Wansford
Home

Patients
 

Practice information 
Repeat Prescriptions
Appointments
Patient participation group 
Health information 
Subscribe to newsletter
Internet directory
Contact the surgery
Health professionals
NHSnet and Internet Links
GP training

Communication skills
Electronic Health records
EMIS user information
Shopping  directory
Searching the Internet
 

Good Practice Guidelines for General Practice Electronic Patient Records

Prepared by The Joint Computing Group of the General Practitioners' Committee and the Royal College of General Practitioners Sponsored by The NHS Executive General and Personal Medical Services Branch Date: 31 August 2000 Version: 2.6

Pages 1-8 on this page  Pages 9-17

Foreword 

This set of good practice guidelines was prepared at the request of the NHS Executive in consultation with the Joint Computing Group of the General Practitioners' Committee of the British Medical Association and the Royal College of General Practitioners. Its primary purpose is to provide a professional framework for the legitimisation of electronic patient records in general practice. It is also intended as a source of authoritative advice for those general practitioners who keep computerised patient records or who intend to transfer their record systems to computer.

The principles of migration from paper records to electronic records (EPRs) were set out by the joint statement of the RCGP and GPC of the BMA:

* Paperless Practice; a position statement from the Joint Computing Group of the GPC and the RCGP

These good practice guidelines take this statement further drawing on a large body of underlying work which is referenced within "ScopeEPR" below. The principle sources were:

* Computerised Patient Records in General Practice: - Discussion of Good Practice Version 1 David Markwell in conjunction with the Joint Computing Group March 1995

* "ScopeEPR": Royal College of General Practitioners Health Informatics Task Force Electronic

Patient Record Study December 1998

* Guidance on Medical Records D E Pickersgill GMSC Statutes and Regulations Subcommittee 1994

* Issues arising from going paperless A Preliminary Report to the Clinical Systems Group Tom Davies - 9th December 1998

* Security in Clinical Information Systems BMA 1996.

* Security Policy for Information and Information Systems in General Practice. Royal College of General Practitioners 1997

* Confidentiality: Providing and Protecting Information. General Medical Council April 1999

* Protecting and Using Patient Information - A Manual for Caldicott Guardians

* The NHS IM&T Security Manual

* General Medical Practice Computer Systems Requirements for Accreditation - RFA99 NHS

Information Authority October 1999

The document is divided into:

* An Introduction: which discusses general aspects of electronic patient record keeping.

* The Guidelines: which contains the body of the document.

Page 1

Good Practice Guidelines for General Practice Electronic Patient Records Version 2.6

2 Introduction

The guidelines for good practice described in the next section are based on consideration of the purposes for

which patient records are held as identified below:

2.1 The purposes of patient records

2.1.1 Clinical purposes

Practices currently require a patient record system that can be used to:

* Assist in the clinical care of individual patients by:

- Assisting the author to structure his or her thoughts and make appropriate decisions;

- Acting as an aide memoire for the author during subsequent consultations;

- Making information available to others with access to the same record system who are involved in the care of the same patient;

- Providing information for inclusion in other documents (e.g. laboratory requests, referrals and medical reports);

- Storing information received from other parties or organisations (e.g. laboratory results and letters from specialists);

- Transfer the record to any NHS practice with which the patient subsequently registers.

* Assist in the clinical care of the practice population by:

- Assessing the health needs of the practice population;

- Identifying target groups and enabling call and recall programmes;

- Monitoring the progress of health promotion initiatives;

- Providing patients with an opportunity to contribute to their records;

- Supporting medical audit.

2.1.2 Non-clinical purposes

Practices also need a patient record system that can be used to meet administrative, legal and contractual obligations by:

* Providing medico-legal evidence (e.g. to defend against claims of negligence or breach of service);

* Providing legal evidence in respect of claims by a patient against a third party (e.g. for injuries, occupational diseases and in respect of product liability);

* Meeting the requirements of specific legislation on subject access to personal data and medical records;

* Recording the preferences of patients in respect of access to and disclosure of information they have provided in confidence;

* Providing evidence of workload within a practice or a PCG;

* Providing evidence of workload to Health Authorities (e.g. to support claims and bids for resources);

* To enable commissioning of community and secondary healthcare services;

* Monitoring the use of external resource usage (e.g. prescribing, laboratory requests and referrals).

