As you may know, the Standards of Practice set out the minimum standards in paramedic services. Each regulated member is required to understand and comply with these Standards, but how does this translate in the day-to-day work of EMRs, PCPs and ACPs?
In an effort to help regulated members understand and apply the Standards to real life situations, we will be sharing scenarios that give context to the Standards and ideas on how to implement this into practice.
The following scenario will attempt to address patient record management and retention.
3.2 Patient Record Management and Retention
When a regulated member is required to assume responsibility for the proper management of patient health care records, the regulated member must:
- Ensure a patient record is compliant with all relevant legislation.
- (When acting as a custodian) have policies and procedures in place in accordance with the Health Information Act.
Scenario:
Kathy, a Primary Care Paramedic, is working as a Supervisor in a rural EMS service in Alberta. As part of Kathy’s role as a Supervisor, she is tasked with helping to manage and review patient care records. This helps ensure that the documentation by her staff is accurate and compliant with all relevant legislation and standards.
During Kathy’s work day, she is made aware of a crew that is transporting a patient to the hospital following a motor vehicle collision (MVC). Kathy decides to head over to the hospital to assist the crew with offloading. During handover, the attending crew provides a verbal report to the ER staff and then completes an electronic patient care report (ePCR) before returning to the station. As part of Kathy’s Supervisor duties, she then performs an audit of the crew’s documentation and notices:
- The patient’s allergies were documented verbally (as she overheard the attending crew mentioning it to the ER staff) but were not entered into the ePCR
- A paper rhythm strip was handed over to the ER staff but it was not uploaded and entered into the ePCR
Kathy recognizes that she must ensure compliance with legislation and reminds the crew that, under the Health Information Act (HIA), all clinically relevant information must be documented in the official patient record. The crew realizes that they missed this information and documents the late entries as soon as they are made aware of the missing information. Kathy then documents the audit outcome in a quality assurance file. This ensures the patient record is complete, accurate and compliant with the HIA.
Additionally, in this rural EMS service, Kathy recognizes that the ambulance operator (the organization/employer) is considered the “custodian” of health information (HIA, Section 1 (f) (ii.1).). This means that the organization is responsible for the collection, use, disclosure and safeguarding of health information.
Kathy and the attending paramedic crew, while considered regulated health professionals under the Health Professions Act (HPA), are not considered as custodians in the HIA (as paramedics are not listed). Instead, paramedics fall into the category of an “affiliate” of a custodian (HIA, Section 1 (a)). This would mean that Kathy and the attending crew are considered affiliates, which come with important legal and professional responsibilities including, but not limited to:
a. Duties of Affiliates
- You must collect, use, and disclose patient health information only as authorized by the custodian.
- You must follow the custodian’s policies, procedures, and safeguards (i.e., Secure logins, no personal copies, no discussing cases in public).
- You are accountable for protecting health information against loss, theft or unauthorized access.
b. Access to Information
- You can only access health information you need to know to provide care or perform your role.
- Accessing patient records outside of this “need-to-know” is a breach (often called “snooping”).
c. Accountability
- If you misuse or improperly disclose information, both you and the custodian may face consequences (disciplinary, employment-related, regulatory or even legal).
- The custodian must have privacy training, monitoring and safeguards in place, but the affiliate is responsible for complying.
In this example, Kathy demonstrates her knowledge and adherence to the Standard 3.2 Patient Record Management and Retention, in which a regulated member is required to assume responsibility for the proper management of patient health care records. It is important to remember that EMRs and paramedics don’t make independent custodian-level decisions under the HIA. Instead, they are bound by their employer’s (ambulance operator’s) privacy obligations.