Healthcare Information Technology Standards all Medical Practices Need to Follow

By: Daryl Smith on November 16th, 2018

Print/Save as PDF

Healthcare Information Technology Standards all Medical Practices Need to Follow


You have found a managed information technology partner, chosen the best practice management software, and have digitized your practice. Now you have to follow healthcare information technology standards. While it may be difficult, following healthcare information technology standards is very important to ensure the best service for your patients. Become familiar with what those standards are, and why it is important to have processes in place in order to preserve the integrity of your patient data and to avoid penalties.


 Do you know what to look for in a managed IT service provider?

Download our checklist to learn if you’re making the best choice for your practice.

Download Now


What are the Data Standards in Health Care?

In health care, data standards include methods, protocols, terminologies, and specifications for the collection, exchange, storage, and retrieval of information associated with health care applications, including medical records, medications, radiological images, payment and reimbursement, medical devices and monitoring systems, and administrative processes (Washington Publishing Company, 1998). Standardizing the oftentimes haphazard health care data involves the following:

  • Definition of data elements—what is the content of the data to be collected and exchanged

  • Data interchange formats—what are the standard data element formats, including the structure of and relationships among the data

  • Terminologies—how are the medical terms and concepts described, classified, and coded

  • Knowledge representation—how are medical literature, clinical guidelines, etc., represented electronically

In order for patient charts to be digitized, each piece of a patient’s information needs to be coded, then electronic handling protocols are applied. With the healthcare industry converting to digital formats, patient information needs to be in a standard format in order to facilitate smooth communication among providers regarding patients. Data standards help protect patient health and privacy. Having uniform data standards in place will also help patients have better outcomes.

Ensuring Documentation Integrity

As a provider who collects protected health information (PHI), it is important that you keep the data as correct and up to date as possible. Documentation integrity means that the complete health record of a patient is accurate. Document integrity covers how the information is managed (information governance), who created/edited/signed the documentation (authorship validation), patient identification, amendments/corrections, and validating the record prior to submitting reimbursement claims to insurance companies.

Practice management software is necessary to create and store electronic health records (EHRs). These software applications employ customizable documentation options such as templates and smart phrases that reduce the time it takes to document a patient visit. In other words, if the same procedure or discussion happens with many patients, it makes sense to create a template to use over and over. But be careful: unless these tools are used appropriately, the integrity of the data may be questioned and the information deemed inaccurate—or possibly even perceived as fraudulent activity. It is easy to make a mistake using these time-saving tools, mistakes such as not customizing the template text to apply only to the patient being seen.

Established policies and procedures must be in place to ensure that patient visits are documented correctly at all times. These policies should include an audit procedure to review files for accuracy. Without processes in place to ensure accurate information, the patient’s records could show misleading or incorrect information which can cause issues for the patient.It is critical that providers understand the necessity of reviewing and editing all defaulted data to ensure that only patient-specific data for that visit is recorded, while all other irrelevant data pulled in by the default template is removed.

Risky Documentation Practices You Need to be Careful of

Many methods of inputting data have led to inaccurate data issues. Best practices for documentation that ensures quality have not been well defined for EHRs and are not well understood by providers. Below are methods of documentation that have potential issues.

Cloning, Copy/Paste Problems

Cloned documentation can create significant problems such as unnecessary redundancy and inaccurate information in a patient’s EHR. Some EHR programs are designed to easily facilitate cloning with such popular features as “make me the author” to assume the content of another person’s entry, “demo recall” to copy forward vital signs, “copy and paste” to replicate information from a previous visit or the use of “smart phrases”, a function that pulls in specific identical data elements. Automating the chart entry process and copying over client data could lead to inaccurate information if it is not manually updated for that specific patient and that specific visit. Failure to edit patient data to accurately reflect the visit could ultimately lead to worse care for the patient and could potentially create medical liability issues.

Template Documentation Challenges

Documentation templates can make a patient’s EHR much easier for the clinician to record. Templates play a huge role in the data that is collected and can increase the accuracy of the patient’s record. However, there are also limitations with these templates:

  • There may be missing templates for a specific issues or visit types

  • Templates may not help in the cases of atypical patients that have multiple problems with extensive interventions that must be documented in detail

  • Templates designed to meet reimbursement criteria may miss relevant clinical information.

Dictation Errors Without Validation

Healthcare providers and organizations that use voice recognition without a validation step in place will experience significant data quality problems and documentation errors. Healthcare organizations should have procedures in place to ensure that providers review, edit, and approve dictated information in a timely manner.

Patient Identification Errors

A huge issue can result from documenting information in the wrong patient health records.Patient identification errors impact patient safety and security. As patient data is shared, errors in the EHR are amplified.  Another common error in EHR is the creation of duplicate records for the same patient, which could result in incomplete data in either one of the records. It is critical that healthcare organizations have procedures in place in order to monitor and correct all of these errors. They should also document the number and types of errors that have been made.

Special alerts can be designed and implemented within an EHR to avoid potential safety issues, such as when a patient blood type or allergy does not match the patient undergoing treatment.Healthcare organizations and providers should have a program in place that monitors patient identity integrity by calculating the percentage of error rates and duplicate records within its electronic master patient index.The ideal program would include employee performance improvement measurements that track mistakes and coach employees to avoid these errors.

Healthcare Fraud and Abuse

Patient documentation issues and inaccuracies can sometimes lead practices to unintentionally commit fraud. While providers and healthcare organizations may not intend to commit healthcare fraud and abuse, the federal government is as strict as ever in detecting and punishing providers who even appear to be engaged in fraudulent activity.

Providers face multiple healthcare fraud and abuse laws at the local, state, and federal levels. Complying with so many regulations can be difficult for providers whose focus is already divided by a range of priorities, including care delivery, payer compliance, medical billing, and revenue cycle management. Healthcare fraud and abuse cases cost the industry billions of dollars a year. Without processes in place to detect and prevent fraudulent activities, healthcare providers could face an investigation that may cost them their reputation and revenue. However, developing appropriate healthcare fraud and abuse prevention policies and compliance programs may be difficult and costly for provider organizations.

To prevent an organization from participating in healthcare fraud and abuse, or the appearance of fraud and abuse, providers should understand key health care fraud laws, implement a compliance program. The program should follow best practices for documentation, while improving medical billing and business operations processes.The compliance program should emphasize employee education at all levels of the organization.


Following healthcare information technology standards is an important part of being HIPAA compliant. Protecting your patients’ data within your practice and when it is shared electronically with other healthcare entities will help you provide the best service to your patients. While making sure you are following data standards may be challenging, it is very important to keep your practice in compliance. Having a Managed IT service provider can help ease the pressure of following healthcare information technology standards by dealing with many of the issues discussed.

CTA: Make sure to check out our “What to Look for in a Managed IT Service Provider Checklist”

 Download our checklist now