2.1.3 Additional purposes

Some practices also currently require a patient record system that can be used:

* To interact with a decision support / expert-system;

* To support teaching and continuing medical education;

* To enable:

- Epidemiological monitoring;

- Surveillance of possible adverse effects of drugs;

- Clinical research.

Page 2

Good Practice Guidelines for General Practice Electronic Patient Records Version 2.6

Introduction

2.2 Electronic and Paper Records

Most of the purposes described above are generic. In other words, they apply to both paper and electronic records. A few, however, are not in that they are only possible in an electronic environment; and some purposes are more easily fulfilled in an electronic record than a paper one and vice versa. What follows is a brief description of characteristics that are, or may be quite different in electronic patient records than in paper ones and which accordingly need to be supported by these good practice guidelines.

2.2.1 General Characteristics

* Physical

 EPRs depend for their existence on the presence of supporting hardware and software. Paper records do not. In so far as EPRs have a physical presence, this exists at the point(s) of data storage on the machine(s) involved. Paper records exist in the space that they themselves occupy.

* Accessibility

? EPRs may be available to the clinician at any point where electronic access is provided to the record data (and they allow simultaneous access by several clinicians at different sites). Paper records have to be physically present at the point of use.

* Resource

 Paper records are cheap in themselves; in comparison EPRs are not. EPRs require investment in the necessary hardware, software, maintenance, upgrades and training. This may be offset against savings in filing, storage and retrieval costs for the paper equivalents but there remains a different order of investment type and magnitude for computerised records.

* Predictability

 Paper records are highly predictable in their form and function. In U.K. general practice it is perfectly possible for a primary care clinician to move from one practice to another without experiencing any difficulty in reading from or writing to different practice's written records. This is not necessarily the case for EPRs where not only may the interface to the records be quite different in different practices but, in addition, the added value functions that EPRs may have - such as decision support or audit functions - may or may not be present or be present in unpredictable ways. This has implications for both training and system accreditation.

* Maintenance

Paper records require little maintenance beyond consideration of filing and internal ordering. EPRs have all sorts of additional needs in terms of technical maintenance, upgrades, and preservation of their integrity which require quite different organisational approaches and investment.

* Training

Paper records are generally regarded as intuitive in their use. Although clinicians typically receive a degree of training in aspects of record construction, this is mostly to do with their semantic content rather than the specifics of the interaction between themselves and their records. Most EPRs are not usable without that additional training investment both because individual EPR systems are idiosyncratic in their construction and require specific training for their use, and because full exploitation of the potential of EPRs requires some understanding of the more general possibilities inherent in computerised records vis-a-vis paper.

Page 3

Good Practice Guidelines for General Practice Electronic Patient Records Version 2.6

Introduction

2.2.2 Record Characteristics

* Data Entry

Data entry in paper records is relatively easy. Data entry for EPRs is more complex, not just because EPR systems require specific training in their use, but also because there are particular problems presented in terms of entering data into EPRs from remote sources, and from the different semantic implications of information in an EPR to that in a paper record. This latter factor is amplified below.

* Data Retrieval

 Data retrieval from EPRs is easier than from paper - not just because EPRs are physically more accessible to their users than paper records - but also because the ability to interrogate the content of EPRs for audit and analysis purposes is arguably their single greatest advantage over their paper equivalent .

* Semantics

Paper records generally depend for their meaning on the intention and semantic competence of their author(s). There may be some additional organisational elements that affect semantics (such as the way the paper is ordered, the presence or absence of a meaningful summary etc.) but the crucial aspect of the paper record is that it provides considerable freedom of expression for its authors in communicating their meaning. EPRs, on the other hand, always constrain to a greater or lesser degree what is possible to be entered into them. Their design in terms of the availability of coded information and the relationship between those codes and text entry as well as other elements of structure such as problem orientation, access to documents and the like requires particular semantic skills for good usage. This, in turn, contributes to the training requirement. 

