EMR RISKS part 1

Emr risk part 1.jpg

Jun 1, 2019


            ELECTRONIC MEDICAL RECORD: We love it-We hate it

                                        WHAT ARE THE RISKS?



 Security Levels and Password Confidentiality have to be maintained in an electronic system just like paper. Administrators and/or the physician in charge should assign the levels of security clearance for the EMR for each staff member based on their individual job function. Prevent staff access to physician progress notes and prescription templates to avoid the creation or alteration of these areas for their own purposes. Each person should have their own password and the policy should forbid sharing of those passwords. Immediately delete the password of anyone who leaves the practice.


Confusion in this area may adversely affect medication doses. The amount of medication will be dramatically different based on a patient’s weight of 160 lbs. versus 160 kgs. Get the EMR creator to make sure the weight format is correct. If employees are calculating med doses they must pay close attention to conversions. It’s ideal to have two employees check weight, conversion calculations, and dosage prior to administration to avoid mistakes; this is especially critical in a pediatrics.



 Federal Law says you must train employees in the protection of protected health information (PHI). Each physician’s practice must have privacy and security policies that address patient privacy, preserving the security of data, and confidentiality of patient information. You might have a problem with HIPAA violations if staff access, prints, or downloads information that is not within the source of their job.   Obviously staff disclosing or altering patient information without proper authorization is a problem.


Adapted from: Allan Ridings and Joseph Wager Sr. Risk Management & Patient Safety Specialists for CAP: https://www.capphysicians.com/