HIPAA Compliance Journal

Ads

July 04, 2006

Doctors denied access to patient medical records...

Imagine this you are a conscientious physician and was eager to be HIPAA compliant and went about the whole thing in a meticulous way - You got all HIPAA compliant tools for your practice and even took up all the necessary steps to incorporate this into your daily professional life. But your software tool locks you out off your patients' medical records and leaves you high and dry!

This is exactly what happened to some doctors who use Dr. Notes' electronic medical records software. The docs complained that they have been denied access to the program and their patients' medical records because they refused to pay increased technical support fees. The support contract with Boca Raton-based Dr. Notes was originally for $1,200 a year but the company wants physicians to pay $5,000 a year.

This situation is going to be a huge legal hassle for both the Software Company and for the doctors if patients' make a case of this citing HIPAA. HIPAA as we all know requires that patients have access to their medical records and applies to "covered entities" such as doctors and other health care providers

If doctors didn't pay tech support after 10 days, the company would place them in read-only mode so they could view records but not update them, according to Bizjouranls.com. Sounds like doctors are being forced to pay a ransom but, this is just another of those unique cases that HIPAA has thrown up. Trying times for “covered entities” if more software providers use this ploy to extract price hikes, don’t you think?

The other point about this case is the fact that the basic requirement of HIPAA has been violated when covered entities like doctors and health care workers are denied access to patient health record. Portability of health records is going to be affected and that is a serious violation indeed.

--
Did you enjoy this post?

July 4, 2006 in News | Permalink

Comments

This all goes back to the license. You could never get away with this is the vendor used to the GPL.

Thanks for the great example!!

Posted by: GPL Medicine | Jul 5, 2006 11:22:19 AM

GPL, indeed!

Similar to MD's who take money from drug companies, sound medical ethics and proprietary software are not congruent with each other.

Posted by: JIW jr | Aug 9, 2006 9:41:12 AM

Here's the update:

http://southflorida.bizjournals.com/southflorida/stories/2006/09/11/story2.html

Legal issue arises over electronic patient files

By Brian Bandell

There’s a federal push to digitize health care records, but experts are worried over allegations that a Boca Raton company cut some doctors’ access to electronic patient files after they failed to pay fees.
It turns out there is no current law that would stop a software vendor from doing so, federal and state agency officials say. The laws that cover patient privacy and access to records apply to health care workers, not third-party vendors.
That has left an unclear legal recourse for five doctors who claim Boca Raton-based Dr. Notes cut off their access to medical records of dozens of patients because they wouldn't pay higher tech support fees.
"It should be illegal for a company to withhold data from a doctor so a patient can't get their care," said Dr. Joseph M. Heyman, a board member of the American Medical Association (AMA). Aside from the allegations about Dr. Notes, Heyman, said he has never heard of an electronic medical records vendor cutting off access to a doctor. The AMA doesn’t have a policy to deal with the situation.
Dr. Kenneth W. Goodman, director of the bioethics program at the University of Miami, says, “If any patient comes to grief over this, then society will have dropped the ball.”
In an e-mail, Dr. Notes CEO Angel M. Garcia disputed the doctors’ assertions of a cutoff, saying they can still view patients’ records if they don’t pay support fees; they just can’t enter new data or print it out.
However, the five doctors insisted they could not view any data at all. Former Dr. Notes tech support specialist Ray Causwell, who now consults with doctors who use the program, agreed with their accounts.
Garcia and ex-employees have said Dr. Notes sold its software to more than 5,000 doctors nationwide. Some doctors say the program works just fine and they have a password that doesn’t change every month.
In May, some doctors using Dr. Notes said they received requests for higher tech support payments from a company called Intracare, which said it bought the international rights to the software. State records show Intracare is based in Garcia’s Delray Beach home and its CEO is his wife. On April 7, two creditors obtained a writ from a Palm Beach Circuit Court judge to seize the software’s patent, copyright license and source code, which was collateral for a $280,000 loan to Dr. Notes. On Aug. 28, the company was ordered to turn over documents to help the creditors obtain the intellectual property and its associated contracts.
In 2004, Dr. Notes appeared to be a promising technology company exploring an IPO, but the company and its CEO face 37 judgment liens totaling more than $4 million; 14 pending lawsuits seeking $1.07 million; and federal, state and county tax liens totaling $1.28 million.
Now, doctors for dozens of patients at Brookville Hospital in Pennsylvania can’t get records stored in Dr. Notes’ software, said Dr. Ibrahim Salejee, who sold his pulmonology practice to the hospital in 2004 when he moved to Florida.
After the hospital refused to pay Dr. Notes for tech support, because it wanted to use its own records system, Dr. Notes stopped providing the monthly password that allowed them to access the program and medical records, said Salejee and Arlene Dando, the office manager who continues to oversee the practice.
The lack of access to records has prevented his former patients from knowing the proper settings for medical equipment and their doctors from comparing the results of previous lung capacity tests to new ones, Dando said.

