Docstoc

HL7 EHR Func Desc (Excel)

Document Sample
HL7 EHR Func Desc (Excel) Powered By Docstoc
					Electronic Health Record Functional Descriptors
ID C.1
C.1.1.0

Function Name Care Management
Health information capture, management, and review

Function Statement

C.1.1.1

Enable the provider to identify and locate a patient record

Maintain and identify a single patient record for each patient.

C.1.1.2

Capture Patient Demographics

Capture demographic information that is reportable and trackable over time.

C.1.1.3

Manage Problem List

Create and maintain patient-specific problem lists.

C.1.1.4

Manage Medication List

Create and maintain patient-specific medication lists.

C.1.1.5

Manage Allergy List

Create and maintain patient-specific allergies and reactions.

C.1.1.6

Manage Other Summary Lists

Create and maintain patient-specific summary lists not otherwise specified.

C.1.1.7

Manage Patient History

Capture, review, and manage medical, procedural, social, and family history including the capture of pertinent negative histories.

C.1.1.8

Review chart summary

Make available a chronological, filterable, comprehensive review of the patient's entire clinical history, subject to confidentiality constraints.

C.1.1.9

Capture Other Key Data

Capture, manage, and review other key data not otherwise specified and by a variety of caregivers.

C.1.1.10 Capture and creation of clinical documents and notes

Create, addend, and authenticate transcribed or directly-entered clinical documentation and notes.

C.1.1.11 Capture external clinical documents

Capture clinical documents and notes originating from outside the EHR.

C.1.1.12 Capture patient-provided data

Capture patient-provided data.

C.1.1.13 Capture historical data

Capture and manage patient-reported or externally available patient clinical history.

C.1.2.0

Care Planning, Critical Paths, Protocols

C.1.2.1

Present clinical guidelines

Present relevant information from knowledge resources to support data entry and clinical documentation

C.1.3.0 C.1.3.1

Medication ordering and management Enable medication ordering Create prescriptions or other medication orders with detail adequate for correct filling and administration by pharmacy and clinical staff.

C.1.3.2

Support medication formularies

Provide information regarding compliance of medication orders with formularies.

C.1.3.3

Enable documentation of medication administration

Present to appropriate clinicians the medications that are to be administered to a patient and under what circumstances and permit documentation of administration details.

C.1.4.0 C.1.4.1

Orders, Referrals, and Results Management Enable ordering of diagnostic tests Submit diagnostic test orders based on specific care provider input.

C.1.4.2

Enable placing of communication and other orders

Submit communicative or administrative orders based on specific care provider input.

C.1.4.3

Enable use of order sets

Provide order sets based on provider input or system prompt.

C.1.4.4

Enable ordering and tracking of referrals

Enable the origination, documentation and tracking of referrals between care provider or care settings, including clinical guidelines and administrative details of the referral.

C.1.4.5

Route and manage results

Route, manage and present current and historical test results to appropriate clinical personnel for review, filtering and comparison.

C.1.4.6

Enable the ordering of blood products

Communicate with regulatoryapproved Blood Bank software to provide needed information on blood usage and orders for blood products.

C.1.5.0

Consents and Authorizations

C.1.5.1

Manage consents and authorizations

Create, maintain, and verify patient data and treatment decisions in the form of consents and authorizations

C.1.5.2

Enable capture, maintenance and access to patient Capture, maintain and provide access advanced directives to patient advanced directives

C.2
C.2.1.0 C.2.1.1

Clinical Decision Support
Health information capture and review Support for standard assessments Offer rule-based prompts to support the adherence to practice guideline standards at the point of information capture.

C.2.1.2

Support for Patient Context-enabled Assessments Offer rule-based prompts based on patient-specific data at the point of information capture.

C.2.1.3

Support for identifying anomalies or potential problems

Identify anomalies and potential problems, or other patient "flags" and provide prompts for consideration at the point of information capture.

C.2.1.4

Patient and family preferences

Capture patient and family preferences at the time of information intake and integrate them into clinical - decision support at all appropriate opportunities.

C.2.2.0 C.2.2.1

Care Planning, Critical Paths, Protocols Support for disease based protocols (acute care)

C.2.2.1.1 Support for standardized disease based protocols Identify the appropriate protocols for the management of specific diseases. C.2.2.1.2 Support for context sensitive disease-based protocols Identify the appropriate protocols for the management of specific diseases that are adjusted to the patient specific profile.

C.2.2.1.3 Support for on-going management

Identify appropriate modifications to the care plan in response to new clinical data at the time and during the course of a clinical encounter.

C.2.2.1.4 Identification of deviations from standard protocols

Identify deviations from the standard protocols.

C.2.2.2

Support for chronic disease protocols

C.2.2.2.1 Support for standard chronic disease management- Identify protocols for standard based protocols chronic disease management

C.2.2.2.2 Support for context sensitive chronic disease management

Identify patient specific chronic disease management recommendations.

C.2.2.2.3 Support for ongoing chronic disease management Identify routine chronic disease management recommendations based on changes in patient data.

C.2.2.2.4 Support the identification of deviations from chronic disease management protocols

Identify deviations from chronic disease management protocols.

C.2.2.3

Support for interactive patient chronic disease management

Provide the patient with decision support for self-management of a chronic condition in between patientprovider encounters.

C.2.3.0

Medications, medication management

C.2.3.1

Support for medication ordering

C.2.3.1.1 Support for standard drug, food, allergy and weight/age-based dosing interaction checking

Identify drug-drug, drug-allergy, drug-food, and weight/age appropriate dose recommendations at the point of medication ordering.

C.2.3.1.2 Other support for medication ordering

Identify other potential issues at the point of prescribing. Provide suggested alternatives for these other issues or for standard medication issues as appropriate Support medication administration management and workflow to alert providers in real-time to potential administration errors such as wrong drug, wrong dose, wrong route, wrong time and patient.

C.2.3.2

Support for medication administration.

Alert providers in real-time to potential administration errors such as wrong drug, wrong dose, wrong route, wrong time and patient in support of medication administration management and workflow.

C.2.4.0 C.2.4.1

Orders, Referrals, Results and Care Management Support for non-medication ordering Identify necessary order entry components for non-medication orders that make the order pertinent, relevant and resource conservative at the time of provider order entry; and flag any inappropriate orders based on patient profile. -

C.2.4.2

Support for result interpretation

Support evaluation and provider notification of results within the context of the patient's clinical data. SUGGEST: Evaluate results and notify provider of results within the context of the patient’s clinical data. -

C.2.4.3

Support for referrals Evaluate referrals within the context of a patient’s clinical data. -

C.2.4.3.1 Support for referral orders

C.2.4.3.2 Support for referral recommendations

Evaluate patient data and suggest appropriate referrals.

C.2.4.4

Support for Care Delivery Alert providers in real-time to potential blood administration errors such as wrong blood, wrong cross match, wrong source, wrong date and time, and wrong patient.

C.2.4.4.1 Support for safe blood administration

C.2.4.4.2 Support for accurate specimen collection

Alert providers in real-time to potential specimen collection errors, such as wrong patient, wrong specimen type, wrong collection means, and wrong date and time.

C.2.5.0 C.2.5.1

Health Maintenance: Preventive Care and Wellness Support for preventive services and wellness

Identify patient specific suggestions/reminders, screening tests/exams, and other preventive services in support of routine preventive and wellness patient care standards.

C.2.5.2

Support for interactive reminders for preventive services and wellness

Notify the patient and/or appropriate provider of those preventive services, tests, behavioral actions that are due for patient in-between patientprovider encounters.

C.2.6.0

Supportive Functions

C.2.6.1

Support for environmental/population monitoring

Collect environment and surveillance data captured at the time of the patient-provider encounter for use in clinical state monitoring of health risks from the environment and/or population.

C.2.6.2

Support for notification and response

Alert providers and public health officials with the appropriate level of notifications in the event of a health risk.

C.2.6.3

Support for monitoring and escalation

Monitor if expected actions have been taken in the event of a health risk and subsequent notification and escalate notification if they have not. If introductory clause needs to come first, OK. In the event of a health risk and the subsequent notification, monitor if expected actions have been taken, escalating notification if they have not. Provide evidence-based guidelinebased information and knowledge to the point of care for use in clinical decisions and care planning

C.2.6.4

Support for clinical guidance

C.2.6.5

Support for knowledge access for patients

Enable the accessibility of reliable information about wellness, disease management, treatments, and related information.

C.3

Operations Management and Communication

C.3.1.0

Clinical Workflow Tasking

Manage tasks related to components of the electronic health record with appropriate timeliness.

C.3.1.1

Linking of tasks with related medical record entities

Linkage of tasks to a relevant part of the electronic health record or to a specific patient.

C.3.1.2

Clinical Task Routing

Assignment, delegation and/or transmission of tasks to the appropriate parties.

C.3.1.3

Clinical Task tracking

Track tasks to guarantee that each task is administered to and completed appropriately.

C.3.2.0

Clinical Communication

C.3.2.1

Inter-provider communication

Support electronic messaging (inbound and outbound) between providers to trigger or respond to pertinent actions in the care process, document non-electronic communication (such as phone calls, correspondence or other encounters) and generate paper message artifacts where appropriate.

C.3.2.3

Pharmacy Communication

Provide features to enable bidirectional communication of information electronically between practitioners and pharmacies.

C.3.2.2

Provider/Patient/Family Communication

Trigger or respond to electronic messaging (inbound and outbound) between providers and patients or patient representatives with pertinent actions in the care process while documenting non-electronic communication (such as phone calls, correspondence or other encounters) and generating paper message artifacts where appropriate.

C.3.2.4

Patient, Family and Care Giver Education

Identify and make available electronically or in print information any educational or support resources for patients, families, and caregivers that are most pertinent for a given health concern, condition, or diagnosis and which are appropriate for the person (s). Support communication and presentation of data captured from medical devices.

C.3.2.5

Communication with Medical Devices

S.1
S.1.1.0

Clinical Support
Disease Registries

Enable the automated transfer of formatted demographic and clinical information to local disease specific registries for patient monitoring and subsequent epidemiological analysis. S.1.2.0 Donor Management Support

Provide capability to capture and share needed information on potential organ and blood donors and recipients.

S.1.3.0

Provider Locator

S.1.3.1

Maintain provider demographics

Maintain current directory of provider information in accordance with relevant laws, regulations, and conventions. Maintain a current directory of practitioners that, in addition to demographic information, contains data needed to determine levels of access required by the EHR security system. Provide provider location or contact information on a facility's premises. Provide provider location or contact information when on call. Provide locations or contact information at which the provider practices, in order to direct patients or queries.

S.1.3.2

In facility Location

S.1.3.3 S.1.3.4

On Call Location General Location

S.1.4.0

Patient Locator

Maintain current directory of patient information in accordance with relevant privacy and other applicable laws, regulations, and conventions.

S.1.4.1

Patient's location within a facility

Provide the patient's location information within a facility's premises. Provide the patient's residence information solely for purposes related to the provision and administration of services to the patient, patient transport, and as required for public health reporting.

S.1.4.2

Patient's residence related to the provision and administration of services

S.1.4.3

Optimize patient bed arrangements

Enable management of patient bed. Ensure that the patient's bed arrangements within the facility optimize care and minimize risks of exposure to contagious patients. The EHR-S will enable the communication of bed usage with external health entities in times of capacity overload to facilitate efficient bed utilization. S.1.5.0 Demographics and De-Identification

S.1.5.1

Patient demographics

Manage patient demographics and identifying information Maintain, archive and update demographic information in accordance with realm-specific recordkeeping requirements.

S.1.5.2

De-identified Data Request management

Provide patient data in a fashion that meets local requirements for deidentification. S.1.6.0 Scheduling

Provide the necessary data to a scheduling system for optimal efficiency in the scheduling of patient care, for either the patient or a resource/device.

S.2

Measurement, Analysis, Research and Reports

S.2.1.0

Measurement, monitoring, and analysis

Support measurement and monitoring of care for relevant purposes in the EHRS. S.2.1.1 Outcome Measures Analyze outcomes of care provided to populations, in facilities, by providers, and in communities. Identify indicators that further investigation is needed on aspects of care provided to populations, in facilities, by providers, and in communities Support the capture of quality, performance, and accountability measures to which providers/facilities/delivery systems/communities are held accountable including measures related to process, outcomes, and/or costs of care – may be used in pay for performance monitoring and adherence to best practice guidelines.

S.2.1.2

Aspect of care indicators

S.2.1.3

Performance and accountability measures

S.2.2.0

Report Generation

Provide report generation features for the generation of standard and ad hoc reports.

S.3
S.3.1.0

Administrative and Financial
Encounter/Episode of Care Management -

Manage and document the health care needed and delivered during an episode of care.

S.3.1.1

Specialized views

Provide specialized views and functionality based on the encounterspecific values, clinical protocols and business rules S.3.1.2 Encounter specific functionality

Provide assistance in assembling appropriate data, supporting data collection and processing output from the encounter.

S.3.1.3

Integration of clinical data with administrative and financial data

Enable the inclusion of the patient's clinical data (for administrative or financial purposes) from one or more external repositories. S.3.1.4 Integrate device monitoring and remote health services such as telehealth data

Support device monitoring, and remote health services such as telehealth by integrating records and data collected by these means into the patient's EHR for care management, billing, and public health reporting purposes. S.3.2.0 Information Access for Supplemental Use

Support extraction, transformation and linkage of information from structured data and unstructured text in the patient's EHR for care management, financial, administrative, and public health purposes. S.3.2.1 Rules-driven clinical coding assistance

Make available all pertinent patient information needed to support coding of diagnoses, procedures and outcomes.

S.3.2.2

Rules-driven financial and administrative coding assistance

Provide financial and administrative coding assistance based on the structured data and unstructured text available in the encounter documentation. S.3.2.3 Integrate Cost management information -

Enable the use of cost management information required to guide users and workflows. S.3.2.4 Formulary communication Present relevant information at the point of care regarding medication formulary.

S.3.3.0

Administrative Transaction Processing

Support the creation (including using external data sources, if necessary), electronic interchange, and processing of transactions listed below that may be necessary for encounter management during an episode of care

S.3.3.1

Enrollment of patients

Enable enrollment of uninsured patients into subsidized and unsubsidized health plans, and enrollment of patients who are eligible on the basis of health and/of financial status in social service and other programs, including clinical trials; S.3.3.2 Eligibility verification and determination of coverage;

Enable eligibility verification for health insurance and special programs, including verification of benefits and pre-determination of coverage;

S.3.3.3

Service authorizations

Requests, responses and appeals related to service authorization, including prior authorizations, referrals, and pre-certification; S.3.3.4 Support of service requests and claims;

Support health care attachments for submitting additional clinical information in support of service requests and claims; S.3.3.5 Claims and encounter reports for reimbursement

S.3.3.6

Health service reports at the conclusion of an episode of care.

Support claims and encounter reports for reimbursement Support health service reports to public health entities, such as notifiable condition reports, immunization, cancer registry and discharge data that a provider may be required to generate at the conclusion of an episode of care. Provide the appropriate information from the receipt of clinical and administrative responses and acknowledgements for use by and guidance to EHR-S users

S.3.3.7

Receipt of clinical and administrative responses and acknowledgements

S.3.4.0

Practitioner/Patient Relationship

Manage practitioner and patient relationships.

S.3.4.1

Practitioner assignment

Enable practitioner assignment based on business and clinical practice rules S.3.4.2 Patient list management Provide the ability to manage patient lists assigned to a particular provider. S.3.5.0 Patient to Other Persons Relationship

S.3.5.1 S.3.5.2

Related by genealogy Related by insurance

Facilitate access to/propagation of information between patient records where patients are related Provide information of Related by genealogy (blood relatives) Provide information of Related by insurance (domestic partner, spouse, guarantor) Provide information of Related by living situation (in same household)

S.3.5.3

Related by living situation

S.3.5.4

Related by other means

Provide information of Related by other means (e.g. epidemiologic exposure) S.3.6.0 Acuity and Severity Provide the capability to support and manage patient acuity/severity of illness/risk adjustment Support and manage patient acuity/severity of illness/risk adjustments. Adjust provider staffing levels in relation of patient acuity/severity and illness/risk status

S.3.6.1

Patient acuity/severity of illness/risk adjustment

S.3.6.2

Provider staff leveling adjustment

S.3.7.0

Automated update for EHR supportive content Update EHR supportive content on an automated basis.

Update EHR supportive content on an automated basis.

S.3.7.1

Clinical decision support system guidelines updates

Receive and validate formatted inbound communications to facilitate updating of clinical decision support system guidelines S.3.7.2 Patient education material Updates

Receive and validate formatted inbound communications to facilitate updating of patient education material S.3.7.3 Physician continuing education information updates

Receive and validate formatted inbound communications to facilitate updating of physician continuing education information

S.3.7.4

Patient reminder information updates

Receive and validate formatted inbound communications to facilitate updating of patient reminder information from external sources such as Cancer or Immunization Registries S.3.7.5 Public health related updates

Receive and validate formatted inbound communications to facilitate updating of public health reporting guidelines

I.1
I.1.1.0

Information Infrastructure
EHR Information Security Secure the EHR information.

