From cyber security to protecting business interests, there are a host of considerations surrounding patient records. KAREN CROUCH drills down into this crucial facet of practice management.
In light of recent announcements about cyberattacks by state-controlled sources, it is timely to consider the sanctity of patient records, including access and ownership rights.
Practice records are the life blood of a business, not to mention legal requirements and criticality of ready access. Consequently, they are vital to ensure efficient patient and practice management. While records are undisputed assets of the practice, access to and ownership in particular, may differ.
Introduction of e-health records has increased accessibility to patient information as they permit review by patients. This source of valuable information is also hyperlinked to various other websites and computer applications.
Of course, before developing a library of patient records as part of a new/existing practice start up, owners must carefully consider technological aspects of record retention, assured availability and secure storage. An experienced IT provider will provide relevant options on information management such as cloud, hosted
or native applications to select from. Back up of records is naturally a critical factor in such considerations as ready access to patient information, recent and/ or historical, is an essential element of quality healthcare.
Apart from ready, reliable access to records, security of computer applications is another vital consideration. This is regardless of whether they are remotely located or housed in-practice, particularly in light of frequent incidence of ‘hacking’.
Having ensured safe storage, accessibility and back up, owners need to heed legal requirements. In determining reasonable and legally defensible entitlements of owners and clinicians, various ‘engagement’ scenarios are worthy of deeper consideration:
Employee: a clinician engaged under typical employer-employee conditions (formal employment contract), which will, for instance, include payment of superannuation by the practice owner. Staff so employed do not have any rights to remove or copy records or even view out of curiosity or other casual reasons for any purpose other than the normal course of their daily duties.
Contractor: a clinician engaged as an individual or through their personal entity to provide healthcare services to all patients of the practice, utilising all business facilities and resources, regardless of whether patients were introduced by the owner or contractor.
It is worth noting that, in the optometry sector, verbal agreements with ‘contractor clinicians’ are not uncommon. Contractors do not have an entitlement to remove or copy patient records during or after their employment.
Licensee: a clinician engaged to provide services to his/her own patients (introduced by the licensee, not the practice), utilising practice facilities and resources. This category is invariably covered by a formal Facilities (or similar) Agreement as terms and conditions differ markedly from those of contractors or employees. In this circumstance, all patient records remain the property of the licensee and may be removed if the licensed clinician leaves the practice.
The primary benefit of patient records, apart from ensuring accurate historical and healthcare information, is to develop and grow business, whether for practices or for individual clinicians who may operate on a part time basis at more than one practice.
So, naturally, when a clinician ceases work in a particular practice, they may seek to take copies of certain patient records in the hope of enticing those persons to their new place of employment. In instances where high quality service has been consistently provided to the patient, the attending clinician will invariably seek to build on goodwill and retain the custom of their regular patients who may prefer to be serviced by a proven supplier.
Conversely, the owner may wish to retain such records to secure the ongoing custom of those patients who promote success of the business. When a written contract has not clearly defined rights and responsibilities, these conflicting interests may result in a dispute, particularly between owners and contractors.
A few other facts are worthy of note:
Practices must facilitate access to patient records to allow clinicians to provide reliable, fully informed healthcare services.
Without inferring any wrongdoing, if a (departing) clinician decides to extract copies of selected or several patient records for his/her personal future benefit, it could be relatively easy to do so without raising suspicion.
There is no specific, optometry industry related legislation dealing with these matters, particularly in the absence of formal contract documentation.
So, what is the best approach to avoid possible disputes?
The most practical and prudent solution is to execute written contracts that clearly and unambiguously define both parties’ rights. Such contracts usually contain certain restrictive covenants to protect practice owners’ businesses. For example, the employee/contractor clinician agrees not to be involved, directly or indirectly,
in another practice which competes with the owner’s business and is within a reasonable time and radius. n
ABOUT THE AUTHOR: Karen Crouch is Managing Director of Health Practice Creations Group, a company that assists with practice set ups, administrative, legal and financial management of practices. Contact her on 0433 233 478, firstname.lastname@example.org or www. hpcgroup.com.au.