Enduring CME Course: Are “Break-the-Glass” Functions Required for Employee EHR Access?

Activity ID

14685

Expires

November 4, 2027

Format Type

Enduring

CME Credit

0.25

Fee

$30

CME Provider: American Medical Association

Description of CME Course

Break-the-glass, or break-glass functions require an EHR user to enter additional authentication information and documentation of a specific business reason for accessing a patient record before they can enter a patient’s chart that is subject to heightened restrictions. The feature, which is enabled if an organization requests it from their EHR vendor, is intended to further ensure protected health information (PHI) privacy for certain types of patients by restricting access to only those individuals involved in the patient’s care. Many health care employees (and their immediate family members) are patients at the health systems in which they work, receiving health care services from physicians and other clinicians they may work with. Some organizations, in an effort to protect those patient records from unnecessary access by other employees, may institute heightened restrictions on all employee health records, as well as patient records for the employees’ immediate family members, requiring the additional step of using the “break-the-glass” function to access the record. Thus, there exists confusion whether there is a regulation that requires this of all organizations.

To earn full credit for this activity, you must review all accompanying resources, which have been curated to support your learning of the subject matter.

Disclaimers

1. This activity is accredited by the American Medical Association.
2. This activity is free to AMA members.

Register for this Activity