by Not Given
Several reviewers stated they were using ipads for their session notes. I’m wondering about confidentiality and how they transfer those notes from their ipads to non-electronic files.
Thank you.
Response:
Really I don’t know if there is an easy answer if one wants to minimize their risk and liability with regard to patient confidentiality and HIPAA. From what I can tell the solutions still seem somewhat fragmented. I would think that all the precautions required of paper records also apply to mobile devices that contain patient records – keeping it out of public view, under lock and key when not used, etc
Without some sort of integrated solution I think there will always be risks involved with taking and/or storing patient notes on a tablet or mobile device. For example what happens if the device is lost or stolen. I’ve seen that happen with one of my own healthcare providers – someone broke into their office and stole some of their computers. Then they had to notify all their patients that their information had been compromised.
And then there are BYOD (Bring Your Own Device) situations by physicians and healthcare vendors where they may be using their own personal device for session notes which can present a lot of risks if not carefully managed.
I wonder if some providers are using one of the popular apps or services for patient notes such as Evernote or Google Docs or some sort of dedicated app. While these can be managed securely via password you still have the issue of how to transfer these notes to other systems and media.
I searched the Apple App Store and noticed there were a few clinical note apps available. Couldn’t tell if they had the ability to back-up or sync to a computer or the cloud. They were strictly clinical note apps and not part of a larger EMR (Electronic Medical Records) or practice management system.
I think the healthcare industry has been slow to adopt iPads, tablets, and smartphones, etc. due to the concerns about data security, patient confidentiality, and similar HIPAA issues. There’s also questions about how to integrate these devices with the practice management and EHR (Electronic Health Records) systems. However the ease of use and adoption of these devices in other parts of the healthcare process will help to speed their use.
The same safeguards implemented in EHR and practice management systems also have to be incorporated in the apps developed for accessing these systems. I noticed many of the vendors of these systems are beginning to offer apps for access to their applications on mobile devices.
I think the solution is the mobile device becoming a portal to these systems – that the patient notes and other information doesn’t necessarily reside on the device but on a central secure system such as a server or cloud based system. This would go a long way to addressing the concerns of data security and backup.
Really I wonder if a good solution with regard to HIPAA compliance and patient confidentiality is to use an EHR system and the dedicated app created for it by the EHR vendor. There are free EHR systems out there such as Practice Fusion which are offer access via iPad – so there are economical solutions. But you then have the challenges of migrating to a new system, how it integrates with the existing systems, etc. Many practice management systems are also beginning to offer apps. And then what if the iPad apps are crappy and difficult to use.
As with conventional paper records the weak link is the people and the precautions taken to protect patient information. I think using a mobile device for patient records or session notes is acceptable as long as the same precautions are taken as with traditional records. That does require thinking out how and where the device is used, who has access, where the data actually resides (on the device or on a server), the security of the networks the device is connected to – it can get fairly complicated.
Visitors feel free to comment and express your opinions, suggestions, or experiences on this subject by clicking the link below.