How much do you know about electronic health records?

Take our quiz to help you find out.

By Practice Research & Policy Staff

March 28, 2013—Electronic health records (EHRs) are designed to replace a patient’s paper record while integrating care across practice settings. As health care reform moves forward with an emphasis on integrated care, the ability for mental health professionals to collaborate with other health providers across practice settings will be critical to participation in the health care system.

The following quiz was presented at the 30th annual State Leadership Conference held March 9-12 in Washington, D.C. in order to highlight some core components of EHRs and to raise awareness of professional considerations when transitioning from paper records to EHRs.

  1. The primary difference between office management software (OMS) and an EHR is: 


    1. The applicability of standards related to the Health Insurance Portability and Accountability Act (HIPAA) and The Health Information Technology for Economic and Clinical Health (HITECH) Act 

    2. The capacity for interoperability 

    3. Billing functionality 

    4. User-based access functions

The correct answer is B. EHRs are intended to share information across practice disciplines and settings, and to enable interconnectivity for clinical and treatment purposes. This capacity is known as interoperability. Office management systems provide electronic business management and data storage, and they can support electronic billing. But an OMS is not interoperable with other office management systems or EHRs. 

  1. Many EHRs now offer mobile applications (“apps”) that allow providers to access patient records on a smart phone, iPad or similar mobile device. HIPAA and HITECH require a psychologist using such apps to take precautions to ensure that “protected health information” (PHI) remains secure. PHI includes which of the following: 


    1. A patient’s phone number 

    2. A patient’s insurance information

    3. Text messages to/from the patient

    4. A patient’s medical record number

    5. None of the above

    6. All of the above

The correct answer is F. All four items are considered protected health information (PHI).  The development of new technology facilitates access to records on the go, and  mobile devices such as cell phones and tablets often allow access to PHI. Therefore, it’s up to the provider to ensure that their mobile devices remain locked when not in use and that the information contained therein is encrypted. 

  1. What can you do in order to safeguard your mobile device or tablet against a potential breach? 


    1. Make sure that you are accessing records through a secure wireless (wi-fi) internet connection 

    2. Ensure that your data is encrypted 

    3. Deactivate mobile-to-mobile sharing functions on your device 

    4. None of the above 

    5. All of the above

The correct answer is E. In addition to these three precautions, additional measures include password protecting all devices and using an application or software that can remotely remove or delete all patient data in the event the device is lost or stolen. 

  1. True or False: Role-based access for EHRs means that all practitioners who have the same role in a practice use the same login credentials — the same username and password — to access and amend patient records. 


    1. True 

    2. False

The correct answer is False. The concept of “role-based access” for EHRs relates to who can access what levels of information in a patient’s record.  In EHRs, each provider and practice staffer with access to patient records retains his or her own unique login credentials. Role-based access allows system users to access only the information they need in order to perform their jobs. For example, a practitioner requires access to a different level of information than does an administrative assistant.

  1. Data segmentation refers to: 


    1. Separating patient data within your EHR to make it easier for you to find 

    2. Using separate billing codes for different patient diagnoses 

    3. Identifying which portion of your patient’s records may be shared with other providers 

    4. The ways in which EHR user roles are defined

The correct answer is C. Data segmentation allows for specific parts of the patient’s record to be shared with practitioners across disciplines who have been identified as needing to know the information. This level of customizability differs between various types of EHR software and is often implemented as the result of dialogue involving the practitioner, the EHR vendor and the patient. In the event of an emergency, such as hospitalization when the psychologist is unavailable, data segmentation can be suspended so providers can access additional needed data. Any access to a patient’s record would leave an electronic “paper trail” indicating who accessed a patient’s record, what was viewed and when it was accessed.

For more information on EHRs, stay tuned for the Spring/Summer 2013 issue of Good Practice magazine.