Frequently Asked Questions about Electronic Health Records and Health Information Networks

  1. What is an electronic health record (EHR)? An electronic health record is defined by the National Alliance for Health Information Technology as an electronic record of health-related information on an individual that conforms to nationally recognized interoperability standards and that can be created, managed, and consulted by authorized clinicians and staff across more than one health care organization. In layman’s terms EHRs are computerized versions of patients’ clinical, demographic and administrative data. The records may include treatment histories, medical test reports and images stored in an electronic format. Although they sometimes are also referred to as electronic medical records (EMR), EHR is now the preferred term because its definition includes the ability to exchange information interoperably while EMR does not necessarily have that ability.
     
  2. How secure are electronic health records?  Just like paper records, electronic health records must comply with the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule in regard to protecting patient privacy. Unlike paper records, electronic health records can be programmed so that only authorized individuals can view them.
     
  3. What is health information exchange (HIE)?  Health information exchange is the electronic movement of health-related information among organizations according to nationally recognized standards. HIE usually occurs within a health information organization (HIO).
     
  4. How secure is HIE?  The latest hardware, software, processes, and procedures are used to provide the highest degree of protection for your health information when  it is moved by computers among organizations. The health information exchange network must comply with both federal and state laws. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules set a federal floor but state laws are often even more protective.
     
  5. What principles of security and privacy would be followed?  The privacy and security standards in place under the HIPAA Privacy and Security Rules also apply to electronic health information. As health information organizations offer services that directly interface with consumers, additional privacy and security standards may need to be put into place.
     
  6. What is health information exchange (HIE)? Health information exchange (HIE) is the electronic movement of health-related information among organizations according to nationally recognized standards. HIE also sometimes is referred to as a health information network (HIN).
     
  7. How would EHR/HIE be useful in an emergency? When someone needs care in an emergency, that person might be far from home, unable to communicate or unable to remember key information, such as names and doses of prescription drugs. Allowing a physician to retrieve the patient’s records quickly and completely speeds the delivery of appropriate care, and avoids unnecessary duplicative testing, medical errors and extra costs. This is the ultimate goal the federalgovernment has set for 2014.
     
  8. How would EHR/HIE be useful in a disaster? During such disasters as floods, hurricanes and wildfires, paper records can be lost or ruined. Electronic health records, however, can be backed up securely and stored in several locations. That permits their retrieval whenever and wherever necessary for medical treatment.
     
  9. Why would EHR/HIE lead to less duplicative medical testing and a more efficient system? When each physician involved in a patient’s care has all of that patient’s data readily available, medical tests that have already been performed do not have to be repeated unless new developments warrant them. This allows the physician to determine further course of treatment more quickly and accurately.
     
  10. How secure would an HIE be? State-of-the-art systems would be employed to secure records to the greatest degree possible and prevent access to unauthorized persons. Any system used must comply with the security provisions of the federal Health Insurance Portability and Accountability Act (HIPAA). HIPAA is the regulatory minimum, and state laws and regulations often supersede it.
     
  11. Aren’t most doctors and other health care providers already using EHR? You might think so when you get computerized bills. But even though most providers have computerized their financial records, many of them are still keeping patient care records on paper.
     
  12. What is e-Prescribing and how does it relate to EHR/HIE? Electronic prescribing, or e-Prescribing, enables a physician to transmit a prescription electronically to a pharmacy. It also enables physicians and pharmacies to obtain information about a patient’s eligibility and medication history from drug plans. In many places, e-Prescribing is the first form of EHR/HIE being adopted.
     
  13. Is this a national effort? Yes. The federal government has set a goal for most Americans to have electronic health records by 2014. That goal includes establishing regional and national health information exchange networks that will ensure that complete health information is available for most Americans atthe time and place of care, no matter where that is. The system would permit sharing information privately and securely among health care providers when authorized by each patient.
     
  14. How would EHR/HIE improve patient safety? When any physician treating a patient at any time and in any place has access to all the patient’s records, the physician can make more informed decisions based on complete information. Also, EHR/HIE systems can automatically alert health care professionals when there are conflicts between prescribed drugs. In addition, when medical information is stored electronically, problems with illegible handwriting on paper records and prescriptions are eliminated.
     
  15. What principles of privacy and security would be followed? The privacy standards in place under HIPAA also apply to electronic health information.  As health information networks offer services that directly interface with consumers, additional privacy and security standards will be put into place. State-of-the-art technological safeguards are adopted by networks to protect information in relation to hardware and software operations.