This site is intended for health professionals only

Managing medical record risks

29 March 2012

Share this article

Lonsdale Medical Centre is situated in the heart of ‘leafy’ Tunbridge Wells. Our practice of 5,700 patients has a relatively young patient profile because we are close to the mainline railway station with easy access to London; untypically for the area, nearly 10% of our patients are Eastern European.

Information governance requirements have undoubtedly raised our awareness of risk surrounding the accuracy and security of medical records. We have become well versed in the need to record visitors coming in and out of the building, to log out of our PCs when unattended and to ensure that any memory sticks are encrypted.

Although it’s impossible to eliminate risk altogether in a rapidly changing technological environment, we must be constantly vigilant, assessing the likelihood of something untoward happening and balancing it against what measures are reasonable to implement (of course, the practice’s view of what is reasonable and realistic does not always necessarily match the view of the medical defence organisations).

The risks of managing medical records fall into four broad areas, with many facets to each. Below are some issues that that have been of particular concern and debate for us in our practice, and how we feel we can best address them.
Access to medical records

Access to sensitive information
It is an area of concern that everyone within the practice has had full access to patient records regardless of need. Access to different parts of a patient’s care record is largely dependent on your computer system.

Whereas our previous system was very crude in dealing with access issues, we have recently moved to a new clinical system, in which job roles and permissions are highly flexible and sophisticated and audit trails are clear. It will take a while to grapple with the complexities but eventually it will provide a much greater level of confidentiality.

Consent to share information
Another regular problem that can cause significant difficulties for receptionists has been when to share health information with anyone other than the patient and appropriate health professionals. We have been too reliant on receptionists knowing the patients. Here again, our new clinical system has the functionality to manage this much more effectively.

We have also been running a campaign to gather patients’ wishes regarding consent, contact details and their preferences. We have developed a form to gather the information so that we can add it to the patient record; the form has been made available at the reception desk, in the waiting room, in the consulting rooms and on our website. We are now debating the best way of storing the information on the system to make it easily accessible – there are various options, although unfortunately none of them are ideal.

Communicating patient information securely and capturing it for the record

We advertise the use of our generic email address for ordering repeat prescriptions, but we make it clear that email may not be a secure means of communication and it is not for medical enquiries – not only is there a risk of the email not getting to its intended recipient, but there is also a danger of patients wishing to discuss clinical advice inappropriately.

How to transfer information from email to patient record would pose difficulties and we would also be unlikely to get consistency of approach from the GPs.

Leaving telephone messages
This has been a particular area of contention. After much debate and upon taking advice, we have now blocked the ‘1471’ callback facility on all telephone lines (some patients do not receive incoming calls from withheld numbers, but on BT lines this can be over-ridden by prefixing the number with 1470).

Not only is it irritating when someone calls back and you don’t know who made the original call, but there is also a risk of someone else ringing back and being overly curious as to what the call was about.

We have also implemented a policy of not leaving messages unless the GP judges the message to be of such clinical importance that the benefits outweigh the disadvantages or unless the patient has been told to expect the call.
The other main instance where we have faced problems is when we have to change an appointment and it could seriously annoy the patient if they weren’t told. Our standard message in this circumstance is: “Please could you call [the receptionist] at the surgery. It is an administrative matter and nothing to be concerned about.”

Storage of medical records

Building security
Of particular concern was the easy access to consulting rooms at certain times. We have alternative-therapy providers on the second floor of our building so there is a steady stream of people passing by the consulting rooms.

Locums and trainees unfamiliar with practice policies have a tendency to leave their doors wide open. We have now added a point in our induction of new trainees to emphasise the need to close and lock their doors and we have placed a laminated sheet in our locum box reminding locums to close down the system, shut their doors and notify reception staff when they leave.

Taking records offsite
Patient summary printouts are taken for home visits but we have no process to ensure these are returned to the practice and shredded. We have not yet come up with a definitive policy, but one way of keeping track could be to create a log where summaries are signed out and back in again.

As more patient-specific referral and hospital admission information is being communicated electronically from outside the practice, we need to recognise the increased risks of these documents being accessed or downloaded inappropriately; it is imperative that all such documents are protected, either by password or encryption.

Migrating to a new clinical system
Implementation of a new clinical system poses a number of problems that can only be managed with considerable forethought and planning. After transferring from our old clinical system to another, we experienced early problems when patient contacts recorded on the old system would not be transferred to the new one. We had to ensure sufficient staffing to transfer the information as quickly as possible after going live. We also had to make sure that some significant entries, such as allergies, that didn’t transfer easily were mapped to the new system.

Although we had overviews prior to the go-live day and a long period of examining individual records to see how they would migrate, we had no real chance to test the system. This is where software suppliers could help more: key members of the practice should have full hands-on training days on a dummy system in advance of implementation.

Maintaining high-quality patient records

Managing policies concerning patient records
Practice managers face the difficulty of managing a multitude of ever-changing policies, many of which relate to patient records; some subjects are recurring themes at practice meetings and are under constant review.

Our medical defence organisation’s recommendation was to delegate the updating of the protocols to those who are affected most and who are most familiar with the procedures. So a competent receptionist could be responsible for updating the repeat prescribing and test results policies and the nurses could update some of the more clinically related policies and be responsible for communicating changes, once signed off by a GP.

At our practice we rely heavily on our internal messaging system, which allows very clear messaging for administrative and clinical purposes to any combination of practice staff. It is a much quicker, safer and more reliable method of communicating patient-related messages: if a receptionist needs to communicate, for example, a query about medication or a message from a district nurse to one of the GPs, once the GP has read the message it can be answered and then posted directly into the patient notes with a full audit trail. All messages can also be retrieved from the archive at any point.

