User login
Pitfalls in physician-patient communication via patient access support portals
Technology can be used to enhance communication, increase patient safety, and improve overall patient care. For example, many physicians have arranged for remote access to medical records and established a unique system of communication via a patient access support portal. A patient portal is a secure online website that provides patients 24-hour, on-demand access to their health information. Patient portals, while popular and oftentimes quite helpful, are not without drawbacks. Communication by electronic means with your patient can be viewed by some as impersonal and can make patients less tolerant to what they perceive to be a mistake, error, or unwanted outcome. A decrease in face-to-face contact and communication with your patient also gives you less time to resolve any conflict or disagreement. While communication via a patient access support portal has the potential to free up medical staff for direct patient care, such communication also carries liability risk.
Patient access support portal
A physician’s legal responsibility to communicate in a timely and accurate manner does not change, irrespective of the form of communication. However, communication via a patient access portal does have some unique features that must be considered by the practitioner. Practitioners must remember that any communication via the patient portal creates a permanent record, which can and will be used in the event of litigation. For example, when responding to a patient inquiry about a specific complaint, treatment provided, or test result, it will be presumed that the physician had access to the patient’s full medical record and that the full record will be utilized in making a response. Accessing the patient’s chart will leave an audit trail that will provide what is known as metadata, which in the context of electronic medical records, is what allows technicians to verify that the patient record was accessed, and it provides details as to when, and for how long it was accessed. These records are frequently pursued in litigation, so you must understand that parties can often re-create an intricate and accurate timeline of events. While state courts are divided on the issue of whether metadata contained within electronic medical records is discoverable, recent federal court decisions have held that such data is discoverable pursuant to the Federal Rules of Civil Procedure. Thus, once a patient has communicated with you via the portal, you will be responsible for responding in an appropriate and prompt fashion. For these reasons, it is imperative that you create an agreement with your patients as to how the portal will be used and clearly set forth the rules for such use.
Patient portal policies and procedures
In creating patient portal user agreements (See "Sample User Agreement," attached below), it is crucial that an agreement clearly identify the policies and procedures for use. A patient portal user agreement should:
- Set forth the rules and regulations for portal use.
- Include a verification procedure that requires the patients to confirm that they have the legal capacity to consent to the terms of use. This is especially important when treating patients with mental disability, elderly patients with dementia, minors, and any other individuals who may not legally consent.
- Include a verification procedure that requires the patients to confirm that they understand and agree to abide by the user agreement rules.
- Include a detailed list that informs users of the risks and benefits of communicating via the patient portal.
- Stress that communication through the patient portal is for nonemergent matters only.
- Set forth permissible topics for use, such as communicating with the physician or staff, obtaining test results or records, and setting, changing, or canceling appointments.
- Clearly indicate certain topics that should not be discussed via the patient portal, including mental health issues.
- Reiterate that communication via the patient portal is only one option, and that all other standard methods of communication remain available. In doing so, provide office telephone numbers, hotlines, and email addresses for convenience.
- Inform the patients that they should call the office with any questions or concerns regarding use of the patient portal.
- Include a statement that the patient should call 911 or proceed directly to the nearest hospital for any and all urgent or emergent medical matters.
Other considerations
There are, however, equally critical considerations to be made that go beyond the core details of the user agreement. For instance, use of the patient access portal should be limited to only current or active patients, and you should stress to patients the importance of keeping their contact information updated and accurate. This is especially vital in situations in which a patient is unresponsive to communication via the portal, as your staff will need to follow up via other means of communication. It is also imperative to ensure the patient portal is programmed to promptly alert you or your staff following an inquiry from the patient as the patient will likely expect an immediate response.
Notably, communication via the patient portal must still comply with the Health Insurance Portability and Accountability Act (HIPAA). This means that only authorized users are able to access records within the patient portal. To ensure compliance with HIPAA, all users should be instructed in the appropriate practices of maintaining patient privacy. This includes barring the use of shared passwords amongst multiple individuals, requiring that users enable an auto log-off setting, and programming work stations to turn off automatically after brief periods of nonuse. Further, all communications in the patient portal should be encrypted to prevent the patient’s sensitive information from being accessed in the event of an attempted security breach.
Finally, depending upon the practice, there may be instances in which someone other than the patient’s physician would be reading and responding to patient queries. In these situations, the patient should be informed of such potential. This way, if the communication is intended only for the physician, the patient will be afforded the opportunity to call the physician directly rather than communicate via the patient portal.
While the use of patient access portals is becoming far more prevalent, as they offer many practical benefits ranging from increased convenience and efficiency to enhanced patient care, they also carry the potential for increased liability exposure. As such, it is vital that physicians weigh all potential risks and benefits that are inherent in the use of patient access portals prior to making the decision to implement such technology.
Mr. Mills is an equity partner in Cunningham, Meyer & Vedrine, Chicago.
