MSU LIBRARIES RETURNING MATERIALS: Place in book drop to remove this checkout from your record. FINES wiII be charged if book is returned after the date Ir ,, '5 I." "‘ l i '3. L“. .1 \ a hag-l. oi- stamped below. COMPUTERIZED MEDICAL RECORDS AND CONFIDENTIALITY By Michele Sielicki A THESIS Sublitted to Michigan State University in partial fulfillment of the require-eats for the degree of MASTER OF ARTS Depart-eat of Teleconnunication 1986 ““39 ABSTRACT COMPUTERIZED MEDICAL RECORDS AND CONFIDENTIALITY By Michele Siemicki The universal impact of health records on the population; the presently occurring reconsideration of goals and organization of American health care; the increasing uses of computers in health care; and the right of individuals to control the uses of their personal health data result in .increasing demands for the collection, analysis and storage of data related to medical record-keeping. Intensive need and demand for more kinds and more detailed patient care information are necessary for hospital completion of daily transactions involving patient care and delivery of its services. The computer has risen to meet these increasing information demands, complicating the issue of confidentiality-the central citizen right under examination in this study. I Telephone survey questionnaires were administered to the medical records departments of 14 midwestern Michigan hospitals. Under examination was the computerized system at each facility assessing the priorities and concerns of management and employee given a computerized medical record and documenting whether confidentiality would arise as a concern without interviewer prompting. Concerns with the technology.were prevalent, with networking/interfacing the existing system to remote locations throughout the hospital as the most frequently cited priority. Although 85% of the hospitals agreed confidentiality was integral to medical record department function, only 2 hospitals cited it as a priority. The study concludes traditional policies appear inadequate to meet the new flows and uses of this information and immediate concerns with the technology displace citizen rights. ACKNOWLEDGMENTS My deepest thanks and gratitude go to Linda Kohl for her unwavering assistance and support. I would also like to express my thanks and gratitude to Carrie Heeter, for being a mentor and friend, and for serving on my committee when it was needed the most; to Dr. Howard Brody for his direction and time; and to Marilyn Fife for her genuine concern in seeing the completion of this study. ii TABLE OF CONTENTS Acknowledgments List of Tables List of Appendices Chapter 1: Computers, Records and Patient Rights Introduction How Computers Affect This Issue Enter the Medical Record Users and Uses Privacy and Medical Records Confidentiality versus Privacy Research Questions Methodology Chapter 2: Utility of Computerized Systems Results Nature of Existing System Access and Security Release of Information Management/Employee Concerns & Priorities Existing System: Priorities/Concerns Fully-Automated System: Priorities/Concerns Discussion Conclusins Chapter 3: Private and Public Policy Alternatives Concept Application to Automated Medical Record Systems 1 The Need to Teach Respect for Citizen Rights 2 The Need to Apply Appropriate Security Measures 3 The Need to Insure Accuracy iii Page ii vi 10 12 15 19 22 31 31 31 34 38 39 39 43 47 56 -61 62 64 66 67 Page 4 The Need for Outside Examination 68 5 The Need to Secure Information for Public Use 69 6 The Need for Patient Representation 71 Policy Action 72 Future Studies 73 Concluding Comments 79 Appendices 83 Bibliography 236 iv TABLE TABLE TABLE TABLE TABLE TABLE TABLE fiwN LIST OF TABLES Hospital Size Computer Usage Computerized Record Systems Management and Employee Priorities with Existing System Management and Employee Priorities with Fully-Automated System Citizen Right Priority and Computer Knowledge Confidentiality Priority Page 22 32 36 40 41 45 46 APPENDIX 1: APPENDIX 2: APPENDIX 3A: APPENDIX 3B: APPENDIX 30: APPENDIX 4: APPENDIX 5: APPENDIX 6: LIST OF APPENDICES Users and Uses of the Medical Record Institutional Policies for the Disclosure of Medical Record Information H.R. Bill 668 H.R. Bill 2979 S. Bill 503 American Medical Association: Confidentiality and Computers Questionnaire Hospital Profiles vi Page 83 84 91 92 110 128 131 138 Chapter 1: Computers, Records and Patient Rights ”Computers linked together through high-speed telecommunication networks are destined to become the principal medium for making, storing and using records about people." 1 INTRODUCTION Technology offers a wider range of information and communication resources than people have ever known before. So pervasive and influential are these resources that the United States is said to be moving, if not already in, a new era-- the Information Age.2 The increasing emphasis on production, storage and distribution of information is a major characteristic of this movement. As a result, the Information Age assists in the evolution of a more complex information and communications environment, resulting in a shift of the economy from goods-production to information- based services. Hence, industries and organizations, both private and public, will be ”..the primary users of the new high-technology network (with) their dependence on the services of the new technology."3 National health delivery systems are no exception with their support increasingly coming from automated, computer-based data systems with functions ranging from storage of medical records to long-distance monitoring of patients. 2 Information then becomes "..something more transitory than knowledge and (having) value to somebody. 4 To this end, information is regarded as a commodity. Hence, information technologies refer to ways of gathering, storing, manipulating or retrieving this commodity. Computers and telecommunication links, under examination in this study, are one of several means facilitating this process. This process, however, transcends the hardware, encompassing several, complex social issues, the least not being privacy and confidentiality. "It is important to be aware that the computer may have some consequences for American society that we would prefer not to have thrust upon us..not the least of these is the danger that some record-keeping applications of computers will appear, in retrospect, to have been over-simplified solutions to complex problems."5 Because of this potential danger, health care was chosen as the basis of an examination of computers vis-a- vis citizen rights. Reasons for choosing this area are fourfold: -the universal impact of health records on the population -the presently occurring reconsideration of goals and organization in American health care -the increasing use of computers in health care 3 -the right of individuals to control the uses of their personal health data. These changes, concurrent with the growth of an infermation-oriented society, result in increasing demands for financing and quality assurance and the collection, analysis and storage of data related to medical record- keeping. "Over the past fifty years medical record-keeping has evolved to keep pace with the changes and growth of the health care system and many significant advances have resulted from the adaptation of modern computer technology to the health field."6 Intensive need and demand for more kinds and more detailed patient and patient care information are necessary for hospital completion of daily transactions involving patient care and delivery of services. Never before have hospital medical records been subjected to so many demands for their use and disclosure of contents. Where ethical standards concerning the release and use of patient care information have traditionally been the cornerstone of the medical record, computerization of medical records and the integration of medical and financial data stand to jeopardize this safeguard.7 The computer has risen to meet the increasing information demands thus complicating the whole issue of confidentiality, the central citizen right under examination in this study. 4 HOW COMPUTERS AFFECT THIS ISSUE If the hospital is the geographic locus of health care services, the record is the information locus of medical care. In an age of specialization, the record becomes central to organization. Recent advances in computer technology have allowed the accumulation, analysis and storage of an unlimited quantity of medical records and medical record information thus compounding controversy over patient privacy and confidentiality. This controversey encompasses that information collected and documented on manual or computer files. Privacy concerns include issues as to what information should be recorded and how long this information should be maintained on file. Confidentiality concerns involve improper or disputed leakages of information that were disclosed 'in confidence’ on the part of the patient to the physician. Of particular relevance today is disclosure of information about one’s sexual activity and its possible linkage to AIDS, and drug usage. Outside knowledge of this information (i.e.: beyond the patient and physician) carries not only a negative social stigma but could prove a liability in one’s obtainment of employment and insurance coverage. The list of private and/or confidential information that could be potentially detrimental to an individual if wrongfully disclosed or disseminated is endless, from abortions to extra-marital affairs. 5 Abuses are not limited to outside sources. In-house abuses also occur when hospital staff employees, including physicians, access information about patients that is not needed to perform their particular job function. Another abuse is the method employed to gain information, that although it is public knowledge information, it is not obtained via the proper channels by this individual. Consequently, the protections and safeguards that exist for the patient’s privacy are by-passed. Thus, the privacy and confidentiality is as old and timeless as the nature of man’s problems. Clearly, information privacy is a concern even without computerization. With computerization, several features exist to enchance and complicate this issue. One aspect is that computers move information from a guarded medical environment into a technical one. Patient contact tends to be lost and the intuitive concern for privacy may be pre-empted by billing and data storage needs. Immediate to this is a computerized medical record system where a computer terminal exists at the bedside of each patient. A11 personnel involved in the delivery of services to this individual, from house-keeping to physicians, enter the necessary information per their job function directly onto the computer. The very existence of the terminal in the patient room creates a more technical environment for the patient. (Not to mention the other 6 equipment that already exists for the monitoring of the patient’s medical status, particularly in the Intensive Care Units). Also, preoccupation with the hardware, on the part of the individual entering the data, may cause one to focus less on the patient and more on the equipment, even though not intentionally. Hence, the tendency exists for depersonalization with computer usage. A second aspect is the integration capability of computers which poses a threat. For one, scattered pieces of data can easily be compiled into a profile never before possible without computers. Thus, an erroneous piece of data, previously isolated in a manual file, can be integrated with other data and widely disseminated. Also, the computer facilitates increased access to data and allows ease of access to such personal information between and among computer users. ”In the past, hospitals could restrict access to confidential information about patients simply by preventing unauthorized persons from entering the medical record area. However, with medical information potentially available to anyone with a connected terminal, there is a danger of multiple breaches of confidentiality without the knowledge of the hospital." 8 Thus, it is the amount of information available to be stored in one place and the ease by which that information can now be exchanged that poses a new potential problem. The ease of this exchange of information becomes a third aspect. A unique harm exists with the computer 7 because this exchange can take place with or without the knowledge of the person about whom the information is and it can take place intentionally or unintentionally. Fourth, storage capabilities of computers make it easier to maintain personal information. Often, it is less expensive to store data than destroy it once on a computerized system. This feature encourages increased data collection. Fifth, a University of Missouri research team found that people tend to believe a machine before believing their own good sense.9 Hence, technical and psychological factors of computers aggravate the privacy problem given an individual’s inclination to regard a computer printout as infallible. A study in 1973 by the Department of Health, Education and Welfare on Besesdsi Qesegtess and the Rights 2: Citizens, found the dangers latent in the spread of computer-based personal data record-keeping stemming from three effects of computers and computer-relategotechnology on an organization’s record-keeping practices: -Computerization enables an organization to enlarge data processing capacity substantially -Computerization greatly facilitates access to personal data within a single organization and across boundaries the separate organizational entities 8 -Computerization creates a new class of record keepers whose functions are technical and whose contact with original suppliers and ultimate users of personal data are often remote. It was found that these three effects on personal data record-keeping seldom occurred independently of one another, but, in fact, were interdependent. What exists are potentially adverse consequences for individuals, organizations and society as a whole. These include: (1) public fear of the occurrence of a "Big Brother" system; (2) the loss of control over one’s privacy, where an impersonal data system delivers personal information to faceless users and (3) the loss of confidence in privacy practices by data-gathering organizations.11 However, current trends suggest the application of computer technology to health care management will be essential in an era of cost containment, fiscal restraint and responsibility and government intervention through planning, financing and regulation. This expansion in use is attributable to: (1) increasing demands and expectations for medical services, (2) the need for rapid transmission of data, (3) heavy increases in the volume of paperwork concurrent with the mandatory reporting to Federal and State governments and (4) increases in annual hospital admissions and 12 ambulatory care services. 9 In its guidelines, the American Hospital Association (AHA) attributes this informational upsurge to the 13 following: -increasing complexity of medical care associated with the growth in size and variety of professional disciplines involved in the delivery of health care services -wide-sca1e use of computers in marshaling information, processing information exchange and creating data banks -increasing mobility of the population with the consequent increase in the volume of requests for exchange of medical information -expanding informational needs of governmental agencies for planning, administration and evaluation of government programs and policy-making purposes -progressive growth in the number of third parties (a party other than the patient, the patient’s personal representative, the physician or the hospital) concerned with the patient and his medical record. Many of these third parties are seeking information for proposed uses, such as payment for patient care, that are quite different from the primary purpose for which it was collected -increased governmental access to patient-identifiable records and increased reporting of personal information to the government -increased incidence of health-related legal actions and proceedings -potential misuse of the authorization for disclosure of medical information (See endnote 1) Thus, the societal trend toward dependence on computers for the collection, maintenance, storage, management and analysis of patient care data appears to present significant opportunities and positive advances in 10 the health care industry. The rise of health care teams, the existence of third-party insurance programs and the expanding limits of medicine appear to be a response to the desires of people for better and more comprehensive medical care. However, as stated earlier, the computer can also pose major threats to privacy and increase depersonalization in the management of health facilities and the conduct of research. "As American society redefines and reorganizes its health care system in the coming decade, it will have to make increased use of computer technology to manage the rivers of data that will be generated.. If the question is not whether but how such technology will be used in health care, American Society has one non-negotiable condition for this process: basic citizen rights cannot be made a casuality of technology-assisted health systems. To do so would be to betray the tradition of Hippocrates and ultimately to dehumanize health care itself." 14 These issues are particularly critical to the medical record, given its content. ENTER THE MEDICAL RECORD The medical record consists of four types of data concerning an individual patient: (1) personal, (2) financial, (3) social and (4) medical. Personal information is usually obtained upon admission and includes name, birth date, sex, marital status, next of kin, occupation and identification of physicians. Financial data include name of the patient’s employer, the patient’s health insurance 11 company, types of insurance and policy numbers, Medicare and Medicaid numbers, if any, and other information that will enable the hospital to bill for its services. Social data include the patient’s race and ethnic background family relationships, life style and any court orders or other directions concerning the patient, community activities and other information related to the patient’s position in society. Medical data form the patient’s clinical record, a continuously maintained history of the treatment provided to the patient in the hospital. Medical data includes results of physical examinations, medical history, treatment administered, progress reports, physician’s orders, clinical laboratory, x-ray and consultation reports, anesthesia and operation records, signed consent forms and nurse’s notes. State and federal statutes and regulations, municipal codes and hospital accreditation standards require hospitals to maintain medical records. Minimum content requirements in the state of Michigan include the following:15 -Admission date -Admitting diagnosis -History and physical examination -Physician’s progress notes -Operation and treatment notes and consultations -The physician’s orders -Nurse’s notes including temperature, pulse, respiration, conditions observed and medication given -Record and discharge of death -Final diagnosis 12 Additionally, records of patients having surgery should include: -Details of the preoperative study and diagnosis -The pre-operative medication -The name of the surgeon and assistants -The method of anesthesia -The amount of anesthetic when measurable -The name of the anesthetist -The post-operative diagnosis, including pathological findings -The report of special examinations such as laboratory, x-ray and pathology The JCAH (Joint Commission on Accreditation of Hospitals) requires hospitals to maintain patient care records as a standard of accreditation. An adequate medical record is to be maintained for every individual who is evaluated or treated as an inpatient, ambulatory care patient, or emergency patient, or one who receives patient services in a hospital-administered home care program. USERS AND USES OF THE MEDICAL RECORD The potential uses and users of personal health information are close to infinite. Appendix 1 illustrates the several potential users and uses of such information, both clinical and societal.16These include health care providers (institutional and individual), third-party payers (Blue Cross/ Blue Shield), private health and government insurers, like Medicare, public health and government agencies, employers, schools, courts and law l3 enforcement and investigating agencies and credit investigating agencies. PERSONAL PRIVACY AND MEDICAL RECORDS In their report on Eersegel Briggs! is an Isfezsstien §9§igty, in 1972, the Privacy Protection Study Commission stated: ”Never before have so many organizations had the facilities for keeping available the information that makes it possible for them to complete daily a multitude of transactions with a multitude of individuals, and to have relevant facts on each individual available as a basis for making subsequent decisions about him." 17 In 1967, the Freedom of Information Act (FOIA) mandated disclosures of data maintained in government files, but specifically exempted medical records from such disclosure. Seven years later, the FOIA was followed by the Privacy Act. In the early 1970’s, the recommendations of the HEW Advisory Committee on Automated Data Systems acted as a precursor to the enactment of the Federal Privacy Act of 1974. The Commission recognized that "..neither law nor technology now gives an individual the tools he needs to protect his legitimate interests in the records 18 organizations keep about him." Accordingly, the Privacy Act outlines the following principles: -to create a proper balance between what an individual is expected to divulge to a record-keeping organization and what s/he seeks in return (to minimize intrusiveness) 14 -to open up record-keeping operations in ways that will minimize the extent to which recorded information about an individual is itself a course of unfairness in any decision about him/her made on the basis of it (to maximize fairness) -to create and define obligations with respect to the uses and disclosures that will be made of recorded information about an individual (to create legitimate, enforceable expectations of confidentiality). 20 Enactment of the Privacy Act codified principles to protect privacy in the collection and handling of recorded personal information by Federal agencies. "It marked the culmination of many years of public and congressional hearings and investigations of threats to personal privacy by the acquistion of vast quantities of computerized 21 personal data by the Federal government." Since the Act applies to all Federal agencies, it includes medical. facilities, health insurance and payment records (like Medicare) maintained by the government. The Act provides guidelines for the collection, maintenance and use of personal data including medical records, computerized and manual. However, numerous expectations in the Privacy Act preclude decreased abuse in the dissemination of private data. The Act does not apply to state or local governments or to private agencies. The right to control who may gain access to one’s medical record is within state discretion, whereby the record is the property of the hospital, not the patient. 15 Hospitals and other institutional providers retain the right of ownership to the physical record-—paper, tape, fiche or film--but the information belongs to the patient. Hence, the hospital may restrict the removal of medical records from its files or from its premises, determine who may have access to their content and define the information that may be disclosed. It is also the hospital that establishes internal and external disclosure policies for the release of information. (See Appendix 2) Consequently, although the Constitution, and Federal and State statutes have been instrumental in guarding patients’ rights to privacy, significant efforts must still emerge from within hospitals and other health-care facilities to ensure adequate safeguards. ”In essence, directors of such institutions should view the promulgation of standards to ensure necessary protections as institutional responsibilities rather than simply patient rights that require legal enforcement." 22 Of central concern in this study is the patient right of confidentiality, the right which receives the least protection, yet, perhaps is most critical to the doctor- patient relationship. CONFIDENTIALITY VS PRIVACY Privacy is the question of what personal information should be collected or stored for a given function. It involves issues as to the legitimacy and legality of 16 organizational demands for disclosure from individuals and groups, and the setting of balance between the individual’s control over the disclosure of personal information and the needs of society for the data. Confidentiality is the question of how personal data collected for approved social purpose shall be held and used by the organization that originally collected it, what other secondary or further uses may be made of it and when consent by the individual will be required for such uses. Security of data involves an organization’s ability to keep its promises of confidentiality. Individual access becomes the issue when individuals should know that a record has been created, when they can examine it in order to check its accuracy, completeness and the uses being made of it. Thus, confidentiality serves a dual purpose: it acknowledges respect for the patient’s sense of privacy and individuality and is important in improving the patient’s health care. Although there are no doctrines of confidential communications under common law, it is accepted that information contained in the medical record is private and personal, therefore confidential. It then becomes the responsibility of hospitals, in general, and the medical record departments, in particular, to establish appropriate policies and procedures for safeguarding confidential information of the patient. 17 In 1979, three bills were introduced to Congress specifically addressing the issue of confidentiality of patient medical records, patient right to access their own medical records and the right to make corrections in the record.23 (See Appendices 3A,3B,3C) With the advent of computerization in health care, national medical associations have recognized the potential for confidentiality to be compromised. Virtually all major health professional groups, including the American Medical Association (AMA), the American Hospital Association (AHA), the American Nurse’s Association (ANA), the American Psychiatric Association (APA), the American Medical Record Association (AMRA), and the American Psychological Association, have adopted formal codes, guidelines or policies regarding the handling of health records.24 (See Appendix 4) Additionally, public interest groups are moving into the area of citizen rights and medical records. One such group is the People’s Medical Society, a non-profit organization with direction and support from the American Bar Association, Yale University, Northwestern University and the National Women’s Health Network. In the state of Michigan, the Department of Public Health provides consumer education as it pertains to health and medical issues. Target audiences include senior citizen groups, and local health and medical facilities (See endnote 2). 18 Perhaps the most significant and prevailing sources of privacy and confidentiality rights remains in these codes of ethics rather than the law. It is the responsibility of the hospital and physician to assure a patient’s legitimate expectation that confidentiality is not breached as a consequence of negligence by health care professionals or the facility. Hence, more than the traditional single-sentence oath of confidentiality by the physician is required today. The computer-assisted management of medical information augments the need for guidelines for physicians, hospital and others, with the patients receiving additional protection. This is especially critical today where the greater participation of sub-specialists in patient care requires more people having access to medical records. Although automation is not responsible for medical specialization, the gathering of scattered medical data into a single computerized record may create new problems. Thus, the efficiency of automated systems makes the potential violations easier, in this writer’s opinion. Although individual state laws may make health professional-patient relationships privileged to varying degrees, and constitutional arguments and court decisions tend to favor privacy rights, ethical mandates appear to provide the most instrumental force for ensuring them. For those not bound by strong ethical codes of practice and 19 high professional standards, no other guarantees can be assumed for the present. Thus, the need to maintain confidentiality is widely recognized as an ethical obligation, as part of the implied contract in the doctor-patient relationship. Unfortunately, in real life, the doctrine of confidentiality of medical records often is forced to give way to other public interests--medical, legal or social. RESEARCH QUESTIONS Studies in the early 1970’s focused on empirical analysis and legislative inquiries regarding the effect of computer use by organizations and its impact on citizen rights, including confidentiality (see Endnote 3). The National Academy of Science studied computerized databanks in American society with inquiries and analyses made regarding the fundamental right between an individual’s right to privacy and society’s right to know.25 Critical to any policy development is the identification of the standards to be implemented if society is to realize benefits from information technology without jeopardizing confidentiality. Westin concludes in a study on privacy and health data systems: "The 1980’s will be a period in which general principles for ethical health data systems are applied in both legislation and registration rules and organizational policies. A broad concensus seems to have developed 20 around the general principles, but this leaves a great deal of work to apply the principles to conflict-of-value situations:to balance the interests of patients, professionals and organizations, and to safeguard the trust of persons in the health care system upon which all medical creative action animates those with responsibility in the health care field. The '80s can see major strides forward in both computer assistance to health care and protection of individual’s rights." 26 Against this backdrop, three research questions emerge. 1. Are traditional laws and organizational policies related to confidentiality keeping pace with the automation of health information? 2. Are there appropriate usages and maintenance of confidentiality with the automated medical record? 3. What are employee and management concerns and priorities with (l) the existing system and (2) with a fully automated, computerized medical record system? Of particular importance to this study is the determination of whether citizen rights, specifically confidentiality, emerge as a concern and/or priority with the automated system. Or do other priorities take precedence to this right when policy decisions are being made, as this writer believes. It is also hypothesized that management and employees are functioning in an environment that demands quick response and relay time of this data, thereby influencing their priorities, with confidentiality becoming a secondary concern. Several factors may influence this: the amount and type of training on the computer, the reliability of the hardware/software, the degree of user-friendliness of the software that has been either configured from another package or developed 21 in-house for that particular facility’s needs and whether computerization assists in medical record personnel job function. Clearly, any one of these factors could overshadow the recognition of any potential harm promoted via computer use and the breach of confidentiality. Given the responsibility placed upon each individual hospital facility to adopt policies safeguarding such rights, it becomes critical to incorporate these rights at the onset of any policy-making. It is proposed here, however, that, first, organizational policy does not change appropriately to meet the changing technologies and the potential harm that may accompany them. Rather, old policy (in this case policy developed for the use of the manual record) is configured to a new technology (the computer). Secondly, it is proposed that, management and employee concerns, although justifiable, do not include citizens’ rights issues due to the dynamic at work in this setting. Finally, it is proposed confidentiality will be guarded only to the extent that it is with a manual system of record-keeping. METHODOLOGY Telephone surveys were conducted with the medical records departments of 14 midwestern hospitals. The director and/or assistant directors in the medical records departments were interviewed. At the request of management, staff were not interviewed directly. One hospital did allow 22 TABLE 1: HOSPITAL SIZE EBIEAIEZBHELIQ NUMBER OF BEDS small medium large TOTAL (0-250) (251-500) (501-1000) PRIVATE 2 3 0 5 PUBLIC 3 5 1 9 TOTAL HOSPITALS ____ SURVEYED 14 23 an employee to answer the questionnaire. However, it should be noted this employee was the acting supervisor in this facility when needed. In the event the director/assistant director was unable to answer the questions pertaining to the computerized system (i.e.: hardware, software, storage and access), the supervisor/ director in the Data Processing Department provided the information. Two urban hospitals were randomly selected from each of the following cities: Jackson, Ann Arbor, Lansing, Kalamazoo, Grand Rapids, Battle Creek and Detroit. These sites were selected since they had been notified by the Southwestern Michigan Medical Record Association of the ULTICARE system that was being implemented at an area hospital. ULTICARE is the first in-state fully-automated medical record system, utilizing computer terminals at the patient bedside. A mix of 9 public and 5 private hospitals resulted, all non-profit facilities, ranging from 75 to 888 beds. (See Table 1) The survey was composed of open- ended questions addressing four principal areas: 1) the nature of the existing medical records system, 2) access and security, 3) release of information and 4) management of employee concerns and priorities. (See Appendix 5) 1. The nature of the existing medical records system: In order to determine if traditional laws and organizational policies were keeping pace with the automation of health information, it was necessary to document the nature of the 24 existing system. Questions were asked on the type and amount of information that was placed on computer, how and who uses this information to determine the release of information requirements and whether procedures exist regarding who was authorized to manipulate this data. To this end, who makes this policy and whether it was adequate to accomodate the new technology can be assessed. 2) Access and Security: These questions were included to document whether appropriate usage and maintenance of confidentiality did exist, without any mention of confidentiality as a central concern of this study. Again, whether the policy in this area changed with the computer was assessed. Questions were asked regarding the location of the computer facility, whether it was a limited access area, what hardware and software was used, whether the computer facility was a private in—house system, if dumb and/or personal computers were used, who had access to the system, what were the back-up measures and methods of storage and who rendered the policy in these areas. (3) Release of Information: Legal, regulatory and accrediting requirements for the release of information were uniform and without change across all 14 hospitals. These requirements were discussed in the previous chapter and were not surveyed. However, the questions remained as to the internal and external requests, and the documenting 25 of any changes in this policy given the easier accessibility to a computerized system. The questions to management regarding management and employee concerns and priorities were specifically designed to be open-ended. A major goal of this survey was to see if confidentiality would emerge as a priority and/or concern on behalf of management. To this end, confidentiality was not mentioned at the onset of the interview. By utilizing this method, a list was compiled of those priorities/concerns as stated without any prompting on the part of the interviewer. This method was chosen so that the importance, or lack of importance, regarding confidentiality could be assessed more objectively. Once the open-ended questions and answers were exhausted, confidentiality was presented as an area of interviewer concern. Any response to this was recorded. A scenario in question format was then presented to the interviewee whereby their number one problem/concern was cited and consequently challenged as it related to confidentiality (ie:"Would you agree to an increase in down-time if it decreased confidentiality problems?") In conclusion, the interviewee was asked where on a priority list did confidentiality fall: high, medium or low. The interviews provided an exploratory "needs" analysis and assessment by management and their employees 26 in hospitals where automation in medical records is occurring. The profiles of each hospital served a two-fold goal as part of this study: (1) to assess the priorities and concerns of management and employees given a computerized medical record and (2) to document whether confidentiality would arise as a concern without interviewer prompting. Documentation of the nature of the existing system can provide the reader with the breadth and depth of the information used and by whom, suggesting the need for confidentiality to be maintained and guarded during policy decision-making. The documentation of hardware and software used, training, number of terminals, size of hospital, private versus public facilities and number of years on-line were included so as to assess any comparisons between hospitals interviewed and their responses regarding confidentiality. The indirect approach to assessing confidentiality was achieved and done with the hope of confirming the writer’s belief that (1) traditional laws and organizational policies are inadequate to meet the new flows and uses of health information and (2) immediate concerns with the technology displaces citizen rights in the initial designing phases. 27 FOOTNOTES 1 Beeordei gosegtsrs sad the Rights of Qitizeasi Report of the Secretary’s Advisory Committee on Automated Data Systems, US Department of Health, Education and Welfare, 1973, p. v. 2 Dizard. Wilson. Jr. The Qosias Isfarsstios Axe; Lonsnan Publishing, New York and London, 1982, p. 3. 3 Ibid., p.6. 4 Williams, Frederick. The Communication Revolution. New American Library, New York, 1982, p. 237. 5 Besordsi gesesters and the Rights of Qitizsssi Report of the Secretary’s Advisory Committee on Automated Data Systems, US Department of Health, Education and Welfare, 1973, p. 8. 6 Hiller, Marc and Lee Seidel. ”Patient Care Management systems, Medical Records and Privacy: A Balancing Act," Eshlie Eeslth genesis; 1980. p. 332- 7 Ibid., p. 12. 8 Worthly. John. Esossiss Qosesters in goals! gore; Aupha Press, Michigan, 1982, p. 194. 9 Tomnick, Lois. ”Electronic Bullies,” Psychology Today, 1982, p.10. 10 Westin. Alan. Semestersi Eeslth Regards sad Qitizees Rights; US Department of Commerce, Washington, D.C., 1976, p. 12. 28 11 Records; 92222322; 999 the Rights of Qitizepsi Report of the- Secretary’s Advisory Committee on Automated Data Systems, US Department of Health Education and Welfare, 1973, p. 10. 12 Hiller, Marc and Lee Siedel. "Patient Care Management Systems, Medical Records and Privacy: A Balancing Act," prlie Eeeltb Reports. 1980. p. 333. 13 Béiégéé'éi'fiééiééi'1éiéiéé:i§§l"iié¥ic§3 ESESEtEI """"" Association, Chicago, 1972, p. 1. ~ ' l4 Westin. Alan- Qoppptersi Eeslth Regards sad the Rights of Citizens. US Department of commerce, Washington, D.C., 1976, p. 10. 15 * Roach, William, Susan Chernoff and Carole Eisley. Madidai Records and the Law. Aspen Systems Corporation, Maryland, 1985, p. 252. 16 §£§£ssept 2: the lisiiééi”Eséiééi'BEEEEE-léééEigiiéél’lfifii. Chicago, 1983, p. 5. 17 Ibid., p.5. 18 Publishers, New York, 1979, p. 206. 19 32922921 Qospptezs and the Rights of Qitizepg; Report of the Secretary’s Advisory Committee on Automated Data Systems, US Department of Health, Education and Welfare, 1973, p. 20. - 20 Hiller, Marc and Lee Seidel. "Patient Care Management Systems, Medical Records and Privacy: A Balancing Act," £22112 £99139 Reports; 1980. p. 336- 29 21 American Hospital Association. iaatitatidaai gaiigiaa fag the Dieeleeere of Medieel Reeere Infereetiee; AHA. Chicago. 1962, p. 1. 22 Hiller, Marc and Lee Seidel. "Patient Care Management Systems, Medical Records and Privacy: A Balancing Act,” Beelie fleelth Reports; 1980. p. 334- 23 Waters, Kathleen and Gretchen Murphy. Madigai BSQQEQé id Health Information. Aspen Systems Corporation, Germantown, Maryland, 1979, p. 313. 24 Unites! Beelte Qere Infereetiee set; National Conference of Commissioners on Uniform State Laws, 1985, p. 2. 25 Westin. Alan- Deteeeeke in 9 Free Seeietx; Qeeeeterei Computer Databahk; EF‘EEE Computer Science Engineering Board, National Academy of Sciences, New York Times Co., 1972, p. v. 26 Griesser, G., J.P. Jardel, D.J. Kenny, and K. Sauter. Daia Ereteetiee in Eeelte Infeeeetiee §xeteeee Ehere 22 He Siaadg North Holland-Amsterdam-New York-Oxford Publishing, 1983, p. 6. 30 ENDNOTES 1 A survey of California Psychiatrists indicated that 89% had been asked for medical information by insurance companies, 56% by schools and 49% by employers. Ware, Willis. "Old Practices in a New Age Endanger Information Privacy." Haapiiai, 1977, p. 134. 2 The People’s Medical Society is a public interest group based in Emmaus, Pennsylvania but expanding nationwide. No centers currently exist in the state of Michigan. A newsletter is published bi-monthly by this non—profit, tax exempt organization. Direction and support include: the American Bar Association, Yale University, Northwestern University, Health Resources Center and the National Women’s Health Network. 3 In 1976, the Institute for Computer Sciences and Technology sponsored the study seepeterei Eeelth Beeeree add gitiaaa Righiai The project was funded jointly by the National Bureau of Standards and the Federal Privacy Protection Study Commission. On-site visits of six health- care organizations using computers to handle personal records were studied vis-a-vis organizational policies and computerization effects on citizen rights. Overall, the study found health data systems expanding without sufficient consultation in advance with groups representing citizen rights and doctor-patient relations. Most data systems lack analysis of how much/what kind of personal data is need to perform their job function. Most systems inadequately define standards of confidentiality, controlling uses of data and release of information. Few organizations have procedures permitting patient access to their medical records. In regard to computer use, the main conclusions (as of 1977) was that automation was extensive but centered on administrative and laboratory applications and that such effects have encountered problems with cost justification, overcoming professional opposition to computers and competing for funds with other social programs. Chapter 2: The Utility of Computerized Systems 'Results The results will be presented by section, following the same order in which the questionnaire was administered. Appendix 6 presents the profiles of each of the hospitals surveyed. HAIHEE 21' the EXI§TIE§ §X§I§H The information abstracted from the medical record and. placed onto computer was uniform across the fourteen hospitals, regardless of software used. This included: (1) patient demographics: age, ethnicity, gender, religious affiliation and admission and discharge dates and patient identification numbers. The patient’s social security number was never used as an identifier. (2) patient care data: diagnosis, theraputic procedures, including labs, medications and x-rays and physician(s) involved. Statistical studies and research, physician use, and quality assurance and administrative uses were the most cited reasons for how data were used (see Table 2). Six facilities cited uses for billing purposes and DRG’s (see Endnote 1). One hospital mentioned use of data for auditing purposes. The users of this data paralleled how the data was used. Administrators were cited as the most 31 32 TABLE 2: COMPUTER USAGE* Uses of Data Private Public Total n=5 n=9 n=14 Audit I l 0 1 Administration I 5 7 12 Billing I 1 5 6 Research/statistical I studies I 5 7 12 Physicians I 4 7 ll H§§B§ Private Public Total n=5 n=9 n=14 Administrators I 5 8 13 Physicians I 4 6 10 Research/CPHA I 4 7 1 Third Party I 0 l 1 Health Professionals I 0 3 3 Private Public Total n=5 n=9 n=14 Passwords‘ I 5 9 14 Identification £s I 5 6 11 Security Codes per I 0 4 4 job function 33 frequent users of this information by thirteen hospitals (see Table 2). Eleven facilities mentioned researchers as users. This included CPHA (The Commission of Professional and Hospital Activity) whereby eight hospitals participated with CPHA in its research and statistical analysis of this data by utilizing their software package, PAS Plus. Three hospitals mentioned ancillary users of this information, including nurses, allied health professionals and social workers. Only one hospital mentioned third-party payers. However, information from the abstract is not directly directly relayed to third-party use. Therefore, it is not so surprising that the other facilities neglected to mention such users since they do not access this information directly from the medical record departments, like those previously cited. In each case, the users (excluding the third-party payer) directly obtained data via the medical record department. The director of the medical record department authorized access based on need to use and certificate of need. Each of the hospitals continued to provide photocopies of this information to the user. Two of the hospitals released the information utilizing computer printouts if the requested information was a statistical summary and not indepth information. Procedures regarding who was authorized to add, delete and/or change information once on a computer file was 34 determined exclusively by the medical record department personnel. Hence, in each facility, those employees involved in transcribing and coding the manual record were now allowed access to the computerized system to make appropriate changes. Consequently, no policy changes occurred in this area with the computer. All hospitals employed the use of passwords. Passwords were changed as frequently as every thirty days to every twelve months. Over three-fourths of the hospitals used identification numbers as additional security measures. Four of the hospitals, in addition to the above, used security codes per job function as one more level to secure and limit access. Thus, the changes in policy with the computer were procedural (see Table 2). The median number of years on the computerized system was five years. One hospital was on-line since 1953; two hospitals just went on-line in 1985. The new on-line hospitals are publically owned and categorized as small facilities (less than 250 beds). A§§§§§ end 5.3991311! Table 3 presents the nature of the computerized record systems at each hospital. Five of the hospitals have the computer facility (mainframe) housed within the the hospital and five in a facility outside of the hospital itself. Four hospitals have the mainframe in 35 the same building but not in the medical record department itself. In each case, the CRT’s used for abstracting records were in the medical record department, qualifying as a limited access area. IBM was the most frequently cited hardware used by 10 hospitals. Three utilized Data General and one facility utilized Burroughs. The most frequently used software was PAS Plus, a software package developed exclusively for medical record abstracting by CPHA in Ann Arbor. Two facilities developed their own package, configured to specific hospital need. One was a medium-bed sized private facility, the other a public hospital with the bed size exceeding 800. The remaining hospitals utilized software packages offered by different computer vendors. Madgag, utilized by one private hospital, was designed for medical record abstracting and configured so as to send the data on each patient to CPHA for statistical studies. iaiagz adaaiaia Haaiia Qagai out of Salt Lake City, Utah, was utilized by one hospital due to its compatability among its sister hospitals. Daia gaga was a software package designed to accomodate an entire HIS (Hospital Information System), gdaigdi, out of Florida, was developed for medical abstracting but includes additional features (”option fields") for specialized in-house studies to be performed. The last three software packages were utilized by public 36 TABLE 3: COMPUTERIZED RECORD SYSTEMS * Private Public Total n=5 n=9 n=14 Eeeeies Medical record department I 3 2 5 Outside med-rec department I 1 3 4 Outside hospital I l 4 5 Rereeere 'Burroughs I l 0 1 IBM I 3 7 10 Data General I 1 2 3 §e£tee£e MedRec I 1 0 l PAS Plus I 3 5 8 Developed in-house I 1 l 2 Dynamic Control I 0 l 1 (Data Care I 0 1 l Intermountain Health Care I 0 l l Tessieele Dumb I 4 8 12 Personal Computers I 1 2 3 Average number terminals I in medical records I 10 55 65 Ireieies In-house staff I 2 3 5 Software Company I 3 0 3 Both I 0 6 6 Beliexzsekins Medical record department I 3 4 7 Data processing I 0 3 3 CPHA & medical records I O 2 2 Medical records & data I 2 0 2 processing *n=14 facilities 37 facilities. In each case, the software was designed specifically to accomodate the minimum requirements for abstracting information from a medical record. Each hospital had a private in-house system without outside access to the computerized database available. It should be noted, however, that the PAS Plus software is designed so that an individual’s password to their facility allows them access to another facility’s medical abstracts providing both institutions have the same equipment, software package and the ARDOS operating system. Two of the hospitals utilized personal computers for their abstracting, the remaining were equipped with dumb terminals. One facility utilized both a personal computer and dumb terminals, but the PC was used strictly for word processing, not medical record abstracting. There was a total of 65 terminals in the medical records departments in the 14 hospitals surveyed. There was one- fifth the number of terminals in the private facilities compared to the public hospitals. However, the number of terminals did not necessarily parallel hospital size, in so far as the larger the facility the greater number of terminals employed. (One or two terminals existed in hospitals of bed size 75, 137, 209, 210 and 510 and 12' terminals were available in a hospital with 888 beds). Responsibility for employee training varied between the medical record staff and the software company. Five 38 hospitals trained their employees themselves; three facilities had the computer vendor supplying the software do the training (in this case CPHA, with PAS Plus being the software used); and six facilities were involved in a joint effort between the department staff and the software company (Table 3). In all but one case, the backup and storage measures involved a nightly taping of the information; one facility placed and stored their information on disk. Access to these tapes was restricted to the transcriptionists and 080’s in each department. Policy in this area was made by the medical record department in half of the hospitals surveyed (Table 3). In the five hospitals where the mainframe was housed outside the hospital, data processing rendered the policy, in each case publically owned facilities. The remaining four hospitals were divided in their policy making in this area with joint efforts between CPHA and medical records or medical records and data processing (Table 3). E§L§é§§ 9.! INEQEMAIIQ! Responses concerning release of information procedures for legal, regulatory and accrediting requirements were uniform across hospitals. Internal and external requests for information were handled by the director of the Medical Record Departments in all 14 facilities. 39 Again, in each hospital surveyed, none of these requirements and/or regulations were cited as having changed with computerization. MAHAQEMEETZEMELQXEE QQHQEEN§ end BBIQEITIE§ Answers yielded in this section were categorized as being hardware issues (areas of priorities/concerns relating to the actual equipment), software issues (areas of priorities/concerns relating to the package and what it offers in terms of services), or other (areas of priorties/concerns not directly relating to hardware or software issues). This categorization was not planned prior to the administration of the survey but rather emerged based on those answers given to the open-ended questions. The data was then compiled and tabled. EXI§IIHQ §X§I§Mi EBIQBIIIE§ZQQKQEBH§ Table 4 presents the priorities and concerns by management and employees given the existing system. Again, management reports these priorities and concerns for the employees. Hardware issues were cited most often as priorities/concerns both by management and employees. For management, having the computer assist in time-saving functions was the top priority given the existing system, 40 TABLE 4: MANAGEMENT & EMPLOYEE PRIORITIES WITH EXISTING SYSTEM * Management Employee Total Eereeere time saver I 4 2 6 retrievability I 3 l 4 backloading I l l 2 downtime I l 1 2 screen problems I l 1 2 losing data I 1 l 2 storage I l l 2 time lapse between screens I 0 2 2 keyboard I 0 2 2 Softeere networking/interfacing I 5 l 6 duplication/time loss I l 2 3 comprehensive I l 0 1 error rate I 0 l 1 ches monitoring data I l 0 1 accuracy I l 0 1 quality control I l 0 1 over employee I training I 0 l l implementation I 1 0 l ease of system I l 0 1 *n=l4 facilities 41 TABLE 5: MANAGEMENT & EMPLOYEE PRIORITIES WITH A FULLY-AUTOMATED SYSTEM 1 Management Employee Total Regenere retrievability I 2 0 2 ‘backup I 2 0 2 downtime I l l 2 storage I 1 0 1 time saver I l 0 1 screen problems I 0 1 1 §e§tee£e interfacing I l 0 I own package I l 0 1 cher training . I 6 1 7 physician cooperation I 3 0 3 accuracy I 2 0 2 security I 2 0 2 confidentiality I 2 0 2 improve working I l 0 1 conditions I money I 1 0 1 position displacement I 0 1 l reliability I l 0 1 time frame I l 0 1 *n=l4 facilities 42 followed by retrievability: having quicker and easier access to the data. Other hardware concerns included backloading, storage concerns, problems with downtime, screen problems on the CRT and losing input due to computer shut-down. Software issues were having the software interface with more departments throughout the hospital, as cited by five facilities. Software configuration to decrease the amount of duplication of screens and a package that was more comprehensive so more could be done with the data were priorities cited by at least one facility. Qiha; issues, as cited by at least one hospital, were accuracy, monitoring the data, having quality control over the employee, implementation concerns with the computer and the ease of manipulating the data for research purposes. Employee priorities/concerns, as offered by management, focused on hardware issues. Problems with learning the keyboard, time-saving functions and the time lapse between screens were cited at least by two hospitals. Software issues were cited less often as concerns, with duplicaton of screens and subsequent time loss on the system due to software configuration as the major concerns. This was followed by the limitations of the software due to the lack of interfacing between departments in the hospital, thus involving duplication of input. Less error rate, due to the software alerting the transcriptionist when an 43 error was made, was cited once. Adequate training of the employee was mentioned by one facility. Elli-LI AHIQMAIED. §X§IEM£ BBIQBIIIEZQQL‘QEBM Prior to documenting any response, the interviewee was asked whether they were acquainted with the fully computerized system now in effect at a hospital in southeastern Michigan. The ULTICARE system at this facility is state-of-the-art and suggestive of the trend toward fully automated medical record systems. Integral to such systems is having a computer terminal at the bedside of each patient. Public relation representatives had discussed this system in those geographic areas contacted for this survey. Table 5 presents the priorities and concerns by management and employee given a fully-automated medical record system. Approximately two-thirds of those issues mentioned as priorities/concerns were in the area other than hardware or software. Management cited adequate training as the greatest priority and concern given a fully automated system. Having physician cooperation in this endeavor was second in priority, with such cooperation cited as "making or breaking" a fully automated HIS. Other issues cited were accuracy, security, confidentiality, adequate time frame to implement, adequate monies to implement, reliability of the 44 system and having a system that would improve working conditions. Hardware issues cited were retrievability of the information, backup of the information, storage capacity, downtime and having the system set as a time- saver. Interfacing among departments and developing one’s own software package given a fully automated system were cited as software priorities. Management was less able to address employee concerns given the context of a completely computerized system. Downtime and the time lapse between screens were cited as hardware issues; personnel position displacement due to the computer and training were dihag priorities. Ten hospitals gave a "don’t know" response. Two hospitals, privately owned, cited confidentiality as a priority/concern without interviewer prompting. Given the scenario whereby a compromise was suggested between their number 1 concern and confidentiality, 8 hospitals (57.1%) said they would place confidentiality as the priority; 4 hospitals (28.5%) said they would not and 2 hospitals (14.2%) gave a "don’t know” response (See Table 6). Confidentiality was rated as a high priority by 12 of the 14 facilities, the remaining two said it was a medium priority. Prior to responding to all of these questions, 50% of the hospitals were familiar with the fully- automated, computerized medical record system, ULTICARE (Table 7). 45 TABLE 6: CITIZEN RIGHT PRIORITY and COMPUTER KNOWLEDGE SCENARIO ** xee 29 erg PRIVATE (n=5) 3 1 1 PUBLIC (n=9) 5 3 1 TOTAL (n=14) 8 4 2 """mEZQEEXQ’EEQ """""""""""""""""""""""""" ULTICARE (n=7) 3 3 1 NOT FAMILIAR 5 1 1 WITH ULTICARE (n=7) TOTAL (n=14) _ 8 4 2 *1 A scenario in question format was presented to the interviews whereby their number one concern/problem was cited and challenged as it related to confidentiality (ie: ”Would you agree to an increase in downtime if it decreased confidentiality problems?") 46 TABLE 7: CONFIDENTIALITY PRIORITY PRIORITY low medium high Private (n=5) I 0 0 5 Public (n=9) I 0 2 7 Total (n=14) I 0 2 12 47 DISCUSSION Overall, many aspects of this study yielded uniform responses between the 14 hospitals surveyed. What information was abstracted, users and uses of this information and how this information was obtained provided the scope in nature and amount of information used supporting the necessity for guarding confidentiality. The procedures that existed for authorization to add, delete and/or change information had not changed at all with the advent of the computerized system, but rather old policies, as they applied to the manual system, were used across the 14 hospitals. The policy in this area was rendered exclusively by medical record personnel. Although only two hospitals cited confidentiality as a priority/concern, procedural changes, with the use of passwords and identification numbers occurred, suggesting confidentiality was guarded. Four hospitals, in addition to the above, employed security codes per job function as one more level to secure and limit access. However, these four hospitals, all public facilities, did not cite confidentiality as a priority/concern; one of the four rated confidentiality ’medium’, as opposed to 'high’, on a priority list in addition to placing confidentiality second to their number one priority of interfacing software. Yet it was two private facilities that stated 48 confidentiality as a first priority. Patient names were never used on the abstracts. Patient number identifiers were never social security numbers, therefore making it more difficult to trace a patient’s chart. All terminals were in a limited access area with only authorized personnel being able to access the system and all were private in-house systems. However, the PAS Plus software package, and its network with the ARDOS operating system, as utilized by eight of the hospitals, is designed so that an individual’s password to their facility allows them access to another facility’s medical abstracts nation-wide, providing both institutions have the same equipment and software. The software package out of Florida, utilized by one hospital, is configured so that the vendor can access the system. These two situations outline the pgiaaiiai hag! that exists with the basic citizen right of confidentiality. To this end, appropriate maintenance of confidentiality appears intact, even though only two hospitals cited it as an issue of concern. In this sense, confidentiality was a serendipitous beneficiary of computer security practices. If there was any inappropriate usage, it seems that it was not due to the automation but rather to the changes in the health care industry as a whole (ie: more third-party payers and administrators requesting the information). Three of the hospitals stated that with such 49 changes, the medical record abstracts were under more critical and acute observation. Consequently, traditional organizational policies appear inadequate to meet the new flows and uses. Only two of the hospitals provided a computer printout. Xeroxing of hard copy is prevalent. Given the number of users- from physicians, researchers, ancillary medical personnel and administrators- it would seem more than the medical record department personnel should be involved in the authorization of who adds, deletes and/or changes information on a computer file. None of the directors/assistant directors gave any indication that with the change-over from the manual to the computerized system employees were alerted to the potential harm that exists with easier access to such a system and the consequent breach of confidentiality. Only one hospital cited that the sharing of passwords was discouraged among employees, although all stated that breach of confidentiality, as with the manual record, was grounds for dismissal. Other than the procedural changes which took place, manual record policies were utilized. This included any physician or adminstrator the ’right’ to access information on a demand basis. Although "need to know" and ”certificate of needs" are required before any release of information, none of the hospitals, when asked, refused a request. Seven of the 50 eight hospitals utilizing the CPHA software package did not know how the information was used for statistical research or how confidentiality was maintained once CPHA obtained the information. Concerns with the technology were prevalent among management and employees given their existing systems. Networking and interfacing the existing system to remote locations throughout the hospital, so as to include more functions outside the medical record department, was most frequently cited as the main concern/priority among management and employees. This appears contrary to the fact that only medical record personnel are currently involved with the existing policy-making in the authorization of using information on a computer file. Additionally, two of these five hospitals said that confidentiality would rate second to networking if given the choice, thus supporting this priority. Having the computer assist with time-saving functions was the second most cited concern. Two of the facilities had only one terminal for abstracting, which may explain their concern. None of these hospitals were having any computer difficulty but rather claimed the computer facilitated short cuts, speeding-up the process of abstracting and allowed for less paper usage, making the 51 process easier. Three of the four hospitals, however, stated that confidentiality would rate first before time- saving as a priority. The third most frequently cited concern across management and employee concerns was retrievability of information. The speed in getting the data, immediate access to statistics and faster retrieval were cited as reasons, supporting the hypothesis that management and employees are functioning in an environment that demands quick response and relay time of this data, thereby influencing their priorities, with confidentiality becoming a secondary concern. However, although none of these facilities mentioned confidentiality as a priority/concern without prompting, each stated they would forfeit retrievability and place confidentiality first if a choice had to be made. Employee concerns focused exclusively on the technology in all but one response, in which case training was also cited. When presented with a fully automated system, providing adequate training was cited most frequently as a priority by management. Of these six hospitals, training was currently provided by the medical record staff in two departments, by the software company in three departments 52 and via a joint effort of the two in the remaining two hospitals. Training was viewed as critical by one facility since if good training existed, with confidentiality as part of the instruction, then less problems with confidentiality would occur in the long run. Other aspects of the training, as cited by four facilities, involved teaching of the hardware and software, the keyboard, how to use the computer with login, passwords and menu, in addition to having aaiiigiaat time to do the training. One hospital stated information was only as good as the individual entering the data; it was necessary for all persons accessing the system, not just medical record personnel,to realize the implications of incorrectly inputting the data. Again, this supports the contention that more than medical record personnel should be involved in the policy-making. Also interesting to note is that two of the four facilities addressed the issue of training as it relates to confidentiality and four of the facilities viewed training as critical as it relates to the actual teaching of the hardware and software. This suggests that concerns with technology displace citizen rights in the initial designing phases. When presented with the scenario of placing training second to confidentiality, results were evenly divided, with half of the hospitals saying training would be the first priority, the other half of the hospitals stating confidentiality as the priority 53 over training. Additionally, three of these facilities were private and three were privately owned,and three were publically owned with only one citing confidentiality as an issue without interviewer prompting. Of those placing confidentiality second to training, two knew of the fully- automated system at the southeastern Michigan facility, one did not. Doctor cooperation with the implementation of the system was the second most cited concern with a fully automated system. One facility stated that their cooperation could "make or break" the entire system. One hospital’s experience was that physicians didn’t want anything to do with computers, but her observation was that physicians didn’t cooperate by providing adequate time for proper training to occur. This same reason was provided by one other facility. It appears that physician cooperation and training are related priorities/concerns with one requiring the need of the other. This also suggests that by having doctor cooperation and adequate training, with emphasis on ethics and confidentiality, the citizen right of confidentiality is guarded, albeit indirectly. Interestingly, three facilities stated their greatest concerns of breach of confidentiality were by internal (in- house) users not external users (computer hackers, third parties). Physicians were cited by the directors in these 54 three facilities as being the greatest abusers. Clearly, this supports the need for training and cooperation given a fully-automated system and in so doing confidentiality is indirectly protected. Two of the three hospitals that cited doctor cooperation as a priority placed confidentiality first when given this scenario. Interesting comparisons existed between the two facilities that mentioned confidentiality as a priority without interviewer prompting. Both were private facilities, but one was a small hospital with 137 beds, the other a 529 bed hospital. The same