I.1.1.1

Entity Authentication

Authenticate EHRS users and/or entities before allowing access to an EHRS.

I.1.1.2

Entity Authorization

Manage the sets of access-control permissions granted to EHRS-Users.

I.1.1.2.1 Role-Based authorization

Authorize access to EHRS functions and/or data based on an entity's role.

I.1.1.2.2 User-Based authorization

Override existing role-based and/or context-based authorizations. Userbased authorizations restrict or allow an EHRS-user’s access to a patient’s record (regardless of the user’s role).

I.1.1.2.3 Context-Based authorization

Context-based Authorization– Authorize access to EHRS functions and/or data based on geographic, time-related, assignment-related, consent-related, or other healthcarerelated contexts (and according to specific care-setting profiles).

I.1.1.4

Secure Data Exchange

Send and receive EHR data securely.

I.1.1.4.1 Data Obfuscation

Obscure electronically-exchanged EHR data to inhibit unauthorized data-access (according to applicable healthcare-specific rules and relevant standards).

I.1.1.4.2 Secure Data Routing

Route electronically-exchanged EHR data only to/from known, registered, and authenticated destinations/sources (according to applicable healthcare-specific rules and relevant standards).

I.1.1.4.3 Non-repudiation

Limit an EHRS-User’s ability to deny (repudiate) an electronic dataexchange originated or authorized by that user.

I.1.1.4.4 Data-Exchange Privacy

Limit EHR data communications to those explicitly (or implicitly) authorized by the subject-of-care or to those that have a legal (or other legitimate) need.

I.1.1.5

Patient Privacy

Protect the patient’s privacy according to personal, local, and national rules.

I.1.1.5.1 Personal patient-privacy rules

Protect personal privacy according to best-practice standards.

I.1.1.5.2 Local and National patient-privacy rules

Support mechanisms for implementing (codifying), validating, and displaying local and national (realm-) specific privacy rules. The rules defining patient privacy requirements will be codified in the EHRS. These rules will be used by EHRS applications to ensure that the privacy level defined for the patient is maintained (for example, at the jurisdictional, organizational, or patient-specified level).

I.1.1.5.3 Advisement of Patient Privacy Rights

Record that the patient was informed of current privacy policies practices.

I.1.2.0

EHR Information Management (Record Management)

Manage the EHR information across EHRS applications

I.1.2.1

Information Integrity

Ensure that clinical information is valid according to the healthcarespecific business rules.

I.1.2.2

Document Retention

Retain all clinical documents (including complex standards-based clinical documents) for the policydesignated or legally-designated time period.

I.1.2.3

Inbound Documents

Retain inbound documents as received (unaltered).

I.1.2.4

Document Attestation

Support electronic attestation of documents.

I.1.2.4.1 Retention of Document Attestation

Retain the signature of attestation (or certificate of authenticity) associated with an incoming or outgoing document.

I.1.2.5

Confidentiality

Promote patient confidentiality by enforcing the privacy rules that apply to various parts of the EHR.

I.1.2.5.1 Protection of Patient Privacy

Provide the mechanisms to implement adherence to the patient privacy rules codified in the EHR Information Security subsection of the Information Infrastructure section of this document.

I.1.2.5.2 Restrict Patient Access

Enable a healthcare professional to restrict a patient’s access to EHR data that is potentially harmful to the patient/subject-of-care.

I.1.2.6

Audit trail

Track changes to EHR data to verify enforcement of business, security, and access-control rules.

I.1.2.6.1 Amendment history

Track amendments to clinical documents.

I.1.2.6.2 Information Lifecycle Alteration-Event audit

Track who, when, and by which system an EHR record was created, updated, translated or (if local policy permits) deleted.

I.1.2.6.3 Information Lifecycle Access-Event audit

Track who, when, and by which system an EHR record was viewed or extracted.

I.1.2.6.4 Record audit

Generate an audit report for an EHR record (or for a set of EHR records).

I.1.2.6.5 Security audit

Track and summarize attempts by unauthorized users to access EHR information.

I.1.2.6.6 Information-Exchange audit

Retain any information exchange details along with any amendment history sent with clinical documents by an external clinical or EHR system.

I.1.2.6.7 Business-Rule audit

Audit compliance of (and overrides to) decision-support business rules.

I.1.2.7

Data Archival and Storage

Persist long-term EHR information according to best-practice standards.

I.1.2.7.1 Persisted EHR data

Archive and retrieve information to/from diverse technology storage devices based on availability requirements for specific data (according to clinical or administrative business rules).

I.1.2.7.2 Retrospective EHR

Access EHR data chronologically, archived for the lifetime of the subject-of-care. Timestamp notable healthcare-related points in time (such as time of arrival, time of record-review, time of physical examination, or time of elopement).

I.1.2.7.3 (Legally proscribed) Data Retention

Archive (and make accessible) the EHR for the period of time required by law (typically five years from the time the care was rendered).

I.1.2.7.4 Data Availability

Make clinical information readily available (as required by a clinical care setting).

I.1.3.0

Chain of Custody

Track specimens, pharmaceuticals, and other materials from the subjectof-care to the receiving party as required by business rules.

I.1.4.0

Unique Identity, Registry, and Directory

Identify and/or lookup subjects-ofcare, providers, payers, employers, material resources, and references to various parts of the EHR (hosted locally and/or remotely).

I.1.4.1

Inter-registry communication

Obscure electronically-exchanged EHR data to inhibit unauthorized data-access (according to applicable healthcare-specific rules and relevant standards).

I.1.4.2

Entity Identity Lookup for Clinical Functions

The EHRS applications must be able to utilize a registry service to uniquely identify and retrieve information for existing records of healthcare delivery stakeholders: • Subjects of care • Providers

I.1.4.3

Entity Identity Lookup for Financial Functions

The EHRS applications must be able to utilize a registry service to uniquely identify and retrieve information for existing records of financial stakeholders: • Payors (Insurers) • Employers

I.1.4.4

Entity Identity Management for Clinical Functions

Limit EHR data communications to those explicitly (or implicitly) authorized by the subject-of-care or to those that have a legal (or other legitimate) need.

I.1.4.5

Entity Access Lookup

Verify and enforce access control (authentication and authorization) permissions to EHR information for end-users, applications, sites, etc.

I.1.4.6

EHR Key Directory

The EHRS must maintain and use a directory of keys which link related records across the applications that constitute the EHR. This directory will be necessary to access the various components of the EHR across local (e.g. Master Patient Index), regional, jurisdictional, national, or international boundaries. Access and submit update request to local, jurisdictional, national, and international registries.

I.1.4.7

Clinical Registries

I.1.4.8

Resource and Location Lookup

The EHRS applications will be able to look up directories containing location information, device, and other resources relevant to the EHR.

I.1.5.0

Vocabulary Functions

The EHRS must use consistent, codified medical terminology to eliminate ambiguity, confusion, and ensure data correctness and interoperability.

I.1.5.1

Standard Vocabulary

The EHR should comply with the Healthcare industry standards for transactions and terminology coding, therefore the EHRS applications must support consistent a terminology model

I.1.5.2

Consistent Vocabulary

The EHRS will support a consistent terminology model.

I.1.5.3

Mapping for local terms

Support the ability to map from local terminology to standard terminology.

I.1.5.4

Code Set Maintenance

Accommodate updates and changes to terminology as the source terminology undergoes its natural update process (new codes, retired codes, redirected codes). These changes in terminology need to be propagated to all the clinical reference sets (templates, custom formularies), etc. This functionality will also help when there is a desire to share standard templates (since, for instance, it would be hard to share templates without a shared terminology).

I.1.5.5

Code Set Versioning

The EHRS will support version control for terminology.

I.1.6.0

Interoperability

EHRS application must be able to automate health delivery processes and seamlessly exchange clinical (EHR) information.

I.1.6.1

Interaction-model -based exchange

The EHRS applications must be able to exchange information with authorized entities using the appropriate interaction model:

I.1.6.2

Chain of Trust

The EHRS must adhere to documented procedures for executing chain of trust agreements (in which the parties agree to electronically exchange data and protect the integrity and confidentiality of the data exchanged).

I.1.6.3

Standard-based Interoperability

The EHRS applications must use standard-based information exchange methods to interact with local or remote application registries, and directories.

I.1.6.3.1 Standard-based messaging

An EHRS application must be able to exchange standard-conformant message payloads and transport with complementary applications and infrastructure services (directory, vocabulary, etc.)

I.1.6.3.2 Standard-based application integration

An EHRS application must be able to integrate with complementary applications and infrastructure services (directory, vocabulary, etc.) using standard-based application programming interfaces (API). E.g. CCOW

I.1.6.3.3 Vocabulary lookup and mapping

The EHRS must support semantic interoperability between EHRS application by enabling lookup of vocabulary mappings between local and standard vocabularies as defined by data exchange standards.

I.1.6.3.4 External Information Exchange

The EHRS must be able to transmit messages to authorized third parties using standard-based methods.

I.1.6.3.5 Internal Information Exchange

Applications that comprise an EHRS will cooperate seamlessly and support data integration and consolidated access across the system.

I.1.6.3.6 Recipient Addressing

When exchanging information with another application, an EHRS application must be able to interact with entity directories to determine the recipients’ address profile.

I.1.6.4

Synchronization

The EHRS applications must be able to interact with entity directories to link data received from other applications to existing entity records. Disparate systems will be synchronized to keep all the parts of the record current.

I.1.6.5

EHR Data Extraction

The EHRS must be able to extract data in accordance with analysis and reporting requirements. The data may reside on more that one application and it may be pre-processed (e.g. deidentified) before transmission. Data extractions could be to retrospective EHR data or to report public health information.

I.1.6.6

Clinical Documents

EHR s must be able to import and export complex standards-based clinical documents.

I.1.7.0

Business Rules Administrative Functions

Control system behavior via business rules. Example of business rules that control system behavior are: decision support, diagnostic support, workflow control, access privileges, and system and user defaults and preferences.

I.1.7.1

Maintain Business Rules

Provide the ability for authorized EHRS-Users to create, update and delete business rules including institutional preferences.

I.1.7.2

Implement/apply business rules

Enable usage of business rules by EHRS Supportive functions.

I.1.7.3

Override business rule

Support override of business rules by authorized EHRS-Users.

I.1.7.4

Audit business rule usage

Audit usage and override of business rules (refer to section 3.2.5).

I.1.8.0

Workflow

Support Workflow Management. Distribute workflow-related EHRS information (according to established business rules) within the EHRS and to/from external parties.

I.1.8.1

Task Distribution

Support workflow task-management and task-distribution systems (including serial tasks and parallel tasks).

I.1.8.2

System-triggered Task Routing

Support workflow notifications and task routing based on system triggers such as diagnosis assignments.

I.1.8.3

Workflow task assignment

Support workflow task-assignments, task-escalations, and taskredirections.

Functional Description

Rationale

Secondary Citation
ISO/TS 18308 Final Draft - Health Informatics - Requirements for an Electronic Health Record Architecture; ASTM E 1769 Standard Guide for Properties of Electronic Health Records and Record Systems

Key identifying information shall be stored for the patient record, and a lookup function shall use this information to uniquely identify the patient. Contact information including addresses and phone numbers, as well as key demographic information such as date of birth, sex, and other information should be stored for reporting purposes and the proper provision of care. A problem list may include, but is not limited to: • Chronic conditions, diagnoses, or symptoms • Visit- or stayspecific conditions, diagnoses, or symptoms Problem lists must be managed over time, whether over the course of a visit or stay or the life of a patient, allowing documentation of history information and tracking the changing character of the problem and its priority. All pertinent dates, including date noted, dates of any changes in problem specification or prioritization, and date of resolution, should be stored. The entire problem history for any problem in the list should be viewable.

Supports delivery of effective healthcare, Improves efficiency, Improves patient safety Supports delivery of effective healthcare, Improves efficiency, Improves patient safety

Supports delivery of effective healthcare, Improves efficiency, Facilitates management of chronic conditions

Medication lists must be managed over Supports delivery of effective time, whether over the course of a visit or healthcare, Improves patient stay, or the lifetime of a patient. All safety pertinent dates, including medication start, modification, and end dates, should be stored. The entire medication history for any medication should be viewable. Medication lists should not be limited to medication orders recorded in the EHR, but should also include patient-reported medications.

Allergens should be uniquely identifiable whenever possible. Allergen lists must be managed over time. All pertinent dates, including patient-reported events, should be stored and the description of the patient allergy should be modifiable over time. The entire allergy history for any allergen should be viewable. Problem, medication, and allergy lists are examples of summary lists. The EHR should enable the creation and maintenance of other types of patient summary lists when appropriate for the patient or a particular care setting. Patient historical data related to previous medical diagnoses, surgeries and other procedures performed on the patient, and relevant health conditions of family members should be captured. This data may take the form of a positive or a negative such as: "The patient/family member has had..." or "The patient/family member has not had..." A key feature of an electronic health record is its ability to present, summarize, filter, and facilitate searching through the large amounts of data collected during the provision of patient care. Much of this data is date or date-range specific and should be presented chronologically. Local confidentiality rules that prohibit certain users of the EHR from accessing certain patient information must be supported. Key data may be captured using standardized code sets or nomenclature, depending on the nature of the data. Data may be entered by a variety of caregivers or other users, and the EHR should maintain documentation of who entered data and when. Clinical documents and notes may be created in a narrative form, with or without using a template. They may also be structured documents that result in the capture of coded data. Each of these forms of clinical documentation are important and appropriate for different users and situations.

Supports delivery of effective healthcare, Improves efficiency, Facilitates management of chronic conditions, Facilitates selfhealth management, Improves patient safety

Supports delivery of effective healthcare, Improves efficiency, Facilitates management of chronic conditions, Improves patient safety Supports delivery of effective healthcare, Facilitates management of chronic conditions

Supports delivery of effective healthcare, Improves efficiency, Facilitates management of chronic conditions, Improves patient safety

Supports delivery of effective healthcare, Improves efficiency, Facilitates management of chronic conditions, Improves patient safety

Supports delivery of effective healthcare, Improves efficiency, Facilitates management of chronic conditions, Improves patient safety

Not all clinical documents and notes originate from use of the EHR. Mechanisms for incorporating external clinical documentation and other clinically relevant data should be available. Data incorporated through these mechanisms should be presented alongside natively captured documentation and notes wherever appropriate. Patients may provide data for entry into the EHR or be given a mechanism for entering this data directly. Patient-entered data should be viewable and modifiable by the patient at a later time. Some patiententered data should be available for use by care providers. When first seen by a health care provider, patients typically bring with them clinical information from past encounters. This and similar information must be captured in the EHR and presented alongside natively captured documentation and notes wherever appropriate.

Supports delivery of effective healthcare, Improves efficiency, Facilitates management of chronic conditions, Facilitates selfhealth management, Improves patient safety

Supports delivery of effective healthcare, Improves efficiency, Facilitates management of chronic conditions, Facilitates selfhealth management Supports delivery of effective healthcare, Facilitates management of chronic conditions, Improves patient safety

ISO/TS 18308 Final Draft - Health Informatics - Requirements for an Electronic Health Record Architecture. (care plans); HIMSS Electronic Health Record Definitional Model June 2003 (protocols); ASTM E 1769 Standard Guide for Properties of Electronic Health Records and Record Systems Clinical guidelines may be site specific or industry-wide standards. The ability to track implementation/approval dates, modifications and relevancy to specific domains or context should be provided. Supports delivery of effective healthcare, Improves efficiency, Facilitates management of chronic conditions, Improves patient safety HIMSS Electronic Health Record Definitional Model June 2003 Different medication orders require different levels and kinds of order detail, as do medication orders placed in different situations. The EHR must support the correct level and kind of detail in each situation. Administration or patient instructions must be available for selection by the ordering clinicians, or the ordering clinician must be facilitated in creating such instructions. Appropriate time stamps for all medication related activity must be generated. Supports delivery of effective healthcare, Improves efficiency, Facilitates selfhealth management, Improves patient safety

When a clinician places an order for a Supports delivery of effective medication, that order may or may not healthcare, Improves efficiency comply with a formulary specific to the patients location or insurance coverage. Whether the order complies with the formulary should be communicated to the ordering clinician at an appropriate point to allow the ordering clinician to decide whether to continue with the order. The EHR may also present formularycompliant alternatives to the medication being ordered. In a setting in which medication orders are to be administered by a clinician rather than the patient him or herself, the EHR must provide the necessary information for these clinicians to do so. This includes presenting the list of medication orders that are to be administered, administration instructions, times or other conditions of administration, dose and route, etc. Additionally, the clinician must be able to enter into the system information about what actually was or was not administered whether or not these facts conform with the medications as ordered. Appropriate time stamps for all medication related activity must be generated. Supports delivery of effective healthcare, Improves efficiency, Improves patient safety

HIMSS Electronic Health Record Definitional Model June 2003 For each orderable item, the appropriate detail and instructions must be available for the ordering care provider to complete. Orders for diagnostic tests should be transmitted to the correct destination for completion or generate appropriate requisitions for communication to the relevant resulting agencies. The EHR should facilitate orders that are for the purposes of communication between care providers rather than the performance of diagnostic tests or the administration of medications.. Examples include orders to transfer a patient between units or to ambulate a patient. For each orderable item, the appropriate detail and instructions must be available for the ordering care provider to complete. Communication orders should be transmitted to the correct destination for completion. Supports delivery of effective healthcare, Improves efficiency, Improves patient safety

Supports delivery of effective healthcare, Improves efficiency, Improves patient safety

Order sets allow a care provider to choose common orders for a particular disease state or circumstance according to best practice or other criteria for assembling the order set without having to generate each order individually. The EHR may recommend order sets in certain conditions or as the result of other clinical information being entered into the EHR. Or the order sets may simply be available for use by the ordering care provider.

