Informed Consent in Electronic Medical Record Systems

Informed Consent in Electronic Medical Record Systems

Bo Yu (George Mason University, USA), Duminda Wijesekera (George Mason University, USA) and Paulo Cesar G. Costa (George Mason University, USA)
DOI: 10.4018/978-1-5225-2237-9.ch049
OnDemand PDF Download:
List Price: $37.50
10% Discount:-$3.75


Informed consents, either for treatment or use/disclosure, that protect the privacy of patient information subject to law that in certain circumstances may override patient wishes, are mandatory practice in healthcare. Although the healthcare industry has widely adopted Electronic Medical Record (EMR) systems, consents are still obtained and stored primarily on paper or scanned electronic documents. Integrating a consent management system into an EMR system involves various implementation challenges. The authors show how consents can be electronically obtained and enforced using a system that combines medical workflows and ontologically motivated rule enforcement. Finally, the authors describe an implementation that uses open-source software based addition of these components to an open-source EMR system, so that existing systems needn't be scrapped or otherwise rendered obsolete.
Chapter Preview


The healthcare industry seeks quality improvement strategies to provide standardized, safer and more efficient patient services, focusing on patient safety, quality of care, risk management, data security and privacy preservation. Herein we focus on another important quality improvement area—namely, minimizing medical errors. Multiple reasons underlie medical errors. Failure to obtain informed consent is a top-ten reason for generating medical malpractice claims; “a properly completed consent form would have prevented 45% of errors on surgery wrong sites.” (Compbell, 2004)

In the last several decades, evolving computer-based Information Technology (IT) in healthcare has changed how computing systems support healthcare service delivery, with examples including Electronic Medical Record (EMR) systems and Personal Health Record (PHR) systems. The U.S government plays a major role in promoting healthcare IT, including EMR systems.

The healthcare industry has adopted EMR systems widely. Nonetheless, nearly all medical facilities have paper-based consent forms, including those with EMR systems. The most common approach for managing informed consent forms in EMR systems is by scanning paper consent forms, then storing them as an electronic format, thereby restricted to basic record keeping. Scanned consents are difficult to use by electronic means during medical processes, instead relying on caregivers to enforce the consents the same way as was done pre-health IT. Advanced automated features such as consistent enforcement of informed consent pursuant to statutes, regulations and guidelines are missing. In addition, hospitals spend on average $80,000 per year (Anonymous, 2007) scanning consent forms to perpetuate an antiquated, inefficient consent system that results in subpar enforcement in the form of wrong or inapplicable consents. Furthermore, studies concerning enforcement of medical informed consent in existing EMR systems reveal that no EMR systems support dynamically obtaining, and automatically enforcing, patients’ informed consents when implementing medical processes. Consequently, a mechanism to implement and enforce e-consent is needed.

To be valid, informed consent must comply with state and federal laws and regulations applicable to medical sub-disciplines, as well as depend on some specific situations such as treatment type, facility location and the purposes of use and disclosure of patient Protected Health Information (PHI) for medical information sharing consent.

As stated above, informed consents in healthcare are governed by various statutes and regulations that change over time because laws are dynamic. For example, a medical lawsuit that establishes precedent may trigger a new or amended statute or regulation or alter how a law is interpreted. Nevertheless, studies of consent laws are scarce, perhaps because ever changing laws would cause such studies to have a short shelf-life. Issuing proper medical consent demands evaluating all consent rules and determining the type of consent to be obtained from the appropriate consent provider. Yet, no implementation method or modeling changes to consent laws are available that govern specific institutional practices (Beauchamp, & Childress, 1989). Consent is rendered unreliable without adhering to corresponding changes of laws. Moreover, consent statutes and regulations are complex. At times ambiguity adds to complexity (e.g., precedent changing interpretations of law that, due to ambiguity, is subject to multiple interpretations). This causes breakdowns between concepts that people use and data that computers interpret. Thus, methodology for acquiring proper consent based on evolving law must be dynamic.

An essential informed treatment concept is autonomy—namely, allowing competent adults and emancipated children to make their own healthcare decisions. Our previous work (Yu, Wijesekera, & Costa, 2014) showed the complexity of determining patient competency for treatment consent because each state has its own laws defining minors, at times differing by treatment type.

Our approach incorporates a medical consent management component into an existing EMR system to obtain and automatically enforce dynamically e-consent by using workflow technologies. More specifically, we use ontology-based knowledge representation and reasoning mechanisms to obtain required informed consents based on each unique patient situation to ensure compliance with consent laws pertaining to the applicable sub-discipline. This technique also enforces protection of patient privacy in EMR systems.

Complete Chapter List

Search this Book: