Joint Commission: 'We won't block info highway'

New standards clarify specifications

The Joint Commission on Accreditation of Healthcare Organizations would like to make one point perfectly clear: The Commission supports and encourages the movement to computer-based medical records.

That's the word from Paul Schyve, MD, senior vice president of the Oak Brook Terrace, IL, organization.

In the past, many hospital administrators did not know where the Joint Commission stood on the subject because their standards did not reflect the movement toward electronic medical records. The standards have recently been changed to support and facilitate the move to computerization of records, but they do not require it, Schyve says.

"The Joint Commission sees medical records as part of information management, which is one of the focuses of the new standards," he says. "Instead of thinking of the patient record as one separate function, we want it to be viewed as part of the overall management of information."

To encourage and facilitate the use of electronic medical records, the Joint Commission's standards on information management now include the following:

* The use of standard or uniform codes for terminology and classifications throughout the organization.

For example, the acronym "CPR" may be used by some departments to mean cardiopulmonary resuscitation, while others may use it to mean computerized patient records, explains Alice Epstein, MHA, FASHRM, health care consultant with CNA HealthPro in Durango, CO.

"It's a computer issue, but risk managers need to make sure that the standardization gets done."

* The use of national standards on data set parity and conductivity.

Many health care institutions have built their systems on a piecemeal basis. As a result, some are finding that their different departmental systems cannot talk to one another, much less connect with an outside institution. The JCAHO standard looks to see whether the institution's system uses a standard computer language. This would allow the system to communicate internally with other systems, and with external systems.

* The balance of the need for confidentiality and security with accessibility.

For example, hospitals need to consider whether an attending physician should be able to access all of the patient records or just those of his patients.

Risk managers should monitor how this balance is struck, including the use of passwords which guard against or provide predetermined sets of information, says Epstein.

* The need for methods to protect databases against loss, destruction, tampering, and unauthorized use.

For example, a hospital's disaster plan may call for backup power for the computer network to come from the emergency generators, but risk managers should ensure that the emergency generators can accommodate the computer system with electrical support for the intensive care unit.

* The development of methods for the timely transmission of data.

If lab reports can be sent via electronic mail, but doing so takes 24 hours, the Joint Commission may scrutinize the efficacy of this method.

* The need for linking and integrating information from multiple sources.

While it may be cost prohibitive to discard the current systems and purchase a new one, the Joint Commission is looking to see whether the system can be or is integrated for use within an entire organization.

* The need for authentication of entries to the medical record.

In the past, many hospitals were hesitant to put their medical records on line because they had questions about how to authenticate them. The new Joint Commission standards make clear that authentication can be done electronically as well as manually, Schyve says. *