Supports delivery of effective healthcare, Improves efficiency, Facilitates management of chronic conditions, Improves patient safety

The EHR should allow the documentation and tracking of a referral from one care provider to another, whether the referred to or referring providers are internal or external to the healthcare organization using the EHR. Guidelines for whether a particular referral for a particular patient is appropriate in a clinical context and with regard to administrative factors such as insurance should be provided to the care provider at the time the referral is created.

Supports delivery of effective healthcare, Improves efficiency, Facilitates management of chronic conditions

The EHR should present results of tests in an easily accessible manner and to any care providers who may need to access them. Flow sheets, graphs, or other tools should be provided to allow care providers to view or uncover trends in test data over time. In addition to making results viewable, in many cases it is appropriate for the EHR to send results to appropriate care providers using an electronic messaging systems, pagers, or other mechanism. Results may also be routed to patients electronically or in the form of a letter. While the EHR is not expected to fulfill the functional requirements of blood bank software, it must interact with a blood bank system in the creation of orders for blood products and the documentation of use of blood products in the provision of care.

Supports delivery of effective healthcare, Improves efficiency, Facilitates management of chronic conditions, Facilitates selfhealth management, Improves patient safety

Supports delivery of effective healthcare, Improves efficiency, Improves patient safety

American Dental Association Specification No. 1000 for a Standard Clinical Architecture for the Structure and Content of an Electronic Health Record. (consent)

Treatment decisions are documented and include the extent of information, verification levels and exposition of treatment options. This documentation will ensure that decisions made at the discretion of the patient/family/responsible party govern the actual care that is delivered or withheld. The EHR should provide mechanisms for recording advanced directives, the date and circumstances under which the directives were received, and the location of any paper records of advanced directives as appropriate.

Facilitates self-health management, Improves patient safety

Supports delivery of effective healthcare, Facilitates selfhealth management, Improves patient safety

When a clinician fills out an assessment, data entered triggers the system to prompt the assessor to consider issues that would help assure a complete/accurate assessment. A simple demographic value or presenting problem (or combination) could provide a template for data gathering that represents best practice in this situation, e.g. Type II diabetic review, fall and 70+, rectal bleeding etc. As another example, to appropriately manage the use of restraints, the EHR would provide an online alert defining the requirements for a behavioral health restraint when it is selected. When a clinician fills out an assessment, data entered is matched against data already in the system to identify potential linkages. For example, the system could scan the medication list and the knowledge base to see if any of the symptoms are side effects of medication already prescribed. Important but rare diagnoses could be brought to the doctor’s attention – for instance ectopic pregnancy in a woman of child bearing age who has abdominal pain.

Supports delivery of effective healthcare, improves patient safety and efficiency, and facilitates management of chronic conditions.

Supports delivery of effective healthcare, improves patient safety and efficiency, and facilitates management of chronic conditions

When personal health information is collected directly during a patient visit input by the patient, or acquired from an external source (e.g. images, lab results), it is important to be able to identify anomalies or potential problems that may be patient-specific, given the individual's personal health profile, or changes warranting further assessment. For example: significant trends (lab results, weight), reported problems (e.g. insomnia) Decision support functions should permit consideration of patient/family preferences and concerns, such as with language, medication choice, invasive testing, and advanced directives.

Supports delivery of effective healthcare, improves patient safety and efficiency, and facilitates management of chronic conditions.

Improves patient safety and facilitates self-health management.

Institute of Medicine (IOM). Committee on Health Care in America. Crossing the quality chasm: A new health system for the 21st century. - National Academy Press: Institute of Medicine. 2001. Laine C, Davidoff F. Patient-centered medicine. A professional - evolution. JAMA 1996 Jan 10;275(2):152-6.

Payne TH. Computer Decision Support Systems. CHEST 2000; 118:47S-52S. - Hunt DL, Haynes RB, Hanna SE, Smith K. Effects of computer-based clinical decision support systems on physician performance and patient outcomes: a systematic review. JAMA 1998;280:13391346. At the time of the clinical encounter, the Supports delivery of effective EHR will provide standard care protocols. healthcare and improves efficiency. At the time of the clinical encounter, the Supports delivery of effective EHR will evaluate patient specific data healthcare and improves and recommends tests, treatments, efficiency. medications, immunizations, referrals and evaluations based on a patient’s health profile. The EHR evaluates incoming changes in Supports delivery of effective patient data, such as new lab results or healthcare and improves medication orders and provides efficiency. recommendations for tests, treatments, medications, immunizations, referrals and evaluations as appropriate. The EHR evaluates instances where a Supports delivery of effective chronic disease management protocol is healthcare and improves not being followed and notifies the efficiency. provider of such variances

Hunt DL, Haynes RB, Hanna SE, Smith K. Effects of computer-based clinical decision support systems on physician performance and patient outcomes: a systematic review. JAMA 1998;280:13391346. At the time of the clinical encounter, the EHR provides a standard protocol for chronic disease management. Examples include standard chronic disease order sets, link-outs to reference text. The EHR evaluates patient specific data and recommends tests, treatments, medications, immunizations, referrals and evaluations based on a patient’s chronic disease history. The EHR evaluates incoming changes in patient data, such as new lab results or medication orders and provides recommendations for tests, treatments, medications, immunizations, referrals and evaluations. The EHR evaluates instances where a chronic disease management protocol is not being followed and notifies the provider of such variances Patients with specific chronic diseases need to follow self-management plans that may include schedules for home monitoring, lab tests, and clinical check ups; recommendations about nutrition, physical activity, tobacco use, etc.; and guidance or reminders about medications. The patient may be allowed to enter data and track progress, share data with the provider, or communicate with the provider via secure messaging. Supports delivery of effective healthcare, improves efficiency, and supports the management of chronic conditions.

Supports delivery of effective healthcare, improves efficiency, and supports the management of chronic conditions. Supports delivery of effective healthcare, improves efficiency, and supports the management of chronic conditions.

Supports delivery of effective healthcare, improves efficiency, and supports the management of chronic conditions. Supports delivery of effective healthcare, improves efficiency, supports the management of chronic conditions; and facilitates self-health management. Holman H, Lorig K. Patients as partners in managing chronic disease. Partnership is a prerequisite for effective and efficient health care. BMJ - 2000 Feb 26;320(7234):526-7 - Lorig KR, Sobel DS, Stewart AL, Brown BW Jr, Bandura A, Ritter P, Gonzalez VM, Laurent DD, Holman HR. Evidence suggesting that a chronic disease self-management program can improve health status while reducing hospitalization: a randomized trial. Med Care 1999 Jan;37(1):5-14

Bates DW et al. Effect of computerized physician order entry and a team intervention on prevention of serious medication errors. JAMA 1998;280:13111316. - - Bates DW et al. The impact of computerized physician order entry on medication error prevention. JAMIA 1999;6:313-321. - - Raschke RA et al. A computer alert system to prevent injury from adverse drug events. JAMA 1998;280:1317-1320. - - Chertow GM et al. Guided Medication dosing for inpatients with renal insufficiency. JAMA 2001;286:2839-2844. - - Evans RS et al. A computer-assisted management program for antibiotics and other anti-infective agents. NEJM 1998; 338:232-238. - - Hunt DL, Haynes RB, Hanna SE, Smith K. Effects of computerbased clinical decision support systems on physician performance and patient outcomes: a systematic review. JAMA 1998;280:1339-1346. - - Mekhjian HS et al. Immediate benefits realized following implementation of physician order entry at an academic medical institution. JAMIA 2002;9:529-539. -

The EHR provides basic drug-drug, drugallergy, and drug-food interaction checking at levels appropriate to the health care entity. That is, a site can choose which level of interaction checking to incorporate in the HER such as severe versus moderate. Additional areas of medication support include non-drug interactions , patient preferences, contraindications specific to the individual (e.g. pregnancy, occupation); The EHR would provide alternatives as appropriate, such as a generic brand, a different dosage, a different drug, or no drug (“watchful waiting”). In addition, the EHR will suggest lab order monitoring as appropriate. - -

Improves patient safety and efficiency and supports delivery of effective healthcare.

Improves patient safety and efficiency and supports delivery of effective healthcare.

To reduce medication errors, when a Improves patient safety and provider administers a medication, the efficiency and supports EHR will support matching each delivery of effective healthcare. medication and the patient’s ID bracelet and alert the provider in real-time of potential administration errors such as wrong drug, wrong dose, wrong route, wrong time and patient. In addition, other clinical check, such as allergies, drug-lab and drug-drug interactions can be performed at the time of administration. Documentation of the administration in the electronic MAR is a by-product of administering the medication. Administration details, as well as additional patient information such as injection site, vital signs, and pain assessments, is captured at the point of care, and automatically documented in the patient's electronic health record. In addition, access to online drug monograph information allows providers to check details about a drug and enhances patient education

Possible order entry components include, Improves patient safety and but are not limited to: missing results efficiency and promotes the required for the order, suggested corollary delivery of effective healthcare. orders, notification of duplicate orders, institution-specific order guidelines, guideline-based orders/order sets, order sets, order reference text, patient diagnosis specific recommendations pertaining to the order. Also, to include flags for orders that may be inappropriate or contraindicated for specific patients (e.g. X-rays for pregnant women). - -

Payne TH. Computer Decision Support Systems. CHEST 2000; 118:47S-52S. - - Stair TO. Reduction of Redundant Laboratory Orders by Access to Computerized Patient Records. Computers in Emergency Medicine 1998;16:895-897. - - Sanders DL, Miller RA. The effects on clinician ordering patterns of a computerized decision support system for neuroradiology imaging studies. Proc AMIA Symp 2001;:583-587. - - Hunt DL, Haynes RB, Hanna SE, Smith K. Effects of computerbased clinical decision support systems on physician performance and patient outcomes: a systematic review. JAMA 1998;280:1339-1346. - - Chin HL, Wallace P. Embedding guidelines into direct physician order entry: simple methods, powerful results. Proc AMIA Symp 1999:;221-225.

Examples of result interpretation include, Improves patient safety, but are not limited to: abnormal result efficiency, and supports the evaluation/notification, trending of results delivery of effective healthcare. (such as discrete lab values), evaluation of pertinent results at the time of provider order entry (such as evaluation of lab results at the time of ordering a radiology exam), evaluation of incoming results against active medication orders. - -

Poom EG, Kuperman GJ, Fiskio J, Bates DW. Real-time notification of laboratory data requested by users through alphanumeric pagers. JAMIA 2002;9:217222. - - Kuperman GL et al. Improving response to critical laboratory results with automation. JAMIA 1999;6:512522. - - Bates DW et al. Reducing the frequency of errors in medicine using information technology. JAMIA 2001;8(4):299-308. - -

The EHR links appropriate data elements or lack thereof when a healthcare referral is generated/ordered, including pertinent results, demographic and insurance data elements, guiding the provider in placing the order. For example, when a urology referral is ordered for urinary frequency (this could be captured in the order as a data element) the EHR evaluates recent lab results (like a U/A or urine culture) and advises to provider to do work-up for a basic UTI first before sending the referral. For example, the EHR recommends a referral for smoking cessation if nicotine addiction is listed in the patient’s problem list or the patient is described as a “smoker” through documentation in the EHR, having evaluated the patient’s data for the presence of a prior smoking cessation referral order or the actual referral documentation.

Supports delivery of effective healthcare, improves efficiency, and facilitates management of chronic conditions.

Supports delivery of effective healthcare, improves efficiency, and facilitates management of chronic conditions.

To reduce blood administration errors, Supports delivery of effective when a provider administers a blood healthcare and improves patient product, the HER will support matching safety and efficiency each blood product and the patient’s ID bracelet and alert the provider in real-time of potential administration errors such as wrong product, wrong route, wrong time, and wrong patient. In addition, other clinical checks, such as allergy checking, can be performed at the time of administration. Documentation of the administration in the EHR is a by-product of administering the blood product.

To ensure the accuracy of specimen collection, when a provider obtains specimens from a patient, the EHR matches each specimen collection identifiers and the patient’s ID bracelet and alerts the provider in real-time of potential collection errors such as wrong patient, wrong specimen type, wrong means of collection, wrong site, and wrong date and time. Documentation of the collection in the EHR is a by-product of collecting the specimen.

Supports delivery of effective healthcare and improves patient safety and efficiency

At the time of the patient-provider Supports the delivery of encounter, the EHR provides protocols for effective healthcare and preventive care and wellness. Examples improves efficiency. include but are not limited to, routine immunizations (adult and well baby care), age and sex appropriate screening exams (such as PAP smears). Examples include but are not limited to time sensitive patient and provider notification of: evaluation of patient preventive/wellness needs based on past due dates for patient appointments, labs, immunizations or exams; also appropriate reminders about lifestyle behaviors such as nutrition, exercise, tobacco use. E.g. a Pap test reminder might be sent to the patient a couple of months prior to the test being due , at 3 month intervals, and then brought to the attention of the administrator or clinician 9 months after it is past due. Supports the delivery of effective healthcare, improves efficiency; and facilitates selfhealth management.

U.S. Preventive Services Task Force. http://www.ahrq.gov/clinic/uspstfix.htm - Reference: Hunt DL, et. al. Effects of Computer-based Clinical Decision Support on Physician Performance and Patient Outcomes. JAMA.1998:280;13391346. U.S. Preventive Services Task Force. http://www.ahrq.gov/clinic/uspstfix.htm Reference: Hunt DL, et. al. Effects of Computer-based Clinical Decision Support on Physician Performance and Patient Outcomes. JAMA.1998:280;13391346. - -

Standardized surveillance performance Supports the delivery of measures that are based on known patterns effective healthcare and of disease presentation can be identified improves efficiency. by aggregating data from multiple input mechanisms. Elements include, but are not limited to patient demographics, resource utilization, presenting symptoms, acute treatment regimens, laboratory and imaging study orders and results and genomic and proteomic data elements. Identification of known patterns of existing diseases involves aggregation and analysis of these data elements by existing relationships. However, the identification of new patterns of disease requires more sophisticated pattern recognition analysis. Early recognition of new patterns requires data points available early in the disease presentation. Demographics, ordering patterns and resource use (e.g., ventilator or intensive care utilization pattern changes) are often available earlier in the presentation of non-predictable diseases. Consumer-generated information is also valuable with respect to surveillance efforts.

Automated notification is the process by Supports the delivery of which the system alerts individual care effective healthcare and providers or care managers that an event improves efficiency. has occurred and requires attention. This process gives a care provider the ability to determine individual preferences for notification with respect to any patient. The ability to subscribe at the time of ordering to individual data-specific preferences adds significant flexibility to the provider and/or care manager. Preferences for notification should be based on the type and urgency of data as well as the individual care provider's specific clinical privileges within the organization. For example, an elevation of HIV-1 RNA viral load from 20,000 copies / ml might be best managed by the physician privileged to treat AIDS patients and therefore, notification with expectation of action is best sent to that individual. In this example, the Cardiology consultant may be able to subscribe to notification, but with the ability to consult an appropriately privileged physician.

Escalation has similar prerequisites as Supports the delivery of automated notification. Of great effective healthcare and importance to the escalation process is the improves efficiency. ability to match a care provider’s clinical privileges with the clinical requirements of the escalation.

Examples include but are not limited to: disease specific protocols, care management protocols (fall management), and wellness management, as well as context-specific links to other knowledge resources. For example, when a cough and blood stained sputum is noted, provider is directed to relevant online information.

Supports the delivery of effective healthcare, improves patient safety and efficiency, and facilitates management of chronic conditions.

An individual will be able to find reliable Facilitates self-health information to answer a health question, management and supports the follow up from a clinical visit, identify delivery of effective healthcare. treatment options, or other health information needs. The information may be linked directly from entries in the PHR, or may be accessed through other means such as key word searching.