Technology can be used to enhance communication, increase patient safety, and improve overall patient care. For example, many physicians have arranged for remote access to medical records and established a unique system of communication via a patient access support portal. A patient portal is a secure online website that provides patients 24-hour, on-demand access to their health information. Patient portals, while popular and oftentimes quite helpful, are not without drawbacks. Communication by electronic means with your patient can be viewed by some as impersonal and can make patients less tolerant to what they perceive to be a mistake, error, or unwanted outcome. A decrease in face-to-face contact and communication with your patient also gives you less time to resolve any conflict or disagreement. While communication via a patient access support portal has the potential to free up medical staff for direct patient care, such communication also carries liability risk.
Patient access support portal
A physician’s legal responsibility to communicate in a timely and accurate manner does not change, irrespective of the form of communication. However, communication via a patient access portal does have some unique features that must be considered by the practitioner. Practitioners must remember that any communication via the patient portal creates a permanent record, which can and will be used in the event of litigation. For example, when responding to a patient inquiry about a specific complaint, treatment provided, or test result, it will be presumed that the physician had access to the patient’s full medical record and that the full record will be utilized in making a response. Accessing the patient’s chart will leave an audit trail that will provide what is known as metadata, which in the context of electronic medical records, is what allows technicians to verify that the patient record was accessed, and it provides details as to when, and for how long it was accessed. These records are frequently pursued in litigation, so you must understand that parties can often re-create an intricate and accurate timeline of events. While state courts are divided on the issue of whether metadata contained within electronic medical records is discoverable, recent federal court decisions have held that such data is discoverable pursuant to the Federal Rules of Civil Procedure. Thus, once a patient has communicated with you via the portal, you will be responsible for responding in an appropriate and prompt fashion. For these reasons, it is imperative that you create an agreement with your patients as to how the portal will be used and clearly set forth the rules for such use.
Patient portal policies and procedures
In creating patient portal user agreements (See "Sample User Agreement," attached below), it is crucial that an agreement clearly identify the policies and procedures for use. A patient portal user agreement should:
- Set forth the rules and regulations for portal use.
- Include a verification procedure that requires the patients to confirm that they have the legal capacity to consent to the terms of use. This is especially important when treating patients with mental disability, elderly patients with dementia, minors, and any other individuals who may not legally consent.
- Include a verification procedure that requires the patients to confirm that they understand and agree to abide by the user agreement rules.
- Include a detailed list that informs users of the risks and benefits of communicating via the patient portal.
- Stress that communication through the patient portal is for nonemergent matters only.
- Set forth permissible topics for use, such as communicating with the physician or staff, obtaining test results or records, and setting, changing, or canceling appointments.
- Clearly indicate certain topics that should not be discussed via the patient portal, including mental health issues.
- Reiterate that communication via the patient portal is only one option, and that all other standard methods of communication remain available. In doing so, provide office telephone numbers, hotlines, and email addresses for convenience.
- Inform the patients that they should call the office with any questions or concerns regarding use of the patient portal.
- Include a statement that the patient should call 911 or proceed directly to the nearest hospital for any and all urgent or emergent medical matters.
Other considerations
There are, however, equally critical considerations to be made that go beyond the core details of the user agreement. For instance, use of the patient access portal should be limited to only current or active patients, and you should stress to patients the importance of keeping their contact information updated and accurate. This is especially vital in situations in which a patient is unresponsive to communication via the portal, as your staff will need to follow up via other means of communication. It is also imperative to ensure the patient portal is programmed to promptly alert you or your staff following an inquiry from the patient as the patient will likely expect an immediate response.
Notably, communication via the patient portal must still comply with the Health Insurance Portability and Accountability Act (HIPAA). This means that only authorized users are able to access records within the patient portal. To ensure compliance with HIPAA, all users should be instructed in the appropriate practices of maintaining patient privacy. This includes barring the use of shared passwords amongst multiple individuals, requiring that users enable an auto log-off setting, and programming work stations to turn off automatically after brief periods of nonuse. Further, all communications in the patient portal should be encrypted to prevent the patient’s sensitive information from being accessed in the event of an attempted security breach.
Finally, depending upon the practice, there may be instances in which someone other than the patient’s physician would be reading and responding to patient queries. In these situations, the patient should be informed of such potential. This way, if the communication is intended only for the physician, the patient will be afforded the opportunity to call the physician directly rather than communicate via the patient portal.
While the use of patient access portals is becoming far more prevalent, as they offer many practical benefits ranging from increased convenience and efficiency to enhanced patient care, they also carry the potential for increased liability exposure. As such, it is vital that physicians weigh all potential risks and benefits that are inherent in the use of patient access portals prior to making the decision to implement such technology.
Mr. Mills is an equity partner in Cunningham, Meyer & Vedrine, Chicago.