 Furthermore, while electronic records carry advantages over paper ones in terms of processability (e.g. audit, automated decision support, warning of alerts etc.), the corollary of this is that in EPRs there is a "machine" element to the semantic which is not present in the paper record. In other words, computerised records will only give added value if they are provided with data in predictable ways. This is commonly paraphrased to "garbage in garbage out". This fact carries an additional training implication and may be crucially important in terms both of reliable organisational decision-making based on computerised information and, more importantly, for safe patient care.

2.2.3 Legal Characteristics

While, for the most part, the principles of behaviour that underpin legal aspects of medical record keeping are similar for both paper and EPRs, there are significant differences in the effects of the law on principles of good practice for computerised records vis-a-vis paper ones:

* Medical Confidentiality

There is no law in the U.K. that directly asserts the obligations of medical confidentiality. However, any information held in confidence, as is the majority of heath information, is protected by the Data Protection Act 1998 and by the Common Law Duty of Confidence.

* Access to Records

Access to both electronic and paper records is now covered by the Data Protection Act 1998.

* Medicolegal

There are two aspects of the law as it affects medicolegal characteristics of records that provide

for significant differences between paper and computerised records. The first of these relates to

the apparent greater ease with which computer records can be modified without that being

apparent. To prevent such modification from tainting evidence in court, the Civil Evidence Acts

have a provision - see below.

The second matter is the question of where lies the true account of events for any case at issue.

For a paper record this is usually obvious. It is much less so for EPRs and current law does not

help in this regard. This will be discussed further below.

Page 4

Good Practice Guidelines for General Practice Electronic Patient Records Version 2.6

Introduction

* Health and Safety

 Paper records have no specific health and safety implications. The machinery which provides

access to EPRs is covered by EU directive and U.K. legislation. Once again, this will be

amplified below.

2.2.4 Security Characteristics

The differences between paper and electronic records are, perhaps, most marked when security of those records

is considered. The subject of record security can be a contentious one; possibly because "security" is not a

simple concept in its own right but is made up of different elements. For the sake of definition in this document,

the elements of computer security in the Open Systems Interconnection Model of the International Standards

Organisation1 are used. The baseline security standard for the NHS is likely to be BS7799(Part 1: Code of

Practice for information security management). Existing guidance can be found in the NHS IM&T Security

Manual.

* Availability (The property of being accessible and useable upon demand by an authorised entity.)

 As mentioned above, paper records are available if they are physically present, and EPRs from

any point of electronic access. The availability of EPRs is therefore determined by a series of

considerations whose total effect on good practice is significant - see below.

* Integrity (The property that data has not been altered or destroyed in an unauthorised manner.)

 This has specific requirements for EPRs which include appropriate audit of record

entry/modification as well as physical security of record systems - see below.

* Accountability (The property that ensures that the actions of an entity can be traced.)

 For a paper record this amounts to the "signature". In EPRs, the issues include audit trails and appropriate "authentication" of record entries - discussed at greater length below.

* Confidentiality (The property that information is not made available or disclosed to unauthorised individuals, entities or processes.)

Finally comes the complex question of maintaining medical confidentiality in and between computer systems, including access control measures, physical security and privacy of systems, encryption and so on. All of these present quite different problems to those relating to confidentiality of paper records.

1 ISO 7498/2, International Standards Organization, Information Processing Systems - Open Systems

Interconnection Reference Model, ISO 7498/2 Security Architecture, 1988

Page 5

Good Practice Guidelines for General Practice Electronic Patient Records Version 2.6

3 Good Practice Guidelines

This part of the document contains guidance for general medical practitioners using electronic records as their primary means of keeping information related to the care of their patients. It is this part of the document that is referenced by The National Health Service (General Medical Services) Amendment (No.4) Regulations 2000 which concerns the legitimisation of electronic patient records in general practice. It provides detailed good practice advice in support of aspects of electronic record keeping raised in the Introduction. That advice will, of necessity, change from time-to-time depending on technologies currently pertaining in general practice records, and new legislation that might in future affect the keeping of records in primary care. The guidelines are considered under the following headings:

* Hardware Requirements

* Electronic Record Requirements

* Maintaining Security

* Medical Confidentiality

* Training and Other Resource Requirements

* Regulatory Requirements

3.1 Hardware Requirements

The particular hardware/machinery that is needed for practices to support electronic records will vary to some extent depending on practice circumstances. What follows are some general guidelines that will usually be necessary to consider in each practice's case.