U.S. Department of Health and Human Services, Healthy People 2010, Health Communication Focus Area. (USDHHS 2000) http://www.healthypeople.gov/document/ HTML/Volume1/11HealthCom.htm - ; Science Panel on Interactive Communication and Health. Wired for Health and Well-Being: the Emergence of Interactive Health Communication. Washington, DC: US Department of Health and Human Services, US Government Printing Office, April 1999 . http://www.health.gov/scipich/pubs/finalr eport.htm

Since the electronic health record will replace the paper chart, tasks that were based on the paper artifact must be effectively managed in the electronic environment. A set of functions must exist in the EHR-S to provide a way to accommodate electronically any workflow that previously depended on the existence of a physical artifact (such as the paper chart, a phone message slip) in a paper based system. Tasks differ from other more generic communication among participants in the care process because they are a call to action and target completion of a specific workflow in the context of a patient's health record (including a specific component of the record). Tasks also require disposition (final resolution) as a part of the direct care workflow and may not necessarily require a response back to the original sender like other forms of communication. For example, in a paper based system, physically placing charts in piles for processing creates a physical queue of tasks related to those charts. This queue of tasks (for example, a set of patient phone calls to be returned) shall be supported electronically so that the list (of patients to be called) is EHR-S to the be linked to user Tasks in the visible must appropriate a

Support delivery of effective healthcare; improve patient safety; improve efficiency

Support delivery of effective patient or to a component of a patient's healthcare; improve patient medical record. To link a task to the safety; improve efficiency related part of an electronic healthcare record, the EHR-S requires: a description of the task; the person (or person-role) expected to complete the task; and the data that is the subject of the task (an instance of a patient or component of the patient's medical record). An example of a well-defined task is "Nurse Johnson must report to Mrs. Smith that the strep test was negative." The EHR-S will facilitate efficient workflow by navigating to the appropriate area of the record to ensure that the appropriate test result for the correct patient is reviewed. Other examples of tasks might involve fulfillment of orders or responding to patient phone calls.

Tasks must at all times be assigned to at Support delivery of effective least one user or role for disposition. healthcare; patient safety; Whether the task is assignable and to improve efficiency whom the task can be assigned will be determined by the specific needs of practitioners in a care setting. Taskassignment lists help users prioritize and complete assigned tasks. For example, after receiving a phone call from a patient, the triage nurse routes or assigns a task to return the patient's call to the physician who is on call. This decision is made by a person involved in the care process and cannot be easily automated, so the EHR-S will allow, where appropriate, manual assignment of tasks or system triggered task creation and assignment. An example of a system triggered task is when lab results are received electronically, the EHR-S creates a task for clinician review automatically (without the need for human intervention). Task assignment ensures that all tasks are disposed of by the appropriate person or role and allows efficient interaction of entities in the care process.

In order to reduce the risk of errors during Support delivery of effective the care process due to missed tasks, the healthcare; patient safety; EHR-S shall provide appropriate mechanisms for viewing and tracking unresolved tasks, work lists, task status, unassigned tasks or other tasks where a risk of omission exists. For example, the EHR-S will create a report to show test results that have not been reviewed by the ordering provider based on an interval appropriate to the care setting.

Healthcare requires communications between various participants: patients, doctors, nurses, chronic disease care managers, pharmacies, laboratories, payers, consultants, etc. An effective EHRS supports communication across all relevant participants, reduces the overhead and costs of healthcare-related communications, and provides automatic tracking and reporting. The list of communication participants is determined by the care setting and may change over time. Because of concerns about scalability of the specification over time, communication participants for all care settings are not enumerated here because it would limit the possibilities available to each care setting and implementation.. However, communication between providers and between patients and providers will be supported in all appropriate care settings. Implementation of the EHR-S enables new and more effective channels of communication, significantly improving efficiency and patient care. The communication functions of the EHR-S will eventually change the way participants collaborate and distribute the work of patient care. Messaging among providers involved in the care process can range from real time communication (for example, fulfillment of an injection while the patient is in the exam room), to asynchronous communication (for example, consult reports between physicians). Some forms of inter-practitioner communication will be paper based and the EHR must be able to produce appropriate documents. When a medication is prescribed, the prescription will be routed electronically to the pharmacy. This information will be used to avoid transcription errors and facilitate detection of potential adverse reactions. Upon filling the prescription, information will be sent back to the practitioner to indicate that the patient received the medication. If there is a question from the pharmacy, that message can be sent electronically to the provider and presented with their other tasks. Support delivery of effective healthcare; patient safety; management of chronic conditions; improve efficiency;

Support delivery of effective healthcare; improve efficiency; management of chronic conditions

For example, when test results arrive, the physician may wish to message the patient with a normal test result. The patient may wish to request a refill by messaging the physician rather than placing a phone call. Patients with chronic disease such as asthma may wish to message their peak flow logs to their physician. A hospital may wish to message selected patients about a new smoking cessation program. It is unlikely that the EHR-S can facilitate self-health management without providing a means for communication between patient and practitioner. After the practitioner has ordered educational materials, the EHR-S will provide access to a library of educational materials either within the EHR-S itself or in conjunction with another application. This access could be provided as a printout or electronically via a message to the patient. The EHR-S will include features to communicate with medical devices as appropriate to the care setting. Examples include: vital signs, home diagnostic devices for chronic disease management, laboratory machines, bar coded artifacts (medicine, immunizations, demographics, history, identification).

Support delivery of effective healthcare; management of chronic conditions; improve efficiency; facilitate self health management

Support delivery of effective healthcare; management of chronic conditions; improve efficiency; facilitate self health management

Support delivery of effective healthcare; Management of chronic conditions Improve efficiency

The EHR-S supports the addition of new registries through the addition of formatted data transfer protocols but does not necessarily provide support for the disease registry itself.

1. Support delivery of effective healthcare - 2. Improve patient safety - 3. Facilitate management of chronic conditions

Provide capability to capture and share 2. Improve patient safety - 4. needed information on potential organ and Improve efficiency blood donors and recipients. Make this information available to internal and external donor matching agencies.

Disease specific registries are exemplified by the long-standing cancer registry system that exists in each state and supported by institution-based tumor registries in many health care institutions. See http://www.cdc.gov/cancer/npcr/index.ht m for more information. Organ donor transplant management is a complex interaction of many coordinated bodies that extends beyond the institutions involved in organ harvesting and transplantation. This system is described at http://www.optn.org/about/transplantatio n/matchingProcess.asp. -

Maintain current directory of provider 1. Support delivery of effective information in accordance with relevant healthcare - 4. Improve laws, regulations, and conventions, efficiency including full name, address or physical location, and a 24x7 telecommunications address (e.g. phone or pager access number) for the purposes of the following:

Unique identification of providers along with appropriate demographics is already being done in healthcare and will form an essential component of the National Provider Identifier in the US under HIPAA (http://aspe.hhs.gov/admnsimp/nprm/npi nprm.pdf). Role based access to systems is an essential component of any security system. An example of role based access as it applies to the EHR by the Open Architecture for Secure Internetworking Services (OASIS) may be found at http://www.cl.cam.ac.uk/~km/MW2001talk.pdf. OASIS is a not-for-profit global consortium that drives the development, convergence and adoption of e-business standards (http://www.cl.cam.ac.uk/~km/MW2001talk.pdf). - While current provider location is a convenience item that relates mostly to customer satisfaction it elevates to a level of vital importance when communicating critical test results (http://www.macoalition.org/documents/ CTRPractices.pdf)

STATEMENT: Maintain current directory of patient information in accordance with relevant privacy and other applicable laws, regulations, and conventions, including, when available, full name, address or physical location, alternate contact person, primary phone number, and relevant health status information for the purposes of the following:

1. Support delivery of effective healthcare - 2. Improve patient safety - 3. Facilitate management of chronic conditions - 4. Improve efficiency - 5. Facilitate selfhealth management

Patient location is an essential part of the patient record, which, by IOM definition in their 1991 report forms the basis of an EHR (http://books.nap.edu/books/0309055326 /html/index.html).

Example: The patient census in a hospital setting Personal health information disclosure is required for pubic health purposes, see http://www.cdc.gov/mmwr/preview/mm wrhtml/su5201a1.htm. -

Information on the recommended isolation of patients with certain infectious diseases may be found at http://www.cdc.gov/ncidod/sars/isolation quarantine.htm with a current list of possible infectious agents at http://www.cdc.gov/ncidod/sars/executiv eorder040403.htm. - Information on an instructional role in emergency situations has been developed by JCAHO and maybe found at http://www.jcaho.org/about+us/public+p olicy+initiatives/emergency+preparednes s.pdf. 1. Support delivery of effective Patient demographics is an essential part healthcare - 4. Improve of the patient record, which, by IOM efficiency - 6. Ensure privacy, definition in their 1991 report that forms confidentiality the basis of an EHR (http://books.nap.edu/books/0309055326 /html/index.html). The minimum demographic data set must include the data required by realm-specific laws governing health care transactions and reporting. When an internal or external party requests patient data and that party requests de-identified data (or is not entitled to identify patient information, either by law or custom), the EHR-S supplies the data in a fashion that meets local requirements for de-identification. The EHR-S maintains an audit trail of these requests.

Deidentification of data requires removing patient demographic information to the point that the individual patient can not be identified. Actual requirements for deidentification will vary based on location and specific need. In the US regulations for that are viewed as acceptable for complete deidentification can be found at http://privacyruleandresearch.nih.gov/pr_ 08.asp#8a. 1. Support delivery of effective healthcare - 2. Improve patient safety - 3. Facilitate management of chronic conditions - 4. Improve efficiency IOM Rpt, page 10, "Electronic scheduling systems for admissions, procedures and visits not only increase efficiency, but also provide better service to patients (Everett, 2002; Hancock and Walter, 1986; Woods, 2001) http://www.iom.edu/report.asp?id=14391

This includes relevant clinical or demographics information to prevent the scheduling of inappropriate procedures for the patient (e.g. X-Ray for pregnant women)

1. Support Delivery of Effective Healthcare - 2 Improve Patient Safety - 3 Facilitate management of chronic conditions - 4 Improve efficiency

AHIMA Practice Brief: Data Quality Management Model: http://library.ahima.org/xpedio/groups/pu blic/documents/ahima/pub_bok1_000066 .html

Using structured data and/or unstructured text in the patient’s EHR, the EHR-S permits the creation of standard and ad hoc reports for clinical, administrative, and financial decision-making, and for patient use. Reports may be required by patients, regulators, accrediting agencies, payers, and/or providers/facilities/delivery systems; and, as needed, linked with financial and other external data sources (e.g. sources external to the EHR-S and internal to the health care entity, or data external to the entity). - - Such reports may include patient-level reports (e.g., administratively required patient assessment forms, admission/transfer/discharge reports, operative and procedure reports, consultation reports, drug profiles, etc.), provider/facility/delivery system-level reports, and population-level reports (e.g. including reports on the effectiveness of clinical pathways and other evidencebased practices, tracking completeness of clinical documentation).

1. Support Delivery of Effective Healthcare - 2 Improve Patient Safety - 3 Facilitate management of chronic conditions - 4 Improve efficiency - 5 Facilitate selfhealth management

“Claims and encounter data are used to monitor and improve outcomes for numerous preventive services, including prenatal care, childhood immunization, and cancer screenings.” p. 8 - Promoting Prevention Through Information Technology: - Assessment of Information Technology in Association of Health Center Affiliated Health Plans http://www.ahcahp.org/publications/Wor king%20Papers/Final%20Report%20fro m%202003%20AHCAHP%20IT%20Ass essment.pdf -

Using data standards and technologies that support interoperability, encounter management promotes patientcentered/oriented care and enables real time, immediate point of service, point of care by facilitating efficient work flow and operations performance to ensure the integrity of (1) the health record, (2) public health, financial and administrative reporting, and (3) the healthcare delivery process. - - This support is necessary for direct care functionality that relies on providing user interaction and workflows, which are configured according to clinical protocols and business rules based on encounter specific values such as care setting, encounter type (inpatient, outpatient, home health, etc), provider type, patient's EHR, health status, demographics, and the initial purpose of the encounter.

1. Support Delivery of Effective Healthcare - 2 Improve Patient Safety - 3 Facilitate management of chronic conditions - 4 Improve efficiency - 5 Facilitate selfhealth management

AHIMA Practice Brief: Definition of the Health Record for Legal Purposes: http://library.ahima.org/xpedio/groups/pu blic/documents/ahima/pub_bok1_009223 .html

Encounter management orchestrates electronic data interchange according to encounter-specific values, clinical protocols and business rules. This function "organizes" and "calls" functionalities described in other sections of the EHR Functional Outline and depends on generic capabilities defined by the Information Infrastructure including support for security and privacy. - As an example, a mobile home health care worker using wireless laptop at the patient's home would be presented with a home health care specific workflow synchronized to the current patient's demographics and care plan and tailored to support the interventions appropriate for this patient, including chronic disease management protocols. The workflow would automatically or manually trigger electronic interchanges depending on conditions arising during the encounter. The EHR would support bidirectional communications with the case manager for adjustments to the care plan; requests for eprescriptions from the primary care provider; scheduling a consult with a specialist; permit the provider to assist the patient with communications with other care givers; as well as generate necessary prior authorizationon the encounter Workflows, based requests to the patient's management settings, will assist in determining the appropriate data collection, import, export, extraction, linkages and transformation. - As an example, the EHR-s would present a pediatrician with diagnostic and procedure codes specific to pediatrics, the patient's demographics, and the patient's health record. Business rules in the EHR-S would automatically collect necessary data from the patient's health record and patient registry. As the provider enters data into the EHR-S, triggered workflow processes would access and populate appropriate transactions and documents to, for example, populate an eligibility verification transaction or query the immunization registry.

Remarks by Tommy G. Thompson, Secretary of HHS, NHII Conference 7/1/03: "Why is it that retailers such as L.L. Bean have been able to personalize my shopping experience and yours automatically providing the correct sizes and suggestions of other items based on what I bought last year - but my doctor and pharmacist cannot quickly refer to a list of my prescriptions or see when I had my last physical?" http://www.hhs.gov/news/speech/2003/0 30701.html - Key Capabilities of an Electronic Health Record System p. 9 http://www.iom.edu/report.asp?id=14391 - - Standards Insight - An Analysis of Health Information - Standards Development Initiatives - July 2003 http://www.himss.org/content/files/Stand ardsInsight/2003/07-2003.pdf -

The CPR in Eleven Paperless Physicians' Offices http://www.himss.org/content/files/proce edings/slides/sessions/ses048s.pdf http://www.himss.org/content/files/proce edings/2000/sessions/ses048.pdf -

Maximizing the extent to which administrative and financial data can be derived or developed from clinical data will lessen provider reporting burdens and the time it takes to complete administrative and financial processes such as claim reimbursement. This will require a mapping of clinical terminologies to various administrative and financial terminologies.

Paperless Success: The Value of EMedical Records http://www.himss.org/content/files/proce edings/2001/sessions/ses045.pdf http://www.himss.org/content/files/proce edings/2001/sessions/ses081.pdf - "Having clinical data represented with a standardized terminology and in a machine-readable format would reduce the significant data collection burden at the provider level, as well as the associated costs, and would likely increase the accuracy of the data reported ." IOM Key Capabilities of an Electronic Health Record System , pg 14 ( http://www.iom.edu/report.asp?id=14391 ) Recent examples of: device monitoring (http://www.hieurope.info/files/2003/9974.htm); remote monitoring(http://www.devicelink.com/m ddi/archive/03/06/012.html); and telehealth (http://www.mcg.edu/Telemedicine/Inde x.html) - -

Promotes patient empowerment, selfdetermination and ability to maintain health status in the community. Promotes personal health, wellness and preventive care. For example, a diabetic pregnant Mom can self-monitor her condition from her home and use web TV to report to her provider. The same TV-internet connectivity allows her to get dietary and other health promoting information to assist her with managing her high-risk pregnancy. Using data standards and technologies that support interoperability, information access functionalities serve primary and secondary record use and reporting with continuous record availability and access that ensure the integrity of (1) the health record, (2) public health, financial and administrative reporting, and (3) the healthcare delivery process.

1. Support delivery of effective healthcare - 2. Improve patient safety - 3. Facilitate management of chronic conditions - 4. Improve efficiency

AHIMA Practice Brief: Definition of the Health Record for Legal Purposes: http://library.ahima.org/xpedio/groups/pu blic/documents/ahima/pub_bok1_009223 .html - - IOM Key Capabilities of an Electronic Health Record System, p.14 http://www.iom.edu/report.asp?id=14391 -

Remarks by Tommy G. Thompson, Secretary of HHS, NHII Conference 7/1/03: We need a health information system that automatically gives health professionals access to the patientspecific medical knowledge required for diagnosis and treatment - the latest research results from medical journals, the most up-to-date guidelines, the appropriate public health notifications. Our doctors then will not have to depend on their great memories any more. http://www.hhs.gov/news/speech/2003/0 30701.html -

This function is a necessary precondition for the EHR-S' capacity to support the development or derivation of administrative and financial documentation, reporting and transactions. To a certain extent that clinical data can be mapped to administrative and financial data. However, where there is no map, the EHR-S must support the collection of required administrative and financial data that is not available from non-clinical sources. For example, the HIPAA 837 Professional claim requires the date of the last menstrual cycle for claims involving pregnancy. To support the generation of this transaction, the EHR-S would need to prompt the provider to enter this date when the patient is first determined to be pregnant. The EHR-S would need to make this information available to the billing process.

