| |
It highlights safeguards after breach of conduct case involving doctor
THE Ministry of Health (MOH) has given the assurance that access to electronic medical records of patients in public hospitals is tracked and audited. A record is made any time anyone looks at the information, and any inappropriate access is investigated by the hospital’s senior management, it said. Only doctors and health-care staff who treat the patient will have access to the shared medical records. This is because access is granted on a “need-to-know” basis and restricted to authorised health-care professionals. Access rights are also stratified according to the authorised person’s role in patient care, job scope and responsibilities.
The ministry’s comments come in the wake of a case involving a doctor from the KK Women’s and Children’s Hospital (KKH), who accessed electronic medical records of two women who were not his patients, in 2007 and 2009. Dr Singh Tre’gon Randhawa, 32, was fined $10,000 and censured last week by the Singapore Medical Council (SMC). It was the first time a doctor has been disciplined and convicted for such a breach of conduct. Dr Singh said the two women were his former girlfriends. He checked the first woman’s records after learning that she was seeking treatment for a suspected sexually transmitted disease at KKH. He accessed the records of the second woman to check when she had appointments at the hospital, so as to avoid hostile run-ins with her. His actions came to light after the second woman filed a complaint against him in August 2009.
Each public hospital currently has its own electronic medical records of its patients. These records are separate from the national electronic health record (NEHR) scheme, which is scheduled to be fully up and running by 2015. The scheme will include not just public hospitals, but also private medical bodies. Asked about Dr Singh’s case, an MOH spokesman noted that breach of patient confidentiality was a serious matter of professional misconduct that the SMC has dealt with. “Unauthorised access to patient records may also be a breach of the Computer Misuse Act, and we are looking into taking further action,” she said.
On safeguards to prevent unauthorised access of records in hospitals, she noted that in setting these rules, hospitals are also careful that they do not compromise patient care by making them too stringent. Doing so might inadvertently block legitimate and necessary access to the records. But, she added, technical safeguards are only one aspect of protecting patient confidentiality. “Professionalism and personal responsibility of health-care professionals play a critical role,” she said. Hospitals constantly reinforce the need for professional values, she added. Everyone who uses the records must attend mandatory training, where they are reminded of the need to keep information confidential. Before they can access the system, users must also sign an agreement that details their responsibilities and how they are accountable. She said that in the KKH incident, the hospital immediately initiated investigations when told there could have been a possible breach of confidentiality. Electronic logs were retrieved to audit the access, and an internal committee of inquiry convened.
The matter was also raised to the SMC to be investigated independently. Dr Fatimah Lateef, an MP for Marine Parade GRC who sits on the Government Parliamentary Committee for Health, said improving the safeguards is something that must be seriously looked into. But she added that it would be difficult to limit a doctor’s access, as many patients come in with illnesses across disciplines.
|