Locums often have little or no knowledge of a practice’s procedures. My assistant will normally spend time with new locums to ensure they understand how to use the system. However, we need consistency of approach in entering consultations and making referrals. We have started preparing some summary guidance on essential processes and instructions on how to use other software tools, such as DORIS (see below), that we use to improve record keeping.

Implementing these and similar risk management actions will remain a challenge for us all until we address the difficulties faced by general practice in managing the plethora of regulations and demands. It is impossible to cope with new demands effectively while dealing with the operational functions of the practice.

Managers need to consider reconfiguring management structures to ensure adequate strategic management. We also need to exploit the increased communication between practices as new clinical commissioning groups (CCGs) take hold in England, and share much more management, as well as clinical, practice.

One example of this in our area is the development of a searchable database, DORIS (Document Organisation, Referral and Information Service); it has a comprehensive address book and essential information on locally developed pathways, referral forms, patient leaflets and practice administrative documents.

The newly formed West Kent and Weald CCG has recognised the benefits of a shared central information store and funds the DORIS licence fees, as well as the ongoing data input and maintenance costs. Instead of 53 practices spending a lot of time individually trying (and often failing) to keep track of the information, it is loaded in one place and is accessible to everyone within the CCG. Patient care is standardised, forms can be completed online, automatically populated with patient and referrer details and attached directly to patient notes – another process that allows for safer medical record management.

Kate Harlow is Practice Manager of Lonsdale Medical Centre in Tunbridge Wells, Kent, where she has worked for 14 years.

Managing your practice’s risks – medical records

Kate Taylor, Clinical Risk Manager, Medical Protection Society (MPS) looks at common issues in general practice regarding medical records and suggests practical ways to manage these risks…

General practices face many challenges and dilemmas on a daily basis, which involves a mix of juggling priorities and ‘fire-fighting’. Analysis of more than 150 MPS Clinical Risk Self Assessments (CRSAs) of general practices in 2011 highlighted that 87% of practices faced risks with record keeping, which was one of the top five key risk areas for general practices (other risks included confidentiality, communication, health and safety, and prescribing).


One of the key issues is that the effective management of medical records is often compromised by a lack of system and processes. There is also an element of human error involved in the management of medical records, perhaps increasingly so due to the demands and complexities facing general practice.
Looking more closely at the issues of medical records and record keeping, analysis of MPS’s CRSA 2010 data identified the following specific risks:

Home visits
Many clinicians work part-time, which might invoke risks with undertaking home visits on the way home from the practice, and then not recording in the patient’s medical record until the following day or often several days later. This can leave the clinician susceptible to forget to record the clinical consultation at all.

Home visits should ideally be recorded in the patient’s medical record as soon as possible after the home visits. The GMC Good Medical Practice states: “Make records at the same time as the events you are recording or as soon as possible afterwards.”(1)

Consider developing a policy that states that all doctors must return to the practice to complete the medical records following a home visit. Doctors should record their notes as soon as possible after a home visit. Ideally these notes should be made directly into the computer clinical record.

One way to address this issue is to undertake an audit. MPS encourages practices proactively to audit their record systems to ensure all home visits have been recorded onto the computer.

Computer back-up issues
The Department of Health’s Good Practice Guidelines for GP electronic records outline that computer back-up tapes should be stored in a fireproof safe in the practice.(2) MPS regularly identifies that practices also hold an additional set offsite, often in a domestic environment. These tapes contain all the practice information and are confidential records. If the tapes were misplaced or stolen, the organisation could face possible action for failing to protect patient information.

It is vitally important that these tapes are both encrypted and kept securely offsite, ideally by providing a safe within the relevant domestic environment, often the practice manager’s home.

We have found that many practices have now moved to remote back-up with their software supplier, mitigating the need to keep backup tapes at all.

Recording information in the wrong patient record

Patient identification is a common area of risk seen by MPS in many different contexts within general practice, mainly as follows:

  • Incorrect patient identification at the time of making an appointment, risking breach of confidentiality and clinical error.
  • Letters scanned into the wrong patient’s record, resulting in problems if the information was not deleted and a patient requested sight of their medical records; third-party information would be available, breaching confidentiality.
  • Management of hospital and other clinical letters – in MPS’s experience, many practices have moved to an entirely electronic process, which has proved beneficial.

The implications of misidentification of patients should not be underestimated; many practices now have a patient identification policy, which assists in risk reduction and avoidance of potential harm to patients.

Staff not always logging telephone consultations in patients’ medical records
Practices contact patients via the telephone in many situations, which are not always documented as part of the patients’ medical records. It is vitally important that all telephone consultations are contemporaneously documented.

Patients’ records not up-to-date
From the risk assessments, it was noted that some practices had incomplete medical records, for example not all records were summarised, clinicians were not recording telephone encounters etc. Complete and contemporaneous medical records, whether electronic or handwritten, are essential for the maintenance of good-quality care and are needed if a complaint or claim is made. Regulatory and judicial bodies may take the quality of the record as an indication of the care provided to the patient.

In Good Medical Practice, the GMC states: “In providing care you must… keep clear, accurate and legible records, reporting the relevant clinical findings, the decisions made, the information given to patients, and any drugs prescribed or other investigation or treatment; make records at the same time as the events you are recording or as soon as possible afterwards.”(1)

The issue of medical records can pose significant risks, but as highlighted by the Tunbridge Wells practice, practical and effective measures can easily be put in place to minimise your risk and benefit your practice.

1. General Medical Council. Good Medical Practice. London: GMC; 2006. Available from:
2. Department of Health. The Good Practice Guidelines for GP electronic patient records. London: DH; 2011. Available from:…