NHII03 Standards and Vocabulary Groups A&B: http://aspe.hhs.gov/sp/nhii/Conference03 /StandardsVocabA.ppt, http://aspe.hhs.gov/sp/nhii/Conference03 /StandardsVocabB.PPT

The EHR-S could alert the provider or support the provider's query regarding the most cost-effective services, referrals, devices etc to recommend to the patient based on the patient's health plan coverage rules. For example, help the provider recommend a specialist from the patient's preferred provider list. - - Note: The Direct care section needs to provide the functionality to guide users based on this information. - Example: alert the provider about co-pays, generic drugs, or other cost policies. The EHR-S could alert the provider or support the provider's query regarding the most cost-effective prescriptions under the patient's health plan's formulary.

Medical Informatics for Better and Safer Health Care. http://www.ahrq.gov/data/informatics/inf ormatria.pdf

Medical Informatics for Better and Safer Health Care. http://www.ahrq.gov/data/informatics/inf ormatria.pdf

STATEMENT: Support the creation 1. Support Delivery of (including using external data sources, if Effective Healthcare - - 4. necessary), electronic interchange, and Improve efficiency processing of transactions listed below that may be necessary for encounter management during an episode of care. - The EHR system shall capture the patient health-related information needed for administrative and financial purposes including reimbursement. - - Captures the episode and encounter information to pass to administrative or financial processes (e.g. triggers transmissions of charge transactions as by-product of on-line interaction including order entry, order statusing, result entry, documentation entry, medication administration charting.) - - Automatically retrieves information needed to verify coverage and medical necessity. - As a byproduct of care delivery and documentation, captures and presents all patient information needed to support coding. Ideally performs coding based on documentation. - - Clinically automated revenue cycle - examples of reduced denials and error rates in claims. - Clinical information needed for billing is available on the date of service. - Physician and clinical teams do not perform additional data entry / tasks exclusively to support administrative or financial processes.

IOM Key Capabilities of an Electronic Health Record System: "Use of communication and content standards is equally important in the billing and claims management area - close coupling of authorization and prior approvals can, in some cases, eliminate delays and confusion. Additionally, immediate validation of insurance eligibility will add value for both providers and patients through improved access to services, more timely payments and less paperwork."http://www.iom.edu/report.as p?id=14391 - HIMSS Electronic Health Record Definitional Model - Version 1.0 - AHIMA Practice Brief: Definition of the Health Record for Legal Purposes: http://library.ahima.org/xpedio/groups/pu blic/documents/ahima/pub_bok1_009223 .html - - AHIMA Practice Brief: Health Informatics Standards and Information Transfer: Exploring the HIM Role: http://library.ahima.org/xpedio/groups/pu blic/documents/ahima/pub_bok1_000024 .html - - AHIMA Practice Brief: Defining the Designated Record Set: http://library.ahima.org/xpedio/groups/pu blic/documents/ahima/pub_bok1_017122 .html -

Expedites determination of health insurance coverage, thereby increasing patient access to care. The EHR could alert the provider that uninsured patients may be eligible for subsidized health insurance or other health programs because they meet eligibility criteria based on demographics and/or health status. The EHR could be automatically updated when such program's eligibility rules change. For examples, the EHR would notify the provider that the uninsured parents of a child enrolled in S-CHIP may now be eligible for a new subsidized health insurance program. The EHR could notify the provider of an uninsured pregnant patient about various programs that the patient may be eligible. The EHR could link to online enrollment forms that could be made available to the patient during the encounter. When enrollment is determined, the EHR would capture health coverage information needed for processing administrative and financial documentation, reports or transactions.

Enrolling and Retaining Low Income families http://cms.hhs.gov/schip/outreach/progre ss.pdf - To a Streamlined Approach to Public Health Insurance Enrollment http://www.healtheapp.org/ -

Automatically retrieves information needed to support verification of coverage at the appropriate juncture in the encounter workflow. Improves patient access to covered care and reduces claim denials. When eligibility is verified, the EHR-S would capture eligibility information needed for processing administrative and financial documentation, reports or transactions updating or flagging any inconsistent data. In addition to health insurance eligibility, this function would support verification of registration in programs and registries, such as chronic care case management and immunization registries. An EHR-S would likely verify health insurance eligibility prior to the encounter, but would verify registration in case management or immunization registries during the encounter. -

Immunization registries are having continual success in increasing vaccination rates of children (http://www.cdc.gov/mmwr/preview/mm wrhtml/mm5001a2.htm). - - Electronic determination of insurance coverage is a required HIPAA transaction in the US. See the 270/271 Implementation Guide available at http://www.wpcedi.com/hipaa/HIPAA_40.asp. - -

Automatically retrieves information needed to support verification of medical necessity and prior authorization of services at the appropriate juncture in the encounter workflow. Improves timeliness of patient care and reduces claim denials.

Plans reported that their electronic connections to various types of providers enable numerous functions to be completed over the Internet, including claims submission, online eligibility verification, and referral approvals. P.9 Promoting Prevention Through Information Technology: Assessment of Information Technology in Association of Health Center Affiliated Health Plans http://www.ahcahp.org/publications/Wor king%20Papers/Final%20Report%20fro m%202003%20AHCAHP%20IT%20Ass essment.pdf

Automatically retrieves structured data, including lab, imaging and device monitoring data, and unstructured text based on rules or requests for additional clinical information in support of service requests or claims at the appropriate juncture in the encounter workflow Automatically retrieves information needed to support claims and encounter reporting at the appropriate juncture in the encounter workflow. Clinicians do not perform additional data entry to support health management programs and reporting.

Electronic transmission of clinical data for claims is a required HIPAA transaction in the US that is under development. See http://www.hl7.org/library/committees/ca /hipaa%20and%20claims%20attachment s%20white%20paper%2020030920.pdf for details. Electronic submission of claims data is a required HIPAA transaction in the US. See the 837 Implementation Guide available at http://www.wpcedi.com/hipaa/HIPAA_40.asp. - - - IOM Key Capabilities of an Electronic Health Record System p. 14 http://www.iom.edu/report.asp?id=14391 - HIMSS Electronic Health Record Definitional Model - Version 1.0

Example of the use of information: prompts the provider about the receipt of an acknowledgement and displays data relevant to the episode of care at the appropriate juncture in the workflow 1. Support delivery of effective healthcare - 3. Facilitate management of chronic conditions - 4. Improve efficiency IOM Rpt, page 9, "Effective communication - among health care team members and with patients - is critical to the provision of quality health care (Bates and Gawande, 2003; Wanlass et. Al. 1992) http://www.iom.edu/report.asp?id=14391

Example: In a care setting with multiple providers, where the patient can only see certain kinds of providers, (or an individual provider); allow the selection of only the appropriate providers (in conjunction with the provider registry).

Facilitate access to/propagation of 1. Support Delivery of information between patient records where Effective Healthcare - 3 patients are related Facilitate management of chronic conditions

An EHR used at a professional site should support personal health information (http://www.connectingforhealth.org/reso urces/phwg_final_report.pdf). - - Why Keeping Family Health Records is a Good Idea - http://www.healthminder.com/articles/benefits.htm

Contact tracing is an essential and required feature of public health and has usefulness outside of public health when evaluating non-reportable infectious disease or genetically related conditions. (http://biotech.law.lsu.edu/Books/lbb/x57 8.htm) Provide the capability to support and manage patient acuity/severity of illness/risk adjustment 1. Support Delivery of Effective Healthcare - 2 Improve Patient Safety - - 4 Improve efficiency An Integrated Analysis of Staffing and Effects on Patient Outcomes http://www.nursingworld.org/OJIN/KEY NOTES/speech_3.htm

1. Support Delivery of Effective Healthcare - 2. Improve Patient Safety - 3. Facilitate management of chronic conditions - 4. Improve efficiency - 5. Facilitate selfhealth management

Nearly all plans (92 percent) reported having one or more IT databases that reference clinical criteria, guidelines or protocols. While plans reported a variety of methods used to communicate clinical criteria, guidelines and protocols to providers, e-mail and electronic newsletters are seldom used and only one of the most widely used methods is related to IT. p 3 - Promoting Prevention Through Information Technology: Assessment of Information Technology in Association of Health Center Affiliated Health Plans http://www.ahcahp.org/publications/Wor king%20Papers/Final%20Report%20fro m%202003%20AHCAHP%20IT%20Ass essment.pdf Patient Provider Communication Tools http://www.chcf.org/documents/ihealth/P atientProviderCommunicationTools.pdf - Informing Patients A Guide for Providing Patient Health Information http://www.pubmedcentral.nih.gov/articl erender.fcgi?artid=61336 - - Promoting Prevention Through Information Technology: Assessment of Information Technology in Association of Health Center Affiliated Health Plans http://www.ahcahp.org/publications/Wor king%20Papers/Final%20Report%20fro m%202003%20AHCAHP%20IT%20Ass essment.pdf

Facility provided continuing education to professional staff is a recommended function. See http://dbapps.amaassn.org/iwcf/pf_online/pf_online?f_n=re sultLink&doc=policyfiles/HOD/H225.997.HTM&s_t=continuing+educatio n&catg=AMA/CnB&catg= AMA/CEJA&catg=AMA/HOD&&nth=1 &&st_p=0&nth=7&)

Plans reported using IT systems to support numerous activities and processes, such as utilization management, disease management and targeted mailings to members. P. 3 Promoting Prevention Through Information Technology: Assessment of Information Technology in Association of Health Center Affiliated Health Plans http://www.ahcahp.org/publications/Wor king%20Papers/Final%20Report%20fro m%202003%20AHCAHP%20IT%20Ass essment.pdf Public health response information changes continually and the ability to access the latest data by EHR users is essential (http://www.cdc.gov/phin/components/P HIN%20Brochure%20HAN%20.ppt). -

The EHRS is required to manage EHR information securely. For this, all EHRS applications must ensure the authentication, authorization of entities (e.g. user and applications) and control access to the EHR information.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Both users and application are subject to authentication. EHRS application must provide mechanisms for users and applications to be authenticated. Users will have to be authenticate when they attempt to use the application, the applications themselves must authenticate themselves before accessing EHR information managed by other application or remote EHR Systems. Examples of entity authentication are: • Username/ password • Digital certificate • Secure token • Biometrics

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Users of the EHRS will be allowed to use only the functions for which they authorized depending on their role, work assignment, location ,etc. Similarly applications will need to be authorized to access certain types of EHR data. Financial applications will be limited by their role in the types of EHR data they may exchange. For example, authorization functions may control access to EHRS: • Application modules • Application features • Data records The role of a user is in regards to authorization to access any subject. Examples of EHRS-User roles include: nurse, dietician, administrator, legal guardian, and auditor. Similarly the role of an application will determine what types of information in may query, access, or view when interoperating with complementary applications in the EHRS. For example, a doctor may typically be allowed to view any patient's record in the Emergency Department, except when a patient is also a blood-relative.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The EHRS must support a set of policies to ensure that the users can access the information they need and they must reference for complete and correct clinical decision. Context-based authorization extends Role and User-based Authorization by overlaying business rules and policies to the user and role. For example, • A nurse may be able to access the EHR’s of patients in the maternity department but not in the neurosurgery department. • A doctor may be able to access a patient’s EHR before his shift ends, but not after his shift ends. • A dietician may be able to access those parts of a patient’s EHR that impact foodselection, but not other parts of that patient’s EHR. • A physician may not be permitted to access parts of a patient’s EHR that pertain to a civil or criminal matter. • An EHRS-User may only use a patient’s data in a manner consistent with the patient’s (explicit or implied) consent. • A physician may be able to access a given patient’s EHR while providing healthcare, but not while conducting research. • A physician may restrict a patient’s access to the patient’s EHR if the physician believes such access may be harmfulthe personal nature example, a Due to to the patient (for of the data, Electronic Health Record information requires security and privacy considerations that exceed typical electronic data security standards.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Since the EHRS applications cannot control security of the transmission methods, applications must obfuscate the data sent to application within the EHRS and particularly to remote entities.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

EHRS application need to ensure that they are exchanging EHR information with the entities (applications, institutions, directories) they expect. This function depends on Entity Lookup, Authorization, and Authentication to be available in the system. For example, a physician practice management application in the EHRS, might send claim attachment information to an external entity. For this, the application must use a secure routing method which ensures that both the sender and receiving sides are authorized to engage in the information exchange.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

In general terms, the term "nonrepudiation" crypto-technically means: In authentication, a service that provides proof of the integrity and origin of data, both in an unforgeable relationship, which can be verified by any third party at any time; or, In authentication, an authentication that with high assurance can be asserted to be genuine, and that can not subsequently be refuted. In the electronic commerce environment, the technical meaning of the term "nonrepudiation" either shifts the onus of proof from the recipient to the alleged signatory or entirely denies the signatory the right to repudiate a digital signature. That is, if a digital signature is verified so as to identify the owner of the private key that was used to create the digital signature in question then it is that person who has the onus of proving that it is not their digital signature. Hence, there is a shift in the burden of proof. This crypto-technical position does not correspond with what occurs in the paper-based environment.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Communicating the EHR or parts of it to third parties that have a legal or other legitimate interest in the record should have explicit and documented authorization by the patient. Including a clear understanding by the third party that the information will only be used for the stated purpose.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Functionality allows for compliance with personal, local, and national rules.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The electronic health record will allow for the assignment, removal, and tracking of anonymous, de-identified, alias, and restricted access status of protected health information. For example: • Make anonymize, de-identify, or apply alias to EHR data provided for public health, clinical research, and population health initiatives. Re-identify specific data in special cases (e.g., disease-outbreak detection). • Include or exclude a subjectof-care’s data for specific purposes (such as for research or public health initiatives). An example of "best-practice standard" would be the HIPAA Privacy Rule which requires that covered providers communicate only the minimum necessary information about a patient for payment or operations. With respect to HIPAA transactions, a covered provider may only transmit situational data elements when these are required by a condition stated in the transaction implementation guide. In addition, a covered provider can only communicate the minimum necessary information needed for operations purposes such as quality-related health care activities or fraud and abuse detection.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The electronic health record will allow for the compliance with realm-specific privacy rules. An example of such rule is the HIPAA Privacy Rule which gives patients the right to request suppression of their health care information under circumstances such as domestic violence. If the provider agrees to do this, then the provider must ensure that the patient's protected health information is not disclosed per this agreement. Some states have more stringent laws that preempt HIPAA. For example, in some states, patients, who are minors, have a right to suppress protected health information related to sensitive services such as treatment for reproductive health, mental health, and substance abuse.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The EHRS will allow for the dispensing and tracking of patient education regarding current privacy policies and procedures.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Electronic Health Record information will be available on a variety of EHRS applications. The EHRS must provide the ability for users to access this information, to manage it, to control access to it, and to audit the use and access of data.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

An important aspect of maintaining a legally sound health record is securing the record to prevent loss, tampering, or unauthorized use. The integrity of the health record may be questioned in a legal proceeding if concerns are raised about the security of paper-based or electronic records. The Rules of Evidence require an organization to have policies and procedures in place to protect against alterations, tampering, and loss. Systems and procedures should also be in place to prevent loss (such as tracking and sign-out procedures), secure record storage areas or systems, and limit access to only authorized users. For example, • Entered data must be validated based on system edit rules and valid code sets. These may be field specific (i.e. valid list of values), intra-record (i.e. date deceased) date of birth), or they may extend across multiple related records (i.e. test order must exist before test results can be recorded). • Healthcare documents must not be altered as dictated by the “Uniform Rules of Evidence” and the ”Federal Rules of Evidence”. • Translations between numbering systems and written languages must not result in substantive document alterations. Each healthcare provider should develop a retention schedule for patient health information that meets the needs of its patients, physicians, researchers, and other legitimate users, and complies with legal, regulatory, and accreditation requirements. EHRS applications must conform to the current rules. An important aspect of maintaining a legally sound health record is securing the record to prevent loss, tampering, or unauthorized use. The integrity of the health record may be questioned in a legal proceeding if concerns are raised about the security of the electronic health record. Therefore when clinical documents are exchanged by EHRS applications, the receiving application is expected to retain inbound documents unchanged.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The purpose of authentication is to show authorship and assign responsibility for an act, event, condition, opinion, or diagnosis. Every entry in the health record must be authenticated by the author and should not be made or signed by someone other than the author. This includes all types of entries such as narrative/progress notes, assessments, flow sheets, orders, etc., whether in paper or electronic format. For example, digital signatures may be used to implement document attestation for EHR.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

For example, retain a digital signature that 1. Support delivery of effective was included with an inbound clinical healthcare 2. Improve patient document. safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

This section deals with the enforcements of the privacy rules. Patients may be harmed if their privacy is invaded (including unauthorized access to Electronic Healthcare Records), or if the patient a part of their records that they must not access or view.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The EHRS must provide EHR confidentiality-controls that minimize each type of harm. This function requires that the EHRS implement mechanisms to protect the confidentiality of the Electronic Health Record in a consistent way by enforcing rules and policies defined by the best-practice standards and governmental organization. EHR Information Security controls differ for various care-settings. The EHR Information Security subsection of the Information Infrastructure section of this document details those controls. For example, to comply with HIPAA Privacy Rule requirement that a covered provider only transmit situational data that is required under certain conditions, the provider or its billing service/clearinghouse, must have edits in place in the systems that process transactions that ensure this requirement is met. In order to support administrative and financial reporting in Section 6.3.0.0, the EHR must collect data necessary for the transaction processing systems to support this requirement. Consider also a patient who is suffering physical abuse by a guardian. If the guardian reads certain portions of the provider's notes, the patient might be further endangered. Finally, a patient might not even confide in the Although a patient has the right to view much of his/her Electronic Healthcare Record, a healthcare provider sometimes needs to prevent a patient (or guardian) from viewing parts of the record. Consider, for example, a patient receiving psychiatric care: the patient might harm himself (or others) if he reads the doctor's evaluation of his condition. Furthermore, reading the doctor's therapy-plan might actually cause the plan to fail.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Most information systems benefit from the quality control offered by an audit trail. All systems that are backed up, for example, also note the date and time of the backup in an audit log. Healthcare-related information systems, however, have many additional events and controls that must be audited (tracked) due to the sensitive (personal) nature of the healthcare data itself. For example: HIPAA Security Rule Section 164.308(a)(1)(i) Security Management Process requires Information System Activity Review, which means to "Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports."

