Good Practice Guidelines for General Practice Electronic Patient Records

Prepared by The Joint Computing Group of the General Practitioners' Committee and the Royal College of General Practitioners Sponsored by The NHS Executive General and Personal Medical Services Branch Date: 31 August 2000 Version: 2.6

Pages 1-8 on this page  Pages 9-17

This set of good practice guidelines was prepared at the request of the NHS Executive in consultation with the Joint Computing Group of the General Practitioners' Committee of the British Medical Association and the Royal College of General Practitioners. Its primary purpose is to provide a professional framework for the legitimisation of electronic patient records in general practice. It is also intended as a source of authoritative advice for those general practitioners who keep computerised patient records or who intend to transfer their record systems to computer.

The principles of migration from paper records to electronic records (EPRs) were set out by the joint statement of the RCGP and GPC of the BMA:

These good practice guidelines take this statement further drawing on a large body of underlying work which is referenced within "ScopeEPR" below. The principle sources were:

* Computerised Patient Records in General Practice: - Discussion of Good Practice Version 1 David Markwell in conjunction with the Joint Computing Group March 1995

* Issues arising from going paperless A Preliminary Report to the Clinical Systems Group Tom Davies - 9th December 1998

* Security Policy for Information and Information Systems in General Practice. Royal College of General Practitioners 1997

- Making information available to others with access to the same record system who are involved in the care of the same patient;

- Providing information for inclusion in other documents (e.g. laboratory requests, referrals and medical reports);

- Storing information received from other parties or organisations (e.g. laboratory results and letters from specialists);

Practices also need a patient record system that can be used to meet administrative, legal and contractual obligations by:

* Providing legal evidence in respect of claims by a patient against a third party (e.g. for injuries, occupational diseases and in respect of product liability);

* Recording the preferences of patients in respect of access to and disclosure of information they have provided in confidence;

Most of the purposes described above are generic. In other words, they apply to both paper and electronic records. A few, however, are not in that they are only possible in an electronic environment; and some purposes are more easily fulfilled in an electronic record than a paper one and vice versa. What follows is a brief description of characteristics that are, or may be quite different in electronic patient records than in paper ones and which accordingly need to be supported by these good practice guidelines.

 EPRs depend for their existence on the presence of supporting hardware and software. Paper records do not. In so far as EPRs have a physical presence, this exists at the point(s) of data storage on the machine(s) involved. Paper records exist in the space that they themselves occupy.

? EPRs may be available to the clinician at any point where electronic access is provided to the record data (and they allow simultaneous access by several clinicians at different sites). Paper records have to be physically present at the point of use.

 Paper records are cheap in themselves; in comparison EPRs are not. EPRs require investment in the necessary hardware, software, maintenance, upgrades and training. This may be offset against savings in filing, storage and retrieval costs for the paper equivalents but there remains a different order of investment type and magnitude for computerised records.

 Paper records are highly predictable in their form and function. In U.K. general practice it is perfectly possible for a primary care clinician to move from one practice to another without experiencing any difficulty in reading from or writing to different practice's written records. This is not necessarily the case for EPRs where not only may the interface to the records be quite different in different practices but, in addition, the added value functions that EPRs may have - such as decision support or audit functions - may or may not be present or be present in unpredictable ways. This has implications for both training and system accreditation.

Paper records require little maintenance beyond consideration of filing and internal ordering. EPRs have all sorts of additional needs in terms of technical maintenance, upgrades, and preservation of their integrity which require quite different organisational approaches and investment.

Paper records are generally regarded as intuitive in their use. Although clinicians typically receive a degree of training in aspects of record construction, this is mostly to do with their semantic content rather than the specifics of the interaction between themselves and their records. Most EPRs are not usable without that additional training investment both because individual EPR systems are idiosyncratic in their construction and require specific training for their use, and because full exploitation of the potential of EPRs requires some understanding of the more general possibilities inherent in computerised records vis-a-vis paper.

Data entry in paper records is relatively easy. Data entry for EPRs is more complex, not just because EPR systems require specific training in their use, but also because there are particular problems presented in terms of entering data into EPRs from remote sources, and from the different semantic implications of information in an EPR to that in a paper record. This latter factor is amplified below.

 Data retrieval from EPRs is easier than from paper - not just because EPRs are physically more accessible to their users than paper records - but also because the ability to interrogate the content of EPRs for audit and analysis purposes is arguably their single greatest advantage over their paper equivalent .

