How is everyone handling auditors? Our legal advisors say that we should have either a person sitting side by side with the auditor making sure that they are only looking at what they should be, or that they should only have access to the EMR charts that they are auditing. Is there a way to give limited, view only access to certain charts? It is unrealistic to have a staff member sitting there all day and running a report of chart access after the fact is useless. I would love to hear what everyone is doing, or any ideas anyone has!
Malissa
mbellis said:
How is everyone handling auditors? Our legal advisors say that we should have either a person sitting side by side with the auditor making sure that they are only looking at what they should be, or that they should only have access to the EMR charts that they are auditing. Is there a way to give limited, view only access to certain charts? It is unrealistic to have a staff member sitting there all day and running a report of chart access after the fact is useless. I would love to hear what everyone is doing, or any ideas anyone has!
Malissa
we have created generic users with specific permissions for this exact purpose
But can you give specific permissions for only the charts they are supposed to be in? We don't want to have someone sit and watch them, but we need to be sure they aren't looking at more than they should be. I think we are going to start copying the documents in the charts they want to PDF and either putting them on a password protected thumb drive or a password protected file on our network and then they can only see what they requested in their audit.
Yes. i our scenario we have lessentialy two charts (one db) clinic charts & (endoscopy) center charts. We set up confidentially types(Administration>Chart Documents>Confidential Clinical Documents) The allowed Center users to access only the Center Confidentiality Type, and clinic staff only the Clinic Confidentiality Type
What I did is setup a location of care for the charts that need to be audited and then set up a user that has only access to that Location of care. I then move the charts into that location when they are coming and move them back once they are done.
To help moving the patients without going into the chart, I wrote a sql script that all i have to do is plug in the patient id's and then run it. When done, I have another script that will automatically put the charts back in the correct location of care.
Ernie, that is a great idea. But does it keep the charts unaccessable to the other physicians while they are in that location of care? I know that if a patient happened to have an appt that day and the chart was in that location of care, it would mess up our billing. We have so many doctors and locations of care that I am not sure if this would work for us...