3.1.1 Accessibility

Practices will need to provide for themselves workstations at each point within the organisation where staff will need to have access to the electronic patient record or other supporting applications. This will normally mean supplying workstations in each consulting room, including treatment rooms, as well as in proximity to support staff work locations. The latter would be normally expected to include each fixed place where a receptionist would normally interact with a patient, both physically and on the telephone; each place where secretarial duties are performed; and each place where practice management routinely occurs. Other access points might include a dispensary, portable access for those engaged in household visiting, from the home of some staff, and points of access from allied organisations such as Out-of-Hours centres. (In the latter three cases, it is important to ensure that aspects of good practice are maintained as soundly in those places as they are in the primary organisation with responsibility for the records).

Enhanced authentication mechanisms are likely to feature in future for both NHS staff and patients who access, use and share electronic information based upon "best commercial practice". Such mechanisms will be dependent upon the prior establishment of core infrastructure arrangements for authenticity and trust. They are likely to be similar to arrangements currently being considered for Information Age Government and its interfaces with UK citizens and other organisations.

3.1.2 Capacity and Storage

Each practice should ensure that it has available to itself sufficient data storage capacity (either in terms of hard disk size or other removable or archive media) to meet the current and medium term future needs for holding their electronic records and supporting applications. In addition, they should ensure that the back-up media that they use will meet not only their current requirements but also those envisaged in the medium-term.

Each practice will need to form its own judgement on necessary capacity which will depend on a variety of factors including:

* Practice list-size

* Practice turnover of patients

* The size and complexity of the software that the practice uses

* The data storage efficiency of the primary electronic patient record software

Page 6

Good Practice Guidelines for General Practice Electronic Patient Records Version 2.6

* The degree of detail that the practice typically employs in its electronic records

* Those components of the practice's activity which it wishes to make paperless and the timescale that it wishes to adopt

* The degree to which the practice stores high-volume files in association with their patient records such as image or sound files and, in particular, scanned records or elements of records

That judgement needs to be regularly updated so that, for instance, the practice can be certain that during any 6 -12 month period they are not going to experience reduced efficiency of the EPR system as free storage space diminishes.

3.1.3 Supporting Hardware

In addition to the central processing unit(s) and access workstations, the practice will need to provide for itself a number of other pieces of equipment. These will include:

* Printers

In addition to supplying printers at each place where FP10s will be printed, practices will need to provide additional printing support - usually available across a network to all - for the printing of letters, patient records or parts of patient records, and other documents necessary for the support of the business of the practice.

* Equipment for local network support

In order for electronic records to be available from many places in the practice, the practice will need some form of cabled infrastructure. This would normally be expected to be in the form of a local area network (LAN) with appropriate network hubs and cabling. Where practices exist on more than one site, they will also need to support this network across intermediate telecommunications links of one sort or another. Remote accessibility and support functionality are likely to be provided within the new information security architecture in a consistent way and will in future benefit from enhanced authentication arrangements as described above (3.1.3).

The NHS Executive will publish further guidance at the earliest opportunity.

* Equipment for remote network support

 Each practice will need to have the means of access to or from a remote network. This might be the NHSnet, or facilities for remote access for the purposes of maintenance, or the Internet. In each case, at least a modem will be necessary as well as additional equipment for the maintenance of the security of the practice system. The latter is discussed further in the relevant section.

* Equipment necessary for Health and Safety

Each Visual Display Unit (VDU) that the practice uses will need to comply with the relevant law (see Regulatory Requirements). In addition, the practice would be well-advised to ensure that the ergonomic characteristics of their work-terminals are appropriately maintained. This may mean providing special office furniture including adjustable seating, adjustable arms for display equipment, purpose-designed desks, VDU screens and so on.

