| JOURNAL HOME | CME HOME | THIS MONTH | PAST ISSUES | ETOC | COLLECTIONS |
| AUTHORS | REVIEWERS | EDITORIAL BOARD | FEEDBACK | RSS | HELP |
 
|
|
|
||
|
|
Anesth Analg 2007;105:405-411 © 2007 International Anesthesia Research Society doi: 10.1213/01.ane.0000270214.58811.c4
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
Abstract |
|---|
 Top Abstract IntroductionMETHODSRESULTSDISCUSSIONREFERENCES |
|---|
BACKGROUND: Anesthesia information management systems (AIMS) implementation is increasing, but there are no published recommendations from anesthesia professional societies to guide configuration and policy decisions that affect billing, security, medical–legal, and compliance issues.
METHODS: A 45-question structured survey was developed by a committee of the Society for Technology in Anesthesia and was sent to the clinical administrator at 18 separate institutions, comprising six different installed AIMS systems. The primary goal of the survey was to establish a baseline of current policies and practices.
RESULTS: There was more than two-third agreement among respondents for only 25% of questions. A number of configurations reported may increase exposure to billing denial, Medicare and Medicaid noncompliance, security breeches, and medical–legal defense difficulties.
CONCLUSIONS: Developing guidelines by anesthesia professional organizations such as Society for Technology in Anesthesia to assist in the configuration of AIMS is recommended to help anesthesia departments avoid problems that may result in significant financial and legal risk.
|
Introduction |
|---|
|
TopAbstractIntroductionMETHODSRESULTSDISCUSSIONREFERENCES |
|---|
Anesthesia information management systems (AIMS) are currently estimated to be installed in <5% of operating rooms in the United States, but the pace of implementation appears to be increasing. The promise of these systems goes beyond the mundane task of automating anesthesia recordkeeping. Rather, enhanced billing, improved compliance with regulatory agency requirements [e.g., Centers for Medicare and Medicaid Services (CMS), Joint Commission on the Accreditation of Healthcare Organizations, Health Insurance Portability and Accessibility Act (HIPAA)] and reduced medical–legal exposure (through more accurate and complete documentation) are all potential benefits. If AIMS are configured incorrectly, however, not only may these goals not be realized, but exposure may actually be increased relative to current manual processes.
In many cases, when AIMS are configured, there is a balance that must be struck between convenience and existing legal or regulatory requirements. For example, allowing short passwords that never expire might be welcomed by users beleaguered by a multitude of logon identifications and passwords, but might not satisfy HIPAA security requirements. As another example, having a full CMS note automatically generated by the system when the case is started might be viewed by users as a desirable feature, but the legitimacy of this process might be called into question in the event of an audit.
Configuring involves many decisions impacting billing, security, medical–legal, and compliance issues, but no official recommendations are available yet from anesthesia professional societies to help guide this process. In January 2006, the Society for Technology in Anesthesia established an AIMS Consensus Working Group, co-chaired by the authors, to help formulate such guidelines for AIMS clinical administrators and to provide direction to AIMS vendors as to processes their systems need to support. As the first step in this effort, we surveyed anesthesia clinical administrators managing a cross-section of AIMS products, with a primary objective of determining current policies and practices. A secondary objective was to evaluate the extent to which implemented options might result in risk exposure.
|
METHODS |
|---|
|
TopAbstractIntroductionMETHODSRESULTSDISCUSSIONREFERENCES |
|---|
A 45-question structured survey instrument was developed covering security, data integrity, billing compliance, Internet access policy, hardware, training and support, and quality assurance features implemented in the respondents' AIMS. The questions developed related to issues that must be addressed by AIMS clinical administrators when the systems are configured and implemented. Content validity of the questionnaire was provided through several iterations of review among the authors to ensure that relevant aspects of AIMS configuration were covered by the questions and that the response list was reasonably complete. The authors also took a "pretest" to eliminate ambiguous or confusing wording. A field was provided for each question in which respondents could enter free text remarks or responses not included in the list of choices. We did not formally assess the reliability of the survey instrument, in that respondents were only asked to complete the survey one time.