Paper records generally depend for their meaning on the intention and semantic competence of their author(s). There may be some additional organisational elements that affect semantics (such as the way the paper is ordered, the presence or absence of a meaningful summary etc.) but the crucial aspect of the paper record is that it provides considerable freedom of expression for its authors in communicating their meaning. EPRs, on the other hand, always constrain to a greater or lesser degree what is possible to be entered into them. Their design in terms of the availability of coded information and the relationship between those codes and text entry as well as other elements of structure such as problem orientation, access to documents and the like requires particular semantic skills for good usage. This, in turn, contributes to the training requirement. 

 Furthermore, while electronic records carry advantages over paper ones in terms of processability (e.g. audit, automated decision support, warning of alerts etc.), the corollary of this is that in EPRs there is a "machine" element to the semantic which is not present in the paper record. In other words, computerised records will only give added value if they are provided with data in predictable ways. This is commonly paraphrased to "garbage in garbage out". This fact carries an additional training implication and may be crucially important in terms both of reliable organisational decision-making based on computerised information and, more importantly, for safe patient care.

While, for the most part, the principles of behaviour that underpin legal aspects of medical record keeping are similar for both paper and EPRs, there are significant differences in the effects of the law on principles of good practice for computerised records vis-a-vis paper ones:

There is no law in the U.K. that directly asserts the obligations of medical confidentiality. However, any information held in confidence, as is the majority of heath information, is protected by the Data Protection Act 1998 and by the Common Law Duty of Confidence.

 For a paper record this amounts to the "signature". In EPRs, the issues include audit trails and appropriate "authentication" of record entries - discussed at greater length below.

* Confidentiality (The property that information is not made available or disclosed to unauthorised individuals, entities or processes.)

Finally comes the complex question of maintaining medical confidentiality in and between computer systems, including access control measures, physical security and privacy of systems, encryption and so on. All of these present quite different problems to those relating to confidentiality of paper records.

This part of the document contains guidance for general medical practitioners using electronic records as their primary means of keeping information related to the care of their patients. It is this part of the document that is referenced by The National Health Service (General Medical Services) Amendment (No.4) Regulations 2000 which concerns the legitimisation of electronic patient records in general practice. It provides detailed good practice advice in support of aspects of electronic record keeping raised in the Introduction. That advice will, of necessity, change from time-to-time depending on technologies currently pertaining in general practice records, and new legislation that might in future affect the keeping of records in primary care. The guidelines are considered under the following headings:

The particular hardware/machinery that is needed for practices to support electronic records will vary to some extent depending on practice circumstances. What follows are some general guidelines that will usually be necessary to consider in each practice's case.

Practices will need to provide for themselves workstations at each point within the organisation where staff will need to have access to the electronic patient record or other supporting applications. This will normally mean supplying workstations in each consulting room, including treatment rooms, as well as in proximity to support staff work locations. The latter would be normally expected to include each fixed place where a receptionist would normally interact with a patient, both physically and on the telephone; each place where secretarial duties are performed; and each place where practice management routinely occurs. Other access points might include a dispensary, portable access for those engaged in household visiting, from the home of some staff, and points of access from allied organisations such as Out-of-Hours centres. (In the latter three cases, it is important to ensure that aspects of good practice are maintained as soundly in those places as they are in the primary organisation with responsibility for the records).

Enhanced authentication mechanisms are likely to feature in future for both NHS staff and patients who access, use and share electronic information based upon "best commercial practice". Such mechanisms will be dependent upon the prior establishment of core infrastructure arrangements for authenticity and trust. They are likely to be similar to arrangements currently being considered for Information Age Government and its interfaces with UK citizens and other organisations.

Each practice should ensure that it has available to itself sufficient data storage capacity (either in terms of hard disk size or other removable or archive media) to meet the current and medium term future needs for holding their electronic records and supporting applications. In addition, they should ensure that the back-up media that they use will meet not only their current requirements but also those envisaged in the medium-term.

Each practice will need to form its own judgement on necessary capacity which will depend on a variety of factors including:

* Those components of the practice's activity which it wishes to make paperless and the timescale that it wishes to adopt

* The degree to which the practice stores high-volume files in association with their patient records such as image or sound files and, in particular, scanned records or elements of records

That judgement needs to be regularly updated so that, for instance, the practice can be certain that during any 6 -12 month period they are not going to experience reduced efficiency of the EPR system as free storage space diminishes.

In addition to the central processing unit(s) and access workstations, the practice will need to provide for itself a number of other pieces of equipment. These will include:

In addition to supplying printers at each place where FP10s will be printed, practices will need to provide additional printing support - usually available across a network to all - for the printing of letters, patient records or parts of patient records, and other documents necessary for the support of the business of the practice.