Regulators: It’s a contractual issue

The federal Health Insurance Portability and Accountability Act (HIPAA) of 1996 is designed to ensure patients access to their medical records, but it only applies to "covered entities" such as health care providers – and not to an electronic medical records vendor, said Patrick Hadley, a health information privacy specialist with the U.S. Department of Health and Human Services' Office of Civil Rights.
“There are a lot of third parties that are essentially flying below the HIPAA radar screen,” said Edgar D. Bueno, a McLean, Va.-based attorney who worked for HHS’ inspector general for six years.
There are no laws under the Florida Department of Health concerning third parties restricting access to patient information, spokeswoman Thometta Cozart said. "This situation appears to be a contractual issue."
The acting general counsel for Florida's Agency for Health Care Administration said the state is authorized to access physician records in some cases, but they can't seize them from a third party.
UM medical ethicist Goodman shakes his head at the situation, asking: “If you want access to a box of life-saving information and a bully is in front of it, does that mean you have no rights because the bully doesn't work for the physician?”

Efficiency promoted

Establishing clear legal guidelines is seen as vital because President George W. Bush, along with leaders of the House and Senate, have promoted electronic medical records as more efficient and helpful in emergency situations.
Dr. Wayne Lee, senior medical officer at Phoenix Physicians, which has about 100 doctors staffing the emergency rooms of the North Broward Hospital District, said the responsibilities of electronic medical records vendors need to be addressed quickly or the electronic movement could suffer.
“If the laws don't make it absolutely clear what has to occur with the responsibility for their records, then patients will be walking into doctors’ offices and – besides asking what the price is – they may have another question: ‘Can you explain to me how you maintain my medical records?’”
Lawmakers need to consider placing privacy and accountability requirements on vendors so patients will be protected, said Washington, D.C.-based attorney Marcy Wilder, who consults with the Markle Foundation on promoting health care technology.
As it stands now, Bueno said doctors who have their access cut to electronic records might pursue an injunction to regain access and then file a civil suit, but that could result in an argument over who owns the medical records.
Dr. Notes’ end-user license agreement, which pops up on screens when the software is installed, states that the company owns the information doctors put into it.
Reid Cushman, the research and education coordinator for the UM Department of Medical Information Technology, said HIPAA allows doctors to give third parties access to this information – with the patient’s written consent – but they still retain ownership.
He said of the clause in Dr. Notes’ license agreement, “Just because it's in the fine print somewhere in a place a normal person wouldn't see it doesn't mean you can enforce it.”

E-mail health care writer Brian Bandell at bbandell@bizjournals.com.

Posted by: Brian | Sep 14, 2006 1:07:04 PM

Post a comment

Name:

Email Address:

URL:

Remember personal info?

Comments:

« HIPAA privacy regulations during emergency response times | Main | Premier Upgrades HIPAA Compliant PiSuite Software »

Syndicate

Blogroll

Owned By

Almost Valid

Policies