software package was used by both facilities, PAS Plus without any mention of past or existing hardware or software problems. Both facilities utilized one dumb terminal, housed in a limited access area. Both had been on-line since 1981 with the software company providing the training. Both rated confidentiality as a high priority. The smaller facility had been without any known problems of breach of confidentiality and rated the time-saving function of the computer as the next priority. When given the scenario, confidentiality took precedence to any other concern. The other hospital did have problems with breach of confidentiality which led to dismissal of a physician involved. Retrievability was rated as the second priority to confidentiality followed by doctor cooperation and adequate training. Despite the recognition of 55 confidentiality as a main priority, the economies of retrieving the information quickly were chosen over confidentiality if a choice had to be made. Ethically confidentiality was cited as a priority, but realistically retrievability would be placed first in the policy decision-making, according to the director in this facility. It was stated that confidentiality problems would be handled ”as they occurred." (This was also stated by three other facilities). The director of this department was on the planning committee for their system in the early 1980’s and confidentiality was not part of the process of design but rather came up ”after the fact when (we) were on-line." Concerns cited, as part of the planning committee, were hardware and software issues, training and physician cooperation. Of the two facilities citing confidentiality, the one without any problems of breach continued to uphold this citizen right, whereas the facility with known problems stated that the economies of other concerns displaced confidentiality as a priority. Not a direct part of this survey was attendance to the Southwestern Michigan Medical Record Association meeting, where two representatives from a midwestern hospital, discussed ULTICARE, a fully computerized medical record system. The meeting was attended by approximately 75 employees and managers of medical record departments 56 throughout southwestern Michigan. When the discussion was opened to the audience, the following questions and concerns were documented by the author: downtime (including power failures) response time backup measures storage doctor receptivity/training on the system employees displacement of position change in organizational design with the computer (ie: the increase in PA positions) the nature of the change in function in the department what happens if you don’t bring your computer card to work er lose it (ie: card to access the system) 10. loss of information was on-line 11. how much paper will remain 12. how will electronic signatures be accepted QODOI-hCASNI-J com Although security and confidentiality was one area of seven discussed by the representatives, it was not mentioned once in the 45 minute question and answer period that followed. Issues and concerns regarding the technology were more frequently cited than that of citizen rights. CONCLUSION Overall, the 14 profiles showed that the extension of computing and communication by these hospitals is essentially a matter of organizational design. Computerization requires managers to exercise choice in selecting files and data flows to automate, arranging configurations of hardware and terminals, defining operator-machine relationships, setting patterns of data- sharing inside and outside the organization, deciding on 57 the levels of organizational monitoring and reporting, and reviewing what types of data collection, patient consent, ‘and access-to-record rules the organization traditionally provided and she; it sill nee prezide with a fully automated system.1 The real locus of decision- making as to how confidentiality will be regarded lies with these organizational managements. However, it appears that traditional organizational policies have not 'kept pace with the flows and uses of health information. Despite the expansive nature of users and uses of this information, policy regarding authorization and access is exclusively determined by medical record personnel, according to the surveyed results. The same practices (pursued with manual records appears to be carrying over into computerized files. Given the more detailed, more centralized, more permanent, more easily transmissable quality of computerized medical records, the policies currently employed with respect to manual records threaten to be seriously inadequate, even if it only pertains to the pgtaaiiai dag! in compromising confidentiality. It appears that computerization of personal medical information has been marked by haphazard growth. It has not developed according to thoughtfully conceived plans for achieving integrated health information systems, which may be why interfacing/networking was the most cited priority. Immediate concerns with the technology displaces citizen 58 rights as supported by the number of facilities citing hardware and software issues as the main priorities and concerns. Although over 85% of the hospitals agreed that confidentiality was integral to medical record department function, only two cited it as a priority without prompting. At the same time, policy as to confidentiality appears to be developing on an individual, ad hoc basis, as . supported by the four facilities who handled problems with confidentiality as they occurred. Although procedural changes occurred with the advent of computerization in the form of computer security practices, the use of passwords and identification numbers alone is not sufficient to guard confidentiality. Appropriate maintenance of confidentiality appears to be provided 59 iha aaiaai that confidentiality becomes a beneficiary of computer security practices. Nothing suggested that confidentiality was considered in the initial designing phases of these systems. Whether appropriate usage is maintained with automation is a question that requires constant monitoring. How much and what kind of identified personal data is really needed to perform one’s job function is a question that demands an entire study, far beyond the scope of this analysisr The following chapter will discuss the policy alternatives using the 14 profiles as guidelines. Suggestions for future studies are also discussed. 59 FOOTNOTES 1 . Westin. Alan. Qeepeierei Heelth Reeeree end Qitieee Rigaia. US Department of Commrce, Washington, D.C., 1976, p. xvi. 60 ENDNOTES 1 DRG’s: Diagnostic Related Groups: A standard applied to length of hospital stay per categorization of disease. Utilized for billing practices as a means to codify and regulate health care costs. Chapter 3: Private and Public Policy Alternatives ”The untoward effects of such (computer) systems do not stem in the main from poor technical security. Although public mistrust of the computer often center on the possibility of unauthorized access to a central data bank for purposes of blackmail or commercial exploitation, the purely technical difficulties that can be placed in the path of any but the most well- equipped intruder can make almost every computer installation more secure than its manual counterpart." 1 To provide a perspective for the policy analysis and recommendations, three postulates from this study are important: 1. It is a paramount requirement of American society, based on its concern for human values and individual dignity, that citizen rights (i.e., confidentiality) be adequately protected regardless of health-care or computer system options. The objective should be assurance of individual right guarantees of all institutions collecting medical information. Issues of citizen rights should not become matters for later consideration, addressed on an ad- hoc basis, or simply be the beneficiary of computer security practices, but they should be integrated in the initial designing and planning stages of policy-making; 2. Medical records and health information are used today in a wide variety of settings. Given this great 61 62 diversity of settings, no single public-policy intervention can be expected for standard-setting for the protection of citizen rights, in particular confidentiality. A model statute, judicial rule, constitutional ammendment or manager’s code could not encompass, on its own, all the important problems that need attention in this area, nor would the actions of any aaa of these policy-forming authorities be adequate in terms of regulatory supervision. Therefore, a combination of policies and standards from various authorities and institutions in the social system will ultimately contribute to a consistent, national approach. 3. From this analysis, computerized medical records do not appear to be emerging under a set of guiding principles and procedures. Sufficiently precise standards of confidentiality, even if advocated in hospital guidelines, are not adequately voiced as priorities on behalf of medical record personnel. CONCEPT APPLICATION TO AUTOMATED MEDICAL RECORD SYSTEMS In order to prevent the potential abuse of computerized medical record sytems, both administrative guidelines and appropriate computer systems requirements are needed. 63 The incorporation of four major principles, offered as administrative guidelines in a study on Health Informatics and Privacy, are relevant to this analysis: 2 1. Basic definition of function: An understanding of the purpose and future objectives of the computer-aided information system should exist. 2. Rights of individuals: A clear line of administrative responsibility concerning the interests of confidentiality should exist. 3. Licensing and selection of employees: There should be a careful selection of employees for competence and integrity akin to licensing procedures within the medical profession as a whole. 4. Code of ethics: The support of relevant professional societies is required in establishing a code of ethics for the centralization of health information. Ideally, the elected representatives should enact policies that will govern the use of such systems in the individual and public interests. These principles only act as a framework for confidentiality to be integrated both ethically and realistically into any policy decision-making with fully automated, computerized medical records systems. What follows is an attempt to define more specifically those principles that would enhance the above framework given the case study findings. A study sponsored by the 64 Institute for Computer Sciences and Technology in 1974 on Qenpnterei Eeelth Reeende end Qitinen Rights 3 provides guidelines to this endeavor. I. The Need To Teach Respect For Citizen Rights Perhaps the most critical element to any assurances that confidentiality be maintained and guarded is the observance of a good training program concurrent with an adequate amount of time to train the personnel. Clearly, this was recognized by the directors surveyed for this analysisf/The integrity of any information system regarding confidentiality will eventually be resolved at the level of the human factor. "Computers..are devices..an(d) inanimate objects devised by man to receive, transfer or hold information items made available to the system through human intervention.”4 The predominant relationship is one of persons to the system. Individuals are responsible for the creation of the system, the input of the information, the manipulation of that information and the final disposition of the data produced by the system. Consequently, personnel standards are necessary due to the prime significance of the human element in the integrity of any automated system: (1) Personnel standards should be established for all participants including doctors, nurses, allied health professionals, administrators, data processing staffs, etc. 65 A careful selection of employees should exist stressing competence and integrity. (2) All accepted personnel should be indoctrinated on a continuing basis regarding the system objectives, functions and operational responsibility regarding confidentiality. This includes the development of orientation programs, interpretive guidelines, continuing seminars, problem-solving sessions and annual reviews to foster understanding of the system’s policies on citizen rights.5 These programs should acknowledge and accomodate the attitudes of major occupational groups in the organization, namely physicians. Doctor cooperation and support in this area is critical and should be encouraged, as the findings of this study suggest. When possible, patients and public representatives should be included in the development, management and evaluation of these programs. In calling for such supportive activities, the attitudes of top management play a central role. It is necessary, albeit ideal, that they are committed to policies safeguarding confidentiality and not project any attitude of annoyance or intrusions into more important matters. (3) Specific training should be provided regarding terminal operation. Ideally, the company providing the software should be involved in this training concurrent with the management in each of the departments involved. 66 Differences did not emerge in this study in terms of performance or acceptability of the computerized system with the training done either by the medical record department or in conjunction with the software company. Having the support of the latter, however, would act as an additional measure for proper instruction and adaptability to the system as a whole. II. The Need To Apply Appropriate Security Measures Due to the sensitive nature of the information stored in a medical information system, security measures should exist to limit access by personnel within the hospital utilizing a need-toeknow and/or certificate of need, (as cited in two of the surveyed facilities), to monitor the uses to detect unauthorized access and protect files from outside intrusion. In this respect, several departments should be involved in the policy making, not just the medical record department personnel as indicated in the .findings, since the use of this information far extends the medical record department. The use of passwords and identification numbers provide adequate security measures; the use of security codes by job function, thus limiting how much information one can access given one’s job description, is an excellent security addition as utilized by four of the hospitals surveyed. The sharing of passwords, identification numbers and cards should be 67 discouraged with penalties existing in the event of its occurrence. The key issue is the need for management across all departments with personnel involved in accessing the computerized system, to formulate clear policies as to data access. The basic goal of data security was to block or detect attempts by the hospital’s own personnel to obtain confidential data which they are not authorized to have; this suggestion is based on the findings that more internal than external breaches occurred. The cost and trouble to outsiders for breaking into the system must be sufficiently 6 high to dissuade potential intruders. III. The Need To Insure Accuracy As indicated in this study, an indirect insurance of confidentiality is having managers and staff make certain that the personal data they input and store are as accurate, timely and complete as the uses to be made of them require. Worth restating is that this is critical with computerization since an erroneous piece of data can be integrated with other data and widely disseminated. This not only ensures an individual’s proper health care but protects the social opportunities and benefits of individuals that may be determined through the use of such data.7 The basic point of this suggestion is based on the cited priority in this study of wanting a more 68 comprehensive computerized system (ie: interfacing and networking). The more comprehensive a hospital information system, as would be the case with a fully automated medical record, the more its records are relied upon, the greater the attention that must be paid to accuracy. IV. The Need For Outside Examination The use of computers in the medical record departments surveyed should not a one-time decision as to how and what information will be automated. The ultimate manifestation of this is one hospital’s move to diligagfi, a fully automated medical record previously described. The expansion of applications to additional files, new combinations of data and more extensive data utilization, reasons cited for a change in software packages by four hospitals, serve as additional manifestations. This supports the need for regular review of such systems, ideally by and through the utilization of ethics committees. Periodic review should focus on the continuing adequacy of the hospital’s policies and data security in light of the changes in data processing. More importantly, in alignment to this study, is examination by this group of such expansions and impacts it might have in relation to confidentiality. 69 Good public policy requires that outside review not be merely a one-time process, that being at the onset of implementing a comprehensive, computerized system. Who would conduct such reviews could be via a private commission or association, a state regulatory agency or a federal body.8 Of importance to this writer is the need for ethics committees to be a central part of this review body. V. The Need To Secure Information For Public Use The individual’s right to privacy and the public’s right to examine and supervise how its institutions are functioning, as suggested in the above, is a dichotomy that demands attention. Given the obvious conflict, the rules of confidentiality should be devised to avoid the existing difficulties. Suggestions offered by Westin’s study were to use medical records without unique identifiers or with potentially-identifiable data removed, thus softening the conflict between privacy and public access interests.9 The findings showed that not one hospital in this study used social security numbers or its equivalent as patient number identifiers. Traditgonal laws governing confidentiality also poses Iconflicts. In some instances, personal information covered bar the Privacy Act of 1974, but not required to be 70 disclosed under the Freedom of Information Act, may be disclosed under the Privacy Act for routine uses or with the prior written consent of the subject material. The Privacy Act allows for disclosures in the public interest of only certain kinds of information, while the Freedom of Information Act allows for invasions of privacy by disclosures of personal information if a public need is established. Because the Privacy Act does not supercede the Freedom of Information Act, which permits invasion of privacy unless clearly unwarranted, there are insufficient safeguards against the arbitrary exercise of administrative discretion and possible invasion of personal privacy.11 Consequently, many of these situations, as they arise within the medical record departments, are handled on an ad-hoc basis. Part of this analysis was the determination of whether traditional laws were keeping pace with the automation of medical records. It appeared they are, at best, inadequate given the above discussion. The task of public policy is to install regulations as to what uses can and should be made of personal data and establish penalties against misuse, thus supporting public confidence in the handling of personal information. This also indirectly. supports confidentiality of a fully-automated medical record. 71 VI. The Need For Patient Representation The need to inform patients that they have rights and how to exercise them is presently recognized, as exemplified in the American Hospital Association’s Bill Of Rights For Hospital Patients and the involvement of public interst groups in this area.12 With regard to patient rights and computers, every hospital with a computerized medical record system should provide this information to the patient via a handbook upon admission and/or through a person who serves as an ombudsman representing patient rights. This serves two purposes. For one, the very publication of such a handbook alerts and reminds hospital staff of its responsibilities and obligation to patient rights.13 Secondly, and perhaps the more critical element in supporting citizen rights, is the role and presence of this representative. This individual, as part of his/her duties, would explain the nature of a computerized medical record. This allows for joint responsibility to exist between the patient and hospital personnel in serving patient rights, a necessity given the consumer role individuals are facing with the changing .health care industry. Additionally, a provision should_ exist for individuals (patients) to inspect the files Icontaining personal medical data with the means to correct 72 any information that is in error or subject to bias interpretation. POLICY ACTION The task of applying these guidelines to the computerization of medical records requires long-range goals that should be started before the inception of the fully-automated system. Action should occur through a mixture of interventions from legislative, organizational, citizen-group and judicial initiatives.14 As hypothesized, traditional laws and organizational policies regarding confidentiality are not keeping pace with the automation of health records. Consequently, legislative actions defining explicit citizen rights provisions and a general administrative system facilitating these rights should be developed. Ideally, public interest groups should work cooperatively with the medical staff in this endeavor providing a driving force for state legislative action. Judicial action should include a broad strategy establishing common law duty of private organizations and the constitutional duty of government organizations to take "reasonable care" in the handling of sensitive, personal medical information.15 Organizational responsibilities should include adequate training programs ‘With.emphasis on confidentiality issues. Data processing, medical record and computer vendor personnel should work 73 collectively in developing security measures in relation to system access and employee standards. Citizen- group actions are central to raising citizen rights issues and maintaining this attention. This level of involvement may actually be the cornerstone to sound confidential practices with a fully-automated medical record since "..without consumer education, appropriate organizational policies and procedures and informed up-to-date legislation, a comprehensive and workable plan for protecting the confidentiality of medical records 16 will remain an unmet objective." FUTURE STUDIES This case study is, at best, a first-stage approach to an ever-demanding cause: "citizen rights can not be made a causality of technology-assisted health systems.”17 This study provides further proof, with only two of the fourteen facilities mentioning confidentiality as a priority, of the criticalness of properly and continually enforcing this right. As a consequence of this research, several ideas for future studies in the area of confidentiality and hospital information systems emerge: 1. Assessing computer vendor role in the development of software packages and the measures taken to insure confidentiality at that level of development. 74 2. Documenting physician role and understanding of the medical record and the medical record department: what is their level of willingness to learn the system? 3. Documenting the amount and kind of confidential information a physician chooses not to put into the medical record and whether computerization influences that decision. 4. Documenting the role of the medical record in today’s changing health care industry. 5. Documenting any change in definition of confidentiality by patient and physician with computerization of the medical record. 6. Assessing the type and nature of research conducted with medical record data, how the information is used and by whom among hospitals. 7. Documenting the trend of consumerism in the area of medical records and the amount of consumer awareness vis-a- vis patient rights and access to one’s medical record. Although this case study provides a starting point for future, more in-depth analysis of such issues, it has areas of weakness worthy of discussion. A larger sample size would have yielded better data for statistical tests of significance. T-tests could have been run testing for significant differences between private and public facilities, hospital size, the nature of the existing system and access and security 75 issues in relation to answers given regarding confidentiality. A sample size of fourteen limits the discussion to a qualitative, exploratory analysis. Clearly, a larger sample size would make for better generalizability of results. The procedure of asking questions regarding the nature of the existing system first, followed by access and security issues, may have led the respondent into a technical mind-set. Consequently, this may have influenced the nature in which the open-ended questions were answered regarding priorities/concerns with the existing system and given a fully-automated record. This may explain the abundance in nature of technical (ie: hardware and software) issues. Another area of weakness in the study was having management respond on behalf of the employees. Ideally, the questionnaire should have been answered by both the staff and management thus adding credibility to the list of employee priorities and concerns. Two areas of concern emerged from this study. Whether they can be attributed to areas of weakness in study design are speculative. One area was that policy regarding authorization and access was stated as being exclusively determined by medical record personnel. However, per the American Hospital Association’s guidelines on the internal and external disclosure policies of such information, hospital 76 administrators establish the policy, not just medical record department personnel. Whether the discrepancy lies in the nature of the question and how it was aked, thus biasing the interpretation and subsequent answer on the part of the respondent, or whether the policy as outlined in the guidelines is not be followed remains unanswered. One can only specualte the real reason. If it is a question of not adhering to the guidelines, then action is necessary to remedy the problem. The second area of concern was that none of the hospitals cited "patients" as users of the medical record, despite Michigan state law allowing patient access to hospital records and those records kept at doctors’ offices. Here again, whether the nature of the question influenced respondent answer, thus not mentioning patients as users, or the departments are not getting such requests by the consumer to begin with, is cause for specualtion. Since its founding in 1928, the American Medical Record Association has been committed to high ethical standards with confidentiality as one of its highest priorities. Because confidentiality is ‘such a given’ and so central and integral to medical record department function may explain why it was not mentioned as a priority. Conversely, this may actually provide further support to the contention that technology displaces citizen rights; the long-standing tradition of ethical commitment 77 to confidentiality needs to be more than an assumed priority with the advent of a fully-automated medical record. It is worth restating that this study, in its conclusion, does not assert citizen rights are in greater jeopardy today with the advent of computerization. It is believed by the author it is the potential harm that exists with a computerized system that demands attention. Clearly, and in some cases, breach of confidentiality may, in fact, be easier to achieve with a manual record. One exaample is that hospital personnel could access a record more quickly by having the patient name and room number, going to the floor and getting the chart rather than getting a password and having to identify the patient’s hospital number before accessing the information via a computer. The key appears to be in the educational process in the training of employees, including physicians, to the system and having physician cooperation. This was cited learlier as a means to ensure confidentiality, albeit indirectly, since the educating of ethics and citizen rights should be incorporated in all training programs. Conversely, the knowledge of the system, how to get in and what information to obtain, may open the door to further abuse. What is needed is an appropriate software package with built-in security measures for this very reason. A means should exist to 'track’ what information is being 78 accessed, by who, who is logging into the system and at what time. This would facilitate the ensurance of patient confidentiality by tracking the amount and type of information flow. This appears particularly critical given the study’s finding of research and statistical studies as one of the most frequently cited uses of patient data. Given that the means of monitoring information usage for research purposes is not clearly defined or accomodated via a software package requires not only further study, as suggested, but indicates the ease of violation in the breaching of confidentiality given a computerized system. The best example of this, as taken from this study, is the design of the CPHA system where the Data General equipment is not password protected and as long as hospitals have the same equipment, software package and the ARDOS operating system, an individual’s password in Michigan gets them into a system in Colorado. Admittedly, this computerized system does not ensure patient confidentiality. This study takes root in today’s social climate. The United States is in an Information Age, with computerization meeting the need to manage large quantities of data. Two prevalent public health issues are AIDS and drug usage with society being challenged as to the best means to handle these problems. Against this backdrop are civil rights liberties that are intrinsic to American values. This study becomes a first step, for this writer, 79 in recognizing the need to balance the issues as they converge in the 1980’s. CONCLUDING COMMENTS As American society reorganizes and redefines its health care system, increased use of computer technology is inevitable.18 Citizen rights can not be a casuality of technological advancement and American tradition demands such rights to be served as more than an accidental beneficiary of computer security practices or handled on an ad-hoc basis. Critical to such insurance of confidentiality are adequate training programs with physician cooperation and support in this endeavor, as the findings suggest. Given that a more comprehensive system (ie: interfacing and networking with more departments) is cited most frequently as a priority supports all the more the need to insure confidentiality practices since with such a system the potential exists for more information to be disseminated throughout more hospital departments. Ethics committees would provide impartial, independent review of such departments’ practices and policies thereby safeguarding confidentiality. The initiatives of several departments and organizations are required to promote the continuity of citizen rights with patient representatives upholding and serving these rights. 80 Continued research, concurrent with careful planning and evaluation at the private and public levels, offers the best opportunity to insure confidentiality with the computerization of medical records. Only then will traditional laws and organizational policies keep pace with the automation of the medical record thereby insuring appropriate usage and maintenance of confidentiality. 81 FOOTNOTES 1 tiE'EEEFetZPg—r'S‘XEGiSSPy'EBmfiItEES 33 ZEESEEEZE Data Systems, US Department of Health, Education and Welfare, 1973, p. 19. 2 Brandeis, Jan F. Health Informatics: The Canadian Experience. The Canadian Medical Association, Ottawa-North Holland Publishing Company, New York, 1976, p. 45. 3 Rights. US Department of Commerce, Washington, D.C., 1976, Comber, Edward, "Management of Confidential Information," Computers and Security, Alps Press, New Jersey, 1978, p. Rights. US Department of Commerce, Washington, D.C., 1976, Ibid., p. 296. Ibid., p. 296. Ibid., p. 299. Ibid., p. 297. 10 Publishers, New York, 1979, p. 325. 11 Ibid., p. 325. 12 Patient Bill of Rights. American Hospital Association, 82 13 Westin. Alan- Qenpntenei deelth Reeende end Qitieen Rigdiai US Department of Commerce, Washington, D.C., 1976. p. 297 14 Ibid., p.300. 15 Ibid., p.300. 16 Waters, Kathleen and Gretchen Murphy. Madigai Ragagda ia Health Information. Aspen Systems Corporation, Germantown, Maryland, 1979, p. 264. 17 Westin. Alan- Qenpntenei deelth Reeende end Qitieen Righta. US Department of Commerce, Washinton, D.C., 1976, p. 308. 18 Ibid., p. 308. APPENDICES ,‘fi-l-fi Appendix 1: Users of Health Information Users and Uses of the Medical Record Uses of Health Information Health Care Providers. Institutional and Individual Maintain communication among health care providers during the current episode of illness Facilitate continuity of care for patients and assessment of the efficacy Of the care given Assure appropriate reimbursement Assist medical and allied health students in relating theory to medical practice Evaluate quality of patient care ° Assess use of facilities. equipment. services. personnel. and financial resources Document compliance with standards for accreditation and government regulations Conduct research aimed at the improvement of treatment. assessment of disease detection methods. assessment of the effectiveness of medication and other treatments through study of appropriate cases Plan for future health care delivery systems to meet patient and communiy needs Payers for Services. Private insurance Plans. Govemment Insurance Plans and Their Review Organisations _ O Substantiate patient claims for payment of health care services Substantiate the data on which reimbursement is based Monitor the appropriateness of care and services rendered to the insured Assess the cost of health care services to the insured 'e Social Users: Public Health Agencies. Medical and Social Researchers. Rehabilitation. Social Monitor disease epidemiology Investigate disease patterns. sheets of disease on functions of daily living. effects of. treatments Welfare and Home Care Programs . Assess need for specific types of health care programs and services Lump program plans for health care programs and services Employers Assess job related injuries and occupational hazards Federal. State. and Local Government Agencies Document extent of disability Determine appropriate allocation of government resources for schools. health care facilities. educa- tional institutions DeveIOp plans for health care programs and services Judicial Process Media: Press. Radio and TV Patients Accrediting. Licensing. and Certifying Agencies Source: Adjudicate civil and criminal matters through use of the medical record as evidence Aid the judicial process for involuntary admission of the mentally ill Report health hazards. diseases affecting the public health and newsworthy events. and developments in medical research ‘ Assist in understanding their health care Aid continuity of care for future treatment Assess individual fulfillment of criteria for professional licensing by a state government agency Ascertain competence of practitioners Determine compliance with criteria for hospital—based educational programs Document compliance with standards for institutional accreditation 1982 by the American Medical Record Assoication. A position statement on Eeniideneielit! of Eetient Eeeitn Information. 