EMIS Audit Process

Purpose

The purpose of this document is to describe the rationale and permissions of use, and the method for case audit, of the BrisDoc EMIS EPR system within BrisDoc.

Rationale and background

Access to the EMIS platform by BrisDoc clinicians is managed via the ‘Process for new EMIS accounts’ standard operating procedure (SOP), which describes the validation of a clinician’s identity and employment status within BrisDoc before an EMIS account is created.

Due to the fluid nature of the clinical workforce, accounts are closed if they have been inactive for six months to limit the number of latent accounts. These can be reinstated as required. This process is undertaken by the IT assistant and overseen by the Programme and Service Director.

BrisDoc’s Caldicott Guardian (Medical Director) holds overall responsibility and accountability for information governance related to the EMIS platform at BrisDoc.

The clinical scenarios in which the EMIS record may be accessed are described below.

• A Paramedic, Community Nurse or other Healthcare Professional wants to discuss a patient. The Call Handler will document if the patient has consented to EMIS access when the case is entered on Adastra. EMIS consent reason to be recorded as ‘Patient has given consent’. If prior consent is not recorded, the clinician may access the EMIS record before starting the telephone call if this is considered to be in the patient’s best interests (eg clinical complexity, potential safeguarding concerns, recent relevant event mentioned such as discharge from hospital, other circumstances in which a prior view would likely benefit patient care). EMIS Consent Reason to be recorded as ‘Emergency access for urgent treatment’.

 

• The Laboratory phones through an abnormal result. To aid safe clinical assessment and management, and to understand if the result has already been actioned, the clinician is advised to access the EMIS record before starting the telephone call. EMIS Consent Reason to be recorded as ‘Emergency access for urgent treatment’. Alternatively, the clinician can confirm the patient’s consent at the start of the telephone call and record the EMIS Consent Reason as ‘Patient has given consent’.

 

• Telephone advice and face to face consultations. These are the easiest scenarios to gain consent from the patient. EMIS Consent Reason to be recorded as ‘Patient has given consent’. The clinician may access the EMIS record before starting the consultation if this is considered to be in the patient’s best interests (e.g. clinical complexity, potential safeguarding concerns, recent relevant event mentioned such as discharge from hospital, other circumstances in which a prior view would likely benefit patient care). EMIS Consent Reason to be recorded as ‘Emergency access for urgent treatment’.

 

• Where a patient lacks capacity due to mental illness or learning difficulties (eg psychosis, dementia), and EMIS access (before the call or during it, as agreed with a relative or carer) is in the patient’s best interests. EMIS Consent Reason to be recorded as ‘Patient incapacitated due to mental illness or learning difficulties.

 

• If the patient appears confused, or otherwise incapacitated by acute illness (eg delirium, intoxication, head injury, in extremis), and EMIS access (before the call or during it, as agreed with a relative or carer) is in the patient’s best interests. EMIS Consent Reason to be recorded as ‘Patient incapacitated due to illness or injury’.

 

• Weekday Professional Line – when a referring GP or other Healthcare Professional is with the patient then ask them to seek consent from the patient. If they are not with the patient and accessing the records is in the patient’s best interests, EMIS Consent Reason to be recorded as ‘Emergency access for urgent treatment’. Alternatively, the clinician can contact the patient directly to confirm consent. EMIS Consent Reason to be recorded as ‘Patient has given consent’.

 

Additional acceptable situations for EMIS access, as deemed appropriate by BrisDoc’s Medical Director and Caldicott Guardian are:

 

• Failed Contact. EMIS access may validate or provide alternative contact details for the patient. EMIS also provides additional clinical information and context to assess the most appropriate management of patients who cannot be contacted. Access under these circumstances is therefore in the patient’s best interests. EMIS Consent Reason to be recorded as ‘Emergency access for urgent treatment’.

 

• Clinicians are encouraged to follow up patients they have consulted in the OOH period, to support personal learning, professional development and improved patient care. In this instance EMIS Consent Reason to be recorded as ‘Other’ with follow-up as the free text specifying the date of OOH contact which is being followed-up. This follow-up is permitted within two months of the clinician’s consultation with the patient.

 

• Clinical Co-ordinator (or, on occasion, another Osprey clinician) supporting another clinician who cannot access EMIS. The consulting clinician should seek and confirm the patient’s consent. The Clinical Coordinator should record EMIS Consent Reason as ‘Other – access for HV clinician’.

 

• Safeguarding/ Clinical Guardian

 

• Learning Events /Audit

 

Situations in which access to EMIS is NOT acceptable:

 

The following situations will be regarded as an Information Governance breach:

 

• Use of the EMIS platform to access the records of patients whom the clinician has consulted in other settings/ services (eg at their daytime practice). Clinicians can only use the EMIS platform to access the records of patients requiring healthcare in the OOH/ IUC/Weekday Professional Line services.

 

• Use of the EMIS platform to access the records of friends or family.

This would normally result in a disciplinary process for an employee. For a self-employed GP, this would normally result in a referral to BrisDoc’s internal Performance Advisory Group or to NHS England, and appropriate/ comparable recourse for any other self-employed Healthcare Professional.

 

• Use of the EMIS platform to access the records of colleagues, unless the clinician is consulting the colleague as a patient booked in Adastra and requiring care from the OOH/ IUC/ AGPT service. The consent requirements outlined above should be followed.

 

• Use of the EMIS platform to access own medical records. This would normally result in a disciplinary process for an employee. For a self-employed GP, this would normally result in a referral to BrisDoc’s internal Performance Advisory Group or to NHS England, and appropriate/ comparable recourse for any other self-employed Healthcare Professional.

Risks

The audit process relies on the ability to match the Adastra and EMIS usernames with that of the patient record that was accessed. Where a clinician uses a different working surname to their family name, there will no ability to audit the activity of these clinicians for family name matches.

EMIS Consent Options

 

Process for Clinician access the EMIS Platform

On a monthly basis, extracts will be produced from both Adastra (Clinical participation report) and EMIS (Record access report). The extracts will be combined to produce a list of EMIS records accessed for which there is no correlating Adastra record. This list will also be searched to ensure that the records are not those of staff or colleagues.

A typical month would generate some 3000 EMIS record accesses. All anomalies will be reviewed each month.

 

 

Reasons for mismatch in the audit process are:

• Patient name misspelt in either EMIS or Adastra.

 

• No record of clinical contact in the Adastra clinical participation report, but contact recorded in the case event list for a failed contact.
• No record of clinical contact via the Adastra clinical participation report, but contact recorded via the audit question when closing the case (‘Did another clinician access EMIS on your behalf?). The name recorded is the same name as the clinician who accessed the EMIS record.

 

• Follow-up of a previous case outside the maximum permitted case review window (2 months).

 

• Inappropriate access to the EMIS record. No Adastra record found.
• Safeguarding Review
• Clinical Guardian

The outcome of the audit categorises the EMIS access as acceptable or mismatched, for the reasons described above.

The audit process is performed by the IT Assistant. The audit work is performed in a secure folder on the shared drive at BrisDoc’s head office, and access to the folder is limited to the IT Assistant and the Programme & Service Director as it contains patient identifiers. The Excel spreadsheets that support the process are password protected and access is limited to the IT Assistant and the Programme & Service Director.

The monthly audit summary is reviewed by the Medical Director (or Deputy Medical Director) and Programme & Service Director. Mismatched cases are reviewed in further detail to see if the access can be explained. Inappropriate access is followed up, in line with BrisDoc’s incident policy. The IT assistant must submit a monthly incident email to Governance this will allow the data to be reported at our regular Information Governance Board and acted upon if required. The review also looks at the audit process in light of cases highlighted as mismatches, and seeks to improve the effectiveness of the audit process. This is further supported by clinical guidance and training, as required.

