How are 'access to medical records' audited/checked/flagged?

Published

I do not live in the US and we don't have HIPAA here, but obviously all access to patient's medical records are logged and auditable and we are not allowed to look in charts of patients that we aren't caring for.

I read a lot of posts about nurses being caught 'snooping' in other patients charts. And them being fired for doing so. My question is, how is this even discovered? Do people do this and get away with it? I can only imagine a hospital log of 'access to charts' would be updated a million times a minute. How does someone physically look and know that Nurse A was not looking after patient B at that time? 

I don't know if we are just less strict here, but I have known people to look up their own blood test results for example. On multiple occasions. Never been caught.

Recently, I was searching for my patient's parent (to get their ID for neonatal blood sample) got some part wrong and up popped some complete random person. I actually got such a fright I shut it off before the page loaded - but I've been wondering if it will ever come back to me? I'm not worried because I didn't actually look at anything, like I would have only opened the demographics page for literally 2secs - but what would this look like to someone looking at the logs? How would it be flagged..? Are the access logs only ever scrutinised if there is an issue or suspected issue with a nurse doing so? Are audits only carried out over set periods of time? Because I am sure that so many people must do this and just don't get caught? I never hear of cases going through the courts - unless a nurse has been really snooping like accessing their family members and telling other people etc. 

P.S I am literally not condoning doing something because you won't get caught. I'm just curious of how it's even monitored?

JKL33

6,472 Posts

8 hours ago, bananas1 said:

but I've been wondering if it will ever come back to me? I'm not worried because I didn't actually look at anything, like I would have only opened the demographics page for literally 2secs - but what would this look like to someone looking at the logs?

The reason to not be worried is because you didn't do anything "wrong."

Our systems here have the ability to document the reason the chart was opened, although that is such a cumbersome idea it is not routinely used, though I have known people to use it in certain circumstances, such as if they had a REAL/legitimate but out of the ordinary reason to briefly open a high profile chart.

That is something you could inquire about if you're really interested. Find out if your EMR has that capability. Or just ask "what are we to do if we accidentally make an erroneous entry while searching for a chart and the wrong chart pops up?"

This is just my personal experience but IME this issue has really been a non-issue if you aren't doing anything purposely wrong.