83 Appendix 2:Institutional Policies for the Disclosure of Medical Record Information Source: 1979 by the American Hospital Association, 840 Lake Shore Drive, Chicago, Illinois, 60611. APPENDIX 2 < ~ AMERICAN t HOSPITAL Assocumon INSTITUTIONAL POLICIES FOR DISCLOSURE OF MEDICAL RECORD INFORMATION Thar guidelines were developed by the American Hospital Association '3 Advisory Panel on Privacy and C onfldcntialit y of Hospital Medical Record: to promote and preserve the confldcntialit y of hospital medical record: and to establish principle: and recommendation: for appropriate access to them. The principle: established in this document supersede those on the use and release of hospital medical record information as contained in the 1972 book published by the Association. Hospital Medical Records: Guidelines for Their Use and the Release of Medical Information (Al-IA no. IZSOM). There guideline: were approved by the A HA Board of Trurtcc: in November I 978. Use of these guideline: is suggested in conjunction with the Association's Statement on Preservation of Medical Records in Health Care Institutions ($003). The Association is also preparing a companion handbook on medical record procedure: to correspond with the principic: in these guidelines and to replace the l 972 book. Introduction Changes in the social and economic environment. accom- panied by rapid growth in record-keeping capabiiitics. have produced an intensive need and demand for more kinds of and more detailed patient and patient-care information. Never before have hospitals had to keep so much information to _ make possible the completion of daily transactions involving patient care and delivery of sen-ices. Never before. have hospital medical records been subjcczcd to so many demands for their use and-disclosure of contents. ‘ The informational upsurge is largely the result of: 0 Increasing complexity of medical care associated with the growth in size and variety of professional disciplines in- volved in the, delivery of health care services. a Wide-scale use of computers in marshaling information. processing information exchange. and creating data banks. 0 Increasing mobility of the population. with the consequent increase in the volume of requcsu for exchange of medical information. 0 Expanding informational needs of governmental agencies for planning. administration. evaluation of government programs. and policy-making purposes. 0 Progressive growth in the number of third parties‘ concerned with the patient and his medical record. Many of these third parties are seeking information for proposed uses. such as payment for patient care. that are quite different from the primary purpose for which it was collected. 0 Increased government access to patient-identifiable records and increased reporting of personal information to the government. ‘ 0 Increased incidence of health-related legal actions and proceedings. ‘A party other than the patient. the patient's personal representative. the physi- cian. or the hospital. 81:- Q POtcntiaI misuse of the authorization for disclosure of medical record information. A searching examination .by the American HJscital Associa- tion on how best to use and control hospital medical records brought forth contrasting ind sometimes: conflicunglcicws on how to ensure privacy rights while arthrsairn'c lime ,rc'cbgnizi“ ing the legitimate interests of third parties. Of concern to the Association is the prcl. ailing tcnccnqgoffi-ifmmation seekers to disregard or be unaware of the hospital's oingation to rcspccsthc right of patients ioeerscinal privacy and to treat records pertaining to their care as cOnfidcntiaI. As the first step in, striking‘ a proper balance between the per- sonaI privacy rights of patients and the inl's'lrmatlonal needs of hospitals and society in gc’ncr'cI. the American Hospital Association believes that it is essential fer hospitals to have a chlodcflncd policy on the use and disclosure of medical infor- mation. This policy should limit disclosures to essential pur- poses. rcstrict information disclosure to that necessary to ac- complish those essential purposes. promote the use of an authorization for disclosure of medical records. and recognize the limitations of the medical record in performing the many services expected of it. However. provision should be made for those instances when nothing less than a full disclosure of the medical record will suffice. These guidelines have been prepared to assist hospitals in developing policy manuals on the disclosure of medical record information. Following the concepts of policy formation. the guidelines define areas in which decisions are made and es- tablish policies to cover the areas deemed important. Princi- pIcs established for internal use differ from those established for external use. Recognition also is given to the exceptional situations that may require special handling. Characteristics of the medical record The development of policies on disclosure of medical record content must begin with a set of basic principles. These basic principles relate to the characteristics of the medical record: a. a‘ ' 85 purpose. content and format. disclosure. ownership. confiden- tiality. and accessibility of the medical record. Purpose ‘_ The primary purpose of the medical record is to documer .t the course of the patient‘ s illness and treatment during all periods 'of care. whet her as an inpatient or outpatient. The record is important in medical prac: ice. It serves as an instrument for communication among physicians and Other professionals contributing to the patient's care and as a basis for planning and evaluating that care. The secondary purposes of the medical record are: 0 To serve as a source for substantiation of the patient care services and treatment provided. 0 To provide clinical data of interest to researchers and con- tinuing education programs. 0. To meet and support legal and quasi-legal obligations im- . posed on the hospital and the physician. Content and format The medical record is used by practitioners in the management of patient care. Because of this use. the objectives of effective patient care should serve as the basis for determining content. methods of organizing clinical information. desired manner and style of recording. adequacy and timeliness of entries. and justification for exclusion or inclusion at information. Ownership- Records of the hospital. including medical records maintained for the benefit of the patient. the physician. and the hospital. are regarded as the property of the hospital. Legal counsel shbuld be consul ted as to applications of local laws. Disclosure . Subject to applicable legal provisions. ihe hospital may restrict removal of medical records from its files or from its pre...ises. determine who may have access to their contents. and define the information that may be disclosed. In fact. state laws or regulations. or the need to preserve the admissibility of records as evider .ce-in judicial proceedings. may manna-2e that records be removed only for hospital or courtroom purposes. C onfidentialit y The patient has the right to expect that records pertaining to his care will be treated as confidential. and the hospital has the obligation to safeguard his records against unauthorized dis- closure. A ccessibility Medical records should be used within the hospital only by authorized recipients on a need-to-know basis. Responsibility for disclosure of medical record information by the hospital. with or without the authorization of the patient to whom it pertains. should be delegated to hospital personnel who un- derstand the characteristics of the medical record and recognize the occasional situations that require the advice of a medical staff member or the hospital attorney. Policies for internal disclosure The hospital shall provide for the security of the medical record and establish internal policies to provide for their proper use as needed to carry out functions within the hospital. Access to the medical record without the written con- seat of the patient depends on: ‘ 0 The authority and responsibility of the hospital or medical staff member or duly appointed committee or panel re- quesring access. 0 The reason for the request. 0 The kind of information required. Policies for internal disclosure of medical record information should be established for various functions within the hospital as described in the following paragraphs. Governing board and chief executive officer Legal precedents recognize the right of access by the governing board of the nospitai in order to ensure quality of patient care. All hospital policies on the use of the. 1'. -cical record and on disc .osure of medi al record content ‘shocld be prepared in consultation with the hospital attorney and are subject to review by-the governing board of the hospital. The chief executive officer has access to all re whenever necessary to carry 'out his management searpimsibil- ity. Except when laws or regulations dictate otherwise. the chief CXC”"U\C off": 2:: also ha 5 the responai'ctiity torfiaal-deci- sions on what m..d iccl rec crd disclosures may be made'and-the circumsta. .223 under which disc .osures may be made. cords-ofpatients Hospital security It is the responsibility of the hospital to establish and-imple- rn-L-nt security measures that reasonably satcguard N-“b the .edl cal record audits im'crrn- :clrt’al content. in: thermhard copy. on f lm; or in computerizec form. againsr loss. deface- ment. tampering. unauthorized disclosure.‘ and use by- on- ~authorized personsI'AIl officers and employees or -'..‘re hovpital must be made aware of-their-‘ceponsicalty in mainvhniug the confidentiality of medics. record information and af" ... a dis- ciplinary aetions that may be taken for unauthorized dis- closures of patient-identifiable information. ~ Patient care Use of a patient's previous medical record. both inpatient and outpatient. by physicians and other health care professionals involved in the care of that patient at the institution maintain- ing the record does not require the patient's signed authoriza- tion because consent to such use is implied. Disclosure of medical information in the event of direct referral or transfer of the patient to another medical care provider does not re quire the patient' 3 signed authorization. A record should be kept of the information disclosed. - Qualitv evaluation Because of its responsibility for determining whether the qual- ity of care provided to all patients is consistent with standards as provided for in the medical staff bylaws and in the requi- sites for hospital accreditation. the hospital can use medical record information for quality evaluation without the express authorization of the individual patient to whom it pertains. However. all individual patient identification should be ex- cluded from the routine report of such findings and recom- 86 mendations. When circumstances dictate otherwise. a coded method of identification may be appropriate for internal use. Education programs The hospital should establish rules for the use of medical records in hospital-approved education programs for medical and health care professions and should disseminate the rules to the appropriate program directors and instructors. who also must share the responsibility for protecting the confidentiality of the medical records and ensuring the availability of the records for patient care purposes. Research The rules of the hospital shall define the extent to which physi- cians and other health care professional Staff in good standing are privileged to use the medical records for bona fide study and research and shall define circumstances that require patient authorization for such use. Anyone using the medical records for bona fide study and research must also share the responsibility-for protecting the confidentiality of the medical records and enSuring the availability of the records for patient care-purposes. Health data systgms and data registries’ The hospital. as a provider and user of data resulting from its maintenance gland/or participation in a health data system. shall ensure that reasonable care is taken to: O Safeguard the privacy rights of persons identified therein. Ir-Collect and store relevant information. 0 Establish-'standards for accuracy. _ timeliness. and com- pleteness of data input. ' ‘0 Obtain am} maintain security'of conl'tder .tial data. - 0 Control: unauthorized disclosure in patient-identifiable. physician-identifiable. orhospital-identifiable form. 0 Validate statistical data. ‘l Closely monitOrt-lie data sy stern for its continuing-adherence to previously agreed upon policies and procedures. Hospital affairs Access to the medical record without patient authorization should be provided only on a need-locknow basis in the management of hospital affairs. including that necessary for performing internal administrative tasks. conducting quality assurance programs. receiving legal counsel. planning health services. and surveying hospital-approved programs for ac- creditation compliance. Staff access to medical records shall be commensurate with a person's responsibility and authority for conducting hospital business. Disclosures of medical record content shall be ,made only by those suitably trained or qualified to do so. Policies for external disclosure The hospital Bhall establish policies for the disclosure of medical record information to meet the various controls and requests that arise from outside the hospital. Elements to be ’For further information. see the AHA Statement on Health Care Data. AHA catalog no. 5032. considered in policy formulation include: 0 Types of requests. 0 Kind of information requested. 0 Persons. agencies. or organizations authorized to receive information. 0 Permission needed for disclosure. 0 Conformance to laws. regulations. and other measures in the public interest. 0 Esmbllshment of reasonable charges for furnishing capies. Provision should be made for handling exceptional requests that result in decisions that may constitute additional policies or important modifications of existing policies. Policies for external disclosure should be established to cover all events usually faced by the hospital as described below. Authorisation for disclosure The hospital shall respect each patient 5 expectation that records pertaining to his care will be treated as confidential. Therefore. n’o hospital should disclose. or be required to dis- close. medical record information in patient-identifiable form to a third party without the patient's authorization. unless such disclosure is: 0 Pursuant to law or statutory regulations requiring the hos- pital to report certain information. 0 In accordance with compelling circumstances affecting a person's health or safety. 0 Permitted under certain circumstances by the hospital in the conduct of biomedical. epidemiologic. or health services research projects. 0 Limited to name. date of admission. and general condition. except in those instances when the patient or his authorized representative requests that even this limited information A not be released or when laws or regulations (for example. alcohol and drug abuse treatment) forbid the disclosure of this information. Patient authorization Written authorizations are a good practice and may be man- dated under some regulatory requirements: for example. the Federal Drug and Alcohol Abuse Act. One of the purposes of a well-drawn authorization for dis- closure of medical record information is to indicate to the patient. or person acting on his behalf. what subject matter is being authorized to be disclosed. the person or Organization that will receive the information. and any applicable time limit (see pages 7 and 8). Disclosure limits The hospital has a responsibility to limit the disclosure of in- formation to only that which is stated on the authorization or required by law and to limit disclosures made without the patient‘s authorization to only that information permitted or required by law to accomplish the purpose for which the dis- closure is made. Whenever disclosure is made pursuant to the 87 written consent of a patient involved in a drug Or alcohol abuse program or treatment function. such disclosure must be accompanied by the followi g statement: “This information has been disclosed to you frog: records whose confidentiality is protected by Federal law. Federal regulations prohibit you from making any further redisclosure of it without the specific written consent of the person to whom it pertains." Record of authorization The hospital should maintain either the original or copies of the patient's disclosure authorization. which should be made available for examination by the patient. Careful consideration should be given to keeping a notation of all disclosures to third parties. Other health care providers The hospital shall not honor a request from another hospital. a nonstaff physician. or other health care provider for patient- identifiable medical record information unless the request .is accompanied by that“patientis authorization for disclosure. ex- cept under certain conditions-warranting immediate disclosure to a properly-identified medical care provider or public health officer. Examples are: (ll-a showing of compelling circum- stances affectingthe health or safety of a person or (2) when needed in connection with a direct referral or transfer of the patient from the hospital to another medical care provider. Third-parry contractors The hospital shall not disclose. without the patient's authori- zation. information from the patient‘s medical record purlsu- ant to the hospital's agreement with a government agency or Other third-party payer for payment of hospital service charges to authorized beneficiaries-or clients of such a program or plan. unless disclosure is: .0 Granted by the hospital on behalf of a patient to determine benefits entitlement when- the patient is unable to com- municate an authorization for disclosure. 0 In accordance with provisions of a particular hospital/third- pcrty agreement for inspection of certain portions of a .medical record—in the performance of claims processing or - financial audit. Insurance carriers The hospital shall not disclose to an insurance company or in- surance plan any patient-identifiable medical record informa- tion maintained by the hospital unless the request is accom- panied by the patient‘s authorization for disclosure or by an authorization for disclosure of information necessary to pro- cess the insurance claim(s). Hospital accreditation and licensure surveys The hospital shall acknowledge the requisites of hospital ac- creditation and state licensure bodies to review medical records maintained by the hospital only to the extent required or expressly authorized in the performance of their duties to ensure compliances with approved standards or statutory regulations for medical records. provided the reports of such surveys do not directly or indirectly identify any individual patient. Government programs The hospital shall recognize requests for access to or reports of patient-identifiable medical record information for evaluation. audit. or certification purposes by government agencies pur- suant to the administration of a government program only to the extent expressly authorized in applicable statutes or regula- tions. or if the hospital receives an administrative summons ex- pressly authorized in applicable statutes and issued by ad- ministrative or executive authority of government or a judicial subpoena or court order. The summons should identify par- ticular record(s) and/or items of information to be made avail- able to the agency. ' Evidence and investigation The hospital should disclose to attorneys. tribunals. members of the court. or government investigation and law enforcement agencies medical record information in patient-identifiable form only if disclosure is authorized by the patient. unless dis- closure is compelled by judicial subpoena. court order. prop- erly issued and authorized administrative summons. or as otherwise mandated by law. Biomedical. epidemiologic. or health services research The hospital‘s chief executive officer shall determine whether or not to permit medical records maintained by the hospital to be used by a third party for purposes of conducting biomedio cal. epidemiologic. health services. or related research and . whether or not the patient's authorization is required in ac- cordance with established hospital policy. The following determinants should be considered in making the decision: 0 The importance of the project's purpose outweighs any nominal risk to individual privacy rights. 0 The proposed methodology does not violate any limitations under which the medical record information was-collected. O The safeguards are adequate to protect the confidentiality and integrity of the medical record and information therein. 0 The further use or redisclosure of any medical record infor- mation in patient-identifiable. physician-identifiable. or hos- pital-identil'table form requires the written consent of the chief executive officer of the hospital. who shall exercise due regard for the rights of others affected. 0 The medical records of the hospital are a suitable source of information for the purpose for which they are to be used. 0 The third party makes appropriate commitments for safe- guarding the patient's privacy. including. in some instances. an agreement to refrain from contacting the patient or others. Public health laws The hospital should disclose. without patient authorization. medical record information in patient-identifiable form pur- suant to the provisions of state vital statistics laws. which man- date registration of births. deaths. and fetal deaths. and of other public health laws that compel reporting of certain epidemiologic conditions. School referrals The hospital should not disclose to administration personnel. teachers. or nurses in the local school system the results of \ ~ 88 diagnostic tests on students referred to the hospital by the school system unless such disclosure is authorized by the stu- dent's parent(s) or guardian or. if the student is an adult or emancipated minor. by the student. Employer requests The hospital should not disclose to an employer any information on an employee who is the subjeCt of a medical record maintained by the hospital without the employee's authorization for disclosure. unless such disclosure is pursuant to any state or local statute(s) providing specific authority for such disclosure. Policies for disclosure to patients The American Hospital Association‘s statement entitled A Patient's Bill of Rights‘ states: “The patient has the right to obtain from his physician complete current information con- ceming his diagnosis. treatment. and prognosis in terms the patient can be reasonably expected to understand. When it is not medically advisable to give such information to the patient. the information should be made available to an ap- propriate person in his behalf." In addition to information available from the physician. the law (statutory or judicial) of most states recognizes a reasonable right of access to medical record information by the patient or his nominees. The patient’s right of access in no . way abrogat’cs the hospital's property. rights in its record-and its. right to establishmsonable procedures for access to the -‘patient's record: .‘T he attending. physician should be notified of *the patient'-s request for access to the medical record. Records containing information that might be detrimental to the physical and ,’ or mental health of the patient. as determined by -the attending physician.- should be released in a form that minimizes any adverse effect on the-patient. 'When it is known that patient access to medical record infor- mation may be medically contraindicated. the hOspital may re- quire that a physician or his designee inspect the record and communicate the appropriate information. Fairness protection The hospital's record-keeping relationship with the patient on whom it maintains a medical record is that of fairness and protection of confidential information. 0 A person has the right to verify that the hospital has created and is maintaining a medical record pertaining to care or services provided to the person by the hospital. 0 A patient has the right to find out that a disclosure of his medical record has been made and to whom it has been made. if such information is available. 0 A patient has the right to expect the hospital to exercise reasonable care in protecting the confidentiality of the medical records it maintains. 0 Unless access is believed by the attending physician to be medically contraindicated. the patient may look at the record of medical care provided. may request a copy upon ‘American Hospital Association. A Patient's Bill of Rights. AHA catalog no. SM. Chicago. I975. payment of reasonable charges for the service. and may re- quest correction or amendment of information. 0 A patient's personal representative(s) or duly authorized nominee(s). upon good cause shown by such person(s). may be granted reasonable access to information contained within the patient's medical record. Development of policy and procedure The hospital should develop a policy for internal use that sets forth (I) a person's ability to verify whether or not the hospital maintains a medical record of care and services provided to that person and (2) the scope of a patient‘s right of reasonable access to the record of medical care provided. The policy should encompass existing centralized and departmentalized systems of medical records. Development of the policy and the related procedures should take into consideration: 0 The responsibility of the hospital to provide reasonable ad- ministrative. technical. and physical safeguards to ensure that records are disclosed only as expressly specified in ap- plicable laws and regulations. in the patient's signed authorization. and in the hospital's written policies and procedures. A O The identification of record systems within the hospital. such as records created and kept on inpatientsaoetpatients. emergency service patients. home-care patients. and private , outpatients referred for diagnostic or‘th‘erapeutic services. 0 The delineation of hospital policy and any regulatory re- quirements on preservation. retention. and retirement schedules for patient-identifiable records. including those collected and maintained within the various departments of the hospital. 0 Measures to provide evidence of all disclosures of medical record information. Other than those made during routine use within the hospital. and the retention of such evidence with the record from which the information was disclosed. O The notification of the attending or responsible physician(s) When a patient requests access to his medical record. 0 The designation of a committee or a hospital staff member and a medical staff member who are granted authority and responsibility for implementing and overseeing hOSpital policy and procedures on patient access to medical records and reviewing judgment thereunder. O The steps involved in receiving and considering the patient's request for a correction of or an amendment to his medical record. including notification to the attending or responsible physician of such request and notification to the patient as to the acceptance or denial of the request. 0 The establishment of a mechanism. which might consist of a committee or panel. to review denial of a patient‘s request to correct or amend his record. 0 The establishment of special procedures to handle requests by the patient or the patient‘s family for access to medical records when direct access apparently could be harmful to the patient. 89 0 The identification of a miner’s right to access to the medical record as may be permitted under general state law or state law permitting a minor to eelt on his own behalf. without the knowledge or consent his parents. treatment for cer- tain conditions. such as venereal disease. alcohol or drug abuse. and pregnancy. and for family planning and abortion services. However. when a claim against the hospital or its medical staff members is threatened or pending. or after suit has actually been filed. requests by patients or their attorneys or other representatives for access to the patient's medical records should be brought to the hospital attorney‘s attention im- mediately. The attorney may then advise whether. when. how, and under what circumstances such access should be granted or copies furnished to the requesters. lf state law permits a minor to obtain certain treatment without the knowledge or consent of his parents. there may be instances in which only the minor may have access to the medical record. or the minor must give consent for his parent(s) or guardian to obtain the information. Hospitals will need legal advice on any provisions related to minors in ex- isting laws. such as in laws concerned with drug or alcohol abuse. venereal disease. certain other contagious diseases. pregnancy. family planning. and abortion. Suggested practices for notification and access _ The relationship of the hospital‘s medical record-keeping prac- tices to the patient's stated interest in the medical record main- tained by the hospital is that of fairness in the procedures developed to: O Confirni to a person. upon request. whether or not a record of medical care provided is currently kept by the hospital. 0 Allow a patient to find out. if the information is available. whether or not a patient-identifiable disclosure has been made to a third party and. if so. to whom it was disclosed. 0 Arrange for a patient to see an’d/or obtain a copy of the record of medical care provided. or portions thereof. and allow the patient. if so desired. to be accompanied by a per- son chosen by the patient. . Arrange for access to the medical record by a qualified medical care professional and/or other responsible person so designated by the patient when direct access by the patient is deemed medically contraindicated by the attending physician. 0 Consider a patient’s request for correction or amendment , of the medical record and. if not granted. allow a statement of the patient's disagreement to be filed in the record of medical care provided. The hospital should designate a specific office to which all in- quiries related to a person's interest in the record of medical care provided. including those received by mail. telephone. or delivered in person. should be referred. Hospital procedures should be developed to inform persons requesting information about a medical record or access to a record that such requests should be free from ambiguity or un~ certainty as to identification of the patient. Such requests for information should: 0 Be made in writing. signed. and mailed or delivered to the designated office. 0 Describe the type(s) or scope of records being sought and the manner of response desired by the inquirer. When identification of a person or the person's designee is un- certain. the inquirer may be asked to give further or more cer- tain identification. such as date of birth. known or approx- imate dates of visits or admissions to the hospital. and any known hospital identification numbers. such as medical record or account number. Persons who mail. deliver. or complete in person a written request that contains insufficient identifying or other information should be advised of the additional requirements. Responses to all written requests pertaining to notification or access should be made promptly. if possible within l0 business days following their receipt. if a full response cannot be made within that time. an acknowledgement should be sent to in- dicate that a response will be forthcoming. If there is no evtdence of an existing record or if the record in question has been retired. the inquirer should be so advised. lf identification is made and the record is available. the at- tending or responsible physician(s) should be notified of the request. Form letters may be prepared to: 0 Confirm whether the hospital maintains. subject to record' retirement policies. a medical record on the person who is the subject of the inquiry. which may indicate inpatient. out- patient. emergency service care. utilization of only depart- mental services. or other type of record. 0 Act as a cover letter accompanying the transmission of re- quested information to the patient or patient's authorized representative. - 0 Send notices of fees. to be remitted in advance. to cover the routine costs for preparing copies. 0 Notify when and where the records will be available for per- sonal inspection. Procedures for personal access If a patient elects to see and /or obtain a copy of the record. the attending or responsible physician(s) should be notified and the patient should be informed that: 0 The record will be available at a certain place on specified days and during given hours. 0 The patient may be required to furnish adequate self- identification. 0 If the patient chooses to have another person present during the review. the hospital may require the patient to sign a statement to that effect. To ensure the integrity of a medical record during such personal \ O . 90 review. a designated hospital employee should be present at all times. To the extent feasible or desirable. a physician or qualified employee may be present to assist the patient in reading the entries in the record. 1. Requests for correction or amendment A patient's request for correction of or amendment to the medical record should be submitted in writing and should specify the entry or entries in dispute. With the exception of re- quests for correction of such items as time of admission. birthdate. spelling of name. and other such admission data that can be handled by qualified employees. the attending or Other responsible physician(s) should be notified of requests received for corrections or amendments. The hospital and at- tending physician(s) will decide whether or not the correction or amendment is to be made. If the decision is made to correct or amend the record. the patient should be so advised. Any correction or amendment should not obliterate the material corrected. If the request for correction or amendment is not granted. the patient should be informed that a statement of the patient‘s disagreement can be filed with the hospital and that the dis- puted entries in his medical record will be appropriately an- notated to reflect this disagreement. Any further disclosure of the medical record Will include this statement of disagreement and the annotations. ' Model authorization for disclosure. In determining the effectiveness of an authorization for medical record disclosure. the following elements would be considered necessary under the laws of most states: 0 Name or other sufficient designation of the hospital or other custodian of the medical record to which the authorization is addressed. 0 Names of each person. firm. corporation. or public body to which information or copies of records may be released by the custodian of medical records. 0 Adequate designation of information to be disclosed. subject to restrictions by the patient to disclosure of a specific medical condition. injury. time period. and/or any Other type of specified information. 0 Signature of the patient on whom the medical record is maintained. or of a person lawfully authorized to act in the patient's behalf. and the date the authorization form was signed. 0 Specified expiration date. if consistent with purpose of disc closure. For example. the patient may wish the authoriza- tion to be for a reasonable specified time period. except when an authorization is presented in connection with a life or noncancelable or guaranteed renewable health insurance policy or with payment claims for health services provided. In the absence of a contract. an authorization may be revoked by the consenter at any time. ' 0 Agreement by the recipient not to further disclose such in- formation. or make copies of it. unless further disclosure is expressly permitted in the original authorization or is by necessary implication inherent ingthe purposes .of the original consent or authorization. ' O Prohibition'of proposed new use of inforination without additional written consent. Using the desired elements of an authorization for disclosure of medical record information. authorization forms can be developed to provide a reasonable assurance that a patient may authorize disclosure only .to the extent desired. A suggested form for this purpose is shown on page 8. Other and more specialized forms may be devised for-special purposes. such as release of information to facilitate payment of hospital services provided. An example of such a form is shown below. EXAMPLE OF AUTHORIZATION FOR DISCLOSURE OF INFORMATION FOR HOSPITAL PAYMENT Patient's name: Re: Admission or hospital services commencing DA TE The undersigned hereby authorizes to release to NAME OF HEALTH CARE PROVIDER INSLRANCE CARRIERISI OR NAME OF PARTY THAT IS OR MAY BE LIABLE FOR ALL 0R PART OF THE HOSPITAL CHARGES only such diagnostic and therapeutic information (including any treatment for alcohol or drug abuse) as may be necessary. to determine benefits entitlement and to process payment claims for health care services provided to the above named patient. This authorization shall be valid only for the period of time necessary to actually process payment claims pertaining to the patient but in any case shall cease to be valid Signature: years from this date. Date: IE SIGNED IY PERSONAL REPRESENTATIVE. STATE RELATIONSHIP AND AUTHORITY TO DO SO. ANY DISCLOSURE OF MEDICAL RECORD INFORMATION BY THE RECIPIENT(S) IS PROHIBITED EXCEPT WHEN IMPLlClT IN THE PURPOSES OF THIS DISCLOSURE Appendix 3A: H.R. 668 Source: Reprinted, with permission, from Medical Records in Egglth Lgfggyggigg, 1979, Aspen Systems Corporation. APPENDIX 3A Bill 668 H.R. 43.53.... 3 3.... 2.. 953.33. an... .32.... 3 399.33 2... 3.... 25.33 2.302— :3. 2.: .3. 3 33.39... 2E. 6 .95 .25 .3. 3 .33.. $3958... .333 .3323 .33593: 8.3.... 8...: 2.83 .3: .3... 3...... 3... 92.33 3.3 9... 3.... .38 Log... :3. 393... 3333... o... .34 a... 3 . .338 8..— ...3. 3 .393.— .n... 8 335.... 3 .332. .23.» 3 .323. 3 as. as... 3...: a... e s... .2... .5 2.53 a .2... .02.. a... 3 .3333 3:333. 3 .3333 a .3 32.3.3. .393.— .93 3 3.31.: e.— 3 3:... 033.33. 63.59.- 33.333 .3 .3...er .3 a .33.... .33.. .23 .5 a 5...... a. s as .43.. .3 .53.» 2.... .3... 93... 3.. .2 3.333.... 3 coed.» .35 93... 3.. .39.. 3 =9... :3: 33.3.. .39. .. .338. 3333 2.3 .332. .34 .m .osm .3835. 2. has. .332... .3... .333 3 .33 .3? a... 3.3 .333 .3. 339.... on. 35.3... .3 E... 3838:. 3 3 333... ..3 93 .33? 3.3.3. 3.5.... a... 35.32 .3 3...: 3 3.3.— 058... e .3. 9333.3 .33 333...... A: Is.— .333 3 23:33... 33.... 3.... 32.3. e 8.13.... o.— = . .332. 3...... 0.53.83 3.35.... .3... 23:...— 4 .m .95 . .m .338. .33 8338.. 3 933—33 .3... 3335.3 .3.— ..333 .33 II\ P .33.. .oe=5m_mm.. 33.3.5 333% 3338.. 2.3.3... .353 .9... .3 ..::wo.=_ 3.33% a 3...... 3...... E .3 93.3. .5 .3 2.... .2. 3... SB .3 .3: .3... .3 ...3.=...3.30 33.3% 2: .3 3323 .323... .2— 3.. 53 .3 .3: .33 2.3 333. 33.3 13:3... 23:3 3.3:...— 3 .338. 3.3.. 3%.... 33:3... 3. 93.. 53 £33.23 .339. .53 .3 23.3.. 9333...... 3 6.3.3.. .323... he... .393... 23.53%... .3 $.23»: has .3 .335 .335 2: 3 :3»... .3 633......0 .323 3.. .25. €333»... 89.930 5 8.9633 3 33.9. 33.35 3: 3 3a... -e.§3.=~o- .3 egefi 3.... 33.3% 2: a... 333.3 ... .5 333...... 3:3 .3. 3.... {3:3330 . 3.3.3h 2: :3... 85:33.. 9.333.. 3.. 2.32.... 3 2.38.. 32.3. 3%.... 39:3... 3 5:353:39 a... .3 02.3.3 3.... Aim—m— 4 8.3.5.30 eumflova «:3 3388.: .3 83.... .65 e5 8 3833.. out .323 2:... 5:32.... o... 3.2.3.35 32.30: .54 :3 .3 Sate». 8394933....3 .3 .33.. .3... z. canons...— ....5o .8 6.3 45.53033 3.310% 0.: 39: 8:33! 93:38 3.. 3.32!— ~e .732... .33.. 3).... 33.3... «e 5233.31.33 e... .3. 93.3.:— eh. mew d .2 sol-em s @2028 a... 91 Appendix 33: H.R. 2979 Source: Reprinted, with pernission, from Medical Records in ggg;gg lgfgggggigg; 1979, Aspen Systems Corporation. APPEND IX BB H.R . B111 2979 61583513196593.3333 .8 40¢ I98 3:: Gab—z.— .o a... 9—. Fania—ZS]: SE 3.... 33 .2. .83 £§§§§.gl£lx§ .8. .8. {33338381315321.33180313 Elmo-En.» 5.— 33.2583: .3. in £15.. 35.13 .3. .9... 693.38... [33¢ .3. .1... E23 92 63.2: 3.3.34.5 .832 hauls-spool: ha...— §i§£_§s§i%§o .3. a... 3323! at... 1.- 6.3.55. .3513 .3. . £1.88. 2.3.33.3? 1.3 3.3.3.. .8. 6.3.3.3. 3.683.... 31. .2: .83....35 3.2.. s it... .8... .8. .8338... 1.35... 2.8.3.3 .3. .3... 1.. 5...... .3. 6.0.5.... 3.3 3.33 63 £233.. .3. deals... 3.3- 5.3.. 1.- 3.8.53 .8. . .8..5.....30 is. .8. 89.9.... .5 «E 3333333333 zo3§o=~=< 2.395 525... 83.3.— 3035. so esp-385..."... 5.. 3.82 12...... 3 53...... 3. 3.3.2.... .2. .18... 3.2... .o .532... .z. .838... 3...... .58. .c 8...... .2. 3.8... 3...... ... 8.5:... .2. .282 3...... ... 5.8.5 .2 £££££ .2333... sun—no.5: s .333. 9.4 £2833... 6.38.. ..o 3.357.: :4.— aasxass. .3 e3... ... 3...... .3. .83 .2... a... S .23 .3. a... 483...... .3. .83 Bear-3.8... 9.4 39... 3 3.3.: 631. 2.35 .3 Eu 8.33.2.3..|< «5... 2:8: 45.—DH. so 535...... HAP—h gzahzg he 3:... Mai—i. 632...... .13 $5.3...— .« dew 3.... :2... .. .3... mszmszoo .3 .35.... ...3< 333.— 3933... 3 .39. .5 33.3%. o... a... .32... 2. an... 34 .3... .. 29.8.5. . "3...... 3.0.3 . 33332.3 2.2%.... 2.. Fetus—x .3 3.2% 3......5 u... 3 3...... .e.§q§o- .3 333% 3:. 3.23% .3... 3 33.3.3 .. .5 33......— .3..3 .3. 3... 6.30 335 3......— 6 3.... 3 sum... 3.3.3 .32.... 3 63.5.3. 9.3 3.....3... .3 32.333... 3.3.3.. .333... .3 39...... o... 33...... o... wax—.m— 4. . 2.8 .3 9..- .3 3.33:4... 5.13... 33 3393.... 6.3.33.5 .aoEEogc—new 23.23....”5 o... 8 :33. 3.33. .33 .323 2.... 3.333. c... .32....5... 5.5.... ...= E...— .v. .85.! mm>g<fizmmm5~2m ho Saba: 3:... z. 33......— 3..3 .3. .3- 330 3.3m .5... . . . .Dno....3a«n .333. o... 8 3.3.3.. 2.... .35.... 2. 12.333... 3.39: 39.30... 3 Ache... 2.. “H3.“ on. mth ..M M..— 3.25... mzczoo =3... 92 93 3...... .2828... .38.... 3. 383.5... 3.. é... 1.8 911.. .o 18.. 388...?— o... .81». 188. .3 10.3389 2 2.... 1.111... 5. .882. .8 513. n .3 2. .3... 8...... .. 2.... 9.323.... .a a. 3 82.8.. 5.... .388 ..8.§..8..: 88. 2.9 8. _. .928... 2. 3. .82.. :82... 8.. 2.... a. W . . .5. .8853... 1.8... 2.. 813.. 3 8...... a. .8139... a 8585...... 8......» .9... .o 1.3 6.88 83 988.81 191.8 .25 1.2.8 .81 9.2.. 8.988 8 3.1 2. .88 1.11.1... .8 82188.... 10108 1 02.28 2.. 89... 95.18.. 88.1.8. .88.... o. 8...... a. 3. 2.. 82.... 3 .882. 2.. .c .81.... .882... 1.... 2...... 2.. .o 6.88.2.1 2.. 1 2.2.8.. 1.8 .981: .31 “1.111... 2.. 8 82...... .8198 2... .o .288 83 988.81 2.. 8...... 89.. 1.89. .1 81.12.. 2.. 8 13...... 5.89.1 .2. 82. .8. 2...... 10188 2.. .o .8... 8 $81.89. 2.. 6.88.81 .. 3 82.8.. a...» .888 :95888: 88. 2.9 a 33. 2.... 1 8.2.8.. Bk .3. .oaw 8.8.»... 89...... 1.8 91.2. 8 2.1.1.5 238 D2... .2... a. 1.111... .3 2.21 8.188.... 10108 Av. 38...... 18108 .9 8.1169. 1.8 .898»...— ...o....>9... 2... a. 01.. 8.3.28. .2»... 80:228.... .898... .8 8.5.... a. 808.88.. 18.8% 2.. 8. 9.285.582. :24. 2.9:: .3 98.2% “8.3.... 3 3»... 31.. :5. .33 95.5 .8 88mm $2282.89 |< 8.4.. @9305. .2993: mo WO..33..3 .3 233333333 33 2.333 23:33.23: 33. 2.... .3. .3332. .3 5:33. 35 ..3 :22. 33 33.33.. .3 was—3.3.. .3 .3. 33.32.33.— 95 8 38 a 3.3 8 8 8283 8 .898.— .8flona onto—=3 .n: :88. a... 83:88 3 5.... 33.8., 2:. ass. 2.. 2 as . :3 s 38.8.. 3. in... .1... B. 32.8.. 2.. .8... 33%... 88.... 2.. 3. 282 15.... E. .2... a... s 3883 a. in... .1... 8a.... 28 152.. . .8 58...... 3...... 3.5... a $88 83 .3. .28 Bacon: .1033. .3 29.8985 5.83089 nan—nonhé. 5.4 £2.82 :24 .choauaoo .383. .3 Bacalm 54m dcaogm 882—83 8 988 a .3 832— .888 3 3 888.8 .83 8a 1.8883 2: a .192» .83 2: 8 8.5388882 18— @3853 5. 5 .8 "€3.82 3 5583 85 .823 3 8933.3 85 8 :5— 2... .828 38.3% a. £38.. .9 a». 2.. .3.... a 18.8... 2.. a .38.? 2.. ... 3......» s .25.. 2.. E laugh: 8328 .5 as. 83988 3 :3. oz: .8: .898 15888 .8 .3 .882 a? 388...... 8.. .o 3.3. 28. .8. .28 32:218.: 52 25::- 3 8.58:. 4.8.53.3 512. 1:88 .8 808888.88 63829an 8 aqua—2 .282 .882: 8 988—28 .8 3 :83 .8 Bd— 18. .8 .33m 8.88% 8 .8858.— 55 5 8 .834 .83 .8. 8253.: .8 .83.. as .8 8.801 3 aqua—8 “ '7 o R".~: ‘ “ . - . - - ‘ >-- ‘ J .28 J1... “.3., J5.“ .4» 0:35 $7.34 .15» 1211813.; (£38541. 1:93-33:3‘? avgypaw‘rgmmn ‘~w:nv' .h- ‘ ~ v'v" ‘WFW‘ua-w q-z'g‘I-n‘rar‘luquq .uu-Ll- 4".” x. ‘ WWK'mmfz-r' > ‘t .888.— 78888 8 8.88888 8 82:8.— 55 Ba— 88— .8 .83% .8838 8 8385.8» .8... .848 58 5 .33 8 84 288829 88 850 83¢ win 2: 05 s 8.. .38... .e s 3.: .o 3 83383.8 2: 8258.5. .=o=:o>2m 838.824 88 834 8.834 95.888880 2: 8 «mm .888 AS .888 .888.— 18888 8 8.88.88 2: .8 8323.2 .98 . 3 [38883 8: .82. 35 83a. 5 .2... .2. 3 .88.. 98 8:53. .83 8 .888.— ofi .3. 838 2: 3 8.38.: 2.8 18:88 .3 883888 8.88 18:88 8 5:583. .88 2: 9.8.828 :5— 88. .8 88m .28 8398.8. 2.5 «E. .3 8283.8 5 .8288 3 883mm 3 .NE dam 83¢.— n._.<._.m zc 9083a 88:83 8:. 583.88% 5.1838 328m 2: 2:88 ...Da.8.8=m: .53 SE. 3 S .35.:83 2. s 2.2%... 2.. mass... as. . s a 8. c5. .35 35 8 28888.:— ofi .888 .8th .83 3 e823 2. 8 a a... .8 .83.? .85 5. 8 28:53.: .8 .928 58:15:88 .582— 9: 3 ”End—o.— 60353523 33:00 A-X=.£ 2: A8 “1.63:2: 2: .3 5:31.53: .8313 2: 32:5 0 tan .82.: 2.2: as... .353. 2: :2: :82: 18:22: a 89: 858.3% 3 3:323 2: a .lmcfitome: 89:22.— »:323 :38.— uo 8:2. :2..th a 55 15:15:: 5 3.163 .3 5:833 .33 923 .288 s as. :58. 23 .2555 < 3 .a: .25 $2,842.. 9:25: 2.82. .3 «282 .8. .88....8 8 2. 3 288.8. 8.88 a. 808.88 8. 882. 30.8. 1.8.8.38. 38.2.83: .8 b. 888.88.. 82 .3 823 8:2 882 a 39...... a. .88.. .8822 512. d a. on: .8. a. 088.28 2.. A: In .33. 8.88 a. 82.188 8.83.2.2... 2.. 82...? .8888... 8 .32..- 88.3.2: .. 8.803 .882: . 222:. .23 .88. 23 .383 < 3 .8. .28 2348...:— 8543. 82:82. 8 828.80 9.2888... 2.. .521 8.88 -88. 2.82.. .88.. .2. .28 8388.8... 2.. .8 .28 .98. .22... .5 3 38.3.. .8 .2 8.88.. 2a 8 I88 52.880 .828» a... .28 5.88. 2.. a. 8.. .38. a... 5.82.. 2.. .8 .2888... 2.. 3 288.8. 8 8.862. 2.. 8 .983. 2.. 8 .8888... 2.. .8 0288.... 2.. .828.— m..8 988.88 2.. .. .33. 8.82. a. 83.828 858.8... .8 2.. 82...? .2888... .8 82.8 8.382.. .. 888.. .8 -82: a 28.88 88 588. 2.8 .882: 4 .mm. .25 208.5822. 8.5.8 8548. :24 2083.34 .1888... 2.. 3 .8889... .888. 8.82. 5.3 8.8288 n. 588. 2.. 3 888.88 a. 2.3 88.80.92. 989 .382: a 3 a. 988.88 2.. .. .33. 8.82. a. 82:88.. 8.288... .8 2.. 82...? .1588... .8 82.8 .5888... .. 882: .8 .82.. 8 98.2.8 m2: .983. 2.8 .882: 4 .mm. dam ZO~8 .2... 3.8285 .0 858...... 8E... .2on 3 .532. 3...... 5.. 3...... 8...... 8 sexton 258.95 3583mm .5 8 a... .3.... 9....0 8.3m 82.5 .m 2.5 .o «o... 2.58. 8...... .283...— 8mtom 8.2% 3 aqua—9.. £80 8....m 82.5 .m. .55 .9 V anon 2.58. 8...... . 2.2.2.... 258...... 3. 9.52.2.8 .o 82...... .5 .2 83.3 8.88m. .35 e325 .5 g ~~--~‘*-‘- ‘M ‘0' I -cI-Q “0'. ‘v'w firm-9w mm~4~uw WE’RWVQNMW5u-uum Qa ~. m *2" . \m‘ \ a"- an .119: m..f~0§vtwwm 'fts rid-fit 58:3. WT: ”In. a. I... E '2 938.8% 05 a .23: 2.58.. a. 23.88.. 858.85.... 05 .85.? .8253 .3 2...... 2.352.. 3 E8... 12.8... a 08—8.... an... 552.. 0.8 58:8... 4. 3 .mm. .25 202263422. 222...... no £2.38 9.30.; .2 .32... .2 32.8. a 258... .9835... o.— u.5....8oa .3 85 3829.38. a... 5.5 .05... 235:...8 ..5 3 .83... 2... 883.... 05 .2 a. 8 .8538 .33 E8... 25 833 .8 82...... 05 :53 3 5.888.. 0.2—? A: is. .3 .3222. 8.385.. .2. a .388 5.2.5... 25 .3 5838:. .25.... 3 .2. =3. :28... 25 8...... 5:25.... 3:22.88» a 3 .950... 9.8 18:8... a .3 52.38:. 8.8.... .8592 3. $3.25... 05 8 v.8... 25 .9 92.8.8... 25 «5.5.2.. 3..— 33m 8 1.28% a o. 32......— b....5..a 1.82588»... 3 a. 258.8% 25 a .3....— 2858. 5 53.88.. 258125.... 25 .85.? 53.232: .3 2.2... .2328. .m 1.8... 1.2.8... . . A2...... .2: 2:8. 23 .385 < 3 .5. .9... 3.2.538... 55.2324... 5.29.5.2... .3. £9.85 «.3 2.2.2.. 5 .858... 52.3.5.5 o.— »5582. .3 .25 32.8.5.8. a...- .35 85... .8238 2.. 3 .83... 2.. .382...— o... .2 a. I 102 .8. 8:2... 8. 32.8. a. .558... 823:8: 3 3583 .8 85 .888..st .98 .85 .85... 38.588 9... 3 883... E8 .8898: 2... 8. 8. 8 63.35. 83 $.89. 05 .823 8. 82...... 2... =5... 3 5.8.8.8.. 98:? 3 IE. 3 .3322. 8.3858 8.. .. .888 5.85.8 2... 3 .8885. .85.... 3 8.. :2... .858. :5 8...... 5.85.8 1898883» 8 8 .253. 9.8 1.58... a b. .8888... 5.88. 12.82 3. .58.. a a. 153.8. 2.. .833 3 .9588... .8 8.8»...— 5..» 858.88 a. 8.28? 3.8.8.558 .8 388 .858 .8 8.... 0.8.2.88 8 8.8.88.5 8.55.0 .8 .85 .o 8.3. 18.8w .5 3 82.98.. 8.8... a. .3... 3 $3558.... 2.8858 8.. a. 988.8... .5 .. .33. .858. a. c3588.. 858.85.... 2.. 885.3 .3.—.88... .8 .528 88.5.8. .. .88.. 18:88 .. 88.8... .88 .958. 2.8 .888... d A... .8. dam. 328300.... 5.95.82.384 5.4 4.20:5» .8. £9.25 va. £8.82 a. .853... €382.88 on ”5.883. .8 85 8889588.. 58 .85 .85... 3.82.88 2.. 8 883.... .8... 6288...... 8... 8. a. .8 525...... .83 5.8.8.. o5 5.23 8. 89...... 25 :5... 8 5.888.... 9.2.? A: . Is... 3 .3322. 2.3858 8.. .. .888 $85.8 0.5 3 .8888... .85.... ~-’m .‘ . m ‘8'“- -—-—-.—r I . L .n- ”WWIESW 2. .2. .15. .858. :5 8...... 3.85.8 8.8.5.88» a 3 .953. 8.8 58...»... a .3 .888»... 5.8.8.. .8882 3. 8.88.8... .5 .o 5.8. .852... a. .85.... 8. M55883. .8 2.8.5.... .958... 2.. 8. . 5.8 28.. -82 5.. 8...... 82...... 3.85.»... a .8. 2a....» 9...... a. Ecwo. 2.. 85 5285.8 28.5.88» 95 .8 .82. 2... .3. 88:38.. 4...... a .8 38:... 88.82:... a b. .88.. 58.58.58». 88...? a 5.3 5.59.. 2.. 83.8.... 2.... .38... 05 n=5—.8. 3.85.8 588528» 85 a. $.58... 88888.8 38. 3.85.»... a a. 25%... .8 82.8.8 .. .8 .8588. .8 =3...8....:o... 8... a. 8.8.. 8 a. .8 5.85.... 588533 a .3 .8888 .8 .81... 88.8... .8 cacao... .. a. 3.83 .8 .255. ....8... .o egg—E. o5 .85 .858 .822. 58 8 838...: 8.888.... ..8 8.83.8.5. .8 a. 2.. .8. 2x: I... .8... 5.85.8 82.8.88» 8 8 8. 8.88.8... o5 .. .85: .8588 a. 52.58.. 858.85.... 2.. .85.? 83.8%... .8 :85. 3.3.5.... .. v.89. 18:8... 8 28.8... as... 5...»... 28 18:8... 4. 8. an. dam 822.529. gaseouomzn B4... .8335. 83 5.8.8.. 05 .833 8. 82...... 05 :5... 3 b.4882. 98...; Ba. .3 53329:. 8.385.. 8.. a .888 5.85.8 8... 3 .8888... 85.... 103 .5. 3 88.28 3 s 8.8.... 2.22.... 8: 828883 823:. 3 .9588 8.8 19:88 a .3885.— .. 3.538 2 =3. 5.. .8 a 282 3 .2. .28 22.533.88.54 2.88.8 9902.53 3230.82: 9—. 05.543: 98896:.— «58.0 .82 82:5 8. 388. a 8592. 883:1... 2— 35.83 .8 .2: 808888.. :5 :2: 858 . 28:82.8 2: 3 .83.: 88 .8898: 2: .8. 5 .8 .8538 .83 :88.— 2: .823 .8. 28:8: 2: :53 3 5.82. 98:? 8 IE. .2 «3222.. 33858 8: a .838 582:3. 2: a: 88888 .852: 2. 8: :28 8:8. 2.: .823 mam—8:8... 380598: a 8 5:82 28 18:88 a b. 888.8 6.83.. 88:8: :5 8.8—8th 888—:0 8 88m 888,: 2: 8 85 0:: .3 88885.8 28: .8.— a .8. 8 825.888 8 825885. .8 e252 ham :5.» 2: .833 .8. 25.8 n 8 88:828.:— 2: 3 82. 83 3: v.82: .83 .88: Sam 88..» 2: 8 .88 -82 888 2: 5 :2: 8:8 582:3 802888» .98 .3 .3.—3:82 2. .8: =28 £882 .83 8 3:328 2. a 5:833 . s .3335... 2 .2. =3. A... a: .8 £32.... a E .828 889:8 2: 8 28 .8. 82. 8: a 9:82 88 1.5.2.. 2.. 3 8.5.2 a 885.2. 2 =2... 8 “.3. '13, ~ ,~ . 4 11.» --‘ ‘5 "* M'N' mgr-w. a Mum-fir 4.: -(>'1-,9'~--';;-=r “Ame-avg“: uh: Wm’uvmv 93%: ‘5? f 1.1:‘15‘1'2‘187'.~._£ '40-.- 8.8.88.5 85880 8 88m 888,: 2: 8 8x. 0:: .3 8882:: 82. -3.— . .8 .8 62.3 a 82588.8 .8 825885 .2: .833 .8. 23.8 a méaooaoa 8. .8 8:... 8.8» .2: .3 8258288 .8 825883 .8 28am 8 852.3 mi .8288 8 82.8: 2: 8. a8: 82. 2. :28 :8 $8.. 885 2: 3 83.88:— ».833 88 .8532 2. :2: A: ISM :55 88:8,: .8 8 582:3 2: .888 .83: 2. .0233 a 3 .5898: 8:2... 8:: .888 5:82 9:8 88:88 a .3 8.8.8:. 838:2: .8 828 3:82 88:82 3: . .882: 1082: 2: 8 98m 3 .553 888 .8 .2823... .8252: 2: 8 .38 a «£352: .353: 2: 8v :5. :3 8:88 8 28888.:— 883 2: 5m? 8:388 3:. :88: 2: 8.: 8.88.. 2: 9:88 .898: 2: .3 8:85.80 :33; a .8882: a .352: 2: 5 3.8.5.3 .882. .- 3 :8 .38: .8 28253 .8 28853 Di. 88.8 .8 .8883. 68:85:85.. .8 8 .5822. a 98.8.2.8 2: 3 .l: .83: 8:8. 5 82:88:. 8:882:38 2: 82::s 8.88:2: .8 82:. 33:88 a :82: 88:88 . 222:. 3.. has. 23 38... < 3 .5 .oam 324.523 222.8 2.: 6,8228 64.23.88 101+ .88.! 88.3 .8. 2.. 3 and... 8 .58. .8888... 2.. 8P8- .. 583. 8 .888... 95 8 .88. 83 .83 8.8. 25 38 .5 .38 .58 ca .85 .88. 8.. ... .883 .888 a 8 .88.. .383. 9.8 .888... a 8.... 8.888... .8 «8.8 .88.. .888... a 33.8 58 5.85.8 28.8.88» 4 .5 .3.. 8.88 8...... 88 u .3 .8888 a. a. .8 8 .3.. 8.. .8. 5.3 888.83. 8. 8.8.8.8 .- 88.5.... 8.. 2... 1 .888... 8.... 8.8.. 8...... .8... 35.3 8.8 9.88... 8 8. .5. .o 3.... 2.. as. .22.. 2... a... v. 2...... 8.8 “a: 8.88 3...... 8...... .o 2.... .38.... 2.. .. 8.8. 8.88 8...... 838.com 2... b. 8.3.5.... 8.8.. a 5.3 8588.. $.83. 08 .888... 05 8 .88- :3 382...... 8 .88. .5 8...? 8 38.. 25 888.. 8 8 28.8.8 8...: .3.. a... 3 .88.... 8 .8888 .... .5 8.... 8.8.8.. .82. a... 8.88.... 8 288.... 85 8 38 s .8. 858...... a. .8889... .3 .888 .8 585.8 .888 .8» 85 b. 832.88.. 9.8.. 8.8. 28888888 8. 3.3.5.»... 8 3 .88.... 858.88. 88.8.... .85 .88.. 8... 85 28.8.. 3 8...... 2.8.8.8.... a. 985 a. I. :8 .3... 3 .8. .58.... 8.385.. 8.. a .3. 8.88 8...... 389...... 8 .8... -8. 8.. 88.» 8 .8883. 65.588 .8 3 .8..8.. .9 -~’-‘.9 '1 . awaQ—w“ Q¢---~ . cam” ~ . 7 ya.” 1mm '7 :.-.~»§:-.m_¢1.m‘ ‘soyfifififlwmflrfllfl'ih‘n5*W-nfé‘inmkcrwiwwmz‘mmmu ‘. -. _ -28.... 8...... .888... .. .8... .8888... .8 .85. 888. .888... a 53.... ha... 5:858 .8......8.8m < 3 .3.. .25 8:98.88...— 8.80.. cz......o..3~ :24. .985... $584.25 .8804 92.8895le 953 8.8... 8.... 8...... .88.. .882: c.8888... 8... 8 8.88.2.8 o5 .w... 8.8.... 8...... 898:2... 3 8.8.3 2.3 12.8... s. .. .2... 2.. .58... .38.... 8...... 8...... on: .8. 88.8.. a 8.88.... .8... Epsom 2.9 8. .8858... 988.. .88.. .8888 3 .8... .88... 28.585 .888... o5 3 8.8.88 888.... 5.3 8.... 8.2.2898... 888888.. .55 .88... a? .8 8.888... 8.8 .858... 8.... 8.. 88583.... 88:8... .am. 88 mm. .858. 8 .85888. 8.8.8.. o... :5... 58 8.3.8... 8.9.. .8 -8... E... .s .282... 8.3.... =2... 839.com 2.... a. 888.88 8.8.52... 85 8 58...... -8. 85 3 9.888.. .8888... 25 .58.. he... ...8 68.2.8.8 88 .3388 68.8.88. 8.. 8.888.. 888.8 3.8. -9... no... 588.com. 2E. .888. 885 8 5.858888 8.... 3.88» 2.. v.88»... .8. 888.388.. 88.1.5. 8.... .8358... 6385.855... 2......8....... €8.38 :2... 88.8... 2.9 .nm. 8.8 vu— u8..8.. 8...... 85:8... .3 .8888 858 . -88. 888.. .888... 8.5.5.8... 8 9.8.38.8 88 6.8.88 . 68.8.88. .3 88:38... 88 0.... .5 8 82.8.. 5.3 .888... 5.88. 3.88.... .8... 5888.5 2.... 2x... 105 2: 2 2: 88 8:88.: 2: .2: 8:8n 8:8 5:82 8 82:2: .8 .8: 8:88.: 8 828 :88.— 8288 .- 8:88 58:8... 82888» a 8 8883 8 .888. a 8 8:88 .8 8:58 8 Ba: 2: 8 9?: 3 8:23 3 .3; dam mmnbnnooum 82830 .888 .28 8: 8:8 8.8.88 :8 :2: 28:88.8 :8 8 .38 a .88: 2: :8 28238 8 8888 2: 8 8888 2: 5:5 .88. :2: .3858 88888» 2: 68:82:; a: 8:8 8:8 8 88: 8 :28: a 8 8:888 2: 8.5 A8 8.88.. 2: .8 98882: 2: 8 .8. 82:8,. 2: 8:88.. .8: 5:82 88 82:2: 2: 8:529:— 8:.8 8 :8 8:2. 2: .8 88: 2: 88:38 8 6:888: 8:.8 3.8.— 8 8 8:8 :2: .88 2: 88.8... 88 98:8 8 3.: 2 88: 8:8 8 8882:: 88 :8 .8 8:28:82: 8 3 a»: 88...: A: 8288 2 888: 8855888 2: 3 82.28: -8 8 858: 8:88:88 8 5:3 @882. E .8 3885:: 8:88: 8 88:85.: 8: 828: :8 5:5 88:83 8 8 8:88.88: a: “8:888: .8: £3: a: Sofie: m8 .8 be? 8282: 8 3: 2: union—8:8 A: -H“ “"1“" ‘ ' ‘— .-qszn-mdiOIW.V- w-v-c "a -"‘“ " l5 :82 53 8:88.: 2: .3 8:2. a 8 .28 .2 .2: 28:2. 8 288 2.8882 2 22: R: :8 388:: 88:: 98:88.: 2: 2383.8 .082: 2: 3 :88.— 2: ..2 :8: 9.3858 “888.8: 2: 5. “8...: 2: .8 8822 8:82.: 88:88 a? 3:8. :32. 888: 2: .2: 98:2— 3 02.8 2.888: a 82: a: 8:88.. 82:2: 2: 958. 5858 82888» 2: 8 8888.: 8:8— 3. .88 a 3328 82. .58 2.. .3 12: Q:2... 88 2: = a... .388 9:2. 2 8:828 8 88: 2: .33 282.2 2: . 58:82:. 2.8882 2:? .838 =2: 8:838 8:: 8:8 .88: a 8 8:838 88 5.8: 8 8a 8:888 =4 5 .88: 2: 8 82838 .8: 88 2: 3 538 M8 512:8 82888» 25.. .82: 8888888 8— c 8 888: 5:: 3x2 8:83.... 8:8 888: 888:8 8:8 8 :8 28258 8 288. a 8 38 a 9.88. «9?: 8 :2: 8:8— .2— 8 :28: 1:8 8 .8: 88: 8 88 3a . 8888 8 8 :3: m8 5.12:8 .8888» 4 2x8 .«3 8:8. 8:8 88:28 8 Sat 58:88.: 2: 8 :88.»— 8:8. 8:8 b.3226 2: a: :23—85 88: 2: .33 8:88. .883 :88- 2: 8 Roo a 48:88.: 2: 8 106 826.:— 3 12:88.: .3 8 22:83 €22: 188% 08. 2:. 33:38 8:8. 3:: 8 88:38: owns—:8... 2S. 9 .3 :3: 2 82.22% a 2.282 2 22.882 2.2 . 2. 8.5.88 3: 12:88.: 2: 8 8:858: 2:8 5.8 .238 .82: .1232 932832 3 9:2: 2. 88:35.88 :25 3.: 2:88 52: .580 2a. 6:38 .33 3: 8:88:38: .82. on 3“: .88 82.582? 2: 3 3:89 :2: 512:3 82.8.8 .5» 2: 8 18:8 b.8888. a $2883.:— a .82. 83:3 8: 3.. :88.— 2: 88:28 @853 82—888» 2: a .30 .08: 2: 8 8888.880 2: 8 83: 2: :8: and: 8a 8:4 4.3388328 2 SE :88? M5288: Home. a: 3: 8:2: .82. 3: 8:38:39: 3 22:2 18:88.: .3 2:2. 3:88: :2: :83. 12:2: 2: 9:288 585.3 898an 2:. 22. .322. 222.8228 2 88°82 12 2. 3. 8:858: a .8...- ..ma: on 2:23 a. .8 .882 12:28 2: .82. :23: .8 8 :8 9.3.3 83 .81»: 32:3 #5882: 1&2 b3 2 8:8 32.. a 28.: 1233 .53 8 .3.— 3 Ba. 3 2.222.. a 22. 2 822. 22.. 2222 E .3252 22 3 22:: 3 52: 8:8» 2.: 8:5. 828.8 2: 9.8880 mam—E a 8 1233 :4 32:88:“ 2: b. 22.22: .843 2— as: 1233 Egg—.35 2. :3 8:8 32... a :228: 3 8: :21 8:8. 3:: 3:5. 832: 9.8880 ~51: «.88 4 3 . @2888 hiagnasn 3: :8 .2222 22 22.8 2 2.. .2222... 22 .822. 8 22.822. 8:2. 328.... 8:2: .93 8 2:8 2: 2 3.582 5528.32 23.-..--“ I’U' .‘I' A‘ > ‘— ‘Mr ”‘5‘”-.. — . 1" Y w‘uwv- "W. n -v www— . zr-Itfivmx zap sari-:1: W ‘19:. m r amen» Atrwrtpma WWM'I‘MH'FW“ 7' “ ..'1HI‘L ;c . 328 8:32:— ._2:o :3 .82 A2553 832828.. 512:3 82:50.6» 8.88% a 8:83 883 m2: .88 25. A8 :82... 2: .8: :28 3.3:: .53 808328» 2: 2325.8 8285 .8328 9822.282 2: .2: 3:2: 3 a 8:2: 2: £328 :2.- ..28 2: :3 5.82: .2: 8 .5822 93 298. 8.82: 2: 3.: :3 32: :30— : 5:85 8088880 33— 2::2: 26:2. 8 82.3 932828.. a 82: .3.: «:2: a a 3 8:83... 8:3. 8:2: 2.3.2 218222 a. 2.2. :2. 22: .28 < 82 $58 3.98:8: 825.88» 2: 8 3.8: 8 9?: 3: 28.8 :8 5.33 .838: 8:2: 2: :3 638828 2. =2: 55:289.: :2: =< 2318233 .82.: a .3 5:89.88: 18:8:- 8388 2.2: :88 2: .553 8:3 2: 8 223 2: .8 8:2: 2: 2.888: 3 0328 2 988 2: = .2 .25.... 3.3.858 2: 8 8.828.. 2 3.8258: :83. :_3 388:8 .uEE 3:12:23 2: 8 33: 2: 8 9?: 3: 2:23 6:... .38 82:88.: 25. 38253 .8 28223 2: 8 .388.» 2: £328 3 35:88: 5:3a 8:: :5. 383:5.— .83 «.88 22288.3 2: 5:: 2c .32 512:3 82558» 2: 68:2: 3 :23 8 .232 :25 2x5 :2: 85:8 .8 888mm": .8 .to .28: .3 «322 8:28 8:2. 8:88 82:88.: 2: .833 3:2. 2: 5 85825 512:3 82:52:.» 2: :2? :25; .38 a 5:: .8255... 8 2823.: 2: 2.: :38 3 8:2: 3 .88 232 .8 982. 852: 258m :28: 23188.3 107 3.5.5.. 8385...... .8525... .5 83 a 5.3 5 825.9... .8325... .5 83 8...... .33 895.. an... .3. dam 9825...... 8.3... .8925... .385. 3.03.... 4 0554...... .8... 8.5.2.... 43.8.5 .3 .5888..- 8...... 3...... 8.3.: .a. .855... 2.. 3.5... .2. .. a 8 5.7.595.— ..o...... 3.5.5.. 8.385.. 8.538 e...- 82.8.88 2.. 3.8... s 3...... .8 a 5...... as 3...... 4 a. .02. a... 5 D c...- n 3!. .. 33...... 2.. a... 33...... 3.5.2.... 3. .o E... .28 2.. .o 5.3.... 3...... 333.3... a. .8... 3.... 84139.35 .5 o. .8... 8 on... :5... 8.53.5 v.5 68.5....- .3 33...... 3...»... has. 2.. .3.... .3. 558m 38.. on. 5 a 0.... 5...... 83m .- .... 595...... o... 3 38538.. 3 2.3.8.. .2. .ha... v.5 385......— ..... an... baa... 9.8 3...... . .8 ...5.2. a. .523... a as... a... .2... .2. s o .a. .. 3.... .. 3.3.2.. o... 5.3 83:35.... 3.5.3... 3. 5 b.3955 o... o. .55.. 3 on... 5.... 883.8 v.5 68.5.5.3 38.5.5 83.6.... m. .53. 2.. .3.... a... £38.. 38.. 2.. .. BS. 2... 3...... HEMP... o... 5 385......— 5. 2.5.8.. 5.. an... and 3.... 8.95.. .2. an... .358... 9.8 .880... 4. 3 .3. .onm 8.5.8.... 5.63.... 9... 8.65.... 2. 20.98.8555. .3... 20.9328 < 9. 8259.28 . aznxnoaoszalfi 9...... («JV—q by« ‘l WTAA" 3131:: 67.1.9qu nmhrtmfimwmmmmxw wr!» “'5“ W ' ’ :va r; kw: viii-fin: +4 .' -..3'..£.8. 3535788- . wan-‘11:» g- “‘5' 83.88.... .58: 5.55.5 a... 8 8.855.... .55.. .5... can 9.8.5 .3. .638 mam—58...... a... a. .3.. .538. 8...... 2...... 89.21.... 3898.5... .5.- .aa88... 8. .3.: .538. 8...... £95.. 8...... .5 93.... .8 .2528. no... .5 .58 8...... 0.5... 858. 8:5... .3 38.59. 3 .5 8.1.5.. o... 3.25... :4... .58.. .523 895.50 5 83:55.... 883...? o... 8 1......9. .5. .88m 0... 5 .8385 o... _..5 83.3.5.9...Qm .5 8.5: 3. 5 8.8.5 o... 8 .58.. a 35...... :3. .3. ‘95.... am. 83...... o. .88.... baa... 9.8 1.55... a :5... 85 .59. 8:5... 5. :83 58.59. .3.. 5.55.... 255.28% 7. .88.— .58 .8838 a. .o< a... .523 a. .8» o... 8.... .595 2. a... 8.5.2. .3. .8. .o a... a. .3.. .08 Egagaun 52.58.... .553. 9.8 .830... a 5 3.3.. o... :88 s .525... a. 2...... .3. 5...... .2. a 8...... .5. 9.. .38 5...... 5.5.5.5 .8559...» a m.— ..3... E89. 25:8... a 5.. 383.5. 995.1% 8 553.. 9.8 8:5... a 5 3a»... a... 81.8. .5 omen—.5 :8. .552... a... 5 2.3.52 3 88......- 5 855...... 258.... .36..- 5 3.5.3. a 8 .83....— Eooo. 8:55 a 5 95.5.2.8 108 383% .53385...58.55§a~2§§§3 38.83.523.3383..58€3 88.825858533332898 $888.52.: .8 208.4388...— 33 3.4.. E... 88838.... 58 .83 EEHIE 8E .......... .2... z 3.32.... .53§..=.§28233233§..38§ .32.... 2.... 8...... a... a. 8 .95.... 3 .2... .5... .3.... .8... .e. 88.... s. 388...... a. 322...... 2.. s .8. 833.83388533388fim133 2.. 3383.82... 835332.38??? .8. .. as... . a. 8.32... .52.. 3...... E. 3.. 85¢ .22.... :2. 8.5.... 2.. .2... 2.. .. 2...... h.. 32.2... .. .228 .338 8...... .n 2... ... .8. 8...... .8... .08 .88 28.4.8 5.55 .a 5.8... 2. 92.58.; .88 8.8.4.8 BEE. a .59.... o... Eaaazgl: 5...... .3.—8.38 3 8 858.85. «38 2: .8 8:2 9338.8 58 woman—.5. 2.22... 5%... .2... .2... .2... .3.... a. . .2... 3.88 95 3 35535. 8 .83 8538 2.8.8. .8. a... .58... 2...: 2.. .. 3...... 2.. a. r. - *3}me W '— w __ A a ”m‘ ,3 ._-—~ __._ ‘. --—— l-VT'W ‘u—W Ivow'] ‘\ A -——w ow.“ W-r “I- ,, ‘- Wii‘... 53%;... ~88 :38.» 5 8.8833 .8an 8 8855...... 8 c5888 2.. 8 8.8... a .8 .8532... .8885. 83.8 .5 . . '8 E... o... .8282 a . Isms... 5.98.. 8.83m.— ofi .8588 .8.— 8.8.888 .8 8.8— -89 a. .85 8.88 .8 .88. 5 858.85. 988 o... = 3. 59:83.... .898; .858 8 88:88 .8. .88 85.98an 585.8 88:88.8» 5.1.8. 98.. 78:88 2... 85.58 .88885. 832—88 8 .88 .858 .98 5 8 $888.38.. 5 .588... on. 3 8.88. 885.3 .588 858:. 8.35 ‘38: 3.5.88.8 b8 5 :58: =58 8 ~55 an... .9: :58... .888 25.8 8 8333.88 .823 .3 .8 8 .828.— .. .3 85.5888 2... a. .8 6:: 5.: 8 D .8 a 98.. 8 .838... .98 8 88:88 8 .8588 «8.8828. $585.8 :8... -anom 5:8... 2.8 85—8.: 8 .3 c5888 8 A: .18 .88.. a .8 883m.» .823 .34. 3 .mn. dam 2.5m £20 .52. 8 .89». 28 =5. 98.: 8: 8.. 8.8885 .8 Good; 55.. 988 8: .85.. 3 :8... 98.8.. a .88. 28.2.8 8 1.55.5.5 .8 :8... 8585.858 .8 .8 55.8. 98.. 18:8... 8 :8... 1.8585 .8 838 98.8.. 18:88 a 85.88 .8 38.88 .8< 5.: .888 PBOMULGATION OP REGULATIONS SEC. 302. The Secretary shall first establish final regu- lations to carry out the amendments made by this Act not ‘ later than the first day of the second month that begins before the effective date of such amendments (as specified under section 301). -o-Q..-“—- **,.A .- _‘_ .:.-s—*.‘-"-.~ .VA ‘t<‘sc— Appendix 30: S. 503 Source: Reprinted, with permission, from Medical Records in flggltg lgfiggggtiggL 1979, Aspen Systems Corporation. APPENDIX BC S. Bill 503 “33.333... a. 9.02.5... 83.2. 28 .33.. use 3.5....— ..33.2_ ...._.........3 15.5238 .3 .5333..— .a..333. 5.3.19 .336 a... 3 23:. _...............>.5 .8 93.15.30 o... 29...... ..c_a..m......e0 $55 5.83:5 A335 0.: 3 5.2.5.... o... .3 68.323 3. .3.. 333.3 3 33.. 333.38.: 2: 3.3.... $1... 3.3.3.5»... .38. 3.3....— e.... 33......33 .3 «113%... 3...... 3535...... 3.53:8 .o :22... A3232. c...- 63 62.33.32. 53.258 c... a... “£31333 3...... .3333...“ 128......— AEME E... 3.3.... 315835 a... .3.—=50 3 oz: 2. 22.23 .289. Sue—2308 9.353.. 32.7.. 8 2... a... .23.. 3.8... .35.. v.3 1.39.93 a a .933...— 3 Eat 2: 2... l3... 6.... 39.980 29 3 .3... dam... 33...... :24 32...: $3602 440—93- ..3 wagezaamzoolfl 39;: .3.: 3.... 9.33:... o... E... a... .a 5.3.3... 8. 13 “:93. .3... 9.32.... E... a v.3 m 33...... E 9323.. .m 3....— ..3... :8... 3...: .2. 9.3.... a. “a. 8...... 2.3. ._....._....._...._ ..mzo.m.>o.... 35...... flange... 3...... 9...... 2. .....§... 3 al: I33 32.2.... 3 v8. .9 ....< .395.— 22. .m 6.5 .3.. .555... .5... a... 5.22.32224 c.33— .3 :........~........< .3.. 53.2.5: 0.: a... 25.. .5 .3.... :2 3.: .53. 8.38%.... 329:5 e... sotuEV \o 3.3% 3......5 as \c as... .e.§qo....~u- \c o§c~5§8 228m 05 \3 382...» ... am .3393; .23.. .5.— e.... 628.... 18:5... .3 5:155... .98.. a... .3 93.6.3 3 :2 .2. .o< .9335 o... 2.2.... Pa AA—m < .aéguguosgaaSfioéiagaoaa 33.... 3...... 8.... ...... .. s... zones... 5... .35.... 2.. .5 :32 3535956 .3 88.3.5.5 a... 8 2.8.3.. =............... .3 3.3.... 3.3.: a... 8.3. .3... 3.3 .333 £3 9.36:... a... 333:... 3.335 a: a... £3.52: a: .233 a: .2350 a: 550.....— ..= 52...... .3.: 2.55.. .i 2.3 .8“ please-.— 53 .3.—awe: — acne: mar—Rem Gangs a3. ho 3.5935 5:. 2H 632...... .35.. 3. 33 .333. 3...»... .o 5.3.33.8 2.. 3. .33... s E: ... .3. .3.... s... .525 g... ”cm cm 23.3% .3. want—«Eco 2.5a 110 111 '38... 285283 2.2.3. 8.: 82.2.3.3. 8 8.2.2.8". 328 .8 3.83.2.8 a .35... .12....2...§....8 5...... .. s 2...... a... 83.6...— oomto. a .3 22...... 8.385.. a .8 .33... £252.68... 62.2.88 a .8 .423 32.280 2.3 - 53522 .8 2.42.. .28....“ .252 8 2.228. a... . “2.2.2— .. 8 222.32... 8 .8253... 63.8.88 .283 8.8.2.. 2.2.2. 1.28... a... 3...... 2.32... 2...... 2.. 3 .222 a... 8 .822..— u .82— 2... .8 a. .38? 2...... 5. 2.... .8. 2.. .2228 a .12.... 3.. '85 83.6...— SE... n a... 33352.. 8 23.8.8 2882.. 22.82... .98 .3 222.... .82.. .8 428 232.. 322.882.. 3.53.8... a: '88. 2: .22.. «E. 2. 88%.... 8h .8...“ dam: 39.2.5.2... 82.3.83 :28 .8 52.2...— e...- Qaaowmuoo 2t .8 £3. 28 .2. 22.32.28 9123.. -8... 2.. A...» 23.3.8.3 3.31.2.8 3 =83 o»!— 3 2833289.. .883 82.....— e... 3:22.283 58 28 .o .32. 33...»... 2.. 853 2.3.28 a... 28 .388.— 8...: .8 53.3.38 28 8953 2: 233 3 2.8. 33 an... . .u. AA .— - __.._. w “'1 mum «mun-o. «Ho-ma. :22- ~ ; 2" ~.~51'!U' 1" ‘0 agaagfiggoésggj 2.... .22.... 2.. .3.... 3 8382.. 812...... .328... 2. .3..a3>s.§§3.3§3§=§ .3323 a. 33.2... as 5...... 3838.. .3.... 2.2... 383.55.... 2.. 2...... :5... 8.. .. 25225282235223... 2.2.... 328. 23.2.... .32. m2... .28 1082.. .8583. 28888:... :12... s 2...... 91.225... 2.. .a .8... a. 2... .25.. .2... s 8233.... .25 ... 25.3.... 2.. .o 2.... a. 233...... .28 .28.. as 22.. s 2...... 8.. 23.83 3283.80 .83 .283 2.2:. 98... 8.283 3 2.... 2.. B... 38...... a... 3.8... 2 2 a... 2... .9832...— 838- .2..- 32282 283. . .3 2228.32 3.. 8 23888.— .hogta be... .3... 8.333.553.3323. .2... - .a. 22.62... 22.. s :88 3...... .3.... a .3.... 2.. .22.. .1 a»... be a 8233.... 12...... 2655... aaafiaasgeazuiiziai 3.33.2.353383333: laiiaoo .3... 82.32.. 22...... 2.. .o .3.... a... b. 388.: a a... 112 533...... 3. 33.3.3. .3. .393... .3 3333...... .3 3333...... 3... 3. .33»... 8.3.2.... 3.... 2.3 3 ..=... .3 .3.... .333... .3 9......33 1.3.3.... 3. .3233... 3.... 2.3 .3 .23.... 33...... 3... .3 .3333... 33...... a... .3.. .323... 33...... 3... .3 .33....33 23333....- 133... .3 .3....3... 33...... a ....3 .3353... w... .3.... 3. 4.... .3..» 3. .3393 3.3.3.. .5: .I............ ...3...>3.... 33.3.3. . a... .33.... s 3. 33...... .3....33. .3.. . 3......3 .3... 3. 3... 33...... .33... 33......53. .3 53.3w 3... ..3...3 3.... .3. .3 .33....3... 3... 3. 33...... 5.3 3.... .3.. .3.... :3... 3. 3.3.3.. 3353.... 3 33.5.3.5 .33. .3...» 1.3.3... .- ..3>.333.. .3.. ..3...3 ..3< 33. .E3m 5...... 3.3.... 3... .3 a 3.... 3. 333...... .3 53.3.33... 33...... 1333...... .3 .93.» .3383... 53.3.33»... 335383.33. 4.13.. a .0... .3.. 9......3 .3... 3. 3333...... .34.... 33.3153. .3 33.35 3... ..3...3 3.... A... .3 .33...>3.... 3... 3. 32.3.. ....3 3.3 .3.. .3.... 33m .3... 3...... 33......3...3.. .3.. .5333». 33m 3 .3 335...... .3 HEN 3.... .3... 3...... 33:33.33»... .3. 53.33% 3... .3 333...... .33.. a... .333 .3.-("firm ‘W. “mag-Furnace VIN..." ‘5' 6 _ ' §. ;ws,,.’2 ”#VM'.‘ 1: at. :9". An.“ 9‘33.” awfl‘u'fl'fl 3‘ .1 NH?“ 4 “ _> . ...,.,r.—..§p",;~ni“r i f. u..n.-—r'¢~ dwo—b ' v5 “ V._ .2. M. ,..' L .5 A...&....3....... ... ..3.....3.3.. .3.. 3.3.3.29... 1.333.... 3.. .3... 3...... .3....3 a... a... an; 3.... .3... 3...... .333... .3... 3.3% 3 3...... 33.33.33... .3. .833». 33w 3 3... .3....33 3 Ex 3.... :3... 3...... 3.33.3.9... .3. 5.3.3. .33m 3... .3 .333... .33.. .3.. ..3...3 .3. 3.33 .3m 3.3m 3... .3 M... .3 SEN 3.... 3. 32...... .3 mg... 3.33 b3.........3 .3 5....33. 3.33 3......3... -3.... .358. .52.... .3.... .338. . .3.. I333... ...3...>3.... 33.33.. 8.: “.3.—33 .3.. 33.333... 5...... .3 3.33% 3... .53... .3333? .5: .333... .3.. .3 .3339. .3 .33... 3.3.36 1.3.3.. 3... .3 .333... .3.. .3 53.3». .3 .33... .....3>3m .33... .3 3.3% .........3........ 33.3.33... ..3.. 3.3.33 .....33 .3338... b... .333... .3393... .3.: .3.... $5.3»... 33.3.33. .3. 333.....33 8 33...... 3. 33...... 3... 3......3... 3. .3... .333... .353 .3 ...3......... .3....3 .. .5: .3 63......3... 3.. ...u.... 33...... .3... .323 .3.... 3.3.. .35.. 3. .3. 3.. .5: .3 333...... ..3... 5.2.3... .......3 3.. I...3...3.. a .3... ..3.3...3....3 5.3.3.33. 3.. ....33 .. ..3...3 :3... 3.... 33.3.3.3. .3..... .3 .33.... .....3...... 3... .5: 113 9.83.3 3. 35.88 3 889....— .3. 85888.8. 85 .35... o... 8 838.35 3.8338 .5. 3 .88. .38.... :3. 858.... 83...... 2E. 658.385.. 8.85.... .5 o.— 3 838 .38 .5 3 855.5 .353... .523. an... 0.. 8.5 23:...— .3.....5 .3 35...: 3.: 838-...3. 3me.... 35...... .5. .38.... .3... :25 3828.35 .3... 08.88 3 8...... 8... 35......— 853. a... 353.85 8.: 8 3.8.5.3.. o.— 383 15.385 .5. 3 5.38.. 9.8.3.. 33.3— 3 935...... a .3 33.38:. 8.: 8533.5. 338.3 83.3. a a 3.: 433.385 8.23:. .5. M558... .393.— b... 8 8.58:. o.— .3. EL 53...... E8... .823... $358...— 833. .5 .3 93.. .85.... .3.. a 2.385 =5. .9 585......“ .35... 82.. .8323. 4 .388 o. 8.. 8.3 .859... 83.3. o... a :5. 833.5 85 3 ..5..3> 3.338 .3 8.38.. .3 o.— 3 88:3 8.— .53 «5.3. 938.. o... 3 .8333. a .2... 3 .55 M58838 83.8.55 3.83:8 8.3385 3 88885 .5558. 3583 83.3. a... 85 88: -2 .53 23...... 83.8 .3 .838 a 38:. :3: 35.8.3. 88.35 .5 5 9.8.3. 858.3 83.3. .5. .353 .85.... 33.5 .3 .85... a... 3 .88.... .3.? 8.89.8 3 3 8.3335 3.8538 38:. a... “3.3.... .2: 3 333.2. 8.. .5855 3.8538 3 823.8338 .3 8.38. .5 .838 8 2.5....— .3.....£ .3 35.... a 38:. 3: ~' " inflflcm W .' «barman-:33: 7:5.” WW H - l 2‘ me‘fiaflu 1533‘. m§ffi‘WW‘M “‘13... . 7v“ - 3 to sue-AWE "WI-.3 «w 59"- M Loni»). ‘gfififl'r-I'P‘ . [.353 8.5.82... 553.38 5.8935 0.: .3 Exam—3.3...— 85.5.. .8. .23 853.88 5 5.... 358.... 83.3. .58 3.: :38 .. .3... 9558.... .3.. 3.3.3.. .5... .3 8.3.5 8&3... o... .3... 3.8..» 8.. .88 .9... 5. $3.3 .3.. .88... c .3.: .3... 8.3.5 3.. .3... a... 35.8.35 .3 .3... .3538.— ..8 39.5. a 8.3.5 8.. .3... .328..— 833. .59 $5.38 a... 838......“ 3 88......— .3_ 6.38. 88 .585 031.38 .3 8 .88.. 35.... o... 38:. .35.... a .3 .838. 13 .3 :85...» a 3 8.5. .95... 5.53 .=..._. .358... 83.3. n .3 .3588... 5 85.8.3 8 2.85m 3 $8 dam: 29.94....22. O... 8.504 92.395... .393... .88....— 813 .83 .3 .03.. 65.5.6... 3.... .3 333. :5. .3 15.5.3 5... .553 3.3.8 3 33:5 .3 .3 .335 .5.» a 35 ”5.5.35 $5.88..— 3858 .3 85.85.85 .535 a 88... .385 23383.3. 3.... 8:: cap .89.»... a... 8.: .353 5 4.33 o... 3 38— .3.. 9.38 o... 3 imam... o... 8.38.... a... M55... 853 88.3.— 3.8... .2388.— 8513... 8... “32...... 35.3.5 5 5 1355.5 .35.. a... .3 2.5....— ofi 3 be... .3 5.8.. .5. .333 5 :53: .5. a... 88... .8882... .88.... 8c 33... 8V: 11h 8:28 8:8. 3.: .888 83238.: .8 .823 3 8:28.33 1:88:28 2: 2. 82— 8 328.: 2. :2. 3:82 28.38:. :28 53 8:38:88 2E. 6838 -3: 83 2 28:3 3 :28 8.38:. 33. 2: .2. 9882 2: as 3.32: 8385328 :28 3 2829::— 288 2838:. 328 .8 E88 828.52: a 82— :28 :28 .88. 2385058 .88 .2. .38 a 832 :82. .838:— 9358 25. A3: . .3 8:822... .2. 3.88 .282... 2385858 2: :23 882.88 3 23888:: 8: -8388 2: .2. 2838:. 2: 852:8 88 832388.82 8:3 .8 .382» .8288.— a.28:2_ 2: 55.88:. 1288 .8 8393: .2. 882888 a .8 822883 8 and 8 928.: 2:95 8:25 a: 8322. 8.53 .8 28:...— a n 2:: :28: 83 8:852:22. 2: 83. 2: :8: 82m 28 2.88 2.: :28 833 .98: 8:888 2: 225:8: as: :8 :8: .2503 2.8%.... 2.. 2 2.. 2. 328.... a... 8838:. 2— 88 8:88.88: :28 82:5 8 :28 .8: .8533 :28 238:. 88 8:3 62.38:. 2. 3 232.8 L38 2: 2. 282.8 :28 9828 2: 3288: 5: “28:2: 853 .3 .88.. 2.. .3 .28. .5. 835 a 2. 8.. I22: 8:52:28 .85 838882: 1:83:88 3: 2. 98.38:. 2: 8:82:28 88 822—888 ~Jfio._raxm - . m “a t”. Arms» 35"”; ‘-V.‘ ‘9‘ “anew-v u‘ rip-53*: *2 ragga-137a $3 332:5.- . I. 11.1“: ”may 8‘ syn”:- ‘ MNO' ‘38P'r-‘1GI’1 Iron“ 41:31 A ' w .‘nu ”a ’-.' .~.' : ‘A Wa'fi‘n 00-! J... ‘4 «Imam .m 38.288 .8 3.8393: 2.: .28 .82.. .8 .8? .2. .58» 2:23 2 23 28:8 888.. .8 8328 < 3 .3: dam: . 88888 .5 22988233.. 832882: :28 .8. 85283 8322: a 28.. as... 28882 2: 8.: 95:2. 3 .882 23 23888:: 8:23:28 :28 8:28:85 .8 8838:. .822. 2: :. 2388.82: 8:83.88 2828.: .8 2.33:. 5.. .8 .288: .98 .3. .2382: 28:8: 8 .888: .8 838:. a... .288.— ..98 8 85:83 28:2: .- :23 8:8»... .8: .8882: 8:28:28 .98 2828: .8 838:. 3.. Inn—:88.— 2382535 8:82.88 2: 82.3 8 28:2. 888. .8 28:8 3: 2. .838 8:8. 3 838.8 8 8382.858. 2: 28:23 .8: :22. 828.:— 9358 a 0:: 8:: .2 8:28.:— 8 283m .3: dam: 22.2.5398: 52923828.. 2835.5 22: 8 :28: 8 2: :28 3 28:82:... 8 58. 8.. 82.»: 2: :8 8888 88 3:888:85 :83 :38238 :2. .8 8: 4.8:» .288: 8:. $2288.82» 82:. :83: .82. 8: 92.2 -8883 1288 .8 1393: .8 822.888 8 .8 .8 .0». .2. 928.». 3.95 8:28 3 28:22— 8.53 .8 28:8 8 a :3: .33“ 28:88 8 8588 88:89:. 2: :23 8:288. 3:888 .928.— gstofisa 2: a .5 28 3 28:83:- 82.: «23.. 115 .3. 2.88 £88880 18.88 8.... 88.. a o. 2... 8.. .3858 an...» 8 032.8... a. 28...... o... .. $388.. .32 83.82.82 a 2:... 8. 883. a. .88.. 2.. 82.3 5.3 8.88 see as s 3.5. 288.5 2.. 3 .2. 8:88... 8 28.88.:— o... 3 .838 8.: 228388 18:88 9.... $8.. a .88 3 8.88: 88.8 o... o. 8888.. 88888.8 8. 8 8.88 o. .5: “828.888 2.. 8...... Savannah: a. 98.. . 6.8.8 8:. .3.. 853.30.. 8.88.... 8.8.. 2.. .. 38.2.88... .3388 8 5:83»... a... 8 .8»: 8 8% 883. 8... a8. .3.. 18...... a 8 8328 was. 8 .88..” 38.3.. 2.. 3 8.: .34. 8 8.888 a .8 8.88 a 8 a. .838... :83 9:... a8. 28...... a... .3.. 88:8. .3.. 8.88.8.5 3.8388 8 88.. .8588 8888 «8.3.8 88 3 .88.. 3 B... .3 8.8.8.. a. 8.89:. 8.88 a... .. £88.. .8 8888888 3... .88. 8 683. 8.8.8.. o. .2. .8... 8. 83.888 8 «8.82.. o... o. .838 a... 388...: 88 8. 38.588 858... .88.. 3 Ba. .3 8.8.8. a. 8.888 8.?8. o... .. .28... -..8 5.8.. 8.3.:— 18. .8: 68$ 8.88% o. .8. .8: A... 88:88... 8 8.8.388 a... 3 .83.... Av... " -' no Misc-anus; -..».¢Wma-I m,m.m11W'OWAM-ehwmw v rmmnarum’w Anni-WI": “sand-51.9.1urusvtilsr“urwu- ;-~‘-. . s .3.; .3 8.8.8.. a. 8.8288 8 .88 .83 8.. 8 838...: .8588; .28 58.. 8 8888.. 8. .8 .8.— 8. 83.838 8 88.8.88 2.. 3 .83.; Am... 38...... a 3. «88.8... .8. 8388 8 £8.84... .8. «88 8 8.8838 .8. 2.3 8. 8.8888 8 8.58.. 8.8.8.. 8. 8.888 a. 8.8888. 2.. 8... 83.8 2... 3 35.3.. 8.88 a. 8388.. 88 .8288 8.88 a .3.; 38.8 .s .3 83.8 .828... 3 8.. 88.8888. 8.... o. 888 2:... he... 8... 8.8.8.. 8...... .8... 8 82.8.8.8“. 2.. .. .2553 8.88 a. 83.88.. .28 8.888 8.28 a 5.3 833...... 8 .3 888:8 m..8...>..8. 3 S... '88.. 2. a8 8...." .858 82...? 8588.... 3.8888 8 8.88.85 3... 8838.858 82...? 8.88 2. :2: 8.88.88. 3.88.88 8 08.8.8... 8: .3. 8.888. a. .8288 8 .833 A... .93 dam: 22.888285..- .50383 8838:... 48...... 888. .8 .88.. 8.... 98.858 8.. -88.... 3283.88 882...... mi. 88.2 8: :3... 8.89:. 888... o... .3 8.888. 8.8: 8.23.858 o... 8 8...... -88 o... 8.... 8 .88: 8......» .88 8 8.88.. 8.2 .8...» -88 83.88 2.. o. 8.8: 8......» 3 88.. a8 .8 8.23.8... -8 83 388...? as: 28...... 8.58. 8 28...... < .3: 116 333 .3.. 3 .3133... .3333... o... .3.... $3.3. 3.3 3 .3393. q... .. 3.... u... 4...... :. 333.3 3.3.3:. 3:. .33 3.3.3:. 1.33:3...» 13. 3 .33m .133... a 3 .3333... 3.3.3 3 33.33. -:. 133333.. .3.... 3: .1... .3....33 3.»... 4 .3: 633...... 3:. .13 3 33.3.. . :13. .1... 33.33 3...... o... .3. 33.... .3. 3.3: 3.31.... .. 33.33.... 133.33.. = 3.... .333. 3.3... 3:. :. .333 . 3 .933... a... .31.... 8.33.33 3 3.33 3...... -o. 3:. .3 .3.... 3. :. 3.3... 1......33. .3. £33.33. 3 33.3.... 3.33... 3: .3... 8...: 33.33:. 3..:: 33.331. 13:33:... 3 .33.. .33..» 13...... 3.31:0 .3: 63.32... 33:3:3 .3.. 333.33. 3:. 3.33 3 33.333. 133.33.. 3 3.3.... 3 .3.: a... .3 3.3.3.... .3 a... 63333... .33... 3 333...... 3 1.3:... 3. :3.» .33 . 3.33.3. .3331. 33...... 3... .3.... 3 33.. 333 3.3.1... .3335... .3 .3.... 3.333 c... .33... .3 .33.... 5.1.3.3... 3: 3331.3 3 .33. 3 3 33...... .3. .53. 3333:. 8 33.3.. 333.333. 32......» 33 3333. 133.33.. 3 2:31.... . 3 on... o... :H c... .3.. 13 .33 3 33.3.1.3. o... .3.... 33...... 3.3.3.3.. 3...... o... 3 333.33. 3:. 9.3.3:... .33.... o... .3. 33.33. 293.. ( :r 3..."..15“ as»; x. . .. not I-Mfidmaswzhu .to-«pm u‘ ‘3‘“ t ADA8- 4:: 19.-4%?! EHM'W; zap- -{-‘ - s?- -w aha-«5‘: w an cam-m . .,~-. .3 L) - 10“.“ I. .2”. \afi—u: -3 :_‘O—_'>'v-‘ 7! -... 3:. :. .3333... 3.3... 3:. 333... .1... .3. .3.. 13 -.....~ .3 3.1.3. .3... o... 8 33... 33.33.... 3:. .3... -.... 3: .1... 3. 3:. .3.. .8. 3. 3333.3. 3...: 33...... .. 33.33.... 3...? 3 3.33.. 3 3.3.3333 .9... 3... 333...... .3.. -3.3:...: .3.. 33.33.... 133333.. c... 3.33 3.3.3.. 6... 3... 233.33.. 33:: 9...... a... .33. .333...:. 3 3.3:. -3.. 3...: 33.33.... 133333.. 3 333...... 3.3 .3... 3 3.3.1.... 3.31:3... .1... 3.333 2.... .3: 333 .33 .3 33.33:. .. 33.3 .....3.........:. 3:. .31.... 3: .1... 3. 3.3.3:. .3 .8 3... .3 2.3.3.3.. 3.3: 33.33.... 1333.33 3:333... 2331...:— 3.: .33.. 3:. £8 .8... .333. :. .3....33 .. .33. .0... 3......» 133. 3 3...... .13.. £3.33. 1...... .3. 6333,... 33.3.3.3... :. 3 3.3.3.. 8:: 3 “3.3.3.. .3. 3 33... .33 3...... o... 3 33...... o... 3:. 3.3.. 3...... 133 -33.... 3.3.33... .3 5. .333... 3... .3 3.3.3.1. .3... .. .3... 3...... o... .. 3.33 33.3... .31... . 3 .3033 3.33.. .3.?3. .31... 3 6.313333. ...3.....:..... a :. 3.: 3.. 133...... 3......:.. 3 .3.. .3. .3 3333.3. 3 ..3...>..3 o... 3 3.3:. a... 3...... 33 .. :3...» 8 3... 6.3:. 33 2:31.... o... 3... b.3333... .3.. -3. o... 3 3.3... o... 5.3.. .1... 33.33 3...... o... 117 8.88 2. a? 8.8.2.. 8.888.. 8.888.... 68.88 8.... .8 8:88 .8 8.8.. 2.. 88.. 93. 88.88. 8 8.88 8.... .8 8.?8. .8 8.8.. 2.. 88... 8.3.. 8. .8 88.8.8.8 2.. 82.: 68.88882. 2.2.8 2.. 38:8. .88 8.. .8» .— 82.»... .88.» .88.... .88 88a .8888.— 8. 28 8.888 8. 88.3 .888 88% .388... -1 8.058. 8 2.2. 8. .82. .88 8.. .8» .n... 4.8.8.. 8.2.8. 8. 88....2. .88» .88.... .88 .88 8. 888 8. .888... on .8. .. 8. 82.. 9...: .28.. 8 8:88 b. .8828... .88 88.88 88» .8 .38 a 5.3 8.888.... 3.8.2.88 2.. $8.88.. .8 5.853 8888.880 2.. 288m .m... 3.88 H . 8.38:8. 2.. .8 28 m8 .8 48.8 2.. 8. 82.. 8.83.88 8 a... -...88 .3 .8828... .88 88.88 2.. 8.5 .m. : 88.88 .88. 3.88.88 2.. .8 88.8. 2.. 8. 95.88.38 8. 8.82. .88. 82.8 88 8 8.88 8.... 8. .88.. 38.8. .8888.8 38. 8.88388. 2.. 8. 828.8.— .88 8. 88.88.88. 3.82.88 2.. .8... 82.2. 88.. 282.2 2.. mafia 8...... .88 8885280 2.. .3 8.88.8. 8.2. a. 8.888.... 3.8.8.88 2.2.? 82.2. 88.8. 8 88...... 2.. 8.8 .8» .2... «8.8.. ' -_-.—- \‘r'x -" *— firw-‘r V. ‘F-w y—v-y ‘—-.w v, ‘— 4.”- w— <-—-rv .anm‘flnnw “N“ W9 . ~ 4.5:" Wflm‘w .858 .88.. .8 28 8.5 8 2888.8... 8.83. .88 82.2. 8.88 83888888 2.. .88 E... A. .. ".28. .8» 6.8.8.8: 8.88 2. .8: flamaghoudm .5 «6.500.— :oau nag—a Pane“. 50% :3. "2.2.8:. 8.38:8. 2.. 8. «.5. .8 .3. 82...... 2.. .8 = 8.... 5.3 888888 8. 3.88.88 8 888.888.. 8 88M... 8.... b. 2.388 ~52. 88 28888. 8 .882. .88. 82.88.... 2.. 8. .888: 88.88.... 8.8 5.82. 2.. .3 8.2. 8.88 5.82. .88.. 8.5888 8.88.8.5... . 20.8.8. 88888.88 38. 2.. .8 8.8.88 2.. b.8588... 832888.. 5.? 8.8.8 :8... 88...». 8.88 9:38:89 2.. 5.? 82.8.8. 8.88.... 8.28 2.. .8. 82:8 83 28888. 8 882...... 2.. 8...? 88 8.8.. 2.. 8.8.2. 8 88 88.8.8 838.... .8. a... 8. 88:88 8 882888.... 3.88.88 2.. .8 88.38. 2.. .88: .8888 :82. 8.2. 288888 8 8882...... 2.. .8 .38 a .8: “.38.. .8. 88888.88 38. 288...»... 8 8. 828.8. a. 2.98. 8.888.... 2.. .8... 28:2. 8. 8828.. a. 82.. 3... II.. b8 282...... 38...... .8. 28888. 252.288.... 8. 8. .8882... 8.888.... 3.8.8.88 8.8.88 .888 5.858.. 8888.886 . .8888. 888.. .8 38.8.... a... 3 .88 .88.. 4288.888 8.888.. 88 8282.88 828.488.5284.. 118 .33.... 2. 3.... a... 8... .98.... as... .88 o... ...8...... 85.8. .8 28...... a 5.3 @3888... 28.8.. 8 9.2m 8 8.8.. b... 8 £283.... 8 98.» .8 28...... 88.8. 8 88...... a 8 .988. 88.23.. 8 .2... o... 888...... mu... 8...... 8.... 8... 28.8.. o. .828. a. 08... .8... 8:... .88 o... m .8... 2.8.8 8.8... .82. a... 8.88.88. 8.83.88 .8. .818. a 8... .8 .8338 .82. a... 8.888.... 8.88.88 .4... 8.8.8... 8.... 8......9... 8. $8. 8... m5............. 8...... .8 ”:88. .28 £3.58... .888 o. 8.. 8.8.. a .8. .88.. 8.818. 0... 9.2.8..» 8...... 8.8.. 8 .8 8.8 .8... .. .3. .8383... 8 8. .8... .8. .2. 2......» -88.. a. 8.8.8.. 85...... o... 8...... .88 o... n a 8... 58.. .8... 2.8838. 5.3 8.8... 2. .8... 5...... .8. 8.28.8.8 :4 64.8883... 988...... o... a. 888.88.... 2.. a... 28.8 2.8.. o... 3 9.888.... 8.3.8 3.8!... 8 8.... a u... 39...... 58...... 8 8888.... 88...... 8 8.2.3.8.. .... .8 9888......“ 528...... 8.3.2.... .8: 8 "8.85.3 8.83.... 8 8.28.8.8. a... 828.. .5 5.3 85.2.53 3 .o 8.2.5.... a... 83.888... :8... .4»... a... 28.8.. b... 8 .988. 18.23.. 8 o... o... uztogzo .3.. '1 93“! I; .- ww :wdfiafl’x *0 L‘w' a. £ W;W4'Mu\ m «Wuvfitfiw “Cw v:- ., .edtwovav-wv» --v “nor”: my. Manon-AM ‘ ._.. -..._ ”C'fl-‘a .— w-wv wwwwv ‘- mnlléom .w II... .88.. :8. 8.8.. .8... 8... 28...... 3 .838. a. .8... 8.: .8... .889... ..8....8.8..8 3... 885...»... a a. .88.... a. £98. 9.8.. 8.28.88. 8.. 8.8.88 8... 8... 28...... o. .88.... a. .8... a... 83.8.88. 8.83.88 2.. 9.1.8. £85.... 8.88889 2.. 8 8.8.8.8.. 8.3... o... :8... .. 32.88 .52. 58.82.. 2.. 3.. '8... 8.... 8838.8... 8 8...... «53.8... o... m .88 381.83.... .8 8 8.5. b. .8888 2. an... .3 8.. .82.... 8...... 8.8.8. 88...... 85.8. 8 .83.... o... o. 8.8.. 8.... 5.85.... 82.8880 8... 8 838...... .83.. 3... 88.8.... 3... 8 2888...... o... 4...: 8.388 a... 28...... 88.8. 8 . 80...... o... 8 ......8 338...... .8 a. .......... 3 8.8... .88 888...... :83. a .8... 8.. 3.. 28...... .888. 8 88...... o... 8.8.. 2.... .8... 3......» .28 28...... .888. .8 28.8.. a... o. 8.8.. o... 95...... 8 3.... o... .8... 8.88 2:... 92... .838... .8 8.8.. o... 8 8. $8.. 8 3.... a... :8... .88.... 2:... ab... .8. a... .8: 9.8.2:... o... 8.8 858.. 2. =5 .8» 828 .823 a. 8.8.5.. 82828.8 3... 88.5.88. .8. 83.85.... 28......886 .85.. 3 888.28... 2. ma... 8.88.88. .39 8.8.8.5 119 2.. .... 8.3. 33.3. 32:83.8 3:. 32.5.»... 2.. ... 23.3.2 ...: a. 2.5.8 8833.... 3.8.2.38 2.. 2.5 95.2.2. .3.. .388. 8.2.8.1.... ..5 3.28 a... .3.. “2.9.8 82. ...... 3... ... 3.333.. 8.2.3.3.... 158538 .353 .8... .....8 28 5.8.. 2.. ... .85.... 333. 3 23...... ... a. 2323.... 2.. ...... $52.... ...: ..I.:...:......: :3»... .... ..>....5... 3. 53:8 :2... 3.3.: ......m ..38 3232...... 2.. :. 8.... 2. =2... :82. ...... 3.2.3.. 3 88:33. 8.2.8.538 8 8.3.. 3 8.3:. < 5.35.... 32.33.60 2.. 8.... 828 838 5.3 .88.. .....m .2222 3 323:8 852.553.... 8 .....2... ... 8.3:. ... 0.... as... .85.... .333. 3 3.3.2... .. £3233. .... .38....- : ... 35.3. .... 9...... 83.3... 55.3 .... 8.28 .... 8...... 8. 55.3 5...... 8.323.... 3.23 8.82.. 8.3: ..5 5.3 88 -..38: ... .3.. ......Aeaam .3....8 .... 8.2.3.. 3... a... .3. 8582.8 ... 8.3.2 835:... ..5 82.2: .38 2.. 83:: 3853.. 2.. ... 93...... ....8 .... 038.8... 3.2.. 3:. .38 2.. .3322. 8.2.333. 3.8.2.8.. ....8 3......» ... .322. ..5 .... 85.2. :25 ..38 2.. .3 8:82.. 2. :2... 8.2353: :. .30.. 3. .882 a 5.3 858:8 :. 8.... 3...... .35.. .3 5.5.5.3 .3....8332: as. ...... ... 3.3....» 8...... .2... 8.3.3..» 2.. 8 8.5.2... 933 .....82 88 ... 88.... 3892:".— . 3.3... -..... 32...... 2.. a. .3.... .3 ...... ... a... new. wnasu - warn. :- Infirwna‘thuw. “mm-=- m-zskflmr:i:; 913-.»‘nq-fgeea, tm‘ut 1% hfiae‘ga‘we gm. enx‘r‘lrgjfi'.u’zfidafimm'fiasa -- in“... ‘u 38.... 2.. ... ..m 3.... 38.. 383.38.. 3 38?. b. 8:3. ...: .83 .882 88...... 2.. ... 8.3.: 35.5... 28 5.8.. ..5 .3 E2. 28 5.8.. .39.. 3.28:8 858:3... 53.3. 23383.8 3... 2.. ... 33...: 2.. .9358... 3.5.882 5.3 8:... ......a .353 8.3: 3.32.... 2.. 5.3 .3 .533. 35.3... 8.28 2.. ... .882 95 ... .....8 a .825... 35...... ...... a... ... .3.: 8528 .... 83.2»... .9. .3:— 3 .23.. .2. .333. .... 32...... 2.. 8.... 28.. .8332. 2a ......82 ....8 3...: 2.32.8... .3 :8. 8 .3. 8582.8 ... 3.3.3.. 8...... ... 2.2.... 8235.3 2... .38 a .873 ...:8 .....358 3238.30 ..5 .888 883.33. 3.3m 8.38 ... .33.. .3.. 8:32... ... 8.333.... .58....38 ... 88.... h ...... ... 83 9588...... 1.95.. 3 8.2.3.83. o5 ... 82.3.. 2.9 .388. 0...... ...».3 8.3: 88 2.5 «...... ... ...< 38.5 ..5 ... a ...... .38.. 353.8 8 .38 ... .5... 2.. .... 85.3.3.3... a ... .82.... 22......» 83 8585.32 3...... 8 .882 .... 2.82.. 2.. ... 8:3: 5.35.... 33:33.25 35 .... 8.8....2 3 8 85...... ...-B 8232 3 88...... 8.33.: 2.. :. 8:3: 35.6.... 28 5.8.. 2.. .... ....2. 28 5.8.. .3.... 3.28:8 8.2.33.5. .. ".033. 32:83.8 3... 2.. ... 2:2... 2.. 5.8588 ......38 .8. 5.3 2.... .3... 8...? 8.3: 3.32.... 2.. 5.3 .358... .2338. 3 88...... 35 .... 28 n .852: 3 .5...» 88¢ .... .3... .85.... 33.3.. 3 .85.... 2.. .... ......522. 3.3.. 8.. .....53: ... 3.9.. ... 8.3.. 2.. ... 8.3.38 8.. .— a... 120 a «Bang 8:... n ... 10.3.. :4 8.5085 8...... 8.. ha... 18...... 83:810.... .... ...... .38 .8: ... .8808 0.. 8.. :8. 8.80. .3. .88.. 88... a M388 8:... .....8 4 3: 80:8... .8008 0... 8.8 :8... .....8 0... .03. .3. 8 .8889... 0... .23 885.88 3.8.8... 80.. ...: 8 08.: ac: ‘ 8 .88. ...... ... .5830. a Ema... 82803 3.8888 05 ...... 08:8 ... 8.8. ... a... 0.830. .m 88. 8088880 .....— 05 ...... 80:0.— 3 8.8. 388880.. a 8.. ... 085 3.: I8... .8. 8.38.. .985... .8... .880 0... .3 .88. 8888.3 3.8288 0... .843 ... .88.— .088 8 80.....— 05 a .808... 0... .8. .3 880. ...... .88.. .8888 05 .8... 8...... .....8 0... = 8... 808.... .888 ..0... .88 ...... .83 8.8. a 53. 8.8 8.8 .....8 .8 .88. 03.0.... .85... .... ... 8 0... 3 ...... .88... 0... .98.. :4... .88 2.. San—.... ...... 3 .8» ...—0. ... 398. 8:88.... 0... ...... 8:8 03.8.8. ... ...... 0.8.8. 3 .38... 80888.8 3... 0... .0... 80:8 ... 8.8. 038.8088 0 .. 0.0... a... .8 £538.. 3.8.3.... 2.0.8.086 0... .3 £98. 8:885 3.82.80 0... 80...: ... ...0_. ...... 88.8 .8 .88.— 0... 8.. ... .808... 0... A5: 'L 9’: ' 5'1. , W ' m.mf>:umn> cm.W‘ ‘ ‘ afia‘cufi—mm'dvm 4.351;..4-ur’: -""W"€Q‘-_‘. “kW. I’M-1' 2 1 maxuevzrw‘r' o’:W' Win-flu I . b‘bwu 5 5.“. I" ‘w.--. ...—é '.fl .*- a.-. '8... 8:... .....8 0... .3 858...... .85.... .m..=.88.... ...: 8.... 5 3x5: 8.8... -... .....0...E0>.5 0... ... 8:... 0... .... ...... 88.8 88. 83>. 838.. 88... 0... ...... 8.0358 0.. :8... .8808 ...... 8:. =4 .3....888 .88.. ._ .... @3808... 1.832... 8... .0880 he... ...80 0... .0.8...0.. ...... .8883. 3.3 .83....— 0... 8 ...... 0... 8 88... 0... 0850.2. 3 03...... .. 88 0... 3 8.3.88... 30...... E088 ... 0.1.... :02... .8. -00. 0... 0.888.. ... S .8305 .8888... 0... a .880 5 8F. 0.. .3.... 823 .0888. F83. .. 0.... ... 58...... .8... .8086 0.: 8.8 :8. .m .8 880...... .23 8:980 .8 .838 88.8 8 80...... 0... ...... .8... .....8 0... = .3: 8.8.88... :30 .... .013 .28.... 2.5.. .0. ...... ... .3... .55.... 2.. 3.. .828... .888. .3.. ... 88......— 8m .02. .2. ... .88....— 8380.. .88.. 88.8 .8 .83....— 05 823 88.. 0... 5 .858... r=08.8..0v..8 .85.. .898.— o... ... .88.. 0... ... .....8 .. :8. 85.88 8 8.08%.... .3 ”:58 .8 9.830.. .3 3.8.2.... .88....08O .. 8.... 8:8. .3. 8...... 0.8... .... =8. 00_>..0m .02. .3. .... 2.338.... a... ......» 88:98.. 3.8.3... .80.. 8.. ...... 0.8... ...... .8 .88.. .... 5 58...... 28.8886 121 2: h .233 8:28 ... 8.8.8.. 8.2.2.... 2: 842.. ......8 2: .. .2883 2: ... .888. 2: 2232.2 2:... .22.»... .....a .888... 28 .888 2... =2: 5...... 22....» .3. 8:82.... ... 822.8. 8:2. 2: .... 22.88 2: ... 522. a 2....» .28 .....8 8 2.2.2.2... 28828.86 2: ... 2282.2... 225 .2: ......2 ... .... 82.... 2.. ... .. ...... 3...... 82.»... 8...... .88 .8 W . "2.2.8.. 2238:... 2: ..2 .22.. .8. :88.8..2. .8 8.822 2.: 2... .8282... 98..» 88.33 .882. 22.2.2: 2: ... .88.... 8.2.8.... 2.8 ......2. 2: ...... ...2. 9:8 :12. 28.5 222888... 28:88:... : 88:2. «232.2 2: ......» 82828 28.83 .882. 2: ... .32. a 282...... .52... 8... ...28:2. 888. .8 8.28: -2. 2: ... ....8 =2... 2 .2853 .882. 2: 288. b.8228 2882880 2: .82... 82.2. .32.... 2...: .82.. oz ...... .388 2...... ... 828 2: ... 2...... 22.8282. .8 2.28 88.8% ... 2.2. 2: ... 8828...... 12.2.0 ... 8.3. .828... 2: 3 2... -.....2. 2.8.8.... .882. a 8.8.... 2 .. .8:......8..... 8.82.2.8”. 2.82... .38 5.822... 28828.86 4 .2 do... dam: 2.2.8.3.... .8248: 22.89... 2....8. .. ... 82.2. 2: .82.... 3 28:2. 888. .8 28:2. .- 2228 :2: 8:: 2.: ... 22.282 .3.... 22:2 ...8 8...... 5.822... 2.2.2.825 a .3 2.2.. 2288.2... ...: 2.22.288 ...... 382.8. 89.2.2.8 o. 8.28.... 82.82.. a .8 82%... .9... 8.38.. .8 82.2.8 :2... 2.: 2.: ... 22.282 ...... . .- ‘....-..._._. n - ‘ 7,1H‘ . Verv—r — 'ql'IaV'V‘V‘.I17—. 1"- ‘\'1: m . ... -—-1Auu— M w“ .5. o"-’—0 v-r-H .M'. r- \u-qcnmm‘ Iv: . 8:: ...... 3 2.2.8.... ......2.8..2... 8:22.222. ... 988.8... 28...... ... 28:2. 88.2 .8 2.22... a 2 82.28.... 3888.. .222... 22. 2: 28:82. 2.: ...: ... 8.882.... 82.2.2... 2.... 3.. . 28.22... .82. 2... 22:882.... ...m... a .2: 2.22... 88.2 .8 28:2. 2: 3 222858.. :2... .8. 2.88.: 22.82.. 2.882.. 2. .28... 2. 28:82:88 ...... .2: 9.8.8.. .288 ......8 2.... .288 .82. 2... 22222888.. ..28 2. .2: ......8 28:288.... 2: 2 3:88 :2... 2.2.2.2... 28828.80 2: ... .22.... b.8882... .. $2.828... .. ..2... 8.22... 8.. ...... 28:88.2... 1:222:28 2.. 22.22.... 5.8.: ...... 2.28.88: 2: a ......88 2: ... ......2. 2: 8°... 9...... .52.»... ...... .888... 28 8:4 2.2228228 ... 8... 28.82.. 228.888.... ...»... 2. .2: 288 .82. 2... 222228.22. a 22.3 28:2. 888.. .8 28:2. 8 ......2. 2:289... :2: 222.8 ....2... 1:222:28 2: 222.82... 5.88.... 2.2.8.886 2.9 .8... 28.82.. 238.2828... 2 22.8.89... .32 2. 8.: 2228::2. a 8.... 2...... 2...... .....23 a... .8 28:88.2... 1.82282. 2: 22... .83... .8 .8 28 9.....8 8... .88»: 88:8. 22:828.... :32 ...... ... 8...... .2... a 8.... :82... .9... ... ...2. 3 B... .... .828... .8 22: ... .28.. .8... 2......» ...: 128:2. 88.2 .8 2.2.2. 2: .... 28...... 2. .38 8:8. 2.: 8...... 222.8 122 -3333 2: .3: 23:3 .3» 2332 2: 93;» 353 .3.. 3033330 2: 3 “3.85:2 MES am 3333:: 23:3 :35...— ofi 03 .3» 35 9:3: .53 :3». 3 23 2:3 3 .3333: :33» 93 .335 :33:— mfiaaaaaoooa 35 :3 :5 A. : 333 .3» .9323: £35 on 3: 333333 :23 3.: 23% .3» F .. 839.3 9353.8 2: .2 E: ... .2 333..“ 2. ... a 2.: 55 3528 -3 5 3:35:33 .3 mucous £5 .3 29.8 933 8a 2258 12.333 95 5 33.3 .3333 81:2 2: .3 32 33 .33.. :3» mécooaoo 3:33.85. : V ".9395 3333330 in. 2: 3 0.33: 2: 3358.: 3.1.332 .33 3.3» =3. :02? 03.3: 9:333. 2: .23 .3533 .3333 833a 2: 8 £33 33 32:3.— ofl .333 3 3.3 2: 882. 3 3 3323 3523 .3: a3 8 3:3: 3 .3333“. 2: .3.? 3.9.2 .33 as. 3232 2: 3 .38 a A53: 23 “has: .5 3033.339 3.: 335%2 a 3 .5322 a 333. 333333 05 35 23:3 3 .332 a_ 22... 8v: 3:35.333 .3 523m: 05 3 33: 2... .3 “3.322: .33 gaze—awe.— .3 comm—35:... £ .3232 2... A8: 3:93.. am 33.3333 :25 .323 ..3 2393.. 2: .3. 353333 3.3338 533 3 .9353 32.33 :m4rmf? WW; ’- ‘2 m ssh-WM a?r1-n-‘hfimmm*m , ail-Wave wwuvsarw ' I I ..., ——R ...-D- -IP~>~~.~~‘—' “O. . 0.," 'm'kt-WU~N.QG—Ovhhv -25 3.: 3 93.53: 3 3 23...? 53333.. .33.: ..3 3325:... 3 23333 33.53333 2. a: In: .23 32:3.— aBEB 13:3 a 3 fizz—«Sm Aouxéwom 3398 .325 333333 1:56 -339 3232 has .3353 333.230 < 63 dam: amazon: 2.92.33 3:9... ...:2 ... .3. 3:5 2: 3 fl 0:: .323 Sit 2:3 has 3% . as . .5838 33.33333 .3 38.33% 333.2 233 8:2. .33 3.: 9:33 2: .3 3:33:33. a 3 2333.— :33: .533. 37.535: .3333: 2: 23?.— uoasg 33 .333: -232 .333 .3 3:253.me .3 .33»: a2. .3 3:333 933 33.33 :23. e332... 2: 3 c253 333.:— 23 5.3: 2: .3 22. 23 5.3: :3» 9.33233 33333. .. 3.353 .338 2: 3 .38 a .33 $31 2322— .333. .3 333m 2: 3 3.33 3 =2.- ooao: 933:3 2: .3323 .333. .3 3339 2: 3 33353: 3 5:3. 3 @333 2: 3 33333 3.5 43:83:. «2.. .33 853393 5 b3 .3 53333.? .39. 9:39 2: .3 3.3.3 3 as: 53. .535: 8 a: 3 pad—ow 1333.4 .3383 .32. .3 .3: .3533 330238 :23 .3. .5233 5.38 .- 35 .3 35.3 -3 .33 3.. 333.33 3.5330 35 ufifififi 82‘ .3233 8an 2: 3:532: .333 .3 ..5 afiov a 33.50 a an: a. .58 2: «532» .393 3...:— 3 S. .323 =2: 2 . 123 83.3.. 3.3 .83.... 33.3. .3 .83.... 3... ..33 5.3.3.3 3333.335 3... 333.3 3. ..33 .....30 333m 33.3..— .n ...... .3 .6... 3338.. 3. .333... 333.383... b38333... 33 ... 33...... 33. 83353333.... 33 .... .3333. 3333...... 33333333333 33 3. .3333 5.33.33. 33.33.3836 3 b. 3.3.33 3. 333333.... 3.3333338 33...... 5.....3 .33... 333 3.... ... 333332 .3.: 83.3.. 3.3 .83.... 33.3. ..3 .83.... 3... ...... 5.3.333 33.333330 3... 333.3 3.. 333333.. .3.... 3338338 3. 3.333 3.33 .3 33.... 333333333 ..3 3.3.3.3.... 3.53.30 ..3 .....O .3 8.3.. 3.3.3.. 3... ......33 5.3.3.... 333.3336 3 .... ...»..33 ... 333333.... 3.8.3.8. 8.3 ...... ...... ...... ...... ... .33.... ...... 33333.. 33.3. .3 .83.... 33.33.93... 3 .3 3....3 33. 3.8 .33.... 3.3 .33.. 33...... 33.3.. 33 3335.33... .3 .3.... .3338... .33 a. 33...? 333333.... 3.3333338 .33 .3 3...... .22... 2.. 3.3.2.. ...... .... ... 33...... ... .3.. .25.. 32293333.... .3.? 33......33 333.. 3...... Sn 333 .38 .3 333.33... 83333.... .3332. 3... .3 .....33 3.3.... 3...... 33 ... 5.3.333 3383.836 3... 3.3.33 3. 3338 -33.... 33 ..33 33.33.33 3.33.. 3 .3.... .33 33.. 333...... 3... 33...... 33.3 ..333 33...? ..33 33.3.3.3 3... .... 8333 3... .3 333.33. .3 3.3.. 3... 33... 3.53.. 38.33. .3 8. 4...... .3 3.3.. o... 33... 33.3.33 3...... 3...... 33. a... "'"' “H 0“" ""~*‘i-'-""-~’-'~'13-a-‘ Ear.- rrfi-O—mmwm .t-srfiMmhfimpfibw-wiflsw .. u-Mxmmwm‘ ”#13 W . . mm: by; ‘I. - 311‘." “m. ‘3-‘rJ‘M - . HF). 25“. “'13 .. .0 ...... “2.3.3.3.. 3... .3.... .3.-.333 3.. ...... .3» .33.... 333.3 3. ...... 2.3.33. 33.38.33... 3... 3.33.3.3... .3. 33333.33... .33... .3336 3.33 3. 33:833.... 3.. 3.3 333333.... 3...... 63.3.3.5 ....3... 3.. 33... 3.3.3... 3883.3. 333.333.... 3... .8333 ...... .3 333.3... .3 3.3.. 3... .33.. ...-3.. .33. -...3. ..3 8.23.. .3 3.3.. 3... 33.. 9...... .3. ..3 3333.333 3... 33.... 33.33333... 9.3.... 3... 33:3. .3.. 3.. .3.. = 33.3.. .33.. .333... ...... .3» 383...... 3. 333 333.3... 3. ......» a3... .3... 3333... -... cabs... 3 3...... 3. .333 .33 3.. 33> .3.: .33.... 3.3.... 3. 333.33.. .33.. .33.. -3... ..33 .....33 3. 3.333 3. 33.3.3... .5 .... .. 3.. .33....833 ..33 3333... .33» .3 .....33 3 33.333... ..3 333.33. .... 333333.... 3... 3338.... -3.. 5.3.3.... 3.33.3336 3... 333m .... : ”3.330 3.....5 33.3.m 33...... 33.2.3.3. 3... .3 333 ...... .3 ......3. 3... 3. 3.3... 3338...... .3 33. -..33. .3 3.33.3.3... ..33 33333. 3... 3.... .m. : .3333... 23.3. 3... .3 3333.3. 3... 3. 3333333 .3. 3.33.. .333. ......3 .533 ..3 833.. ...... 3. 33.3... 33...... .333. .8333 33. 3.3.33.3... 3... 3. 3.3.3.... .3.. .. .33 1214- 353.. 3.. a ...—9.9:...— 3 .3.—.38.. 5.35... 32.3.8.5 a .4... 8.3.— »... 3 03—83 :3. .323... 83.3. .3... 3 39m. 3 .8333. .3353 3 .333... 81.3. oz 8.: $3.35... .8... -9330 o... 3 v8.— 05 3 8.398.. 3... a 3 333 be. .32.... . .. .2... ...... 8.8. ... .53.! 383.8 2.. 33.9... 83.3. a... 3 .33... :3. 5.35.... 3.3.339 2.. .... 5.3.3.. ... .358... .83.... 2.. a. a... .330 835 8.3: ... 2.... 3 «on .358. 3 8... .....m mm “5.15 33 3.3.5. mea— 6 8...... 83...... 3.3.3353 3.828...— 83 .3 3. .838..— .33... 8 .3333...— .3....... 3 833m 3.8m .SSm 8.3: o... 33...... 8 .3....38m 33... 8... ...... 8......2e 3.... 2.. ......o .23. .23. ... .... 3 «no» .328. .33.. 338.3. 8:83.... 3. ”53.3 ...8 3 0.2.3.. ...: .3. 833m 3.3.5 o... a... 3 “33.58 .3... 958.38 3 83......— 3. 8.358 889:3... .833; .593. 3 8:33:38358 .533. 3.... ...8 8 83.35... 5.35... 303503.... a .5: '32. 3.8.3.. 8 33.3.. 3.3833. 3.8338 3 93.38:. ...... .3333...— cfl 8 :3. :3. 8a a... :3 3.3.8. 388. 92. .3. 3 9.332 33 ...m dam: .8382... 3.3.3... ’33? 9‘81 . "Sigh-IR‘TS: 1‘ ‘15-; 'Qttfi “wmamafmwflmm ”Wm-(m; w». II a _ . - ‘ I _ ‘ : *aWF ;; '7) «134%: r 334M".;3L~.'~. 132.4. ; vmr‘mva. 6' '.‘ 493...... 3.33.3» . .. 8.8.3 5.... .3 33.3338 £333.88. $588....— 3s_3.=.... .3 3 3.3.3.— 955 ”£3325. 1.3.30 ...: ....— Ewao. ._ .3: $5.... 3.5.38 5.3 ...... .8 ...... ...... ...... e: .53.. .3....» a 933.. 5.538 ......q 5.? 3585.8 5 8:... 3...... .38 3 2.8.5... a... 3 ...—.5. :3. «an .338. E88. 2... ...: 3 9.332 3... 4.3:... 33.8 .3 3...... a 3.. ... .323 ......8 1m..— . .a 3 .3.. $8.33 .3... 3 22.8.3.— ..m 83.3.... 83.3. o... .. 8.8.5. 338...... 3 533......83 £333.83. $5388.... 33.... a 8.5.8. 3 .m 3.8.... 3... 8:3 baa 3.3.8.8 3 .88»... .333... 3 8.3.8.... 3 as... e... 62.33.. ...—353.3 3.33 no... .313. .3. .3.—...... o... .3. 3.3 8... B ...... .3583... ...... 3 .5322. 853.3 32.833. 33.33.39 8... .88..“ .338. .3 8.3.... 289:8 a... 333.... 83.3. o... 3 .33... :3... .335... 233.836 .... .3383... .3. o. 38...... ...—m8. .m 32.333 338.38 = a... 4.3:... 33.3.. 3 23.....— . 3.. ... .323 .32.... 3a... .. .. .3 3.3333. .3... 3 368...... ... 32.3.... 838. o... .. 332:. 3:83.... .3 £385.58 53.35.85 .u... 4.88... .33.— . .23 8.3.5.8 5 33...... 2.2.3330 .. .3 .293. .m 3.3333. 3.8338 8.3. m3... :2. 83 .5 ...... 22.8.. as... ...... .... ... .55.... 3...... 12S .55 :5 .: 3.... ...... .85: :5 8...: :8.>.:: 8....5... .3... .. 8:3 .3.. ..8 38.8.. ...5 8.38:8 8.. .::..:.:. 3.8.58: 5:: 8.8:. .2... .. 8...: ...: 18:88:58... :5 8.3: :: :.. ....8 -893. .:::8 .. :8.:: 33.853: 8:: 3...... ..:..: 85.8... 8.8:: 2.... 6.... ...... :. 85.8... .8583... .88.. 85: ...8 ...... .888 .3 ...m.. :5 3 .3: 5:58.358 5. .85.... :8... 2. .3.: .:5 .85.... 833. 3 .85.... .:5 8.58:8 85:33.5 158.58: .: 838.8... :5 .... 8.8:. as: .03....8m :5 8 8:8... .3: 3.3. 8:: :. 48...... 853. 3 .85.... : ......o: 5...: 8.8:... 8.8:: < ...... dam: 8:838... ...: 2994.25.52: .2... :5 :. .828... ...: 3.35:: 8:88.56 :5 :. 8.8.5:. -... 3.8.58: :5 .25.... :. .328... 2. .3: 8.88:. 8.. .883. 558.5:8 :5 258:8 ... 88:... .3.... .... 8.... 6... 8.385: 23...: 5...: .:...>:... 8.8:: :5 4:33....“ ::..8: 8...... 5.85:: 82.38.30 : .3 :..::. 85:85:. 158.58: 3. .88... : .: ......8. 8.5 .mg dam: :::.>::.. 8.2.8 .... 8.3.... .8: 83 858: ...... 8....» :. 23.88: :5 .3 8.8.8:. .88: 8 2.98: =:..: ... 8:53.... :. .8588 .9858 883886 2.... .3: . _— .. ‘vau-Vafi-V. 77-. .w -u-:‘ ..--v..— —-r .-.., ”...-«us. .45. “:4...“de r1 WW, -AL.‘-- .97 an: ...- no a... a. f. *7 “MW. aw. ‘ :52: as .38: 8.8:: 3 :8.:.>:... 8.8: :5 5.3 :83: 8:885 :3... 5.35:: 8:38:85 2.8 .888 88:83: :5 8. 5:8.» :5 53. 95.8 5.35:: .::...:.:>:@ :5 .o .3.... :5 .3 8.8.8.. .8. : .: ..:.:...: 88.88:: : .: .8... .33: :33: .88.: : ...:8 :.:....:.....: :5 5.3 o... .1... 5.85:: 8:88.30 :5 .::..8:..:: ...... 8.3: 85883. 3.52:8 3 :83 2.53.... ... .3 2.. 5...... a... 5.35:: 88:88.. :5 .o .82. :5 .3 8.838.. 8. : .: 3:5: 88.88:: : .... .88.: 3...... 8.8:: :. ..:..:..:. 38.5.8 :5 8.8:... ::.>.:: :5 :. .......:: 5...: .888 -80 :5 .... 488...... ... .8588 88...... :5 3 .8: .8888... ...:>: :. 2...... .9... .: .88.... .388... :::..:: .6: 2.8.2. .3: 8 ...:..:. 332...... .3: '3 3:5... .8: .83. 38.: ...83 :...:8. 8:: ... :88: 8.53.... :. .3.... ...... 85:88.. 5.35:: 883.230 :5 .. 838... 8. .to: : 3.... 8.83.3.3. .58....8: 8.53.: :3.. 3.35:: .8582: ¢ .322. :2: ...... ...: ... :83. 3...... 6385...: 83 8588:: :.5 8...? :. :::.::8: :5 .: 8.8.3:. .88 :: :.....:8 =5... ... 5.888.. :. 858:: .....358 3:55:80 < ...... .85.... 33.... .: .85.... : .: 8.83.5... .5838: :5 3 :88: 85...... .: 126 8.888.... 983 85 .38: o5 .8: 88:. 898.88 .85.... 8 85.8: .85 8.. .88....» 8.8.8 .5 .8: .88.. 88.838 .08.. 8.8: 8 .888: o5 233.28 8.82. 8 899.88.... .88 8...... 8.8.» .888: 85 .8: .88.. 8.8.8.. 8.8: 8 .88: 8... 88.8: 8 .88.. .8 3588.8. 3.85:: 828.880 25 8 .958... 85 8.8.8:. :8... 5.88.. ......m .8» 88.8 M888... 85 8.8.. EN 858.. 8 8.88.. £88 8838.... .852. 8 .888: .5 ...... 8.8: 8 93.8.. .8. 8.5888 8 .888: .5 a... 8.8888 5.88.. a «8.580 8 883.888 381.88.... .5 8 .88 =8... 3.80 885m 8.8: 8.... 8 850 2.8884. 2.. ... .388 2.. .3... .3.. ... ...... ... 3 .8... .08.. 8.28.850: 85.8.9.8: 8.8885 58.8.5 8 8.3m 188m 25 8 8... 08.. .3 88.85.... 88.. 38.. a .8. 8 888.88.... .8 «888...... 8 8:8. 8.. 8....» .5 8...? .8. 2...... a 8 8.888.... ..5 :. 88 :8... 8.. 889. 8.... 28...: cram 8....» 85 8 88.8.. 882 .5 8 85 .85.. .3858 88:88.85 88 .3 8.8888 2. 8: .8... 8.8.8.. 8.: 8 3:38.. o5 8 8.888.. a .8 .8888. 2. 8: =8... .3.. ...... .8. 888...... :. 8588 8898.. o5 8 88 .8. 8.8 8: a 828.... Garcon ca 3 @030.— ho.~.0hgno¢ 3 in Am... ......_ QAA-A r-.—-.-— ”4.. n 4' ' P“ [-2- ...—v. *W 1 m «.erwuvr ' :V‘fi‘fl". 'aM- O ".- 3"” >&§‘4"-’Lrv" , .8 .8 ... 3.3...» a. .8. 4.5... .8... .8... 8.5.82. 8 88:38.8 .5 8 8.. 6.5 ...5 .3 8832.. 85:88.... 8 5.158388 ..5 88:88 3 5.... .85 8. 883.. 9.: 8.8.38... .85 8...... .8 81.88 .85 :. 8822. .... 85 8.88. :8... 98.88.... 8.88 3.: .8888... 83...? 8.... .... 88. .883 :8... .8888... .8. 8.83858 .0333. .85: .58. 58. 85.89 88:88... a .8 .888... 2. .88 :38888. .83 .28 058.... 8...: .8. ...... .82.? 8 9.5.8... 8.8. 8.. 18.85.... 25 8 .88 < ..Ba. 95 8...... 838.88. 9... :85 .888 .8: .3... .3 838.... 8 853.858 .85.? 08.28 3 88.2... 3 8: .88 8.888 8.8 .3... 188% .3 8.8.. .9. n. :88: 88:8 858.88.. 8 3.58288 25 8 8838.... 0...... 3888.3. 8.38:... .5 ...-2. ...-... 8.888. .... 158.580 8 8.88.2... :58: :4 3 d.“ dam: .3.—San.— 82.2.33: $5.85.... 8888.. 25 8 88.8.8; 8.... 55.3 8.8. «8888...... 3:. 8:85.»... a 3 8.28.9. a. .85885 25 85 28:2. 3 888.. a. 985 85 85...? :. 8:588 .985 .8 ~83285 25 28.8 585.8 .858... 3 8:38.... 2. 8: :2... .9858 828886 a .3 8.5 ...5 3 .898: 88.... :8...... 88...... 88.8.8 ...... 58.. 88.88,... 8 :8: 127 o ....84 «85335 3:8» .25 2.. ... 38m 8:8. 3 .3. 839m .23: 23am 3. ... 38m. :38. ...3 ..ésafifim e5 .8585 ‘ Wamwm-amémmfi #3931 ‘. ... ml. 1W3 mum ‘WM- .555»on 81383 E: 8.54 .282 gingham—.5 2.. .3 .853; B. 8:5 222 we: 2.. ... 32.12.. 2: Enema... .3 ”£132 £55808 .9508? an? N5 5 a 33.38 3 =3. 02. .2. a £55 .3.. .3? 2235.3 0523.. .92.. £5 3 8.3 03250 95 8 3m:— eofisae .2... 83 33353 35 .8533 .o 89:53.. uuoaga 83.3. .3 3:335: .33 .3333 E. 3 3.3a :5? 23 ...—25330 ..31 23. 5330 ‘5‘ 3.635 28 80:9 33 :5... 0:: «Ba. .23 6am: 933 mason—mun: 62. .3. Ho Benign 2: 3.: Sou—aha 33 a as... gown—sue.— .3 3:. a5. .25.. a 2.338 .5 .3333 5!: 33m 1° 83?... 35a 3 3% oz .8“ dam: za.§:anmm: $3.35.... 3085390 2: .3 .33: .5 «5:29. 388“. 323.33 332 .35: b: can 938:8 588m 2: 3 e3»: 33 35 ..o 5:98 :23 3 .5395.— 238 3:82 ..3 383.8 .3 25:5: 2: 3.393 =5... 98%.. ..25 53» .3323 3.882: 05 mam—3. £38 .3358» ufiatoaoc 9.2.2 a 395.80 3 83.3.88 8: -Eeéu 2: 2 2.2 =2. .2“ 3 .8... .ch .8“ .8238 ...338 3 «aaaam .8335 8162 a 5.5 33.2— 3.53 .3 253% a5 .3 552585 3339.8 3 383 33.58 .2: 335:.