1. Technical Field
The present disclosure relates to secure databases and, more particularly, to methods and systems for defining a person in a shared database as a unique entity.
2. Discussion of Related Art
It has been the practice of professionals, such as doctors, lawyers, and engineers to personally record pertinent information on a subject patient, client or matter so that professional services performed and data pertinent to the subject are documented. The documented information can be in many different forms, such as a patient record database with patient demographic information and clinical data, an engineer's report on the structural conditions of a building, or an invoice including professional fees, travel and other expenses related to the services performed.
In many instances, the professional memorializes the pertinent data or basis for a decision contemporaneously as services are performed, such as by handwritten notes or dictation into a voice recorder, and the information is subsequently gathered for office personnel to enter into a report. Many reports are standardized as forms and the gathered information is filled into the form for efficient reporting. For example, in the case of a physician examining a patient, clinical information is developed during discussions with and physical examination of the patient. The physician dictates or writes the clinical information observed during the examination, and the forms and notes are typically entered by the physician's office personnel. Likewise, the structural engineer dictates or writes his observations during a visual inspection, and a building inspection report is generated by filling in a form-like report with standard pre-filled text on general building condition, supplemented by contemporaneous information using the recorded dictation.
In the case of patient information and report, a patient is typically required to complete a questionnaire which discloses personal information about the patient including medical background information such as pre-existing medical conditions and prescription medications. The reliance on patients to keep track of and report their medical histories, however, can leave the attending medical professional with incomplete and sometimes inaccurate information. For example, patients lose records and may not remember when they had their tonsils out or what vaccinations they received, and their medical records can be damaged or destroyed, e.g., when Hurricane Katrina happens. The patient questionnaire may also establish a patient's current medical condition. A patient history file is opened and the completed questionnaire and other documents are incorporated into the file.
When a patient is examined by a physician, the results of the physical examination or clinical information are routinely recorded such as by the physician entering the information onto a form which is then placed in the patient's history file. It is common practice for the physician to make handwritten notes during the patient's physical examination. The notes are later used by the healthcare professional for personally dictating a patient's report. The dictation is then transcribed, reviewed and signed by the physician who conducted the patient's physical examination.
In the case of medical offices operating under health maintenance organization (HMO) oversight, requiring audits of the examination notes of medical professionals for consistency and trends in diagnosis and treatment, the lack of computerized databases for monitoring and updating clinical examination data and the time consuming process of re-transcribing and editing paper charts complicates this auditing process.
For many healthcare organizations, some with file rooms of paper, medical records about their view of a patient's medical history are based on what the patient has told them and any clinical visits or procedures done at that office. These healthcare organizations are akin to silos in the sense that the information that a hospital has about a patient, e.g., in an emergency room visit the patient experienced an allergic reaction to penicillin, the primary care physician may never get that information unless the patient tells the physician about it.
The technology to assemble and store patient records in computer databases as electronic medical records exists and is being deployed in some hospitals and physician offices. Some healthcare providers and insurance companies are forming regional information networks to share electronic medical records as a means to reduce paperwork, minimize costs of billing, and to fight against false claims.
The Standards for Privacy of Individually Identifiable Health Information (“Privacy Rule”) limits the circumstances in which an individual's protected health information may be used or disclosed. The Privacy Rule, which was published in final form on Aug. 14, 2002, establishes, for the first time, a set of national standards for the protection of certain health information. The U.S. Department of Health and Human Services issued the Privacy Rule to implement the requirement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
A major purpose of the Privacy Rule is to define and limit the circumstances in which an individual's protected health information may be used or disclosed. The Privacy Rule requires that health plans, healthcare clearinghouses, and every healthcare provider, regardless of size, who electronically transmits health information maintain reasonable and appropriate administrative, technical and physical safeguards to ensure the integrity and confidentiality of the information, protect against any reasonably anticipated threats or hazards to the security or integrity of the information, and protect against unauthorized uses or disclosures of the information.
A need exists for a method and system for assembling medical records from disparate computer-based person records and to make them accessible over the Internet such that the electronic medical records are private and secure. A need exists for a method and system for defining a person in a shared database as a unique entity, for example, to ensure the integrity of the information in the shared database. A need also exists for a method and system for defining a patient in a shared database as a unique entity in order to comply with HIPAA requirements to ensure confidentiality of the health information.