Parsing out the various terms used in relation to a patient’s health record can be daunting. Here’s a primer to make the process less intimidating
“Lions and tigers and bears, oh my!” This line from The Wizard of Oz often comes to my mind when I present on the subject of the differentiating between a medical record, a designated record set, and a legal medical record.
That’s only the first part of the equation. The second part involves the nuances of an electronic health record (EHR) versus an electronic medical record (EMR). Regardless of the term used, something that invariably arises with these presentations is a discussion about what information needs to be included in a patient’s medical record.
Just getting started but thoroughly intimidated? Embarrassed to admit that after all these years you still don’t know what all these terms mean? Don’t be. Let’s begin with the basic definitions.
Now that you know the basics, let’s dig in to what a medical record must contain.
At a minimum, a medical record must include the patient’s identifying information, including name, date of birth, Social Security number, address, contact information, insurance information, emergency contact information, HIPAA Authorization, and advance directives.
Beyond those basics, the medical record must also include adequate clinical documentation that substantiates medical necessity, such as SOAP notes:
The information included in the medical record should meet medical treatment protocols, which are based on scientific evidence and professional standards of care. (See §88.15, public health service.)
Tantamount to an accurate, complete and up-to-date medical record is an appreciation for the sensitive and personal information these records contain. It is important to always remember a patient’s right to privacy. It’s not just a HIPAA issue, it is a Constitutional issue. The Texas Court of Appeals ruling In re Columbia Valley Regional Medical Center, 41 S.W.3d 797, 802 (2001) established that, “there is a constitutional right of privacy in this case. Apart from any statutory or evidentiary privileges that apply, the medical records of an individual have been held to be within the zone of privacy protected by the United States Constitution.”
Medical records must be comprehensive enough to substantiate medical necessity; appropriately identify the patient; accurately document insurance information; and have adequate technical, administrative, and physical safeguards in order to protect a patient’s privacy.
Rachel V. Rose, JD, MBA, advises clients on compliance and transactions in healthcare, cybersecurity, corporate and securities law, while representing plaintiffs in False Claims Act and Dodd-Frank whistleblower cases. She also teaches bioethics at Baylor College of Medicine in Houston. Rachel can be reached through her website, www.rvrose.com.