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Once an clinical document receives a mark of attestation by a healthcare provider, (e.g., a signature), it becomes a legal document and must be preserved in an unaltered fashion. Sometimes, however, corrections or amendments need to be made to the document. In these cases, the EHRS must keep track of the corrections or amendments such that the integrity of the original (signed) document is still preserved. The EHRS application must be able to record information required to determine who altered EHR related information in that application.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The EHRS application must be able to record information required to determine who viewed or extracted EHR related information from that application.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Differing care-settings benefit from being able to identity the various people or systems that viewed or altered a patient's (or set of patient's) EHR's. For example, a judge might want to know how many patients a given healthcare provider treated while the provider's license was suspended. Similarly, in some cases a report detailing all those who modified or viewed a certain patient record might be needed. Often, clinical information is considered to be sensitive to the subject-of-care and therefore must be secured. (An example of a care-setting where clinical information may not necessarily be sensitive to the subject-of-care is veterinary medicine.) In addition to actually securing the EHR data itself, an EHRS must also be able to prove that it secured the EHR data. A security audit trail can help provide such proof. In large healthcare settings, EHRS' typically log not only accesses to sensitive EHR data, but attempts to access EHR data by unauthorized users. The level of auditing (detail) required can range anywhere from a local policy to a national standard -- as appropriate to each care-setting. Tracking the attempts of unauthorized users to access sensitive EHR information will enable healthcare organizations to identify the staff members who are not following the local patient privacy rules.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

If EHR information is exchanged between EHRS application for viewing or other purposes, the receiving application must log information about the sender and the nature, history, and content of the information exchanged in the transaction If any translations are necessary (.e.g. vocabulary lookup) then a record of the transformation must be created by the receiving application. For example, in addition to receiving an EHR from an external system, receive the amendment history for that record, the identity of the originating system, and details about the receiving system’s reception event (including, when and by whom the EHR and its audit trail were received).

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Clinical decision-support rules and administrative (business) decision-support rules are designed to help the healthcare provider make good, timely, efficient, and cost-effective medical and workflowrelated decisions. An audit trail provides evidence of the healthcare provider's adherence with those various rules. Since each healthcare setting requires differing sets of rules, corresponding audit trail requirements will be different for each setting. For example, in a large hospital a doctor might be expected to deliver control of a patient to another doctor before leaving the hospital when her shift is finished. An corresponding audit trail would indicate whether this rule was followed. A small healthcare practice might have no such rule (and no need for a corresponding audit trail). The EHRS application must provide facilities to achieve clinical (EHR-related) information. Example of best-practices standards: HIPAA Security Rule Section 164.308(a)(7)(i) Administrative Safeguards - Data Backup Plan (Required): "Establish and implement procedures to create and maintain retrievable exact copies of electronic protected health information."

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Paper-based healthcare records are difficult to view. An electronic implementation of a paper-based system can be just as cumbersome to view. Therefore, in order for the electronic version of a healthcare records to prove beneficial, the EHR must be archived and retrieved in a semantically intelligent and useful manner. A database of clinical and administrative business rules will help present Electronic Health Records to the various EHR-viewers in efficient and intelligent ways -- fulfilling the promise of enhanced access. As technology changes, the means by which the stored data is presented can also change, taking advantage of the particular strengths of each new device. This function requires that information no longer needed by operational EHRS application is persisted (either for ever or for a pre-defined period of time) using appropriate technology and policies to support the business requirements of the EHR. The EHRS must be able to retrieve and allow users to view persisted EHR data.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The EHRS will be able to reconstruct the patient record in its totality across time and across providers. The EHRS applications will present a view of this data to the clinicians. When Electronic Health Records are organized in chronological order, a healthcare provider can more easily locate significant healthcare events and begin to construct a basis on which to make informed medical decisions. A provider will typically desire to view a list of previous visits and the reasons for those visits in reverse (i.e., latest first) chronological order. By capturing timestamps of notable healthcare-related events (such as time of arrival, time of record-review, or time of physical examination), a healthcare provider can quickly determine when a patient's last visit occurred, when he last reviewed a patient's record, or how long it has been since the patient's last physical examination. For example, chronological lists of previous visits and the reasons for visits, the ability to review progress notes easily in reverse chronological (latest first) order. Different care-settings often require differing periods of EHR retention (after which the data has little or no value). Since the cost and speed of various data storage technologies also varies, archival of EHR data can be managed (balanced) in such a way as to minimize costs while still meeting data access needs. Not only must clinical information be available for recall, in certain care-settings the data must also be available within a proscribed period of time. For example, if the EHRS fails to present a report that it has received from a laboratory in a timely fashion, the patient may die. Depending on the care setting, the EHRS must make all or some of the EHR information available when, where, and how the users need it.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Chain of Custody is necessary for laboratory evidence involving the subset of cases that, for example, include: criminal, family court, protective services, insurance fraud, and liability cases. Chain of custody support can be accomplished either by supplying necessary information to an external system that is responsible for tracking chain of custody, or by supporting chain of custody within the EHRS. Chain of custody functions within an EHRS will be necessary for those organizations that use local office laboratories that lack formal laboratory information management systems. These functions are critical to successfully managing the security, interoperability and the consistently of the EHR data across the EHR-System.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

This function recognizes that the EHRS will rely on an set of infrastructure services, directories, and registries organized hierarchically. Additionally, this function assumes that the EHR Systems will need to communicate with each other. For example: if a patient is treated at the primary care physician for a chronic condition but becomes ill while visiting a different region, the new provider will lookup the patient and in, the background, the EHRS at the remote site will have to interrogate a local, regional, and even a nation registry to find the match. With the patient identify, the remote EHRS will interrogate the primary care physician's EHRS for information relevant to the new episode of care, in conformance with the applicable patient privacy and confidentiality rules. An example of using a local registry would be that of an EHRS application sending a query message to the Hospital Information System to retrieve a patient demographics.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

In order to create a correct and complete Electronic Health Record, the EHRS applications must ensure that they are consistently referencing Subjects of Care (patients, clients) and Providers. This function requires that EHRS Applications transparently invoke algorithms for uniquely identifying a certain Subject of Care or a Provider. This way, the applications will be able to retrieve patient demographic, provider identity and certification information, etc. In order to support financial functions, the EHRS application must be able to retrieve information about payors. Note that updating financial stakeholder registry records is not in the scope of the EHRS. EHRS application will be enabled only to lookup this information not update it. An example of lookup would be looking up Payor information for determining the eligibility of a Subject of Care.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The ability to update the contents of identity directories ( for Subject of Care and Providers) ensures that the information in those directories stays current over time. EHRS applications must be able to update the information, if needed. Examples of identity management operations are: update existing record, link registry records for same patient, unlink registry records previously linked in error, delete record, etc. The EHRS must also handle the update notifications from the registry to those application who registered interest in a certain record. This is a fundamental function of EHRS applications. These applications are expected to use algorithms for uniquely identifying entities (users, applications, etc.) when they attempt to access EHR data. To ensure the access control, the EHRS applications will perform an identity lookup of users or application for any operations that require it (authentication, access control, secure routing, querying, etc.).

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

As EHR information will be persisted across EHRS applications and archives, a directory of pointers to the various parts of the EHR will be required in order to retrieve the entire record or selected parts of the EHR.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Clinical registries provide an aggregate view or anonymize EHR information with a certain specialization. For example: immunization, disease, tumor, organ donor, or blood bank registries. EHRS applications must be able to lookup and update these registries according to the applicable rules and best-practices. These registries will manage care unit identifiers, point of care devices that contribute information to the EHR, and other relevant resources. For instance: if a new care unit is added in the location master file, the applications that use patient location must update their list of available care units. Therefore, EHRS applications must be able to receive notification when these directories have been updated. The EHRS will provide centralized vocabulary services which may be used by all the applications in the EHRS. This way the EHRS ensure that coded terminologies are applied consistently across applications. Additionally, this function ensures a EHRS applications need to support a consistent set of terminology. For example: LOINC, SNOMED, ICD9, CPT4.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

EHRS applications need to support a consistent set of transactions and terminology. Exam HL7, X12N, HIPAA.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

This function would be implemented by an EHRS application which uses a local terminology; that terminology must be related to a standard terminology. For Example: If local terminology specifies a descriptive string for referring to "Ionized Calcium" that application must be able to replace the local code with a standard, for instance LOINC, when creating EHR documentation for archival or exchange.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The EHRS needs to provide master files, vocabulary services or other mechanisms such that code sets and vocabularies used for the EHR may be maintained across application boundaries. Additionally, if the code sets are changes, those changes should be reflected in all the relevant applications. For examples, if a new critical care unit is opened, the code used for that location should be present in the hospital master files and the new care unit should appear as an option in the Hospital Information System and all the clinical application that operate in the new location, Version control allows for multiple sets/versions of the same terminology to exist and be distinctly recognized over time. Terminology versioning supports retrospective analysis and research, as well as interoperability with systems that comply with different releases of the standard. These functions are critical to the successful operation of the EHRS.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

This function requires that the EHRS application support a variety of interaction models depending on type of interoperability required. This function recognizes that an application must undergo several state changes to complete the information exchange with another application and that interoperability needs will determine the standard to be used and the interaction mode. For instance, messaging is effective for many near-real time, asynchronous data exchange scenarios but that same mode of interaction may not be applied if the enduser is requesting an immediate response from a remote application. Additionally, even in the case where store-and-forward, message-oriented interoperability is used, the applications may need to support the appropriate interaction mode. For example: Unsolicited Event Notifications, Query/Response, Query for display, Unsolicited summary, structured/discrete, and unstructured clinical documents. .

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

This function requires that there is an overall coordination of regarding what information is exchange between EHRS entities and how that exchange is expected to . The policies applied in at different locations must be consistent or compatible with each other in order to ensure that the information is protected when it crosses entity boundaries within the EHRS or with entities outside the EHRS.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

This function identifies the dependency between EHRS applications and EHRS infrastructure services or complementary application. The infrastructure services are those crucial to application's ability to operate seamlessly with complementary application. In turn these services may be local or remote and require that the applications use a common messaging or programming interfaces to interoperate. Interoperability with EHR Infrastructure services such as directories, registries, etc. must be standard based and EHRS applications must be capable to use these interfaces. For example: an application may use standard-based messaging (HL7 V3) to look a patient's identity in a regional registry but the same application might use CCOW in order to synchronize the patient context with other EHRS applications displayed on the same workstation.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

When EHRS applications exchange information (notifications, clinical summaries, documents, etc.) they must rely on uniform standards and semantics. For instance, HL7 Messages for exchanging clinical observations, queries, and event notifications, CDA (Clinical Document Architecture) for summary information and signed clinical documents, X12N for billing. Similar to standard-based messaging, standard-based application integration requires that the EHRS application use standardized programming interfaces, where applicable. For example: CCOW for visual integration, WfMC for workflow integration, etc.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

This function assumes that applications in the EHRS are using different standardized or local vocabulary. In order to address the semantic differences across these applications, vocabulary lookup (to map local codes to standard codes) and mappings (to map one set of codes to another) the EHRS infrastructure will provide vocabulary lookup and mapping (as a common service or distributed across applications). This function identifies the dependency between EHRS applications and external applications and services. These external services/application may be offered by peer organizations or a intended to be shared across institutions. An example of External Information Exchange between peer institutions would be a patient referral. an example of using a shared service would be eligibility lookup.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

This function requires that EHRS application use the necessary standardbased methods to communicate with complementary applications and services in such a way that the EHR can operate seamlessly. Initially, EHRS applications will exchange information with complementary applications. For instance, in order to determine drug interactions the EHRS might need that a laboratory information system be integrated with the a pharmacy information system. This function requires that an application sending EHR-relevant information use the entity registries to ensure that the information is sent to the authorized receiver. Similarly, the receiver of the data must ensure that the sender is a valid, authoritative source of information. This function requires that a conformant EHRS application be able to access entity registries and use that information for addressing information transmission and validating inbound transmissions.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The EHRS is assumed to consist of a set of application; each application manages a subset of the EHR information. Therefore it is important that through various interoperability mechanisms, the EHRS maintains all the relevant information regarding the health record in synchrony. For example, if an MRI is ordered by a physician, a set of diagnostic images and a radiology report will be created. The patient demographics, the order for MRI, the diagnostic images associated with the order, and the report associated with the study must all be in synch in order for the clinicians to view the complete EHR information.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Using certain EHRS applications, clinicians must be able to access and aggregate the distributed information that correspond to the Electronic Health Record or Records which are needed for viewing, reporting, etc. EHRS application must be able to support data extraction operations whether the extract requires the application's own local information or an aggregation of information from more than one application. If the data required by the end-user resides on other application, the EHRS application responsible for data extraction must query the other applications and display the information.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

A significant part of the EHR consists of summary reports and complex clinical documents. Therefore the EHRS must support the effective exchange of such documents as atomic units of information. EHRS applications must be able to create and import clinical documents when needed.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Business Rules Administrative Functions include both the management of the business rules and the implementation functions that use business rules to control system behavior. The implementation functions can be invoked from necessary points within EHRS applications. Examples of implementation functions include: decision support, diagnostic support, workflow control, access privileges, and system and user defaults and preferences.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

This function supports creating, updating, and deleting (or disabling) business rules by authorized users. Business rules versioning is also supported by this function. Business rule versioning is necessary to trace an action that was recommended based on a business rule, to the exact version of the business rule that was in place at the time the recommendation was issued. Providers and institutions need the ability to customize decision support components such as triggers, rules or algorithms, and the wording of alerts and advice, to meet local requirements and preferences. These local customizations must be supported and maintained as changes occur in the underlying systems and knowledge-bases.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The implementation function is invoked by applications throughout the EHRS to apply the business rules that have been defined. For example: • When creating or updating a patient record with symptoms, the diagnostic support function may use this implementation function to determine if business rules exist to suggest diagnosis based on the combination of symptoms (flu-like symptoms combined with widened mediastinum suggesting anthrax). • When creating a vaccination record the work flow process may use this implementation function to determine if business rules exist to send an update to an immunization registry. • When diagnosing a patient as pregnant, the decision support function may use this implementation function to determine if business rules exist to classify the patient as high risk due to factors such as age, health status, and prior pregnancy outcomes.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The override function allows authorized users to dismiss a or bypass a recommendation for action that was generated on the basis of business rules. Override may also be used to reset user preferences or defaults.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

The EHRS will maintain a record of business rules that are created, updated and disabled. In addition, the EHRS will track the business rule that was used to issue a recommendation or guidance as well as the disposition of the business rule (if it was followed or bypassed).

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

Work flow functions include both the management and setup of work queues, personnel, and system interfaces as well as the implementation functions that use work flow related business rules to direct tasks to queues. The implementation functions can be invoked from necessary points within EHRS applications. Note that workflow definitions and management may be implemented by a designated application or distributed across EHRS applications. This function supports creating, updating and disabling work queues, assignees, system destinations, work flow algorithms, and links between work flow components and business rules (maintained by the business rules functions). Examples of links include: queues to recipients/roles, business rules to work flow algorithms and distribution paths, and escalation and redirection rules to roles/users. Work flow algorithms include the routing of tasks down single dependent paths or multiple independent paths. For example: • Serial tasks - An initial X-ray may be required prior to ordering an MRI. • Parallel tasksWhen a patient is in the process of being admitted for scheduled surgery, the registration department may be asked for last-minute insurance coverage verification, while the lab may simultaneously be asked whether preadmission lab work has been completed.