In order for electronic records to be available from many places in the practice, the practice will need some form of cabled infrastructure. This would normally be expected to be in the form of a local area network (LAN) with appropriate network hubs and cabling. Where practices exist on more than one site, they will also need to support this network across intermediate telecommunications links of one sort or another. Remote accessibility and support functionality are likely to be provided within the new information security architecture in a consistent way and will in future benefit from enhanced authentication arrangements as described above (3.1.3).

 Each practice will need to have the means of access to or from a remote network. This might be the NHSnet, or facilities for remote access for the purposes of maintenance, or the Internet. In each case, at least a modem will be necessary as well as additional equipment for the maintenance of the security of the practice system. The latter is discussed further in the relevant section.

Each Visual Display Unit (VDU) that the practice uses will need to comply with the relevant law (see Regulatory Requirements). In addition, the practice would be well-advised to ensure that the ergonomic characteristics of their work-terminals are appropriately maintained. This may mean providing special office furniture including adjustable seating, adjustable arms for display equipment, purpose-designed desks, VDU screens and so on.

 In order to maintain the physical security of the system, the practice will need additional pieces of equipment. These would be expected to include:

* Uninterruptible Power Supplies (UPS) (which need to be used not just for the main processing unit but also for any terminal where significant additional processing occurs)

This part of the good practice guidelines expresses advice on a number of aspects of good record-keeping that are peculiar to electronic systems. It does not constitute a general treatise on good medical records. Each aspect is discussed under its own heading:

All medical records are more or less successful depending upon their ability to communicate to others, to their authors over time and, now, to their subjects what was the essence of the patient's condition and experience and the clinician's appreciation of them at the time of recording. EPRs, in addition, may be deemed to be successful if they appropriately provide the wherewithal for secondary processing of the information within them either for the purposes of medical audit, decision support or secondary display of categories of clinical information for particular purposes. This inherent aspect of electronic patient records can only occur if the records are provided

with a machine-recognisable "structure" in the form of medical codes, clinical headings or categories, standard qualifiers of information and so on. The need for this "structure" in an EPR, while facilitating its inherent added value, also means that the entry of data may need to be facilitated by the use of constraints (and hence the expression of information) needs to be constrained.

Furthermore, information entered into one patient record system will ultimately be transferred in whole or in part to another where it is important that the meaning of the original entry be preserved. This fact carries further constraint.

1. Code use policy: It is already a matter of professional and public policy that general practice (and all N.H.S. EPR systems) should use a common coding scheme so that machines may share an understanding of the medical concepts that the coding scheme represents. This policy has not yet been achieved but it has recently been re-avowed in the NHS Executive Information Strategy Information for Health. One mechanism for introduction and maintenance of a common coding scheme in general practice could be through the Requirements for Accreditation for G.P. systems (see below). This already requires G.P. systems to use one of the versions of Read codes.

However, even when a common coding scheme is in place (as it usually effectively is on any single EPR system), there will be a number of possible ways to express what amount to similar concepts. This may have little significance as far as the subsequent human-readability of the information is concerned but, if a practice wishes to perform retrospective audit or other machine processing based on the value of the codes used, difficulties may arise in construction of reliable queries. Hence it would be advisable for practices who intend to perform such audit regularly to agree in advance what will be the permissible code values to be used at the point of data entry (and possibly to constrain that data entry by the use of some template or device which enforces a particular set of code values).

In addition, in most current G.P. systems, there is usually a wide degree of choice as to how much of the information to be entered can be done by means of "free text" and how much can be entered using coded entries or a combination of the two. Views on the correct balance between these two models is evolving.. The more coded data that is entered, the easier the record is to manipulate, with more meaningful interrogation being possible. In addition the more coded the EPR becomes the greater the potential value of any subsequent onward transfer. On the other hand clinicians need to have the freedom of expression that comes with unlimited free text entry.

Many entries are records as to fact; for example what the blood pressure was on a particular day, or a full blood count result or some other measurement, or the confirmation of a myocardial infarction. In any particular practice, it would be advisable that a consensus is reached as to which categories of entries should always be coded. Other types of entry may not need to be so stringently coded but all entries may have their value enriched with added text.

The diversity of practice is such that there will probably always be information for which a definitive code cannot be found. Subject to 3 and 4 below, more general codes might be used with free text amplification or for some entries non specific general codes (such as the code "had a chat to patient") might be chosen to which the clinician may or may not wish to make an appropriate text entry Where codification of certain data is not felt to be sufficiently important a practice may decide to use only free text entries. .

  Home Health links Internet directory 
 Subscribe to newsletter
Send any website enquiries to Feedback@wansford.co.uk
Site design - Dr Amrit Takhar
Last modified: July 06, 2003