* Equipment necessary for Security

 In order to maintain the physical security of the system, the practice will need additional pieces of equipment. These would be expected to include:

* Uninterruptible Power Supplies (UPS) (which need to be used not just for the main processing unit but also for any terminal where significant additional processing occurs)

* A fire-safe for the local holding of back-up and other sensitive removable media

* Additional security material such as desk chains, lockable boxes for main processing

unit(s), movement alarms and so on

Page 7

Good Practice Guidelines for General Practice Electronic Patient Records Version 2.6

3.2 Electronic Record Requirements

This part of the good practice guidelines expresses advice on a number of aspects of good record-keeping that are peculiar to electronic systems. It does not constitute a general treatise on good medical records. Each aspect is discussed under its own heading:

3.2.1 Expression of Information

All medical records are more or less successful depending upon their ability to communicate to others, to their authors over time and, now, to their subjects what was the essence of the patient's condition and experience and the clinician's appreciation of them at the time of recording. EPRs, in addition, may be deemed to be successful if they appropriately provide the wherewithal for secondary processing of the information within them either for the purposes of medical audit, decision support or secondary display of categories of clinical information for particular purposes. This inherent aspect of electronic patient records can only occur if the records are provided

with a machine-recognisable "structure" in the form of medical codes, clinical headings or categories, standard qualifiers of information and so on. The need for this "structure" in an EPR, while facilitating its inherent added value, also means that the entry of data may need to be facilitated by the use of constraints (and hence the expression of information) needs to be constrained.

Furthermore, information entered into one patient record system will ultimately be transferred in whole or in part to another where it is important that the meaning of the original entry be preserved. This fact carries further constraint.

Some issues arise:

1. Code use policy: It is already a matter of professional and public policy that general practice (and all N.H.S. EPR systems) should use a common coding scheme so that machines may share an understanding of the medical concepts that the coding scheme represents. This policy has not yet been achieved but it has recently been re-avowed in the NHS Executive Information Strategy Information for Health. One mechanism for introduction and maintenance of a common coding scheme in general practice could be through the Requirements for Accreditation for G.P. systems (see below). This already requires G.P. systems to use one of the versions of Read codes.

However, even when a common coding scheme is in place (as it usually effectively is on any single EPR system), there will be a number of possible ways to express what amount to similar concepts. This may have little significance as far as the subsequent human-readability of the information is concerned but, if a practice wishes to perform retrospective audit or other machine processing based on the value of the codes used, difficulties may arise in construction of reliable queries. Hence it would be advisable for practices who intend to perform such audit regularly to agree in advance what will be the permissible code values to be used at the point of data entry (and possibly to constrain that data entry by the use of some template or device which enforces a particular set of code values).

In addition, in most current G.P. systems, there is usually a wide degree of choice as to how much of the information to be entered can be done by means of "free text" and how much can be entered using coded entries or a combination of the two. Views on the correct balance between these two models is evolving.. The more coded data that is entered, the easier the record is to manipulate, with more meaningful interrogation being possible. In addition the more coded the EPR becomes the greater the potential value of any subsequent onward transfer. On the other hand clinicians need to have the freedom of expression that comes with unlimited free text entry.

Many entries are records as to fact; for example what the blood pressure was on a particular day, or a full blood count result or some other measurement, or the confirmation of a myocardial infarction. In any particular practice, it would be advisable that a consensus is reached as to which categories of entries should always be coded. Other types of entry may not need to be so stringently coded but all entries may have their value enriched with added text.

The diversity of practice is such that there will probably always be information for which a definitive code cannot be found. Subject to 3 and 4 below, more general codes might be used with free text amplification or for some entries non specific general codes (such as the code "had a chat to patient") might be chosen to which the clinician may or may not wish to make an appropriate text entry Where codification of certain data is not felt to be sufficiently important a practice may decide to use only free text entries. .

Page 8

Pages 1-8 on this page  Pages 9-17

  Home Health links Internet directory 
 Subscribe to newsletter
Send any website enquiries to Feedback@wansford.co.uk
Site design - Dr Amrit Takhar
Last modified: July 06, 2003