A medical record is a systematic documentation of a patient’s medical history and care. It usually contains the patient’s health information (PHI) which includes identification information, health history, medical examination findings and billing information.
Medical records traditionally were kept in paper form, with tabs separating the sections. As printed reports were generated, they were moved to the correct tab. With the advent of the electronic patient record, these sections may still be found but as tabs or menus within the electronic record.
1. Patient Demographics:
Face sheet, Registration form
Address and phone numbers (home and mobile)
Sex, Age, Birthday, and Race (Ethnicity)
Occupation and Employer name, address, and phone number
Spouse Name and contact information in case of emergency contact
2. Financial Information:
Insurance payer name, address and phone number
Responsible party name, address and phone number
Responsible party employer, occupation and employer phone number
Patient relationship to the insured
3. Consent and Authorization Forms:
Consent for treatment: For any course of treatment that is above routine medical procedures, the physician must disclose as much information as possible so the patient may make an informed decision about his/her care. This information should include:
Diagnosis and chances of recovery
Recommended course of treatment
Risks and benefits involved in treatment
Risks if no treatment is taken
Probability of success if treatment is taken
Recovery challenges and length of time
Assignment of benefits: the patient or guarantor authorizes their health insurance company to make payments directly to the physician, medical practice or hospital for the treatment received.
4. Release of information:
A valid authorization to release protected health information includes:
Identity verification such as a driver’s license.
A description of the information to be used or disclosed.
The name of the person or organization authorized to disclose the information.
The name of the person or organization that the information is to disclosed.
Signature of the person authorized to release the information.
5. Treatment History:
History of illness
Habits such as exercise, diet, alcohol intake, smoking, and drug use/abuse
6. Progress Notes:
Progress notes include new information and changes during patient treatment. They are written by all members of the patient’s treatment team. Some of the information included in progress notes includes:
Observations of the patient’s physical and mental condition
Sudden changes in the patient’s condition
Vital signs at certain intervals
Bladder and bowel functions
7. Physician’s Orders and Prescriptions:
Physician’s orders for the patient to receive testing, procedures or surgery including directions to other members of the treatment team. Prescriptions for medications and medical supplies or equipment for the patients home use.
Consults: Findings opinions from consulting physicians.
Lab Reports: Record of findings from lab testing.
8. Radiology Reports:
Record of findings from radiology testing.
9. Nursing Notes:
Nurse’s notes include documentation separate from the physician including:
10. Medication List:
Prescription and nonprescription medication including dose, method of intake, and schedule.
11. HIPAA Notice of Privacy Practices:
This notice, as required by the HIPAA Privacy Rule, gives patients the right to be informed about their privacy rights as it relates to their protected health information (PHI).
12. Patient Confidentiality:
Each medical office has a responsibility to their patients by federal law to keep their personal health information private and secure. Disclosures made regarding a patient’s protected health information without their authorization is considered a violation of the Privacy Rule under HIPAA. Most privacy breaches are not due to malicious intent but are accidental or negligent on the part of the organization.
Develop a formal security management process including the development of policies and procedures, internal audits, contingency plan and other safeguards to ensure compliance by medical office staff.
Develop policies for verifying access authorizations, equipment control, and handling visitors.
Develop and provide documentation including instructions on how your medical office can help to protect PHI (for example, logging off the computer before leaving it unattended).
Establish unique user identification including passwords and pin numbers.