Records: off the record

COMPUTERS were supposed to simplify the complicated world of medical record-keeping.

Out would go all the dusty, cumbersome old files that fill entire rooms, to be replaced with easy-to-access computer files that take up a tiny amount of space and can be easily transferred to wherever they are needed. But many practices across the UK still seem to be waiting for this time-saving, electronic revolution to hit its stride. Instead, they continue to manage the myriad of different practice software and computer systems currently in use – many of which still aren’t compatible with each other – as well as the steady stream of paper files that need to be scanned, copied, redacted or archived.

According to the Scottish Clinical Information Management in Practice (SCIMP) Good Practice Guidelines for Electronic Records 2006: "The transfer of paper GP records alongside electronic ones will continue for the foreseeable future." This is because patient records are made up of so many different parts – the A4 folder, historical paper notes and Lloyd George envelope – and, amongst other factors, not all UK practices fully use electronic records for direct patient care. Generally, the main pitfalls in transfers involve sending incomplete information, disclosing confidential patient information or disclosing third party information.

PRACTICE TO PRACTICE

When a patient decides to leave your practice, their complete medical records should go with them. Practices will often be able to send on records electronically (provided both practice computer systems are compatible), but managers must be sure that any remaining paper documents not included in the electronic records are also sent on in due course. If it’s not possible to send records electronically, the practice would have to arrange for them to printed and sent to the new practice.

Under the Data Protection Act (DPA), information should not be held for longer than necessary. This would normally mean that when a patient leaves a practice and registers elsewhere, the records held by the former GP should be destroyed. But GPs have been exempted from this element of the Act because the audit trails within the GP clinical system record and electronic records can’t be transferred between practices. The General Practitioners Committee and Information Commissioner agreed the exemption will remain in place until audit trails can be transferred.

PATIENT REQUESTS

The DPA allows patients access to their full medical records. Practices must comply within 40 days and can charge £10 to patients who wish sight of their records or a maximum of £50 to provide a copy. Practices must be careful, however, that the records don’t contain third party information or information that could be deemed detrimental to the patient’s physical or psychological wellbeing. Files should usually be printed and any sensitive information redacted before the patient sees the records. Such information might, for example, refer to another individual’s medical history, detail allegations of abuse by a parent or spouse or other confidential third party information.

REFERRALS AND OTHER REQUESTS

A transfer of medical information is also necessary in GP referrals to hospital specialists. The risks here may seem low but there are pitfalls. In providing patient referrals, doctors should only include personal information relevant to the medical condition being treated. Inadvertent inclusion of personal details that a patient may not want disclosed in a referral is a much greater risk today with most patient information now being held in easily transmissible electronic form. It is important that practice systems for referrals take account of this risk. Disclosure of confidential information unnecessarily or improperly can expose practitioners to possible civil actions or disciplinary proceedings, or prosecution under the DPA.

The same principles apply when dealing with legitimate requests from insurance companies or other health professionals such as occupational therapists. Any sensitive/ third party information must be redacted before files are sent. Doctors must also remember that, while the DPA may allow for the disclosure of certain information under certain circumstances, GMC guidelines may not. Doctors must be prepared to answer to the GMC should they disclose information in a way that conflicts with the council’s guidance.

MIND THE GAP

Patients returning to a practice after a period elsewhere also require careful consideration in regard to medical records. While the practice may hold past records, practices must take care as the record will be out of date and there will be a gap in clinical and prescribing information. If a patient re-registers with the practice and the patient record is reactivated, then the record must be updated once the information is received from the sending practice.

Members who are unsure when to redact, delete or disclose information should contact the MDDUS for advice.

LINKS

• Department of Health’s Good practice guidelines for general practice electronic patient records
• SCIMP have just published advice for practices regarding system migration; moving to paperless working; and back-scanning patients’ paper notes

Joanne Curran is an associate editor at Practice Manager