Health Business

Good records management is always important but in the NHS it can be a matter of life and death. Patients depend on medical records to get the right treatment. Clinicians depend on medical records not only to enable them to give the right treatment but also to provide supporting evidence when things go wrong.

Paper mountain
The old way was to keep paper records and where records were held in data systems to print them off for the file. This caused a paper mountain and paper management problem of gigantic proportions. A large hospital would hold something like two kilometres of paper files and employ over 40 staff in their management and movement. The records manager would be the person in charge of those staff.  
    
The mountain got harder to manage. As hospitals merged into NHS trusts the volumes grew. A typical Trust would hold up to five kilometres of files and employ up to 80 staff. Patient files were constantly on the move between hospitals, and to and from wards and outpatient clinics. Some inevitably got lost or arrived late.
    
Mobile populations and freedom of choice meant that patients might visit many hospitals in their lifetime and the chances of an A&E department having prior knowledge of their life-threatening allergies and illnesses were increasingly unlikely.

Data mountain?
The National Programme for IT (NPfIT) was initiated in 2002 to resolve these problems. The patient file would go online. Patient records would be captured as data into large local Patient Administration Systems and clinical systems, while the NHS Care Records Service would in theory make core records accessible from any hospital, clinic or GP surgery in the country via the NHS ‘spine’.
    
Six years have passed and it hasn’t quite happened yet. As any newspaper reader will tell you the £12bn programme has been fraught with problems. Contracts with some service providers have broken down and others have been late on delivery. Where systems have been implemented, records have continued to be printed for the file. Paper files still abound and NHS records managers are still busy managing the ‘pulling and culling’ of thousands of patient records per week.
    
What is now becoming clear is that the NPfIT programme will not, by itself, replace the whole paper patient file. Nor will it do anything for non-clinical records. The data systems provided will not capture documents such as consent forms, incoming GP referrals or outgoing GP letters, nor will they manage complaints and legal cases, nor will they manage HR or finance records nor will they provide the vital functionality needed for the processes of approving, publishing and updating hundreds of clinical procedures every year. Before we can get rid of the paper mountain we need to digitise the documents that will never be turned into data.

Going electronic
What we need for these records is an Electronic Document and Records Management system. EDRM systems have been in use in government departments, local authorities and the private sector for many years and were starting to be implemented in hospitals before the NPfIT seemed to promise an alternative and put EDRM initiatives on hold.
    
Now hospitals are beginning to look at EDRM again, not only as the means of getting new patient records online but also as the way to scan old ones, save hospital space and improve efficiency in corporate services such as HR, Finance and Estates Management.

Information security
The recent spate of losses of personal information shows the importance of managing records properly. In addition to the well-known losses by government departments such as the HMRC, the MOD and the Home Office, the NHS has its own sorry tale of woe. This year alone:

• Colchester University Hospital lost a laptop containing unencrypted medical data on several thousand patients
• The Scottish Ambulance Services lost the details of 999 calls of almost 1m people, fortunately encrypted
• Stockport PCT lost a memory stick with details of 4,000 patients on it, then Stepping Hill Hospital had a laptop with 1,581 patient files on it stolen
• A GP surgery in Winchester had backup tapes containing data on 15,000 patients stolen.
  

These events have not only caused dismay among the general population but have caused clinicians to doubt the security of IT solutions and the plans for the NHS Care Records Service. All of which is threatening to set back the NPfIT programme even further.

Working with IT
Records managers now have to join forces with IT managers to tighten up policies and procedures around records. Is it not just a matter of applying technical solutions, or even sending out memos to staff. They need to identify what information is held and where, then draw up an information sharing policy to decide who they should be sharing the information with and information sharing protocols to apply the security measures appropriate to each case. These should be accompanied by policies for the use of e-mail, laptops and flash drives plus communications and training to ensure that personal data is only handled by selected and appropriately trained staff.

New role
As the nature of NHS records and the issues around them are changing so is the role of the records manager. The patient records of the future will be divided between the Patient Administration System, clinical systems, the national ‘Spine’, EDRM systems and legacy paper files. Corporate administrative records will be divided among EDM and EDRM systems, data systems and paper files. While paper records will still need storage, pulling, culling and portering, electronic records will need metadata, audit trails, archive file formats, format conversion and retention scheduling.
    
Health service records management will no longer be the back-end activity it used to be. Issues such as security, digital preservation, legal admissibility, retention and data quality will all have to be addressed up-front and built into the design of electronic solutions. The records manager’s role will become one of intervening early in IT projects and ensuring that records management rules are defined and programmed into the new systems and processes being introduced. Records managers need to be ready to meet the challenge.

Alison Gibney is deputy managing director of Cimtech Ltd, an independent information management consultancy owned by the University of Hertfordshire.  

For more information
Web: www.cimtech.co.uk