The survey, implemented as a Microsoft Word Form document, was sent via email to a convenience sample of 18 colleagues known personally by the authors to have expertise in the configuration and management of an AIMS. A follow-up email was sent to those not responding to the initial request. Responses were extracted from the forms into a Microsoft Excel spreadsheet, where the results were tabulated.
|
RESULTS |
|---|
|
TopAbstractIntroductionMETHODSRESULTSDISCUSSIONREFERENCES |
|---|
Surveys were returned from 15 of 18 (83%) AIMS clinical administrators. Systems represented included 6 CareSuiteTM (Picis, Wakefield, MA), 3 CompuRecordTM (Philips Medical Systems, Andover, MA), 3 InnovianTM Anesthesia (Draeger Medical, Telford, PA), 1 DocuSafeTM (DocuSys, Mobile, AL), 1 Centricity® Anesthesia (GE Healthcare, Waukesha, WI), and 1 MVORTM (iMDsoft, Tel Aviv, Israel).
A wide range of implementation choices were reported for many questions (Table 1). Items in which more than two-third of respondents agreed were: Password length of at least six characters (Q1: 11 of 15), anti-virus software installed on AIMS workstations (Q8: 15 of 15), presence of keyboard (Q 32: 15 of 15) and mouse (Q32: 11 of 15) mandatory training before system use (Q33: 14 of 15), same training materials provided to attendings and residents (Q34: 11 of 14), no requirement to pass a competency test before use (Q35: 15 of 15), availability of information technology support 24/7 (Q37: 13 of 15), and no need for AIMS recertification (Q39: 15 of 15). Other areas in which many respondents replied similarly were: allowing users to edit data collected automatically from patient monitors (Q12: 10 of 14), not preventing printing of the anesthesia record if required fields are missing (Q16: 10 of 14), official anesthesia record being the copy on the chart (Q20: 10 of 15).
|
|
|
One respondent indicated that printed anesthesia records are not generated; rather, the online view of the anesthesia record is the official and only documentation. Two respondents indicated that separately billable invasive procedures were all personally performed in their practices (Q25). Biometric identification (e.g., fingerprint identification, iris scan) in lieu of a user selectable password was not offered by any of the vendor systems represented in the survey (Q5).
|
DISCUSSION |
|---|
|
TopAbstractIntroductionMETHODSRESULTSDISCUSSIONREFERENCES |
|---|
The lack of agreement among most implementation options chosen by the AIMS clinical administrators may, in many instances, reflect lack of any clear best practice rather than an absence of guidelines. However, in a number of cases, choices implemented may result in an increased exposure to potential billing denial and accusation of fraud, HIPAA security sanctions, and difficulties in defending against allegations of medical malpractice. These issues are summarized below:
Security
Although there continues to be debate in the information system community about best practices with regard to password security, we are not aware of any organization that recommends minimum password lengths of three or fewer characters. Minimum password length recommendations of six to eight characters were typically encountered when this topic was searched on the Internet, and requirements for strong passwords (e.g., mixed upper and lower case, at least one numeric character, etc.) were frequently encountered. The principal reasons for eschewing short passwords are that they are easier for someone trying to gain unauthorized access the system to guess or "shoulder surf," and that they potentially compromise the integrity of electronic signatures. However, 4 of 15 respondents indicated that they allow very short passwords. Only half of respondents had configured their systems to require strong passwords but, in a number of cases, the AIMS did not support this additional layer of security. AIMS contain protected health information, which is covered by HIPAA. If there were a security breach resulting in an investigation from the Department of Health and Human Services, sanctions might be forthcoming due to a failure to "implement procedures to verify that a person or entity seeking access to electronic protected health information is the one claimed" (1); even though password management is an addressable element without specific requirements (2).
Data Integrity
Although 10 of 14 administrators indicated that they allow their users to change data recorded automatically from patient monitors, this may be providing a false sense of relief to users. Data are generally recorded to the database at much more frequent intervals (e.g., every 15–60 s) than are visible on the screen or printed on the chart copy of the record, and those data, along with the changes, will be discoverable in the event of litigation (1). Changing values without clear documentation as to the reason could be exploited by a plaintiff's attorney to imply that the provider was trying to cover-up the record. Artifacts during cases are abundant, but these are usually readily apparent (e.g., saw-toothed electrocardiogram-derived heart rates during electrocautery, high or low blood pressures drawing blood from arterial lines or zeroing transducers, absence of data during positional changes requiring cable disconnects, double-counting heart rates due to high T waves relative to the QRS complex, etc.). Simply annotating artifacts not obvious from the context with a note may be a more advisable course of action than trying to replace the values.
Changing the anesthesia record involving documentation of clinical care recorded after the record is printed and placed on the chart is another area of potential medical–legal concern. It has long been a recommendation to make corrections to medical records by placing a single line through the original data, allowing the corrected value to be seen, and initialing the change along with the date and time it was made. When the record is changed or amended, at 4 of 14 sites, the original record is discarded and replaced with the updated copy. However, this policy fails to recognize the possibility that clinical decisions were made based on the original record, the reason for which may be obscured by removal of the record on which the action was taken. If litigation ensues related to those decisions and the record substitution is discovered, the plaintiff's attorney may produce this as evidence that the provider altered the medical record, an activity that is universally decried. Such actions may make it very difficult to provide an adequate defense.
Hardware Issues
While respondents were nearly evenly split over the location of the AIMS workstation (near the patient and over the breathing bag versus behind the provider near the anesthesia cart), placement behind the provider may increase the risk of missing communication failures between the monitors and the AIMS (3) and other alerts provided by the system. In addition, placement of the AIMS workstation away from the patient makes real-time charting of drugs and events difficult, as the provider must turn away from the surgical field to access the system. However, in some circumstances, due to physical constraints (e.g., anesthesia machine mounting issues, location of patient monitors, placement of operating room equipment), the option to place the AIMS computer near the patient may not be available.
Billing Compliance
There are seven requirements that must be met for an anesthesiologist medically directing residents or certified registered nurse anesthetists to receive payment from the CMS. These include the following: performing a preanesthetic examination and evaluation, prescribing the anesthesia plan, personally participating in the most demanding procedures in the anesthesia plan, including induction and emergence, ensuring that any procedures in the anesthesia plan that he or she does not perform are performed by a qualified individual as defined in program operating instructions, monitoring the course of anesthesia administration at frequent intervals, remaining physically present and available for immediate diagnosis and treatment of emergencies, and providing indicated postanesthesia care (4). A recent transmittal updating CMS guidelines for the use of electronic medical record systems allows for the use of macros to enter teaching physician documentation, but only "... if the teaching physician adds it personally in a secured (password protected) system" (5). Providing CMS documentation notes automatically (as reported by four respondents) would appear to be in conflict with CMS guidelines, and not having a capability to easily enter such notes in the AIMS (three additional respondents) could result in billing denials or possibly accusations of fraud in the event of a Medicare or Medicaid audit. Since local carriers sometimes adopt CMS regulations to guide their reimbursement policies, the risk may extend beyond patients covered by Medicare or Medicaid.
There are similar CMS documentation issues for separately billable procedures (e.g., arterial, pulmonary artery, or central venous catheters), where physical presence and a signed note are required.
CMS also requires a note on the anesthesia record documenting immediate availability throughout the case, presence at periodic intervals, and presence at critical portions of the anesthetic, documentation often provided via an attestation note electronically signed by the attending physician. Two of 14 respondents indicated that their system does not require such a note to be entered, whereas 9 of 14 allow the attestation to be entered at any time. When a note documenting immediate availability throughout the case or at emergence is entered shortly after induction, the validity of this attestation is likely to be challenged (6).
Although data from a survey by Feldman suggested that the implementation of AIMS are a risk management asset and do not increase malpractice exposure (7), the results of the current survey indicate that this may not necessarily be true, depending on policy decisions made with respect to AIMS configuration. Because all AIMS entries are time-stamped and changes are logged in audit trails, untimely documentation, which in the past could not be proven easily, will now be exposed. Users of AIMS need to expect that all information recorded during a case is discoverable and that plaintiffs' attorneys will quickly learn to demand these data (3). Users of AIMS need to be cognizant of the potential for increased scrutiny of their documentation and to modify their behavior accordingly.
A limitation of this survey is that the sample size was relatively small, and that the distribution of AIMS included, and the implementation decisions of the AIMS clinical administrators who responded may not be representative. However, the primary intent of the study was not to develop recommendations based on the extent of existing practice, but to establish a baseline against which consensus proposals would be developed. The plan of the Society for Technology in Anesthesia Consensus Committee is to develop such proposals and invite all clinical administrators of AIMS to participate in the consensus process. This will be performed using a modified Delphi technique (8).