Communication with clinicians following monthly audit

The EMIS audit classifies the mismatches in terms of:

1. Not in Adastra. No matching Adastra record found in the two months prior to the EMIS access.

 

2. OOH case review. No reason provided, or the case was outside of the 2-month window permitted for case review.

 

3. Colleague’s records. The name in the EMIS records is a staff member or self-employed clinicians, and there is no corresponding Adastra record.

 

4. Family or own records. The family name in the EMIS records matches with the clinician’s family name.

Outcome (1) and (2) Communication to Clinicians

In the case of (1) and (2), the clinician will receive a communication from the Medical Director (or Deputy Medical Director) as below. A log of these communications will be maintained and will trigger follow up if a clinician has received this on three or more occasions.

Dear Colleagues,

As you are all aware, the advent of EMIS access from OOH has been a huge leap forward in terms of safe and effective patient care. It is important that we all use this resource appropriately and responsibly. As part of our monthly audit of EMIS access, you appear to have either

• accessed a patient’s EMIS record for which there is no corresponding Adastra record
• or accessed a patient’s EMIS record and not provided a reason why

The IUC EMIS EPR Viewer platform is for professional use only, and can only be used for patients receiving care from the IUC service and Homeless Health Service.

As such, IUC clinicians:

• Must not under any circumstances access your own medical records, or those of friends, family or colleagues. This is an information governance breach. For self-employed clinicians, this will usually result in referral for review at BrisDoc’s Performance Advisory Group (PAG), to inform the next steps. For employed clinicians, such a breach would normally result in a disciplinary process. BrisDoc’s PAG or the disciplinary process could result in referral to NHS England’s PAG (for GPs) or the relevant professional body for nurses and allied health professionals
• Must only access EMIS records for patients they are providing care to in the OOH/ IUC/AGPT service. You must not use the EMIS platform to access records for patients you have had contact with in-hours, or in other services. You must only access the EMIS records of colleagues if they require a consultation with the OOH/ IUC/ AGPT service and, as such, are booked into Adastra.
• May need to access EMIS records on behalf of another clinician working in OOH/ IUC and consulting with the patient. The commonest scenario for this is if a visiting clinician requires further information. In this situation, the clinician with the patient should seek their consent, and the clinician accessing EMIS should select “Other”, and log details e.g. “accessed on behalf of visiting clinician AB with patient consent”.
• Can access EMIS records for patients seen previously in OOH, to follow up the outcome of the previous consultation. This is important to support professional development and reflection. To do this, you must access the records within two months of your original OOH contact with the patient. In the consent box, you must select ‘other’ and enter your reason for access, including the date of your original OOH contact with the patient (eg ‘Follow-up from OOH case 12 Nov’)

The acceptable circumstances for accessing EMIS and the associated consent requirements are outlined in the attached Standard Operating Procedure (SOP). This also outlines the circumstances in which accessing EMIS is unacceptable, and the consequences of this.

Please ensure that in future you follow the above guidance every time you access patient records on EMIS. The IG rules are clear, and as Caldicott Guardian, I am obliged to ensure they are followed. Recurrent episodes of unexplained EMIS access will be followed up individually with clinicians.

Follow up for outcome (3), or three or more outcome (1) or (2) follow up emails

These will be reviewed and investigated by the Medical Director, Deputy Medical Director of Head of OOH/ IUC Nursing and Allied Healthcare Professionals, and followed up/ actioned on an individual basis if confirmed.

Outcome (4) Follow-up

Clinicians that fall into this group will be individuially reviewed and investigated by the Medical Director, Deputy Medical Director or Head of OOH/ IUC Nursing and Allied Healthcare Professionals, in line with BrisDoc’s Incident and Disciplinary Policies.

 

If confirmed, this would normally result If confirmed, self-employed clinicians would usually be referred for review at BrisDoc’s Performance Advisory Group (PAG), to inform the next steps. For employed clinicians, such a breach would normally result in a disciplinary process. BrisDoc’s PAG or the disciplinary process could result in referral to NHS England’s PAG (for GPs) or the relevant professional body for nurses and allied health professionals.