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

This function specifies that task routing can be based on the type of diagnosis or other system triggers. Diagnosis based routing uses business rules (maintained by the business rules functions) to determine the routing path that should be followed. For example: • Updates to clinical registries (cancer is detected), blood banks (HIV is detected), or donor banks (kidney is available). • Notifications to social service agencies (Alzheimer's disease is detected or child abuse is suspected). • Updates to immunization registry (patient receives vaccination).

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

This set of work flow tasks are invoked to direct tasks to the correct work queue to support initial assignment, escalation of work not completed in a timely manner, and redirection of tasks. Work Flow utilizes business rules (maintained by the business rules functions) to determine the routing of a task. Examples of task routing include: • Assigning a documentschecking task before discharging a patient (according to length-of-stay business rules). For example, a patient staying in a hospital for more than 24 hours cannot be discharged unless that patient's medical history and physical examination have been documented. • Assigning an insurance-verification task when a patient is admitted. • Escalating a task to a supervisor when that task was not completed within the business rule specified time frame. • Redirecting a task when an employee becomes unavailable or over-tasked (as defined by business rules).

1. Support delivery of effective healthcare 2. Improve patient safety 3 Facilitate management of chronic conditions 4. Improve efficiency 5. Facilitate self-health management 6. Ensure privacy, confidentiality

C.1
C.1.1.0 C.1.1.1 C.1.1.2

Care Management
Health information capture, management, and review Enable the provider to identify and Maintain and identify a single patient locate a patient record record for each patient. Capture Patient Demographics Capture demographic information that is reportable and trackable over time. Manage Problem List Manage Medication List Manage Allergy List Manage Other Summary Lists Create and maintain patient-specific problem lists. Create and maintain patient-specific medication lists. Create and maintain patient-specific allergies and reactions. Create and maintain patient-specific summary lists not otherwise specified. Capture, review, and manage medical, procedural, social, and family history including the capture of pertinent negative histories. Make available a chronological, filterable, comprehensive review of the patient's entire clinical history, subject to confidentiality constraints. Capture, manage, and review other key data not otherwise specified and by a variety of caregivers. Create, addend, and authenticate transcribed or directly-entered clinical documentation and notes. Capture clinical documents and notes originating from outside the EHR. Capture patient-provided data. Capture and manage patient-reported or externally available patient clinical history.

C.1.1.3 C.1.1.4 C.1.1.5 C.1.1.6

C.1.1.7

Manage Patient History

C.1.1.8

Review chart summary

C.1.1.9

Capture Other Key Data

C.1.1.10

Capture and creation of clinical documents and notes Capture external clinical documents Capture patient-provided data Capture historical data

C.1.1.11

C.1.1.12 C.1.1.13

C.1.2.0 C.1.2.1

Care Planning, Critical Paths, Protocols Present clinical guidelines

Present relevant information from knowledge resources to support data entry and clinical documentation

C.1.3.0 C.1.3.1

Medication ordering and management Enable medication ordering

Create prescriptions or other medication orders with detail adequate for correct filling and administration by pharmacy and clinical staff. Provide information regarding compliance of medication orders with formularies.

C.1.3.2

Support medication formularies

C.1.3.3

Enable documentation of medication administration

Present to appropriate clinicians the medications that are to be administered to a patient and under what circumstances and permit documentation of administration details.

C.1.4.0 C.1.4.1 C.1.4.2

C.1.4.3 C.1.4.4

Orders, Referrals, and Results Management Enable ordering of diagnostic tests Submit diagnostic test orders based on specific care provider input. Enable placing of communication Submit communicative or and other orders administrative orders based on specific care provider input. Enable use of order sets Provide order sets based on provider input or system prompt. Enable ordering and tracking of Enable the origination, documentation referrals and tracking of referrals between care provider or care settings, including clinical guidelines and administrative details of the referral. Route and manage results Route, manage and present current and historical test results to appropriate clinical personnel for review, filtering and comparison. Communicate with regulatoryapproved Blood Bank software to provide needed information on blood usage and orders for blood products.

C.1.4.5

C.1.4.6

Enable the ordering of blood products

C.1.5.0 C.1.5.1

Consents and Authorizations Manage consents and authorizations Enable capture, maintenance and access to patient advanced directives Create, maintain, and verify patient data and treatment decisions in the form of consents and authorizations Capture, maintain and provide access to patient advanced directives

C.1.5.2

C.2
C.2.1.0 C.2.1.1

Clinical Decision Support
Health information capture and review Support for standard assessments

C.2.1.2

C.2.1.3

Offer rule-based prompts to support the adherence to practice guideline standards at the point of information capture. Support for Patient ContextOffer rule-based prompts based on enabled Assessments patient-specific data at the point of information capture. Support for identifying anomalies Identify anomalies and potential or potential problems problems, or other patient "flags" and provide prompts for consideration at the point of information capture.

C.2.1.4

Patient and family preferences

Capture patient and family preferences at the time of information intake and integrate them into clinical - decision support at all appropriate opportunities.

C.2.2.0 C.2.2.1 C.2.2.1.1

Care Planning, Critical Paths, Protocols Support for disease based protocols (acute care) Support for standardized disease based protocols Support for context sensitive disease-based protocols

Identify the appropriate protocols for the management of specific diseases.

C.2.2.1.2

C.2.2.1.3

C.2.2.1.4 C.2.2.2 C.2.2.2.1

C.2.2.2.2

Identify the appropriate protocols for the management of specific diseases that are adjusted to the patient specific profile. Support for on-going management Identify appropriate modifications to the care plan in response to new clinical data at the time and during the course of a clinical encounter. Identification of deviations from Identify deviations from the standard standard protocols protocols. Support for chronic disease protocols Support for standard chronic Identify protocols for standard chronic disease management-based disease management protocols Support for context sensitive Identify patient specific chronic disease chronic disease management management recommendations. Support for ongoing chronic disease management Support the identification of deviations from chronic disease management protocols Support for interactive patient chronic disease management Identify routine chronic disease management recommendations based on changes in patient data. Identify deviations from chronic disease management protocols. Provide the patient with decision support for self-management of a chronic condition in between patientprovider encounters.

C.2.2.2.3

C.2.2.2.4

C.2.2.3

C.2.3.0 C.2.3.1 C.2.3.1.1

Medications, medication management Support for medication ordering Support for standard drug, food, allergy and weight/age-based dosing interaction checking Identify drug-drug, drug-allergy, drugfood, and weight/age appropriate dose recommendations at the point of medication ordering.

C.2.3.1.2

Other support for medication ordering

Identify other potential issues at the point of prescribing. Provide suggested alternatives for these other issues or for standard medication issues as appropriate Support medication administration management and workflow to alert providers in real-time to potential administration errors such as wrong drug, wrong dose, wrong route, wrong time and patient. Alert providers in real-time to potential administration errors such as wrong drug, wrong dose, wrong route, wrong time and patient in support of medication administration management and workflow.

C.2.3.2

Support for medication administration.

C.2.4.0 C.2.4.1

Orders, Referrals, Results and Care Management Support for non-medication ordering

Identify necessary order entry components for non-medication orders that make the order pertinent, relevant and resource conservative at the time of provider order entry; and flag any inappropriate orders based on patient profile. Support evaluation and provider notification of results within the context of the patient's clinical data. SUGGEST: Evaluate results and notify provider of results within the context of the patient’s clinical data. -

C.2.4.2

Support for result interpretation

C.2.4.3 C.2.4.3.1 C.2.4.3.2 C.2.4.4 C.2.4.4.1

Support for referrals Support for referral orders Support for referral recommendations Support for Care Delivery Support for safe blood administration Evaluate referrals within the context of a patient’s clinical data. Evaluate patient data and suggest appropriate referrals. Alert providers in real-time to potential blood administration errors such as wrong blood, wrong cross match, wrong source, wrong date and time, and wrong patient. Alert providers in real-time to potential specimen collection errors, such as wrong patient, wrong specimen type, wrong collection means, and wrong date and time.

C.2.4.4.2

Support for accurate specimen collection

C.2.5.0

Health Maintenance: Preventive Care and Wellness

C.2.5.1

Support for preventive services and wellness

C.2.5.2

Support for interactive reminders for preventive services and wellness

Identify patient specific suggestions/reminders, screening tests/exams, and other preventive services in support of routine preventive and wellness patient care standards. Notify the patient and/or appropriate provider of those preventive services, tests, behavioral actions that are due for patient in-between patient-provider encounters.

C.2.6.0 C.2.6.1

Supportive Functions Support for environmental/population monitoring Collect environment and surveillance data captured at the time of the patientprovider encounter for use in clinical state monitoring of health risks from the environment and/or population. Alert providers and public health officials with the appropriate level of notifications in the event of a health risk. Monitor if expected actions have been taken in the event of a health risk and subsequent notification and escalate notification if they have not. - If introductory clause needs to come first, OK. In the event of a health risk and the subsequent notification, monitor if expected actions have been taken, escalating notification if they have not. Provide evidence-based guidelinebased information and knowledge to the point of care for use in clinical decisions and care planning Enable the accessibility of reliable information about wellness, disease management, treatments, and related information. Manage tasks related to components of the electronic health record with appropriate timeliness. Linkage of tasks to a relevant part of the electronic health record or to a specific patient. Assignment, delegation and/or transmission of tasks to the appropriate parties. Track tasks to guarantee that each task is administered to and completed appropriately.

C.2.6.2

Support for notification and response

C.2.6.3

Support for monitoring and escalation

C.2.6.4

Support for clinical guidance

C.2.6.5

Support for knowledge access for patients

C.3
C.3.1.0

Operations Management and Communication
Clinical Workflow Tasking

C.3.1.1

Linking of tasks with related medical record entities Clinical Task Routing

C.3.1.2

C.3.1.3

Clinical Task tracking

C.3.2.0 C.3.2.1

Clinical Communication Inter-provider communication Support electronic messaging (inbound and outbound) between providers to trigger or respond to pertinent actions in the care process, document nonelectronic communication (such as phone calls, correspondence or other encounters) and generate paper message artifacts where appropriate. Provide features to enable bidirectional communication of information electronically between practitioners and pharmacies. Trigger or respond to electronic messaging (inbound and outbound) between providers and patients or patient representatives with pertinent actions in the care process while documenting non-electronic communication (such as phone calls, correspondence or other encounters) and generating paper message artifacts where appropriate. Identify and make available electronically or in print information any educational or support resources for patients, families, and caregivers that are most pertinent for a given health concern, condition, or diagnosis and which are appropriate for the person (s). Support communication and presentation of data captured from medical devices.

C.3.2.3

Pharmacy Communication

C.3.2.2

Provider/Patient/Family Communication

C.3.2.4

Patient, Family and Care Giver Education

C.3.2.5

Communication with Medical Devices

S.1
S.1.1.0

Clinical Support
Disease Registries Enable the automated transfer of formatted demographic and clinical information to local disease specific registries for patient monitoring and subsequent epidemiological analysis.

S.1.2.0

Donor Management Support Provide capability to capture and share needed information on potential organ and blood donors and recipients. Maintain current directory of provider information in accordance with relevant laws, regulations, and conventions.

S.1.3.0

Provider Locator

S.1.3.1

Maintain provider demographics

S.1.3.2 S.1.3.3 S.1.3.4

In facility Location On Call Location General Location

Maintain a current directory of practitioners that, in addition to demographic information, contains data needed to determine levels of access required by the EHR security system. Provide provider location or contact information on a facility's premises. Provide provider location or contact information when on call. Provide locations or contact information at which the provider practices, in order to direct patients or queries. Maintain current directory of patient information in accordance with relevant privacy and other applicable laws, regulations, and conventions.

S.1.4.0

Patient Locator

S.1.4.1

Patient's location within a facility Provide the patient's location information within a facility's premises. Provide the patient's residence information solely for purposes related to the provision and administration of services to the patient, patient transport, and as required for public health reporting. Enable management of patient bed. Ensure that the patient's bed arrangements within the facility optimize care and minimize risks of exposure to contagious patients. The EHR-S will enable the communication of bed usage with external health entities in times of capacity overload to facilitate efficient bed utilization. Manage patient demographics and identifying information Maintain, archive and update demographic information in accordance with realm-specific recordkeeping requirements. Provide patient data in a fashion that meets local requirements for deidentification. Provide the necessary data to a scheduling system for optimal efficiency in the scheduling of patient care, for either the patient or a resource/device.

S.1.4.2

Patient's residence related to the provision and administration of services

S.1.4.3

Optimize patient bed arrangements

S.1.5.0 S.1.5.1

Demographics and DeIdentification Patient demographics

S.1.5.2

De-identified Data Request management Scheduling

S.1.6.0

S.2

Measurement, Analysis, Research and Reports

S.2.1.0

Measurement, monitoring, and analysis Outcome Measures

S.2.1.1

S.2.1.2

Aspect of care indicators

Support measurement and monitoring of care for relevant purposes in the EHRS. Analyze outcomes of care provided to populations, in facilities, by providers, and in communities. Identify indicators that further investigation is needed on aspects of care provided to populations, in facilities, by providers, and in communities Support the capture of quality, performance, and accountability measures to which providers/facilities/delivery systems/communities are held accountable including measures related to process, outcomes, and/or costs of care – may be used in pay for performance monitoring and adherence to best practice guidelines. Provide report generation features for the generation of standard and ad hoc reports. Manage and document the health care needed and delivered during an episode of care. Provide specialized views and functionality based on the encounterspecific values, clinical protocols and business rules Provide assistance in assembling appropriate data, supporting data collection and processing output from the encounter. Enable the inclusion of the patient's clinical data (for administrative or financial purposes) from one or more external repositories. Support device monitoring, and remote health services such as telehealth by integrating records and data collected by these means into the patient's EHR for care management, billing, and public health reporting purposes. Support extraction, transformation and linkage of information from structured data and unstructured text in the patient's EHR for care management, financial, administrative, and public health purposes.

S.2.1.3

Performance and accountability measures

S.2.2.0

Report Generation

S.3
S.3.1.0

Administrative and Financial
Encounter/Episode of Care Management Specialized views

S.3.1.1

S.3.1.2

Encounter specific functionality

S.3.1.3

Integration of clinical data with administrative and financial data

S.3.1.4

Integrate device monitoring and remote health services such as telehealth data

S.3.2.0

Information Access for Supplemental Use

S.3.2.1

Rules-driven clinical coding assistance

S.3.2.2

Rules-driven financial and administrative coding assistance

S.3.2.3

Integrate Cost management information Formulary communication

S.3.2.4

Make available all pertinent patient information needed to support coding of diagnoses, procedures and outcomes. Provide financial and administrative coding assistance based on the structured data and unstructured text available in the encounter documentation. Enable the use of cost management information required to guide users and workflows. Present relevant information at the point of care regarding medication formulary. Support the creation (including using external data sources, if necessary), electronic interchange, and processing of transactions listed below that may be necessary for encounter management during an episode of care Enable enrollment of uninsured patients into subsidized and unsubsidized health plans, and enrollment of patients who are eligible on the basis of health and/of financial status in social service and other programs, including clinical trials;

S.3.3.0

Administrative Transaction Processing

S.3.3.1

Enrollment of patients

S.3.3.2

Eligibility verification and determination of coverage;

S.3.3.3

Service authorizations

S.3.3.4

Support of service requests and claims;

S.3.3.5 S.3.3.6

Claims and encounter reports for reimbursement Health service reports at the conclusion of an episode of care.

Enable eligibility verification for health insurance and special programs, including verification of benefits and pre-determination of coverage; Requests, responses and appeals related to service authorization, including prior authorizations, referrals, and precertification; Support health care attachments for submitting additional clinical information in support of service requests and claims; Support claims and encounter reports for reimbursement Support health service reports to public health entities, such as notifiable condition reports, immunization, cancer registry and discharge data that a provider may be required to generate at the conclusion of an episode of care.