Technology can be used to enhance communication, increase patient safety, and improve overall patient care. For example, many physicians have arranged for remote access to medical records and established a unique system of communication via a patient access support portal. A patient portal is a secure online website that provides patients 24-hour, on-demand access to their health information. Patient portals, while popular and oftentimes quite helpful, are not without drawbacks. Communication by electronic means with your patient can be viewed by some as impersonal and can make patients less tolerant to what they perceive to be a mistake, error, or unwanted outcome. A decrease in face-to-face contact and communication with your patient also gives you less time to resolve any conflict or disagreement. While communication via a patient access support portal has the potential to free up medical staff for direct patient care, such communication also carries liability risk.
Patient access support portal
A physician’s legal responsibility to communicate in a timely and accurate manner does not change, irrespective of the form of communication. However, communication via a patient access portal does have some unique features that must be considered by the practitioner. Practitioners must remember that any communication via the patient portal creates a permanent record, which can and will be used in the event of litigation. For example, when responding to a patient inquiry about a specific complaint, treatment provided, or test result, it will be presumed that the physician had access to the patient’s full medical record and that the full record will be utilized in making a response. Accessing the patient’s chart will leave an audit trail that will provide what is known as metadata, which in the context of electronic medical records, is what allows technicians to verify that the patient record was accessed, and it provides details as to when, and for how long it was accessed. These records are frequently pursued in litigation, so you must understand that parties can often re-create an intricate and accurate timeline of events. While state courts are divided on the issue of whether metadata contained within electronic medical records is discoverable, recent federal court decisions have held that such data is discoverable pursuant to the Federal Rules of Civil Procedure. Thus, once a patient has communicated with you via the portal, you will be responsible for responding in an appropriate and prompt fashion. For these reasons, it is imperative that you create an agreement with your patients as to how the portal will be used and clearly set forth the rules for such use.
Patient portal policies and procedures
In creating patient portal user agreements (See "Sample User Agreement," attached below), it is crucial that an agreement clearly identify the policies and procedures for use. A patient portal user agreement should:
- Set forth the rules and regulations for portal use.
- Include a verification procedure that requires the patients to confirm that they have the legal capacity to consent to the terms of use. This is especially important when treating patients with mental disability, elderly patients with dementia, minors, and any other individuals who may not legally consent.
- Include a verification procedure that requires the patients to confirm that they understand and agree to abide by the user agreement rules.
- Include a detailed list that informs users of the risks and benefits of communicating via the patient portal.
- Stress that communication through the patient portal is for nonemergent matters only.
- Set forth permissible topics for use, such as communicating with the physician or staff, obtaining test results or records, and setting, changing, or canceling appointments.
- Clearly indicate certain topics that should not be discussed via the patient portal, including mental health issues.
- Reiterate that communication via the patient portal is only one option, and that all other standard methods of communication remain available. In doing so, provide office telephone numbers, hotlines, and email addresses for convenience.
- Inform the patients that they should call the office with any questions or concerns regarding use of the patient portal.
- Include a statement that the patient should call 911 or proceed directly to the nearest hospital for any and all urgent or emergent medical matters.
Other considerations
There are, however, equally critical considerations to be made that go beyond the core details of the user agreement. For instance, use of the patient access portal should be limited to only current or active patients, and you should stress to patients the importance of keeping their contact information updated and accurate. This is especially vital in situations in which a patient is unresponsive to communication via the portal, as your staff will need to follow up via other means of communication. It is also imperative to ensure the patient portal is programmed to promptly alert you or your staff following an inquiry from the patient as the patient will likely expect an immediate response.
Notably, communication via the patient portal must still comply with the Health Insurance Portability and Accountability Act (HIPAA). This means that only authorized users are able to access records within the patient portal. To ensure compliance with HIPAA, all users should be instructed in the appropriate practices of maintaining patient privacy. This includes barring the use of shared passwords amongst multiple individuals, requiring that users enable an auto log-off setting, and programming work stations to turn off automatically after brief periods of nonuse. Further, all communications in the patient portal should be encrypted to prevent the patient’s sensitive information from being accessed in the event of an attempted security breach.
Finally, depending upon the practice, there may be instances in which someone other than the patient’s physician would be reading and responding to patient queries. In these situations, the patient should be informed of such potential. This way, if the communication is intended only for the physician, the patient will be afforded the opportunity to call the physician directly rather than communicate via the patient portal.
While the use of patient access portals is becoming far more prevalent, as they offer many practical benefits ranging from increased convenience and efficiency to enhanced patient care, they also carry the potential for increased liability exposure. As such, it is vital that physicians weigh all potential risks and benefits that are inherent in the use of patient access portals prior to making the decision to implement such technology.
Mr. Mills is an equity partner in Cunningham, Meyer & Vedrine, Chicago.