- EoEEoSC :30 56» :98 .0 :23 5 3? Appendix 4: American Medical Association: Confidentiality and Computers Source: 1984 by the American Medical Association, 535 North Dearborn Street, Chicago, Illinois, 60601. ggggggg Qpigiggg of the Judicial Council of the American Medical 5.07 APPENDIX ‘5 American Medical Association: Confidentiality and Computers CONFIDENTIALITY: COMPUTERS. The utmost effort and care must be taken to protect the confidentiality of all medical records. This ethical principle applies to computerized medical records as it applies to any other medical records. The confidentiality of physician-patient communications is desirable to assure free and open disclosure by the patient to the physician of all information needed to establish a proper diag- nosis and attain the most desirable clinical outcome possible. Protecting the confidentiality of the personal and medical infor- mation in such medical records is also necessary to prevent humiliation, embarassment, or discomfort of patients. At the same time, patients may have legitimate desires to have medical information concerning their care and treatment forwarded to others. - Both the protection of confidentiality and the appropriate re- lease of information in records is the rightful expectation of the patient. A physician should respect the patient's expectations of ' confidentiality concerning medical records that involve the pa- tient’s care and treatment. but the physician should also respect the patient's authorization to provide information from the medi- cal record to those “whom the patient authorizes to inspect all or partof it for-legitimate purposes. Computer technology permits the accumulation. storage, and analysis of an unlimited quantum of medical information. The possibility of access to information is greater with a computerized data system than with information stored in the traditional writ- ten form in a physician’s office. Accordingly. the guidelines below are offered to assist physicians and computer service or- ganizations in maintaining the confidentiality of information in medical records when that information is stored in computerized data bases. It should be recognized that specific procedures adapted from application of these concepts may vary depending upon the nature of the organization processing the data as well as the appropriate and authorized use of the stored data. Guidelines on a computerized data base: (1) Confidential medical information entered into the comput- erized data base should be verified as to authenticity of source. (2) The patient and physician should be advised about the exist- 128 129 ence of computerized data bases in which medical informa- tion concerning the patient is stored. Such information should be communicated to the physician and patient prior to the physician's release of the medical information. All indi- viduals and organizations with some form of access to the computerized data bank. and the level of access permitted, should be specifically identified in advance. (3) The physician and patient should be notified of the distribu- tion of all reports reflecting identifiable patient data prior to distribution of the reports by the computer facility. There should be approval by the physician and patient prior to the release of patient-identifiable clinical and administrative data to individuals or organizations external to the medical care environment, and such information should notbe released without the express permission of the physician and the pa- tient. (4) The dissemination of confidential medical data should be lim- ited to only those individuals or agencies with a bona fide use for the data. Release of confidential medicai infomation—fwm the data base should be confined to the specific purpose‘for which the information is requested and limited to the specific time frame requested. Allsuch organizationsor individuals should be advised that authorized release of data to them does not authorize their further release of the data to additional individuals or organizations. (5) Procedures for adding to or changing data on the comput- erized data base should indicate individuals authorized to make changes. time periods in which changes take place. and those individuals who will be informed about changes in the data from the medical records. (6) Procedures for purging the computerized data base of archaic or inaccurate data should be established and the patient and physician should be notified before and after the data has been purged. There should be no commingling of a physician’s computerized patient records with those of other computer service bureau clients. In addition, procedures should be de- veloped to protect against inadvertent mixing of individual reports or segments thereof. (7) The computerized medical data base should be on-line to the computer terminal only when authorized computer programs requiring the medical data are being used. Individuals and organizations external to the clinical facility should not be provided on-line access to a computerized data base contain- 130 ing identifiable data from medical records concerning pa- tients. (8) Security: A. Stringent security procedures for entry into the immediate environment in which the computerized medical data base is stored and/or processed or for otherwise having access to confidential medical information should be de- veloped and strictly enforced so as to prevent access to the computer facility by unauthorized personnel. Personnel audit procedures should be developed to establish a record inthe event of unauthorized disclosure ofmedical data. A roster of past and present service bureau personnel with specified levels of access to the medical data base should be maintained. Specific administrative sanctions should exist to prevent employee breaches of confidentiality and security procedures. B. All terminated or former employees in the data processing environment-should have noaccess to data from the medi- cal records concerning patients. C.’ Involuntarily terminated employees working in the data processing environment in which data from medical re- cords concerning patients are processed should im- mediately upon tennination be removed from the comput- erized medical data environment. D. Upon termination of computer service bureau services for a physician, those computer files maintained for the physician should be physically turned over to the physi- cian or destroyed (erased). In the event of file erasure, the computer service bureau should verify in writing to the physician that the erasure has taken place. (IV) Appendix 5: Questionnaire APPENDIX 5 QUESTIONNAIRE 1. What information is abstracted from the medical record and on -computer? a. How is this data used? b. By whom? c. How is this data obtained? Printout or photocopy? 2. Do procedures exist concerning who is authorized to add/delete and/or change intormation on file? a. How has this changed with the computer? 131 132 Who renders_this policy? Has this policy changed with automation? if yes, how? How long have your medical abstracts been on computer? II. Where is the computer facility housed? Is it a limited access area? What hardware is used? What software is used? where was it bought? Assassi§esucisz b. 133 what does it do (any restrictions?) Is your system a private in-house system or is there outside access? Are dumb terminals used or p.c.’s? how many terminals are there? How were the employees trained? Who has access to the system? What are the backup measures? What is the method of storage? 131+ 10. Who renders the policy in this area? a. has it changed with automation? b. if yes, how? 4 c. if no, does the old policy suffice; if not, why not? 135 III. Belgégg 9f Information 1. How are requests for information handled? a. internal requests? b. external requests? 136 IV- Eaistiug sttsm management 1. In order of your highest priority, what are your concerns as a manager with the existing automated record? Emglsxsss ’1. What are. the concerns your employees have with the existing system? - Fullx Automated §xs§sm ‘ fléfléQQflQDE 1. In order of your highest priority, what are your concerns with a fully automated system? 137 Emelsxss 1. What are the concerns your employees state they may have with a fully automated record? Qonfidgntiglity 1. Prompt confidentiality issue if not mentioned by respondent and record response. ' 2. Would you agree to an increase in (name #1 concern) if it decreased the confidentiality problem? yes no don’t know a. Where is confidentiality on your priority list? high medium low Appendix 6: Hospital Profiles APPENDIX 6 HOSPITAL PROFILES HOSPITAL 01 502 Beds, Private Facility I-uatecs 9i Eaistids 525359 1. What information is abstracted from the medical record and on computer? Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involved, discharge and admission dates. a. How is this data used? Reviewing purposes Administrative uses (quality assurance) Research and statistical purposes b. By whom? Administrators CPHA (research) c. How is this data obtained7‘Printout or photocopy? Standard response: Data obtained directly from the medical chart; the chart is coded. Utilize photocopy. . L ‘— 2. Do procedures exist concerning who is authorized to add/delete and/or change information on file? Standard response; The chart is first coded then input onto computer. Those individuals (transcriptionists) who worked with the manual record are now authorized to add/change, delete information per medical record department personnel. 138 APPENDIX 6 HOSPITAL PROFILES HOSPITAL #1 502 Beds, Private Facility I-usssts 9i Esistins fixated 1. What information is abstracted from the medical record and on computer? Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involved, discharge and admission dates. a. How is this data used? Reviewing purposes Administrative uses {quality assurance) Research and statistical purposes b. By whom? Administrators CPHA (research) c. How is this data obtained?‘Printout or photocopy? Standard response: Data obtained directly from the medical chart; the chart is coded. Utilize photocopy. . k v— 2. Do procedures exist concerning who is authorized to add/delete and/or change information on file? Standard response; The chart is first coded then input onto computer. Those individuals (transcriptionists) who worked with the manual record are now authorized to add/change, delete information per medical record _—__“ department personnel. 138 . 139 a. How has this changed with the computer? Standard response: No change; same as with the manual record. 3. Who renders this policy? Standard response: Medical record department personnel. a. Has this policy changed with automation? No change. be if Y... he“? 4. How long have your medical abstracts been on computer? ' Since May 1981. Ill essssaLSscusitX 1. Where is the computer facility housed? In the medical record department. ." Is it a limited access area? Yes. 2. What hardware is used? Burroughs. 3. What software is used? MedRec. Designed specifically for abstracting and sent to CPHA. 140 a. where was it bought? Via the hardware. b. what does it do (any restrictions?) Set up for medical abstracting of information from the patient chart. 4. Is your system a private in-house system or is there outside access? Standard response: Private in—house. 5. Are dumb terminals used or p.c.’s? Dumb. a. how many terminals are there? Three. 6. How were the employees trained? By the medical record personnel staff. ,7. Who has access to the system? Standard response: Transcriptionists and CEO’s in the department.- .B. What are the backup measures?- .” Nightly back-up onto tape. .. ‘. . .A eqm~cc~—- -..-..-.— -.. v “a”..- 141 9. What is the method of storage? Stored on tape. 10. Who renders the policy in this area? The medical record department personnel. a. has it changed with automation? Yes. b. if yes,'how? Passwords that are changed every 6 months and identification numbers for each employee. c. if no, does the old policy suffice: if not, why not? 1h2 111- Bel ass at leissmatiee 1. How are requests for information handled? Standard response: Copy the hard copy'ef the medical record according to ”need" and who wants the information. Physicians have full access to the chart. a. internal requests? Standard response: These requests go through the director/assistant director of the department and again according to need. b. external requests? Standard response: This is state-mandated as to what outside parties have access to this information. 11m --..———.-aw~-y ——-—. -..— IV- sistius sttse assessment 1. In order of your highest priority, what are your concerns as a manager with the existing automated record? 1. Interfacing with other systems 2. Duplication of entry 3. Time saver Emulsxsss 1. What.are the concerns your employees have with the existing system? 1. Duplication of screens and therefore having to go back-and- forth 2. Screen glare Fulix Autoéasgg Slates assessment 1. In order of your highest priority, what are your concerns with a fully automated system? 1. Adequate training of staff on system 2. Adequate time frame to implement system 3. Adequate amount of money for system implementation 1 ' S.——-. ...-5....- . -_.- .-~..—- o-oouo-Qvooe o_&--~.. Emelsxss 1: What are the concerns your employees state they may have with a fully automated record? 1. Don’t know. Cediidsutialitx 1. Prompt confidentiality issue if not mentioned by respondent and record response. Confidentiality is an “everyday concern to be maintained. It is not . a problem at this point withcmgf system." Confidentiality is an ”absolute priority and breach of such is more important.than any employee frustration problems.“ Concern with lawsuits on this account. 2. Would you agree to an increase in employee frustration if it decresed the confidentiality problem? ‘ yes no don’t know 3. Where is confidentiality on your priority list? high medium. low HOSPITAL #2 380 Beds, Public Facility I-Natscs 9i Eaistieg Sxatss 1. What information is abstracted from the medical record and on computer? Patient age, sex, religious affiliation, patient identification ...-~00 number, diagnosis, procedures, physicians involved, discharge and v admission dates. a. How is this data used? Physician use Administrative uses (quality assurance) Research and statistical purposes b. By whom? .Administrators . Physician use - CPHA‘(research), Other medical staff. ..-.— c. How-is thii data obtained? Printout or photocopy? Standard response: Data obtained directly from the medical chart: the chart is coded. Utilize photocopy. 2. Do procedures exist concerning who is authorized to add/delete and/or.change information on file? Standard response: The chart is first coded then input onto computer. Those individuals (transcriptionists) who worked with the manual record are now authorized to add/change, delete information per medical record department personnel. 1#6 1#7 a. How has this changed with the computer? Standard response: No change; same as with the manual record. 3. Who renders this policy? Standard response: Medical record department personnel. a. Has this policy changed with automation? No change. L b. if yes, how?; 45 How long have your medical abstracts been on computer? Since 1983. Ill esssesLSssscitx 1. Where is the computer facility housed? Outside the hospital; connected by phone lines.' 'a. Is it a limited access area? Yes. 2. What hardware is used? IBM. 3. What software is used? PAS PLUS. Designed specifically for abstracting and sent to CPHA. 1M3 a. where was it bought? From CPHA. b. what does it do (any restrictions?) Set up for medical abstracting of information from the patient chart. 4. Is your system a private in-house system or is there outside access? Standard response: Private in-house. 5. Are dumb terminals used or p.c.‘s? Dumb terminals. a. how many terminals are there? Four. 6. How were the employees trained? By the medical record personnel staff and the software company, CPHA. 7. Who has access to the system? Standard response: Transcriptionists and CEO’s in the department. B. What are the backup measures? ‘ - -... a..- —-—-—-.- Nightly back-up onto tape. vs- vse‘ '1 n w - " -0 9. What is the method of storage? Stored on tape. 10. Who renders the policy in this area? The medical record department personnel in conjunction with CPHA. a. has it changed with automation? Yes. b. if yes, how? Passwords that are changed every 8 months. c. if no, does the aid policy suffice; if not, why not? .. .. Isso— --——-....A.._- 156 9. What is the method of storage? Stored on tape; 10. Who renders the policy in this area? The medical record department personnel a. has it changed with automation? Yes. b. if yes, how? Passwords and identification numbers. c. if no, does the old policy suffice; if not, why not? 157 1. How are requests for information handled? Standard response: Copy the hard copy of the medical record according to "need" and who wants the information. . ‘ i— a. internal requests? o-Standard response: These requests go through the director/assistant - ‘e - director of the department and again according to need. ' v t b. external requests? Standard response: This is state-mandated as to what outside parties have access to this information. 158 IV- Existing fixstse assessment 1. In order of your highest priority, what are your concerns as a manager with the existing automated record? 1. Quality control over the employee on the system Emnlexsss 1. What are the concerns your employees have with the existing system? 1. Competing for mainframe time 2. An increase in backlog of work 3. Losing input once information put onto computer w Eullx eutemsted sttsm management . 1. In order of your highest priority, what are your concerns with a.fully automated system? 1. ”Having a system that will improve working conditions" 2. Need adequate time to implement the system hospital-wide Emnlexss 1. What are the concerns your employees state they_may have with a fully automated record? . 1. Worried about the increase use of computer displacing personnel in their present working conditions. Ceniidsutislitx 1. Prompt confidentiality issue if not mentioned by respondent and record response. Confidentiality is not a present concern with the existing system; but "(1) see the need for.it to be so with a fully automated system.“ _‘ Therefore sees the value in planning ahead with the implementation of a fully-automated medical record. 2. Would you agree to a decrease in quality control over employees if it decreased the confidentiality problem? . VII no semi; tees 3. Where is confidentiality on your priority list? DIED medium low - . .. _.-..-—-—. .— ..~-‘.—-- A. o. - V -- <-.o--. -—--—-~—-‘ HOSPITAL #4 456 Beds, Public Facility I-ustscs ei Esisties fixstss I. What information is abstracted from the medical record and on computer? Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involied, discharge and admission dates, number of days in ICU, medications and whether the _‘ patient had been transferred to the hospital.. ' a. How is this data used? Physician use b? By whom? Administrators w CPHA (research use) c. How is this datp obtained? Printout or photocopy? Standard response: Data obtained directly from the medical chart; the chart is coded. Photocopy indepth information; printouts for summaries. an. 2. Do procedures exist concerning who is authorized to add/delete and/or change information on file? ' ' Standard response: The chart is first coded then input onto computer. Those individuals (transcriptionists) who worked with the manual record are now authorized to add/change, delete information per medical record department personnel. 160 161 a. How has this changed with the computer? Standard response: No change; same as with the manual record. 3. Who renders this policy? Standard response: Medical record department personnel. a. Has this policy changed with automation? No change. b. if yes, how? 4. How long have your-medical abstracts been on computer? Since 1980. ii. assessifissucitx 1. Where is the computer facility housed? In the medical record department. .a. Is it a limited access area? Yes. 2. What hardware is used? Data General. 162 3. What software is used? PAS PLUS. a. where was it bought? CPHA. b. what does it do (any restrictions?) 1. Set up for medical abstracting of information from patient chart. 2. Research/statistical purposes. 4. Is your system a‘private in-house system or is there'outside access? Standard response: Private in-house. 5. Are dumb terminals used or p.c.’s? Dumb terminals a. how many terminals are there? Eight 6. How were the employees trained? By the medical record personnel staff 7. Who has access to the system? Standard response: Transcriptionists and CE57s in the departmEnt. 163 B. What are the backup measures? Nightly back-up onto tape. . --.—.-..-. 9. What is the method of storage? Stored on tape. 10. Who renders the policy in this area? _ The medical record department personnel. a. has it changed with automation? Yes. b. if yes, how? Passwords are used to access the system c. _if no, does the old policy suffice; if not, why not? 164 III- lessss Qfi Iniecmstisn 1. How are requests for information handled? Standard responseiwCopy the hard copy qf-the medical record according r C to “need“ and who wants the.information. No-change with the computer; generally give the paper copy of the_record-to-the.individual fl requesting the infocmation. a. internal requests? Standard response: These requests go through the directorfassistant director of th‘ department and again according to need. O b. external requests? Standard response: This is state-mandated as to what outside parties have access to this information. 165 IV- Eaisiins fixsism Uifléflfimfifli 1. In order of your highest priority, what are your concerns as a manager with the existing automated record? 1. Retrievability 2. Accuracy of the information that is being input to the system Emelexssa 1. What are the concerns your employees have with' the 'existing system? ' 1. Keyboard problems 2. Training, which should be adequate and done upon hiring - Esllx fistssstsd stiss management 1. In order of your highest priority, what are your concerns with a fully automated system? 1. Accuracy: "getting the correct information on'the right patient.“ 2. Need adequate time to implement the system hospital-wide. ...- - .— ~ A — --.—. -- 166 Emnlexse 1. What are the concerns your employees state they may have with a fully automated record? 1. Don’t know. Ceniidentialitx l. Prompt confidentiality issue if not mentioned by respondent and record response. Agrees that confidentiality is an_importanf issue, and states v f “employees have expressed some concern in this area" given a fully automated system. 2. Would you agree to a decrease retrievability of data if it decreased the confidentiality problem? ' yes ‘ no don’t know 3. Where is confidentiality on your priority list? .Diflh._- ““41““ ..-199._. ’ w HOSPITAL #5 SSS Beds, Public Facility I-ustscs 9i Esistins 5223:; 1. What information is abstracted from the medical record and on computer? Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involved, discharge and admission dates. a. How is this data used? Physician use Research (statistical analysis) Administrative uses Billing/DRG’s ' -b. By whom? Acministrators . Other medical staff Physicians c. How is this data obtained?'Printout or photocopy? Standard response: Data obtained directly from the medical chart; the chart is coded. Utilize photocopy. ' 2. Do procedures exist concerning who is authorized to add/delete ' and/or change information on file? Standard response: The chart is first coded then input onto computer. Those individuals (transcriptionists) who worked with the manual record are now authorized to add/change, delete information per medical record department personnel. .167 168 a. How has this changed with the computer? Standard response: No change; same as with the manual record. 3. Who renders this policy? Standard response: Medical record department personnel. a. Has this policy changed with automation? No change. ”Put computer changes on top of old policy for ‘fit’. b. if yes, how? 4. How long have your medical abstracts been on computer? Since.l975. 1. Where is the computer facility housed? Outside the medical record department V" v—— a. Is it a limited access area? YES. 2. What hardware is used? IBM 3. What software is used? PCS-ADS: developed own software package for abstracting 169w a. where was it bought? Program developed in-house. b. what does it do (any restrictions?) Set up for medical abstracting of information from patient chart. 4. I..y0ur system_a.priyate in-house’Dystemwoc—is.there outside access? ‘ . Standardizesponse: Private in-house. 5. Are dufib’terminals'used or p.c.'s? Dumb terminals a. how many terminals are there? Twelve 6. How were the employees trained? By the medical record personnel staff 7. Who has access to the system? Standard response: Transcriptionists and CEO’s in the department. 8. What are the backup measures? Nightly back-up onto tape. 170 9. What is the method of storage? Stored on tape. 10. Who renders the policy in this area? The medical record department personnel. a. has it changed with automation? Yes. b. if yes, how?, Passwords are used to access the system c. if no, does the‘old policy suffice; if not, I why not? 171 IV- Eaistins fixstsm assessment 1. In order of your highest priority, what are your concerns as a manager with the existing automated record? 1. Networking/interfacing with other systems in the hospital 2.'A more comprehensive system so the computer can do more 3. Ease of managing data (easier manipulation of data) Emelexsss- 1. What are the concerns your employees have with the -existing system? 1. No problems - : Esllx estsmatss fixstsm ' flansssmsnt 1. In order of.your highest priority, what are your concerns with a fully automated system? ' 1. Interfacing with more computer systems throughout the hospital \ 172 Emelexes 1. What are the concerns your employees state they may have with a fully automated record? 1. Adequate training on new system Confidentiality 1. Prompt confidentiality issue if not mentioned by respondent and record response. ' Confidentiality is an "assumed" priority in medical records and considered with any new policy development. The present system is “highly sophisticated" and "no problems" to date. Less security exists.uith the manual record; the computer allows for segmentation of asthe information so tonfidentiality is more guarded in a computerized —v .system. The real problem is that technology is changing so fast it’s difficult to make policies/plans for the future. The computer is “just another tool; confidentiality is mentioned as an issue by those who ana not familiar with a good system." States those individuals who work alot with computers are less apt to find them intimidating and q. ”less apt to see a breach of confidentiality as a problem.” _a; 2. Would you agree to decreased networking of systems if it decreased the confidentiality problem? ' yes . no don’t know 3. Where is confidentiality on your priority list? high medium. 10w HOSPITAL #6 243 Beds, Public Facility I-flatsce oi Eaistiaa fixatee 1. What information is abstracted from the medical record and on computer? Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involved, discharge and admission dates. fi ' a. How is this data used? Research (statistical analysis) 1' 6 —"“-— b. By.whom? ' CPHA (reseanch)~ fl . P c. How is this data obtained? Printout or photocopy? Standard responsezfoata obtained directly from the medical chart; the chart is coded. Utilize photocopy. 2. Do procedures exist concerning who is authorized to addldelete and/or change information on file? Standard response: The chart is first coded then input onto computer.' These individuals (transcriptionists) who worked with the manual record are now authorized to add/change, delete information per medical record department personnel. 173 174 a. How has this changed with the computer? Standard response: No change; same as with the manual record. ....-.~- ...... .-. ‘ .-.--. 3. Who renders this policy? Standard response: Medical record department personnel. a. Has this policy changed with automation? No change. b. if yes, how? 4. How long have-youe medical abstracts been on.computer? Since April, 1985. 1. Where is the computer facility housed? Outside the hospital a. Is it a limited access area? Yes. 2. What hardware is used? IBM 3. What software is used? ~ ‘ . PAS PLUS ‘ Nightly back-up onto tape. 175 a. where was it bought? CPHA, the software company b. what does it do (any restrictions?) Set up for medical abstracting of information from patient chart} _4. lsuyour‘syitemca.privateminnhouse system or is-there outside .‘eccess? Standardsresponse: Private in-house. ‘3. Aremdumb terminals—used‘or p.c.’s? Both are used a. how many terminals are there? Seven dumb terminals and 1 p.c. (used only for processing of DRB’s) 6. How were the employees trained? By the medical record personnel staff and CPHA personnel 7. Who has access to the system? Standard response: Transcriptionists and 680’s in the department. a. What are the backup measures? 176 9. What is the method of storage? Stored on tape. 10. Who renders the policy in this area? The data processing department a. has it changed with automation? Yes. b. if yes, how? Passwords are used to access the system along with identification . ,numbers: also have security codes per job function to limit access c. if no, does the old policy suffice; if not, why not? 177 III. Release Qfi Information 1. How are requests for information handled? Standard response: Copy the hard copy of the medical record according to "need" and who wants the information. Physicians have full access to the chart; particularly used for research purposes. This includes O adminiStrative use/users. a. internal requests? Standard response: These requests go through the director/assistant director of the department and again according to need. b. external nequests? Standard response: This is state-mandated as to what outside parties have access to this information. 178 IV- Esistioa sttsm Uiflégfiflifli 1. In order of your highest priority, what are your concerns as a- ” manager with the existing automated record? 1. Backloading of information 59219133: 1. What are -the-coneerns your employees have with the existing system? 1. Down time with the computer 2. Response time of'computer Esllx automated sttsm management 1. In order of your highest priority, what are your concerns with a fully automated system? 1. Retrievability of information: “need to provide information to those who need it fast; we are a service department." .- 179 . —-.-.o—-.——— u—.- - -..---..— . Emaiexss 1. What are the concerns your employees state they may have with a fully automated record? 1. Don’t know of any 'Csniissotiaiiix . 't 1. Prompt confidentiality issue i-f-not mentioned'-by'respondeat- and record'response. Confidentiality is not "my first Cdecern but of- course it is —I important. “ Str ic -t security codes thats sLsst in-depaezmgujnprecluds _ I 7'" ‘7' any “problems with confident tiality with our system concesned with A j— ' : unauthorized individuals getting into system.- through sharing of pass- words therefore compromising confidentiality. 2. Would you agree to decreased retrievability of data if it decreased the confidentiality problem? yes no 922’; tuss- 13. Where is confidentiality on your priority list? high medium low I i I ‘ ... -~,_ ,-. HOSPITAL #7 410 Beds, Public Facility I. Nature gf 5:: istin _g 3v gtgm 1. What information is abstracted from the medical record and on computer? Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involved, discharge and admission dates. a. How is this data used? lResearch (statistical analysis) Administrative Physician use Billing/DRG’s be By whom? CPHA (research) ‘ -Administrators Physicians Third-party (Insurance) c. How is this data obtained? Printout or photocopy? Standard response: Data obtained directly from the medical chart; the chart is coded. Utilize photocopy. 2. Do procedures exist concerning who is authorized to add/delete and/or change information on file? Standard response: The chart is first coded then input onto computer. v. Those individuals (transcriptionists) who worked with the manual record are now authorized to add/change, delete information per medical recard department personnel. 180 181 a. How has this changed with the computer? Standard response: No change; same as with the manual record. 3. Who renders this policy? Standard response: Medical record department p-rsonne1. a. Has this policy changed with automation? No change. b. if yes, how? 4. How long have your medical abstracts been on compfiter? Since l982 ¥ .A. 1. Where is the computer facility housed? Outside the hospital Ia. Is it a limited access area? Yes. 2. What hardware is used? Data General 3. What software is used? PAS PLUS 182 a. where was it bought? CPHA, the software company b. what does it do (any restrictions?) Set up for medical abstracting of information from patient chart. " 4. Is your system a'private in-house system or is there outside. '- access? Standeed-response: Private in-house. ‘5. Are dumb terminals used or p.c.’s? Dumb terminals a. how many terminals are there? Four 6. How were the employees trained? By the medical record personnel staff and CPHA personnel 7. Who has access to the system? Standard response: Transcriptionists and CEO’s in the department. B. What are the backup measures? Nightly back-up onto tape. 183 9. What is the method of storage? Stored on tape. 10. Who renders the policy in this area? The data processing department a. has it changed with automation? -Yes. b. if'yes, how? Passwords are used and identification numbers to access the system ' ' and get on-line. c. if no, does the old policy suffice; if not, why not? 0 181* III. fielgggg Qfi Information 1. How are requests for information handled? Standard response: Copy the hard copy ef the medical record according to "need" and who wants the information. Physicians have full access L to the chart. a. internal requests? Standard response: These requests go through the director/assistant —L— — director of the department and again according to need. b. external requests? Standard response: This is state-mandated as to what outside parties have access to this information. 185 . - ...- «.---—I-o-.--'OO ...—0% a... IV- Eaistinn sttsm management 1. In order of your highest priority, what are Your concerns as a manager with the existing automated record? 1. Time saver: the "computer allows for alot of short-cuts.” ‘Emalexsea 1. What are the concerns Your employees have with the existing system? 1. Problems with the keyboard Esllx flutemstse sttss management 1. In order of your highest priority, what are your concerns with a fully automated system? 1. Reliability of the system: "alot of people will be accessing the system once it’s fully automated and I’m concerned if that won’t hurt reliability of what is put in correctly or otherwise.“ . 186. .. _ . _. .-- . .-.-..” . ---, Emnlexes 1. What are the concerns your employees state they may have with a fully automated record? 1. Don’t know of any Qonfidgntiélitx l. Prompt confidentiality issue if not mentioned by respondent and ' record response. Confidentiality is more important than any other "problem we deal with." ‘7' States that it should be guardeev'r? .ted as the High.est priority over ' - "' 3’ - any other “pressing need.“ "'7‘ —;—v 2. Would you agree to decreased reliability of information if it decreased the confidentiality problem? yes no don’t know 3. Where is confidentiality on your priority list? high medium low HOSPITAL #8 529 Beds, Private Facility I-Natucs ei Eaistina §xstem 1. What information is abstracted from the medical record and on computer? Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involved, discharge and admission dates. a. How is this data used? Research (statistical analysis) Administrative Physician use ba-Oyfwhom? CPHA (research) Administrators Physicians c. How is this data obtained? Printout or photocopy? 0 Standard response: Data obtained directly from the medical chart: the chart is coded. Utilize photocopying and printouts. ' 2. Do procedures exist concerning who is authorized to add/delete and/or change information on file? ' Standard response: The chart is first coded then input onto computer. Those individuals (transcriptionists) who worked with the manual record v— are now authorized to add/change, delete information per medical record department personnel. 187 188' a. How has this changed with the computer? Standard response: No change; same as with the manual record. 