 

Appendix A – Audit Method

Launch EMIS extract the data – Audit trails | Record Access| (Filter by date (Date is between))

Filter by Event type “Shared Record Viewed” & “Shared Record Viewed – prompted for permission”

Launch the extracted EMIS CSV

Remove the top row leaving just the column names. Filter and Freeze top Row

Filter column “RoleProfileName”  to be just  Brisdoc Clinician , highlight and copy entire worksheet and paste into a new worksheet .

Delete the Master worksheet. Name this new, new worksheet  EMISMaster

Adastra Preparation

Adastra Raw :Launch Adastra extract the data –  !DL 111 Reports | Clinician Participation (All)  with Cancelled Cases << pick month plus 2 months prior >>

Select No filter

Cancelled Cases: Launch Adastra extract the data –  !DL 111 Reports | Cancelled Case Details with Patient << pick a day extra  either side of the month required>>

Select No filter

EMIS – Adastra Integration Preparation

It may be useful to turn off calculations (Formula’s | Calculate Options) while creating new raw data

Select the EMIS RAW DATA tab, highlight from Cell A2 to L2 highlight all the cells down and click clear contents

Select the ADASTRA RAW DATA tab, highlight from Cell A2 to M2 highlight all the cells down and click clear contents

Select the Cancelled Cases tab, highlight from Cell A2 to G2 highlight all the cells down and click clear contents

Not necessary, however with all the contents removed, clicking refresh on the Pivot table in PIVOT tab will show just N/A.

Ready to be populated.

Once populated with the Raw Table’s from Adastra and EMIS. Scroll to the bottom, Ensuring the Formula’s from J* on EMIS and N* calculates the RAW data. If there are more formulae than raw data, simply clear content on the extra

Momentarily switch on calculated fields and then switch back off again when the process is done (bottom of screen)

N/A’s

In EMIS RAW DATA tab, Adastra Clinical Row, there may contain some #N/A this will be New Clinicians added since the last report was created .

Filter the “Adastra Clinical” column to just #N/A

In Column A will be the Clinicians we will need to find the Adastra corresponding records THIS ENSURES WE ARE COMPARING THE EXACT SAME CLINICIAN.

Copy this small subset into a blank sheet and remove duplicates.

From the result copy these into the Consultant List tab (With calculated fields switch off)

In the Adastra Raw Tab, find the same clinicians and copy (the Adastra name) in Column B

When done. Switch on Calculated fields setting it back to Automatic.

PQ Search (PowerQuery)

Copy the EMIS Raw calculated sheet from the Audit and Paste Values into a new Excel document and save in the secured PQ Search Raw folder.  (Archive the oldest excel document).

Launching the PQ EMIS Search will automatically add new EMIS to a calculated virtual table and allow the IT Assistant to search by EMIS Number.

The tool is the reverse of Adastra and seeks if and when any clinician looked up the same EMIS record and what the related Adastra case they were looking at.

This helps in validating a Clinicians lookup either by providing alternative name if name differs on systems, validates the lookup especially if another clinician did the exact same search within same period and if a Clinician had looked at the patient record in EMIS previous months.

 

Change Register

Date	Owner	Version	Changes
Jan-16	GP	First Draft	Documenting audit process mechanism
Sept-17	GL	Vn 1.1	Addition of purpose and rationale
Oct-17	KR	Vn 1.2	Review and amends
Oct-17	DL	Vn 1.3	Final review
Jan-19	DL	Vn 1.4	Amended to revise clinical follow-up after audit
April-21	DL	V 2.0	Annual Review
May-21	DL	Vn 2.1	Feedback after review by AW/KR as a result of incident
Feb-23	DL/GP	Vn 2.2	Annual Review
Feb-24	DL/GP	Vn 2.3	Annual Review