“Open Notes” – How to Protect Your Organization from the Unintended Consequences of the 21st Century Cures Act

Imagine finding out you have cancer via email. Or, imagine reading a disparaging note about yourself documented by your healthcare provider. Or, imagine trying to determine how you can keep your own medical record private on a shared computer in your house.

In early 2021, healthcare systems introduced the “open notes” component of the 21st Century Cures Act. With that introduction came dozens of new medical malpractice and patient safety risks, most of which were new to healthcare. It is now possible for a patient to find out about their diagnosis before the provider. It is now possible for a patient to read all of a provider’s documentation, including any negative or criticizing comments. It is now possible for a domestic abuse victim to be in even more danger as their confession to a provider could now be visible in the electronic chart.

The anticipated benefits of this act are still noteworthy – patients can play a more active role in their care if they are more familiar with the care plan and have more regular access to their results. However, the implications of this act are far-reaching, and healthcare organizations are struggling to implement solutions and best practices that protect their providers and patients while still meeting the requirements of the law.

This session will examine several unintended consequences of the law and how healthcare organizations can limit exposure.

Objectives:

• • Outline real examples of how the Cures Act can create additional liability for providers and/or healthcare organizations
• • Summarize recommendations or best practices to limit exposure for each example presented that illustrates liability concerns with the Cures Act
• • Discuss strategies that risk managers can utilize to assist and educate providers in navigating these challenges