3. Who renders this policy? Standard response: Medical record department personnel. a. Has this policy changed with automation? No change. b. if yes, how? ' "V 7 Vi 4. How long haVe your medical abstracts been on camputer? Since 1981 J _-_ 1. Where-is the computer facility housed?' In the medical record department a. Is it a limited access area? Yes. 2. What hardware is used? Data General 3. What software is used? PAS PLUS ‘189 a. where was it bought? CPHA b. what does it do (any restrictions?) Set up for medical abstracting of information from patient chart. 4. Is your system a private in-house system or is there outside access? Standard response: Private in-house. 5. Are dumb terminals used or p.c.'s? Dumb terminals a. how many terminals are there? One b. How were the employees trained? By CPHA 7. Who has access to the system? Standard response: Transcriptionists and CED’s in the department. 8. What are the backup measures? - Nightly back-up onto tape. 190 9. What is the method of storage? Stored on tape. 10. Who renders the policy in this area? The medical record department a. has it changed with automation? Yes. w.— . - ~b.dif yes, how? -Passwords and idestification numbers are used to log into system c. if no,‘dees.the-o&d-pplicy suffice; if not, why not? 191 111- Salsas: Qt luiecmeties 1. How are requests for information handled? 0 Standard response: Copy the hard copy of the medical record according + "I’ to “need" and who wants.the information. The same process is used‘ as with the manual record. a. internal requests? Standard response: These requests go through the director/assistant director of the department and again according to need. b. external requests? Standard response: This is state-mandated as to what outside parties have access to this information. 192 IV- Esistisa Sxaiem Uifllfiimifli 1. In order of your highest priority, what are your concerns as a manager with the existing automated record? 1. Time saver 2. Undersold in storage capacity Emslexsss r. What are the concerns ydflr employees have with the existing system? 1. EmpLOyees like the system’amd woutcn’t go-back to manual processing ... T v ' a of information; don’t kndwfofi—amyfipuoblemzjconcerns assessment 1. In order of your highest priority, what are,your concerns with a fully automated system? 1. Confidentiality 2. Security 3. Doctor cooperation on the system: "their ccoperation could make or break the system” 4. Adequate training of all the staff accessing the system 193 Emelexea 1. What are the concerns your employees state they may have with a fully automated record? 1. Not aware of any Qeniigestialitx 1. Prompt confidentiality issue if not mentioned by respondent and record response. ' Although confidentiality was cited without interviewer prompting, 7 director states that “it’s a dream-world to think it (confidentiality) will be covered in policy-making." Ethically, confidentiality is a priority, but realistically the economies of retrieving information is more‘important than trying to prevent breach of confidentiality. "I was on the planning committee for this-computer system and con- fidentiality came up after there was a problem with physician breach.“ 2. Would you agree to a decrease in time-saving measures if it. decreased the confidentiality problem? yes 99 don’t know 3. Where is confidentiality on your priority list? high medium low HOSPITAL 09 210 Beds, Public Facility I-uatucs ei Esisiisn fiestas 1. What information is abstracted from the medical record and on computer? Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involved, discharge and admission dates. a. How.is this data used? Research (statistical analysis) Administrative - Physician use c-“ -BillingflDR6’s .U ' be BY. WOO? . CPHA (research) , . Administrators Physicians c. How is this data obtained? Printout or—photocopy? Standard response: Data obtained'directly from the medical chart: the " hart is coded. Utilize photocopy. 2. Do procedures exist concerning who is authorized to add/delete and/or change information on file? Standard response: The chart is first coded then input onto computer. A Those individuals (transcriptionists) who worked with the manual record are now authorized to add/change, delete information per medical record department personnel. 19a 195 a. How has this changed with the computer? Standard response: No change; same as with the manual record. —. v 3. Who renders this policy? Standard response: Medical record department personnel. ‘— a. Has this policy changed with automation? No change. b. if yes, how?. .4?,How,long have your medical abstracts been on computer? Since 1953 l IH 'e |\ an I‘D IE IT nw Irf K 6553:: s 1. Where is the computer facility housed? In the medical record department a. Is it a limited access area? Yes. 2. What hardware is used? IBM 3. What software is used? PAS PLUS 196 a. where was it bought? CPHA b. what does it do (any restrictions?) Set up for medical abstracting of information from patient chart. _4. Is your'system a private in-house system or‘is‘tbere‘outside access? - Standard response: Private in-house. f 5. Are dumb terminals used or p.c.’s? Dumb‘terminals + at how many terminals are there? One 6. How were the employees trained? By CPHA and the staff in the medical record department 7. Who has access to the system? Standard response: Transcriptionists and CED’s in the department. r B. What are the'backup measures? Nightly back-up onto tape. .. ... ... - - ~ ...-...”. - “.-.: ..t._ .- .-. ...-,-.. _. -. ---.-- ——..-——-—.- ..~ - .-..- . ... a.- .o a.--'~ --.- 0- - >-—-. W 197 9; What is the method of storage? Stored on tape. 10. Who renders the policy in this area? The medical record department in conjunctipn with CPHA au-fi§§°it>q&§fl93d‘with automation? YE‘ s -4b;;if yes? how? ,.Pesswords-end-identifisation numbers are used —f c. if no, does the old policy suffice: if not, why not? 0 198 III- Balsass 9i leiscmatien ,1. How are requests for information handled? Standard response: Copy the hard copy of the medical record according T —v— w- to “need“ and who wants the information. This hasn’t changed with the — computer. __‘ a. internal requests? Standard response: These requests go through the director/assistant director of the department and again according to need. b. external requests? Standard response: This is state-mandated as to what outside parties have access to this information. 199 Iv. Eaistinn firstsm Ulfliflflmlfli 1. In order of your highest priority, what are your concerns as a manager with the existing automated record? 1. Time saver ‘ 2. Networking with other systems in the hospital, to enhance “compatability” Emelsxsss 1. What are the-concerns your employees have with the existing system? 1. Time-saver -v ” Estlxresteestse sttsn management 1. In order of your highest priority, what are'your concerns with a fully automated system? 1. Backup of information: "will always have to have hard copy" 2. Downtime and getting behind because "so many others are accessing the system 3. Accuracy: "will so many people be in a hurry and make more mistakes on the computer and hurt accuracy of information?” 200 a,“ Emslexss 1. What are the concerns your employees state they may have with a fully automated record? 1. Frustration with downtime Eeeiiesntialitx 1. Prompt confidentiality issue if not mentioned by respondent and record response. Confidentiality is the most important concern. ”If hackers are in government records then it should also happen with medical records." _‘ States the real concern and worry should be with internal hackers and internal breaches of confidentiality. "The biggest problem are doctor’s trying to find out information about other doctors." This is where the greatest breach of confidentiality occurs according to this director and will become worse with a fully automated system. 2. Would you agree to decreased backup measures if it decreased the confidentiality problem? ye; no don’t know 3. Where is confidentiality on your priority list? high medium ' low HOSPITAL #10 531 Beds, Public Facility I-Batscs 2i Eaisting sttsm 1. What information is abstracted from the medical record and on computer? Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involved, discharge and admission dates. a. How is this data used? Administration Billing/DR8?s b: By whom? Acmi ni str‘at'ors , _Third-party (Insurance) _— w—' A ‘ n c. How is this data obtained?—Peintout or photocopy? Standard response:-Qata obtained diféctly from.the-medical chart: the chart is coded. Utilize photocopy. —— r 2. Do procedures exist concerning who is authorized to add/delete and/or change information on file? Standard response: The chart is first coded then input onto computer. Those individuals (transcriptionists) who worked with the manual record are now authorized to add/change, delete information per medical record department personnel. 201 202 . a. How has this changed with the computer? Standard response: No change; same as with the manual record. 3. Who renders this policy? Standard response: Medical record department personnel. a. Has this policy changed with automation? No change. . . b. if yes, how? 4. How long have your medical abstracts been on'computer? Since 1982 ll; assessifissscitx ' 1. Where is the computer facility housed? Outside the medical record department a. Is it a limited access area? Yes. 2. What hardware is used? IBM 3. What software is used? DataCare 203 a. where was it bought? Don’t know b. what does it do (any restrictions?) Set up for medical abstracting of information from patient chart. 4. Is your sfistem a private in-house.syetem-oc-isgthe:eeoutside .aczess? ' ~Standard responaeraPrivata in-house. -_ _. _- T o '— r‘. T - g o o a- 5. Are dumb terminals used or p.c.’s? Dumb terminals O a. how many terminals are there? Six 6. How were the employees trained? By the staff in the medical record department 7. Who has access to.the system? Standard response: Transcriptionists and CEO’s in the department. 8. What are the backup-measures? .. -, u- - Nightly back-up onto tape. . ”a- 0-0—» v-n . g o - -.. ..— ..--.-c-w --. -..—.-. .-- - .- ...-poo .- O I ..I--.--M ,-.—.-m ———r-—--o~-..-~..-, 20H 9. What is the method of storage? Stored on tape. 10. Who renders the policy in this area? The data processing department a. has it changed with automation? YRS. b. if yes, how?, Passwords and identificationtnumbers are used along with security codes per job funtion, to cut down amount of access c. if no, does the,o1d policy suffice: if not, why not? 205 111- Efilfiéfifi Qi lOiQCEéSiQO 1. How are. eefiaests for information handled? Standard-rssponser Copy the hard copy of the medical record according i‘VVV ts-"needflsand-who- wants the information. It’s still the same as with '7 the manualerecord; have to have a “certificate of need.“ ' s. internal-requests? 'Standsrd response: These requests go through the director/assistant director of the department and again according to need. b. external requests? Standard response: This is state-mandated as to what outside parties . have access to this information. Uassasmsnt 1. In order of your highest priority, what are your concerns as a manager with the existing automated record? 1. Implementation of the system 2. Networking with other systems in the hospital to avoid duplication- of process Emnldxsss 1. What are the concerns your employees have with the existing °system? ' I 1. Duplication of screens ‘ . 4 ~ -— 2. Having to go back-and-forth on screen 1"— 3. Time loss on system l'fl all! fistseatss.§xatss management 1. In order of your highest priority, what are'your concerns with a fully automated system? 1. Adequate training: "There should be a first level of training and then train all the other departments; this would be optimal." 207 ~— .. ...--. .—.---o.¢-a-a-.oo~a.-.-—-o.'-~ Emalexss 1. What are the concerns your employees state they may have with a fully automated record? 1. Not aware of any of their concerns with this.' stiissntislitx l. Prompt confidentiality issue if not mentioned by respondent and record_response. Acknowledges confidentiality will be a problem with a fully automated system, but "not automated enough now for it to be a problem.” States that training is and should be the utmost priority: “adequate training ‘v could control the internal problems of breach.“ Believes that theres is not a fool-proof system to insure confidentiality: Atleast by training the staff well, there could be some element of control over the quality of information provided. Unless someone could interpret the codes, T whether or not they could get into the system wouldn’t really matter. ”Need to interface well and have a good internal network of systems" A over any concern of confidentiality. 2. Would you agree to decreased interfacing among systems if it decreased the confidentiality problem? yes up don’t know 3. Where is confidentiality on your priority list? high -mssiss low - .. . ..a..--~--“--fi-.-~---- HOSPITAL #11 209 Beds, Public Facility I-flstscs st aistins Sxatse 1. What information is abstracted from the medical record and on computer? Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involved, discharge and admission dates. a. How is this data used? Administration Research .Billing/DRG’s Physician use b, By whom? Administrators Research Physicians c.‘How is this data obtained?-Errnteut-or-photocopy? Standard response: Data obtained-directly from the medical chart; the T chart is coded. Utilize-photocopy. 2. Do procedures exist concerning who is authorized to add/delete and/or change information on file? Standard response: The chart is first coded then input onto computer. Those individuals (transcriptionists) who worked with the manual record, are now authorized to add/change, delete information per medical record department personnel. 208 209 a. How has this changed with the computer? Standard response: No change; same as_with the manual record. 3. Who renders this policy? Standard response: Medical record department personnel. a. Has this policy changed with automation? No change. b. if yes, how? ’ 4. How long have your medical abstracts been on computer? Since 1983 lls assessLSssacitx 1. Where is the computer facility housed?' Outside the hospital l a. Is it a limited access area? Yes. 2. What hardware is used? IBM 3. What software is used? Intermountain Health Care 210 a. where was it bought? Out of Salt Lake City, through IBM b. what does it do (any restrictions?) Set up for medical abstracting of information from patient chart. 4r Is your system a pcivate in-house system or is there outside -1 access? - '- . .- Standard response: Private in-house. 5. Are dumb terminals used or p.c.’s? Dumb terminals a. how many terminals are there? Two 6. How were the employees trained? By both the staff in the department and the software company 7. Who has access to the system? Standard response: Transcriptionists and CEO’s in the department. B. What are the backup measures? Nightly back-up onto tape. 211 " 9. What is the method of storage? Stored on tape. 10. Who renders the policy in this area? .The.medical record department a.{has it changed with automation? ... Yes. 4?. 1 '——r T '— b. if yes. how? Passwords and identification numbers are used arong‘with2security codes per job funtion. c. 'if no, does.the old policy suffice; if not, why not? 212 III. Eglgggg 9: Information '- l? Howzare requests for'fnformation handled? Standard response: Copy the hard copy of the medical record according to'"need”-and-who=wants the information. There hasn’t been any.change. a. internahIFeQuests? Standard response; These requests go through the director/assistant director of the department and again according to need. b. external requests? Standard response: This is state-mandated as to what outside parties have access to this information. 213.H_"_-.. m.. . .----__u IV- Eaistina sttsm Uifllflfifiifl: 1. In order of your highest priority, what are your concerns as a manager with the existing automated record? 1. Downtime of system Emfilexsss 1. What are the concerns your employees have.with the existing system? ’ 1. Don't know; haven’t had any problems . 52m easement mm Ulflifllfllfil , 1. In order of your highest priority, what are your concerns with a fully automated system? 1. Good training: "I’m really worried about this aspect; that there won't be enough time to learn and/or teach everyone adequately." 21k Emnlexss 1. What are the concerns your employees state they may have with a fully automated record? . 1. Don’t know Confidentiality l. Prompt'tonfidentiality issue if not mentioned by respondent and record response. . Agrees that confidentialitysuill be a problem with a fully automated v.— — -- systemgbecauee “peoplewcan access more easily the information they want once it is on'computee." However, if training is not adequate, then tnying to guard-confidentiality becomes a moot issue. "Without good training, and part of that is instruction of confidentiality, then T? -- __ decreasing confidentiality problems is of no benefit. States the economics of retrieval of information'displces the ethics of patient. rights because of the "amount of information needed and it’s needed QUleIY. u 2. Would you agree to an increase in downtime if it decreased the confidentiality problem? yes g9 don’t know 3. Where is confidentiality on your priority list? high medium low HOSPITAL #12 137 Beds, Private Facility I-ustucs 9i Eaiaiina fixetem 1. What information is abstracted from the medical record and on computer? Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involved, discharge and admission dates. v —-w- 7 a. How is this data used? Administration Research Physician use‘ b. By whom? Administrators Research Physicians c. How is this data obtained? Printout or photocopy? Standard response: Data obtained directly from the medical chart; the chart is coded. Utilize photocopy. 2. Do procedures exist concerning who is authorized to add/delete and/or change information on file? Standard response: The chart is first coded then input onto computer. Those individuals (transcriptionists) who worked with the manual record are now authorized to add/change, delete information per medical record department personnel. .215 216 “" " ~u~~—~~-_euuuu a. How has this changed with the computer? Standard response: No change; same as with the manual record. 3. Who renders this policy? Standard response: Medical record department personnel. a. Has this policy changed with automation? No change. b. if yes, how? . ’ 4. How long have your medical abstraofiefipeen'on-computer? Since 1981 II; esesesZ§seucit¥ '1. Whereiis the computer-facilitYThoused? Outside the medical record department a. Is it a limited access area? Yes. 2. What hardware is used? IBM 3. What software is used? bans PLUS . -- 217 a. where was it bought? From CPHA b. what does it do (any restrictions?) Set up for medical abstracting of information from patient chart. 4; Is your system a private in-house system or’ts thereioutside access? ‘ - . ' Standard responsei-Private inchouse. .5; Are dumb terminals used or p.c.'s? Dumb terminals w —'— a a. how many terminals are-there? One 6. How were the employees trained? By CPHA staff 7. Who has access to the system? Standard response: Transcriptionists and CEO’s in the department” 8. What are the backup measures? Nightly back-up onto tape. —. -..—“.....- .-..9-- -~--- -218.-. .--_O'-'.~‘-We-o-'Hv~ ~ 9. What is the method of storage? Stored on tape. 10. Who renders the policy in this area? The medical record and data processing departments 'a. has it changed with automation? Yes. b. if yes, how? Passwords and identification numbers are assigned to the employees _‘, accessing the system .V c. if no, does the old policy suffice; if not, why not? ‘-. 219 III- Eslssss ei Iniecmstien 1. How are requests for information handled? Standard response: Copy the hard copy of the medical record according to "need“ and who wants the information. a. internal requests? Standard response: These requests go through the director/assistant *‘r i director of the department and again according to need. b. external requests? Standard response: This is state-mandated as to what outside parties have access to this information. 220 '_‘w“"” IV- Esistina sttsm management 1. In order of your highest priority, what are your concerns as a manager with the existing automated record? ' 1. Have no problems with the existing system Emalexeea 1. What are the concerns your employees have with the existing system? 1.1Less error rate with the software Eullx astemaisd fixstsm management. ' 1.-In‘order-of your highest priority, what are your concerns with * a fully automated system? 1. Confidentiality: "If there is going to be alot of people on the system, have to make sure that proper security codes keep the system safe.“ 2. Time saver 221 _-ao--'-a~.. up .- ...-......—— -- ----—~. Eealsxss 1. What are the concerns your employees state they may have with a fully automated record? ' 1. Don’t know Seeiissntisiitx l. Prompt confidentiality issue if not mentioned by respondent and ' record response. . Expressed confidentiality as the greatest concern. States that the advantages of computer-friendliness and time saving measures shouldn’t. 1’— f V. “overdshadow” the patient’s right to confidentiality. L ——V r— 2. Would you agree to a decrease in time-saving functions if it decreased the confidentiality problem? x33 _no don’t know 3. Where is confidentiality on your priority list? I ‘ high medium low HOSPITAL 013 489 Beds, Public Facility I-queiEsiatinamm 1. What information is abstracted from the medical record and on computer? :Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involved, discharge and admission dates. a. How is this data used? Administration . Research Physician use be 'W.' “”7, Administhato'rs - -- ~' - Research Physicians Allied health professionals. Cr How it this date obtained? Printout or photocopy? Standard response: Data obtained directly from the medical chart; the chart is coded. Utilize photocopy. . e - O O 2. Do procedures exist concerning who is authorized to add/delete and/or change information on file? ' Standard response: The chart is first coded then input onto computer. AL Those individuals (transcriptionists) who worked with the manual‘record‘ are now authorized to add/change, delete information per medical record department personnel. 1223 _i.--_-”, a. How has this changed with the computer? Standard response: No change; same as with the manual record. .3. Who renders this policy? Standard response: Medical record department personnel. a. Has this policy changed with automation? No change. b. if yes, how? A. How long have your medical abstracts been on computer? Since 1978 ° la assesséfissucitx ' 1. Where is the computer facility housed? Outside the medical record department 'a. Is it a limited access area? VII e 2. What hardware is used? IBM 3. What software is used? Dynamic Control out of Florida 224 a. where was it bought? Through the hardware company, IBM b. what does it do (any restrictions?) Set up for medical abstracting of information from patient chart. 4. Is'your system-a private inrhouse system or is there.outside access? " Standard response: Private in-house. ‘— 5. Are dumb terminals used“or-p.c.’s? 1 ' Personal computers a. how many terminals are there? Eight 6. How were the employees trained? By the software company and the medical record personnel 7. Who has access to the system? Standard response: Transcriptionists and CEO’s in the department. 8. What are the backup measures? Nightly back-up onto tape. as. ...- -———. 225 .9. What is the method of storage? Stored on tape. 10. Who renders the policy in this area? The medical record department a. has it changed with automation? Yes. b. if yes, how? Passwords and identification numbers are used in addition to security codes per Job function; “this limits who has access to what.“ I c. if no, does the old policy suffice; if not, why not? 226 III- Beleess 9i Iniecmstien 1. How are requestsfifec-information handled? ‘Standard response: Copy the hard copy of the medical.record according to “need" and who wants the information% Generally, only the - W T u . 1 physicians ask for the information and they always have full access. “v— - a. internal requests? Standard response: These requests go through the director/assistant director of the department and again according to need. b. external requests? Standard response: This is state-mandated as to what outside parties have access to this information. 227 ' IV- Esistina sttsm assessment 1. In order of your highest priority, what are your concerns as a manager with the existing automated record? 1. Retrievability of data w- .-»-.—-- - - ... “...-.~-.-Oe‘--.—.-—o -- 2. Better monitoring of data EQELQXREI 1. What are the concerns your employees have with the existing system? 1. Limitations of the software program Euiix enigmatsd sttsm assessment 1. In order of your highest priority, what are your concerns with a fully automated system? . , 1. Adequate training of personnel, “especially with the doctors” 2. Doctor cooperation with the new system 3. Backup: ”Still need hard copy of everything documented“ T‘ O 228 0.." “.1.” --.- ._“.1, Eealaxsa 1. What are the concerns your employees state they may have with a fully automated record? 1. Not sure L Csniidsntisiitx 1. Prompt confidentiality issue it not mentioned by respondent and ' record response. . . I - o : Stated confidentiality is of crctical importancep'"lt should be. based on security and who needs the_information to,begin with1“neoncerned that '— ‘cqnfidentiality is not-guarded, and believes this-maz-become worse with a fully automated system? 7* w— . v v" w v 0 fl 2. Would you agree to decreased retrievability of data if it decreased the confidentiality problem? x3. no don’t know 3. Where is confidentiality on your priority list? DiQD ‘medium low e --.-».o- ————--—--—---~—o~... HOSPITAL #14 75 Beds, Private Facility . 1. What information is abstracted from the medical record and on computer? - Patient age, sex, religious affiliation, patient identification number, diagnosis, procedures, physicians involved, discharge and admission dates. a. How is this data used? Administration Research Physician use . Billing/DRG’s -b. By—whom? Administrators Research + A Physicians c. How is this data obtained? Printout or'photocopy? Standard response: Data obtained directly from the medical chart; the A chart is coded. Utilize photocopy. 2. Do procedures exist concerning who is authorized to add/delete and/or change information on file? Standard response: The chart is first coded then input onto computer. Those individuals (transcriptionists) who worked with the manual record are now authorized to add/change, delete information per medical.record r department personnel. - m . 229 230 i a. How has this changed with the compute Standard response: No change; same as wit a. Who renders this policy? Standard response: Medical record department personnel. a. Has this policy changed with automation? No change. b. if yes, how? 4. How long have your medical abstracts been on computer? Since 1985 .Ie assessLSssucitx 1. Where is the computer facility housed? Outside the hospital a. Is it a limited access area? Yes. 2. What hardware is used? IBM ' - 3. What software is used? PAS PLUS 231 a. where was it bought? From CPHA —u—_-_—-—-‘-—-—--_-—-‘-——-————_-————--c--—_n---_------—--~—---------_—---— ?) b. what does it do (any restrictions Set up for medical abstracting of information from patient chart. .-“-_‘—_-*n—--—_--———---“——Q-u--—e_——..---—-e————---——_----—__—_~--—-_-———- 4. Is your system a private in-house system or is there outside ”access? J Standard response: Private in-house. 5. Are dumb terminals used or p.c.’s? Dumb terminals a. how many terminals are there? Two 6. How were the employees trained? By'the software company —--—- ————-fl-——‘-———‘-——_-—e“—e——-e_~~——---— '7. Who has access to the system? Sitandard response: Transcriptionists and CEO’s in the department. —=-—-—’-—-—— —_ --‘ ‘-—-“‘—““‘“‘=—_——--.—-—-a—-——— 8. What are the backup measures? Nightly back-up onto a disk —— 233 1. How are requests for information handled? Standard response: Copy the hard copy of the medical record according + 1 I — to "need" and who wants.the information. The same process is used .... _ as with the manual record. a. internal requests? Standard response: These requests go through the director/assistant director of the department and again according to need. b. external requests? Standard response: This is state-mandated as to what outside parties have access to this information. 23g . -.-m_h_.-muu_..-. .._" ,*_ IV- Eaiatina Sxaism nansasmsns 1. In order of your highest priority, what are your concerns as a manager with the existing automated record? 1. Problems with the screens and it slows down the work process 1'— 592192221 1. what are the concerns your employees have with the existing system? 1. Time lapse between screens Eallx enigmassn Exszsm nansnsmsnt . 1. In order of your highest priority, what are your concerns with a {ully automated system? 1. Adequate training: "Information is only as good as the people who input the inéormation." 2. Doctor cooperation with the change-over to a fully automated system; getting adequate time to train them on the system 235 Emelsxss 1. What are the concerns your employees state they may have with a fully automated record? 1. No real change/concerns known, other than time lapse between screens Confidentiality l. Prompt confidentiality issue if not mentioned by respondent and record response. _Agresd confidentiality is of great importance: VefiV“cEncerned gwith getting validfraliabfe eampaear venibr where the software is MAL .; .A ‘ - w. configured to insure‘confidsntiality. Stated the’fmportance of v anticipating problems with confidentiality once there is a fully.- automated system. Says confidéntiality is of the-fiighest importance ' regardless of any ”economic, time-saving devices-“ I 2. Would you agree to a decrease in time-saving measures if it decreased the confidentiality problem? 1;; no don’t know 3. Where is confidentiality on your priority list? high medium low .ul 3 13 L IOGRAPHY BIBLIOGRAPHY Becker, Hal. Information Integrity; McGraw-Hill Book Company, Inc., New York, 1983. Blois, Marsden. Information and Medicine. University of California Press, Berkeley & Los Angeles, 1984. Brandeis. Jan F- 222112 121222221222 122 92222122 Egpggigggg; The Canadian Medical Association, Ottawa-North Holland Publishing Company, New York, 1976. Bronzino. Joseph. 22222222 222112211222 122 2221221 92222 Addison-Wesley Publishing Company, Inc., Ontario, 1982. Camber, Edward. "Management of Confidential Information,” 922221222 222 22222112, Alips Press, New Jersey. 1978. 92211222112111! 21 2211222 222122 121222221222 2 22211122 222122221 21 222 22221222 2221221 222222 222221211221 AMRA. Chicago, 1978 and 1983. "Confidentiality, Records and Computers," figitigh Mgdiggl ggggggl, March, 1979. Creighton, Helen. ”The Diminishing Right of Privacy: Computerized Medical Records," §gpgggiggg Egggg, February, 1978. 9222221 92121222 21 122 12212121 9222211 21 122 22221222 2221221 222221211222 12222 AMA. Chicago. 1984. Dizard. Wilson. Jr. 122 922123 12122221122 2222 Longnan Publishing, New York and London, 1982. 236 237 Egan, Jacqueline. "The Medical Confidentiality Sham," 222112 222122. 1978. Flaherty. David- 121222! 222 2222222222 222222222. Marshall Publishing, London, 1979. Gabrieli, John. ”A Model for the Ethical Protection of Medical Data." Manuscript presented to the Third Symposium on Computer Appliations in Medical Care, Wshington, D.C., 1979. Griesser, 6., J.P. Jardel, D.J. Kenny, and K. Sauter. _§t§ 1222222122 12 222122 12122222122 22222221 22222 22 22 §t§ggz North Holland-Amsterdam-New York-Oxford Publishing, 1983. Hiller, Marc and Lee Seidel. ”Patient Care Management Systems, Medica Records and Privacy: A Balancing Act," 222112 222122 2222222. 1980. 22221221 2221221 2222222; 2212211222 12 12212 222 222 222 2212222 21 2221221 12122222122. American Hospital Association, Chicago, 1972. Johnson, Deborah. 9932339; Ethiggg Prentice-Hall Inc., Englewood Cliffs, New Jersey, 1985. Laudon, Kenneth. ”Privacy and Federal Databanks," §ggi§ty, January/February, 1980. Linowes, David. "Computers and Privacy Problems: Their Impact on People and Programs,” ggggé, February, 1980. Anna Press, New York, 1967. Miller, Randolph, M.D., Kenneth Schaffner, Ph.D., Alan Meisel, J.D. "Ethical and Legal Issues Related to the Use of Computer Programs in Clinical Medicine," Aggglg 9: 12222221 22212122. Vol. 102. No. 4. April. 1985. O’Brien, David. "Privacy and Information Control: A Contemporary Administrative Dilemma," £39119 Aggigigtggtigg Bgyigw, July/August, 1979. ' Publishers, New York, 1979. 238 Protti, D.J. ”Confidentiality of Health Information: A Hospital Administrator’s Viewpoint Following the Krever Commission." 2222 2222222122 12 222122 12122222122 22222222 Elevier Publishers, Holland, 1983. 22222222 922222222 222 222 213222 21 912122222 Report of the Secretary’s Advisory Committee on Automated Data Systems, US Department of Health, Education and Welfare, 1973. Reisier, Stanley and Michael Anbar. The Machine at the figdgiggg Cambridge University Press, New York, 1984. Roach, William, Susan Chernoff and Carole Eisley. Mgdiggl Records and the Law. Aspen Systems Corporation, Maryland, Siegler, Mark, M.D. "Confidentiality in Medicine-A Decripit Concept". 122 222 2281222 1222221 21 222121222 December 9. 1982. 2211222 222122 9222 12122222122 2221 National Conference of Commisssioners on Uniform State Laws, 1985. Vuori, Hannu. ”Privacy, Confidentiality and Automated Health Information Systena." 1222221 21 2221221 2221222 Vol. 3, 1977. Ware, Willis. ”01d Practices in a New Age Endanger Information Privacy," Hggpitglg, 1977. Waters, Kathleen and Gretchen Murphy. Mggiggl nggggg ig Health Information. Aspen Systems Corporation, Germantown, Maryland, 1979. Watson, Bruce. "Disclosure of Computerized Health Care Information: Provider Privacy Rights Under Supply Side Competition." 22221222 1222221 21 122 222 22212122; vol- 7. No. 7. 1981. Weiss, Barry. ”Confidentiality Expectations of Patients, Physicians and Medical Students," gggg, Vol. 247, No. 19, May, 1982. Westin. Alan- 9222222221 222122 2222222 222 9121222 2182222 US Department of Commerce, Washington, D.C., 1976. 239 Westin. Alan- 222222222 12 2 1222 22212222 9222222221 Computer Databankg 3?"?32 Computer Science Engineering Board, National Academy of Sciences, New York Times Co., 1972. Westin. Alan. 12122222122 1222221232 12 22 2222222212 Society; Howard University Press, Cambridge, Maryland, 1971. Westin, Alan. Pgigagy gpd Egggggg; Atheneum Publishing, New York, 1968. Westin, Alan. ”The Dimensions of Privacy: Report on its Status in the United States," ggmpgtggg gpd £99219, July/August, 1979. Westin, Alan. ”The Impact of Computers on Privacy," Dgtgggtigg, December, 1979. Williams, Frederick. The Communications Revolution. New American Library, New York, 1982. Worthly. John. 22222128 922222222 12 222122 92221 Aupha Press, Michigan, 1982.