Legal Issues in the Implementation of Electronic Signature Systems

Legal Issues in the Implementation of Electronic Signature Systems
Sam G. Campbell, MSEE, BSE, BSBA; Gordon L. Gibby, MD, MSEE
Department of Anesthesiology, University of Florida

Introduction: Electronic signature systems use a code or other means to uniquely identify each physician having access to the system. The physician "signs" an electronic record by entering their code into the system. The system then verifies the code, making a notation in the record reviewed. A proposed extension to this method is the use of digital signature recognition, which validates signatures via analysis of stylus pressure. Potential benefits of electronic signature systems include:

• Enhanced availability/accessibility of authenticated information for healthcare and insurance providers;
• Reduced liability due to quicker release of finalized information and fewer delinquent records;
• Reduced turnaround times for reimbursement;
• Reduces costs in analyzing records for completeness;
• Fewer records sent to offices for attestation, decreasing latency in the release of finalized information.

An inquiry was conducted to determine the regulatory requirements of government and accreditation agencies regarding the implementation of electronic signature systems.

Method: All pertinent private and government agencies which promulgate standards relating to electronic signature systems were contacted to determine approval requirements. Standards documents were reviewed to ascertain the pertinent requirements. Requirements were then categorized and edited to provide a framework by which other healthcare providers might successfully seek approval in the implementation of such systems.

Results: Three agencies are of primary concern when seeking approval for electronic signature systems: The Joint Committee on Accreditation of Healthcare Organizations (JCAHO), the Health Care Financing Administration (HCFA, which administers the Medicare program) and the state agency administering Medicaid. The JCAHO's 1995 Accreditation Manual for Hospitals explicitly provides for electronic signatures in Standards IM7.9.1 and IM7.9.2, which restrict access to the physician's code and require each physician to sign a form to this effect. HCFA also allows the use of electronic signatures (Title 42, Code of Federal Regulations [CFR] 412.46 (Medical Review Requirements)), as does Medicaid (Title 42, CFR 482.24 (Medical Record Services)). Both HCFA and Medicaid review such systems on an ad hoc basis. These sources indicate that a framework for the use of electronic signatures should include:

• A Compliance Form making participants aware of the security issues in electronic signature systems;
• A Password Agreement addressing the administrative aspects of electronic signatures;
• Policies and procedures for the use of the above forms;
• Policies and procedures clearly identifying the infrastructure in place to insure security and authenticity.

The above elements must be provided to each agency. This submission should include all forms, and copies of all policies and procedures. Also required is a detailed statement describing the system in which the electronic signatures are to be used. Further, the framework should provide mechanisms which require the complete review of transcribed documents and allow for correction, do not allow verification until corrections are made (or it is noted that none are required), allow the author sole control over the affixing of the notation and allow a document's authentication to be determined.

Discussion: Several hospitals, including Shands Hospital and Jackson Memorial Hospital, have successfully implemented electronic signature systems in various departments. Further study is needed to quantitatively determine the benefits that accrue to healthcare providers employing electronic signatures.