsalainen and Manning have found that the typical preservation time of patient data varies between 20 and 100 years. In one example of how an EHR archive might function, their research "describes a co-operative trusted notary archive (TNA) which receives health data from different EHR-systems, stores data together with associated meta-information for long periods and distributes EHR-data objects. TNA can store objects in XML-format and prove the integrity of stored data with the help of event records, timestamps and archive e-signatures."
In addition to the TNA archive described by Ruotsalainen and Manning, other combinations of EHR systems and archive systems are possible. Again, overall requirements for the design and security of the system and its archive will vary and must function under ethical and legal principles specific to the time and place.
While it is currently unknown precisely how long EHRs will be preserved, it is certain that length of time will exceed the average shelf-life of paper records. The evolution of technology is such that the programs and systems used to input information will likely not be available to a user who desires to examine archived data. One proposed solution to the challenge of long-term accessibility and usability of data by future systems is to standardize information fields in a time-invariant way, such as with XML language. Olhede and Peterson report that "the basic XML-format has undergone preliminary testing in Europe by a Spri project and been found suitable for EU purposes. Spri has advised the Swedish National Board of Health and Welfare and the Swedish National Archive to issue directives concerning the use of XML as the archive-format for EHCR (Electronic Health Care Record) information."
When care is provided at two different facilities, it may be difficult to update records at both locations in a co-ordinated fashion. Two models have been used to satisfy this problem: a centralized data server solution, and a peer-to-peer file synchronization program (as has been developed for other peer-to-peer networks). Synchronization programs for distributed storage models, however, are only useful once record standardization has occurred. Merging of already existing public healthcare databases is a common software challenge. The ability of electronic health record systems to provide this function is a key benefit and can improve healthcare delivery.
The sharing of patient information between health care organizations and IT systems is changing from a "point to point" model to a "many to many" one. The European Commission is supporting moves to facilitate cross-border interoperability of e-health systems and to remove potential legal hurdles, as in the project www.epsos.eu/. To allow for global shared workflow, studies will be locked when they are being read and then unlocked and updated once reading is complete. Radiologists will be able to serve multiple health care facilities and read and report across large geographical areas, thus balancing workloads. The biggest challenges will relate to interoperability and legal clarity. In some countries it is almost forbidden to practice teleradiology. The variety of languages spoken is a problem and multilingual reporting templates for all anatomical regions are not yet available. However, the market for e-health and teleradiology is evolving more rapidly than any laws or regulations.
In 2011, Moscow's government launched a major project known as UMIAS as part of its electronic healthcare initiative. UMIAS - the Unified Medical Information and Analytical System - connects more than 660 clinics and over 23,600 medical practitioners in Moscow. UMIAS covers 9.5 million patients, contains more than 359 million patient records and supports more than 500,000 different transactions daily. Approximately 700,000 Muscovites use remote links to make appointments every week.
The European Commission wants to boost the digital economy by enabling all Europeans to have access to online medical records anywhere in Europe by 2020. With the newly enacted Directive 2011/24/EU on patients' rights in cross-border healthcare due for implementation by 2013, it is inevitable that a centralised European health record system will become a reality even before 2020. However, the concept of a centralised supranational central server raises concern about storing electronic medical records in a central location. The privacy threat posed by a supranational network is a key concern. Cross-border and Interoperable electronic health record systems make confidential data more easily and rapidly accessible to a wider audience and increase the risk that personal data concerning health could be accidentally exposed or easily distributed to unauthorised parties by enabling greater access to a compilation of the personal data concerning health, from different sources, and throughout a lifetime.
In UK veterinary practice, the replace of paper recording systems with electronic methods of storing animal patient information escalated from the 1980s and the majority of clinics now use electronic medical records. In a sample of 129 veterinary practices, 89% used a Practice Management System (PMS) for data recording. There are more than ten PMS providers currently in the UK. Collecting data directly from PMSs for epidemiological analysis abolishes the need for veterinarians to manually submit individual reports per animal visit and therefore increases the reporting rate.
Veterinary electronic medical record data are being used to investigate antimicrobial efficacy; risk factors for canine cancer; and inherited diseases in dogs and cats, in the small animal disease surveillance project 'VetCOMPASS' (Veterinary Companion Animal Surveillance System) at the Royal Veterinary College, London, in collaboration with the University of Sydney (the VetCOMPASS project was formerly known as VEctAR).
A letter published in Communications of the ACM describes the concept of generating synthetic patient population and proposes a variation of Turing Test to assess the difference between synthetic and real patients. The letter states: "In the EHR context, though a human physician can readily distinguish between synthetically generated and real live human patients, could a machine be given the intelligence to make such a determination on its own?" and further the letter states: "Before synthetic patient identities become a public health problem, the legitimate EHR market might benefit from applying Turing Test-like techniques to ensure greater data reliability and diagnostic value. Any new techniques must thus consider patients' heterogeneity and are likely to have greater complexity than the Allen eighth-grade-science-test is able to grade."
European Patient Smart Open Services Work Plan