Another limitation is that the survey itself may not have covered all configuration areas of concern. However, since the authors are responsible for the configuration of well-established AIMS from three different vendors (Philips, Dräger, and PICIS), we believe that the survey is representative of many of the high priority configuration issues. The extent to which sites may be at risk as a result of how their AIMS was configured or is being used in practice is unknown, as the authors are not aware of any institutions that have been fined or sanctioned as a consequence of such decisions. Such actions will likely strongly influence the AIMS configuration consensus recommendations developed.
In summary, there was a lack of agreement among survey respondents with respect to most questions about AIMS implementation. A number of policies and practices were identified that may result in increased exposure to medical–legal risk and billing noncompliance. Developing guidelines by one or more anesthesia societies to assist in the configuration of AIMS and to provide direction to vendors of such systems is likely to be helpful in avoiding such problems. Given its focus on technological issues in anesthesiology and the involvement of AIMS vendors in its programs, the Society for Technology in Anesthesia should be well positioned to develop such guidelines with the assistance of other groups such as the American Society of Anesthesiologists' Electronic Media and Information Technology committee and the Data Dictionary Task Force, which is involved in the standardization of nomenclature used to document anesthesia care.
|
ACKNOWLEDGMENTS |
|---|
The authors thank John Abenstein, MD, Ed Bertacini, MD, B. Randall Brenn, MD, James Caldwell, MD, Kevin Fish, MD, Richard Gillerrman, MD, Roger Loven, MD, Al Mowbray, MD, Stanley Muravchick, MD, PhD, Michael O'Reilly, MD, Gilbert Ritchie, PhD, Iain Sanderson, MD for participating in this survey.
|
Footnotes |
|---|
Accepted for publication May 1, 2007.
RHE is an unpaid member of the Dräger Medical Innovian advisory board.
Presented, in part, in abstract form (A1379 "Risky Business " in the OR: A Survey of Anesthesia Information System Policy Decisions) at the American Society of Anesthesiologists annual meeting, October 14–18, 2005, Chicago, IL.
Reprints will not be available from the author.
|
REFERENCES |
|---|
|
TopAbstractIntroductionMETHODSRESULTSDISCUSSIONREFERENCES |
|---|
- Security and Privacy. 45 CFR Sect. 164.312(d) (2005) Available at http://frwebgate.access.gpo.gov/cgi-bin/get-cfr.cgi?YEAR=current&TITLE=45&PART=164&SECTION=312&SUBPART=&TYPE=TEXT. Accessed 25 October 2006
- Security and Privacy. 45 CFR Part 164.308(a)(5)(ii)(D) Available at http://frwebgate.access.gpo.gov/cgi-bin/get-cfr.cgi?YEAR=current&TITLE=45&PART=164&SECTION=308&SUBPART=&TYPE=TEXT. Accessed 25 October 2006
- Vigoda MM, Lubarsky DA. Failure to recognize loss of incoming data in an anesthesia record-keeping system may have increased medical liability. Anesth Analg 2006;102:798–802
- Security and Privacy. 45 CFR Part 415.110 Available at http://frwebgate.access.gpo.gov/cgi-bin/get-cfr.cgi?YEAR=current&TITLE=42&PART=415&SECTION=110&SUBPART=&TYPE=TEXT. Accessed 25 October 2006
- CMS Manual System Department of Health & Human Services (DHHS) Pub 100-04 Medicare Claims Processing Centers for Medicare & Medicaid Services (CMS) Transmittal 811, January 13, 2006 Change Request 3928. Available at http://www.cms.hhs.gov/transmittals/downloads/R811CP.pdf. Accessed 25 October 2006
- Vigoda MM, Lubarsky DA. The medicolegal importance of enhancing timeliness of documentation when using an anesthesia information system and the response to automated feedback in an academic practice. Anesth Analg 2006;103:131–6
[Abstract/Free Full Text] - Feldman J. Do anesthesia information systems increase malpractice exposure: results of a survey. Anesth Analg 2004;99:840–3
[Abstract/Free Full Text] - Jones J, Hunter D. Consensus methods for medical and health services research. BMJ 1995;311:376–80
[Free Full Text]
This article has been cited by other articles:
|
|
 |
|
  C. B. Egger Halbeis, R. H. Epstein, A. Macario, R. G. Pearl, and Z. Grunwald Adoption of Anesthesia Information Management Systems by Academic Departments in the United States Anesth. Analg., October 1, 2008; 107(4): 1323 - 1329. [Abstract] [Full Text] [PDF]
|
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
