EMR Access and Confidentiality Based on Patient and Hospital Staff Perspectives
Dhillon K1, Tan E2, Akseer R3, Alhosani MS3, Ho GF4, Lim SHE3, 5, *, Jamaludin ANSJ1, *
Identifiers and Pagination:Year: 2018
First Page: 533
Last Page: 545
Publisher Id: TOPHJ-11-533
Article History:Received Date: 16/10/2018
Revision Received Date: 16/11/2018
Acceptance Date: 3/12/2018
Electronic publication date: 28/12/2018
Collection year: 2018
open-access license: This is an open access article distributed under the terms of the Creative Commons Attribution 4.0 International Public License (CC-BY 4.0), a copy of which is available at: https://creativecommons.org/licenses/by/4.0/legalcode. This license permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
The Electronic Medical Records (EMR) system is a longitudinal electronic record consisting of all the information relevant to a patients’ health and well-being, generated by at least one encounter in a healthcare setting. It can be accessed within an institution with multi-level accessibility based on authentication customized to the type of user. Since the EMR system potentiates an organised and holistic medical history specific to a patient, it enables medical professionals to deliver a higher quality of healthcare services.
The aims of this study were to understand the global perspective of EMR and its implementation as well as to locate the gaps of knowledge that still existed in the understanding and definition of EMR amongst patients and hospital staff.
All major bibliographic databases such as PubMed and Google Scholar and several specialist datasets such as PsycINFO, MEDLINE and EBSCOhost from the previous 10 years (2007-2017) were employed in our search. Paper citations which utilised a reference standard were incorporated for quality assessment. An initial search found 2700 articles however after factoring in the inclusion and exclusion criteria, only 78 articles were included in this review.
Our findings indicated a discrepancy between the expectation of patients and what was actually practiced. Patient concerns mainly involved easy access of healthcare professionals other than doctors to their EMR in addition to non-medical information. The assumption of confidentiality was expected to be maintained by indifference; however, a good face-to-face explanation cannot be substituted with control over content and access to EMR. In the event of a breach in patient confidentiality, lawsuits against healthcare providers will rise exponentially as patients are now well-informed and more empowered to ask questions regarding the care they are receiving and information being disclosed to other parties.
Security of information can be attained with better modelling protocols, end-user training and refresher courses done on a regular basis. Finally, controls of access will need to be implemented via passwords and digital signatures.