S.3.3.7

Receipt of clinical and administrative responses and acknowledgements

S.3.4.0 S.3.4.1

Practitioner/Patient Relationship Practitioner assignment

Provide the appropriate information from the receipt of clinical and administrative responses and acknowledgements for use by and guidance to EHR-S users Manage practitioner and patient relationships. Enable practitioner assignment based on business and clinical practice rules

S.3.4.2

Patient list management Provide the ability to manage patient lists assigned to a particular provider. Facilitate access to/propagation of Patient to Other Persons information between patient records Relationship where patients are related Provide information of Related by Related by genealogy genealogy (blood relatives) Provide information of Related by Related by insurance insurance (domestic partner, spouse, guarantor) Provide information of Related by Related by living situation living situation (in same household) Provide information of Related by Related by other means other means (e.g. epidemiologic exposure) Provide the capability to support and Acuity and Severity manage patient acuity/severity of illness/risk adjustment Support and manage patient Patient acuity/severity of acuity/severity of illness/risk illness/risk adjustment adjustments. Provider staff leveling adjustment Adjust provider staffing levels in relation of patient acuity/severity and illness/risk status Automated update for EHR supportive content - Update EHR Update EHR supportive content on an supportive content on an automated basis. automated basis. Clinical decision support system Receive and validate formatted inbound communications to facilitate guidelines updates updating of clinical decision support system guidelines Patient education material Updates Receive and validate formatted inbound communications to facilitate updating of patient education material Receive and validate formatted Physician continuing education inbound communications to facilitate information updates updating of physician continuing education information

S.3.5.0

S.3.5.1 S.3.5.2

S.3.5.3 S.3.5.4

S.3.6.0

S.3.6.1

S.3.6.2

S.3.7.0

S.3.7.1

S.3.7.2

S.3.7.3

S.3.7.4

Patient reminder information updates

S.3.7.5

Public health related updates

Receive and validate formatted inbound communications to facilitate updating of patient reminder information from external sources such as Cancer or Immunization Registries Receive and validate formatted inbound communications to facilitate updating of public health reporting guidelines Secure the EHR information. Authenticate EHRS users and/or entities before allowing access to an EHRS. Manage the sets of access-control permissions granted to EHRS-Users. Authorize access to EHRS functions and/or data based on an entity's role. Override existing role-based and/or context-based authorizations. Userbased authorizations restrict or allow an EHRS-user’s access to a patient’s record (regardless of the user’s role). Context-based Authorization– Authorize access to EHRS functions and/or data based on geographic, timerelated, assignment-related, consentrelated, or other healthcare-related contexts (and according to specific caresetting profiles). Send and receive EHR data securely. Obscure electronically-exchanged EHR data to inhibit unauthorized data-access (according to applicable healthcarespecific rules and relevant standards). Route electronically-exchanged EHR data only to/from known, registered, and authenticated destinations/sources (according to applicable healthcarespecific rules and relevant standards). Limit an EHRS-User’s ability to deny (repudiate) an electronic data-exchange originated or authorized by that user.

I.1
I.1.1.0 I.1.1.1

Information Infrastructure
EHR Information Security Entity Authentication

I.1.1.2

Entity Authorization

I.1.1.2.1

Role-Based authorization

I.1.1.2.2

User-Based authorization

I.1.1.2.3

Context-Based authorization

I.1.1.4 I.1.1.4.1

Secure Data Exchange Data Obfuscation

I.1.1.4.2

Secure Data Routing

I.1.1.4.3

Non-repudiation

I.1.1.4.4

Data-Exchange Privacy

I.1.1.5

Patient Privacy

Limit EHR data communications to those explicitly (or implicitly) authorized by the subject-of-care or to those that have a legal (or other legitimate) need. Protect the patient’s privacy according to personal, local, and national rules.

I.1.1.5.1 I.1.1.5.2

Personal patient-privacy rules

Protect personal privacy according to best-practice standards. Local and National patient-privacy Support mechanisms for implementing rules (codifying), validating, and displaying local and national (realm-) specific privacy rules. The rules defining patient privacy requirements will be codified in the EHRS. These rules will be used by EHRS applications to ensure that the privacy level defined for the patient is maintained (for example, at the jurisdictional, organizational, or patient-specified level).

I.1.1.5.3

Advisement of Patient Privacy Rights EHR Information Management (Record Management) Information Integrity

Record that the patient was informed of current privacy policies practices.

I.1.2.0 I.1.2.1

I.1.2.2

I.1.2.3 I.1.2.4 I.1.2.4.1

I.1.2.5

I.1.2.5.1

Manage the EHR information across EHRS applications Ensure that clinical information is valid according to the healthcare-specific business rules. Document Retention Retain all clinical documents (including complex standards-based clinical documents) for the policydesignated or legally-designated time period. Inbound Documents Retain inbound documents as received (unaltered). Document Attestation Support electronic attestation of documents. Retention of Document Attestation Retain the signature of attestation (or certificate of authenticity) associated with an incoming or outgoing document. Confidentiality Promote patient confidentiality by enforcing the privacy rules that apply to various parts of the EHR. Protection of Patient Privacy Provide the mechanisms to implement adherence to the patient privacy rules codified in the EHR Information Security subsection of the Information Infrastructure section of this document.

I.1.2.5.2

Restrict Patient Access

I.1.2.6

Audit trail

I.1.2.6.1 I.1.2.6.2

Amendment history Information Lifecycle AlterationEvent audit

I.1.2.6.3

Information Lifecycle AccessEvent audit Record audit Security audit

I.1.2.6.4 I.1.2.6.5

I.1.2.6.6

Information-Exchange audit

Enable a healthcare professional to restrict a patient’s access to EHR data that is potentially harmful to the patient/subject-of-care. Track changes to EHR data to verify enforcement of business, security, and access-control rules. Track amendments to clinical documents. Track who, when, and by which system an EHR record was created, updated, translated or (if local policy permits) deleted. Track who, when, and by which system an EHR record was viewed or extracted. Generate an audit report for an EHR record (or for a set of EHR records). Track and summarize attempts by unauthorized users to access EHR information. Retain any information exchange details along with any amendment history sent with clinical documents by an external clinical or EHR system. Audit compliance of (and overrides to) decision-support business rules. Persist long-term EHR information according to best-practice standards. Archive and retrieve information to/from diverse technology storage devices based on availability requirements for specific data (according to clinical or administrative business rules). Access EHR data chronologically, archived for the lifetime of the subjectof-care. Timestamp notable healthcarerelated points in time (such as time of arrival, time of record-review, time of physical examination, or time of elopement). Archive (and make accessible) the EHR for the period of time required by law (typically five years from the time the care was rendered). Make clinical information readily available (as required by a clinical care setting). Track specimens, pharmaceuticals, and other materials from the subject-of-care to the receiving party as required by business rules.

I.1.2.6.7 I.1.2.7 I.1.2.7.1

Business-Rule audit Data Archival and Storage Persisted EHR data

I.1.2.7.2

Retrospective EHR

I.1.2.7.3

(Legally proscribed) Data Retention

I.1.2.7.4

Data Availability

I.1.3.0

Chain of Custody

I.1.4.0

Unique Identity, Registry, and Directory

I.1.4.1

Inter-registry communication

Identify and/or lookup subjects-of-care, providers, payers, employers, material resources, and references to various parts of the EHR (hosted locally and/or remotely). Obscure electronically-exchanged EHR data to inhibit unauthorized data-access (according to applicable healthcarespecific rules and relevant standards).

I.1.4.2

I.1.4.3

I.1.4.4

I.1.4.5

I.1.4.6

I.1.4.7

I.1.4.8

I.1.5.0

Entity Identity Lookup for Clinical The EHRS applications must be able to Functions utilize a registry service to uniquely identify and retrieve information for existing records of healthcare delivery stakeholders: • Subjects of care • Providers Entity Identity Lookup for The EHRS applications must be able to Financial Functions utilize a registry service to uniquely identify and retrieve information for existing records of financial stakeholders: • Payors (Insurers) • Employers Entity Identity Management for Limit EHR data communications to Clinical Functions those explicitly (or implicitly) authorized by the subject-of-care or to those that have a legal (or other legitimate) need. Entity Access Lookup Verify and enforce access control (authentication and authorization) permissions to EHR information for end-users, applications, sites, etc. EHR Key Directory The EHRS must maintain and use a directory of keys which link related records across the applications that constitute the EHR. This directory will be necessary to access the various components of the EHR across local (e.g. Master Patient Index), regional, jurisdictional, national, or international boundaries. Clinical Registries Access and submit update request to local, jurisdictional, national, and international registries. Resource and Location Lookup The EHRS applications will be able to look up directories containing location information, device, and other resources relevant to the EHR. Vocabulary Functions The EHRS must use consistent, codified medical terminology to eliminate ambiguity, confusion, and ensure data correctness and interoperability.

I.1.5.1

Standard Vocabulary

The EHR should comply with the Healthcare industry standards for transactions and terminology coding, therefore the EHRS applications must support consistent a terminology model The EHRS will support a consistent terminology model. Support the ability to map from local terminology to standard terminology. Accommodate updates and changes to terminology as the source terminology undergoes its natural update process (new codes, retired codes, redirected codes). These changes in terminology need to be propagated to all the clinical reference sets (templates, custom formularies), etc. This functionality will also help when there is a desire to share standard templates (since, for instance, it would be hard to share templates without a shared terminology).

I.1.5.2 I.1.5.3

Consistent Vocabulary Mapping for local terms

I.1.5.4

Code Set Maintenance

I.1.5.5 I.1.6.0

Code Set Versioning

I.1.6.1

I.1.6.2

The EHRS will support version control for terminology. Interoperability EHRS application must be able to automate health delivery processes and seamlessly exchange clinical (EHR) information. Interaction-model -based exchange The EHRS applications must be able to exchange information with authorized entities using the appropriate interaction model: Chain of Trust The EHRS must adhere to documented procedures for executing chain of trust agreements (in which the parties agree to electronically exchange data and protect the integrity and confidentiality of the data exchanged).

I.1.6.3

Standard-based Interoperability

I.1.6.3.1

Standard-based messaging

The EHRS applications must use standard-based information exchange methods to interact with local or remote application registries, and directories. An EHRS application must be able to exchange standard-conformant message payloads and transport with complementary applications and infrastructure services (directory, vocabulary, etc.)

I.1.6.3.2

Standard-based application integration

I.1.6.3.3

Vocabulary lookup and mapping

I.1.6.3.4

External Information Exchange

I.1.6.3.5

Internal Information Exchange

An EHRS application must be able to integrate with complementary applications and infrastructure services (directory, vocabulary, etc.) using standard-based application programming interfaces (API). E.g. CCOW The EHRS must support semantic interoperability between EHRS application by enabling lookup of vocabulary mappings between local and standard vocabularies as defined by data exchange standards. The EHRS must be able to transmit messages to authorized third parties using standard-based methods. Applications that comprise an EHRS will cooperate seamlessly and support data integration and consolidated access across the system. When exchanging information with another application, an EHRS application must be able to interact with entity directories to determine the recipients’ address profile. The EHRS applications must be able to interact with entity directories to link data received from other applications to existing entity records. Disparate systems will be synchronized to keep all the parts of the record current. The EHRS must be able to extract data in accordance with analysis and reporting requirements. The data may reside on more that one application and it may be pre-processed (e.g. deidentified) before transmission. Data extractions could be to retrospective EHR data or to report public health information. EHR s must be able to import and export complex standards-based clinical documents. Control system behavior via business rules. Example of business rules that control system behavior are: decision support, diagnostic support, workflow control, access privileges, and system and user defaults and preferences.

I.1.6.3.6

Recipient Addressing

I.1.6.4

Synchronization

I.1.6.5

EHR Data Extraction

I.1.6.6

Clinical Documents

I.1.7.0

Business Rules Administrative Functions

I.1.7.1

Maintain Business Rules

I.1.7.2 I.1.7.3 I.1.7.4

Implement/apply business rules Override business rule Audit business rule usage

Provide the ability for authorized EHRS-Users to create, update and delete business rules including institutional preferences. Enable usage of business rules by EHRS Supportive functions. Support override of business rules by authorized EHRS-Users. Audit usage and override of business rules (refer to section 3.2.5). Support Workflow Management. Distribute workflow-related EHRS information (according to established business rules) within the EHRS and to/from external parties. Support workflow task-management and task-distribution systems (including serial tasks and parallel tasks). Support workflow notifications and task routing based on system triggers such as diagnosis assignments. Support workflow task-assignments, task-escalations, and task-redirections.

I.1.8.0

Workflow

I.1.8.1

Task Distribution

I.1.8.2

System-triggered Task Routing

I.1.8.3

Workflow task assignment

TABLE 1 Data Elements Warranting Differing Levels of Access Control
Demographic Information Unique ID Unique ID to Number Mapping(s) Address(es) Phone(s) Electronic Mail Address(es) Photograph(s) Insurance (discretely defined by type) Health Auto Workman’s Compensation Disability Employment Relatives Race/Nationality/Ethnicity Citizenship Political Affiliation Religion

SMIB Biometric Token(s) (fingerprint, retinal image, handwriting, signature, etc.) Passwords, IDs, Authentication Data

Administrative Information Advanced Directives Power(s) Of Attorney Living Wills

Clinical Information (Health Record) Genetic Data (discretely defined by type) Blood Type Family Health History Diet or Dietary Preferences Sexual Preference Personal Habits (discretely defined by type) Immunizations Allergies (discretely defined by type) Adverse Reactions (discretely defined by type) Diagnoses (discretely defined by type) Problems (discretely defined by type) Procedures (discretely defined by type) Injuries (discretely defined by type) Mental Health Problems/Diseases/Diagnoses (discretely defined by type) Clinical Symptoms Clinical Findings Substance Use/Abuse Health Care Encounter(s) Encounter Type Reason For Encounter Disposition Provider Identification

Procedure(s) Problems(s) Diagnosis(es) Appointment(s) Provider Encounter Record/SuperBill Bill For Services Claim Form(s) Clerical Billing Process Documentation Payment Form Payment Denial Receipt Request Receipt Remittance Advice Remittance Financial Transaction Request for Clarification Adjudication Consent Forms Treatment/Admission Procedure Photography Health Plan Membership Data Rights, Ownership, and Disclosure (Data or Disclosure Request Forms) Research Protocol Public Health Disclosure Publication Electronic Mail Messages Fax(es) Documentation Triage Note(s) Administrative Physician Non-physician Provider Nursing Pharmacy Ancillary Services Social Services Ambulance (Transport) Run Sheet Health Plan/Insurer Telephone Note(s) Administrative Physician Non-physician Provider Nursing Pharmacy Ancillary Services Social Services Out-sourced Service Provider Third Party Intermediary Claims Clearing House

Health Plan/Insurer Telephone Messages To Administrative Personnel To Physician(s) To Non-physician Provider(s) To Nursing To Pharmacy To Ancillary Services To Social Services Out-sourced Service Provider Third Party Intermediary Claims Clearing House To Health Plan/Insurer Coordinator Of Care / Services Behavioral Health Home Health Correspondence To Administrative Personnel To Physician(s) To Non-physician Provider(s) To Nursing To Pharmacy To Ancillary Services To Social Services To Out-sourced Service Provider Third Party Intermediary To Claims Clearing House To Health Plan/Insurer To Billing Intermediary To Government Agencies To Accrediting Agencies To Employers To Schools and Educational Institutions To Regulatory Agencies Consent, Access and Disclosure Notifications Outpatient Nursing Note(s) Inpatient Nursing Note(s) Home Health Nursing Note(s) Outpatient Pharmacy Note(s) Inpatient Pharmacy Note(s) Home Health Pharmacy Note(s) Outpatient Physician Note(s) Inpatient Physician Note(s) Home Health Physician Note(s) Outpatient Non-physician Provider Note(s) Inpatient Non-physician Provider Note(s) Home Health Non-physician Provider Note(s) Outpatient Ancillary Service Note(s) Inpatient Ancillary Service Note(s) Home Health Ancillary Service Note(s) Dictations and Transcriptions Dictation(s)

Dictation Media Transcription(s) Transcriptionist’s Notes Administrative Notes Procedure Note(s) Physician Procedure Note(s) Non-physician Provider Procedure Note(s) Nursing Procedure Note(s) Ancillary Service Procedure Note(s) Pharmacy Procedure Note(s) Operative Reports Physician Operative Report(s) Non-physician Provider Operative Report(s) Nursing Operative Report(s) Ancillary Service Operative Report(s) Pharmacy Operative Report(s) Medication Related Requests and Notes Medication Name(s) Written Orders Vebal Orders Written Prescriptions Verbal Prescriptions Medication Administration Note(s) (MAR) Medication Dispensing Note(s) Medication Allergy/Adverse Reaction Note(s) Medication Adverse Drug Event (ADE) Medication Preparation Note(s) Medication History Pharmacy Claim Orders and Requests (representing orders/requests from provider or patient, where provider can be physician, advanced practice registered nurse, nurse, pharmacist, ancillary service, administration, or other) Written Orders/Requests Verbal Orders/Requests Clinical Guidelines Clinical Protocols Treatment Plans Admission Notes Nursing Non-physician Provider Physician Pharmacy Ancillary Service Administrative Discharge Notes Nursing Non-physician Provider Physician Pharmacy Ancillary Service Administrative Social Service Notes

Death Certificate Coroner Request/Wrongful Death Notification Request For Autopsy Coroner’s Report Bereavement Notes Clinical Specimens, Data and Findings Specimen Labels (with patient name or identifying data) Images Diagnostic Images Documentation of Injury Documentation of Procedure Sound/Audio Records Graphics Biometric/Waveform Tracings Clinical Device Output Laboratory Results Specimens Result Requests, Labels and Forms Laboratory Department Specimen Data Toxicology Reports Quality Assurance Data Related to Patient Related to Providers Related to Department Related to Institution/Organization Utilization Data Related to Patient Related to Providers Comparative Practice/Provision of Care Data Related to Patient Related to Providers Medical Malpractice Data


				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:272
posted:11/8/2009
language:English
pages:134