Hospital Accreditation Requirements

Technically, the Joint Commission on Accreditation of Healthcare Organizations (JCAHO) is a voluntary organization, and JCAHO accreditation is voluntary. JCAHO accreditation standards, however, are incorporated in some state hospital licensure laws, at least in part,28 and a hospital is deemed to meet certain Medicare conditions of participation if it holds JCAHO accreditation.29

Although JCAHO accreditation standards do not explicitly address required media for record keeping and storage, they assume that a hospital may participate in an automated medical record data processing system. JCAHO standards permit authentication of medical records by computer key.

The JCAHO requires that all medical records be accurate, accessible, authenticated, organized, confidential, secure, current, legible, and complete.30 A computer-based medical record system can meet JCAHO standards if the system is properly designed and maintained and if medical records are otherwise properly completed.

Patient Rights Issues

Right of Privacy

The Federal Privacy Act and similar acts in many states provide assurance that patient records held by the federal government and governments of states that have enacted privacy legislation will not be disclosed to third parties without the patient's consent, except under defined circumstances.31 However, privacy of patient records in other states and in the private sector is governed by a crazy quilt of statutory, regulatory, and common-law rules and is often inadequately protected. 32

Growing demands for information contained in patient records pose an ever-increasing threat to patient privacy. Such demands come not only


See, e.g., the following regulations, which incorporate JCAHO standards for medical records into state hospital licensure requirements: N.H. Code of Admin. Rules, Part He-P802 (1986); R.I. Rules and Regulations for Licensing of Hospitals §25.7; Rules and Regs. for the Licensure of Hospitals in Virginia §208.5 (1982).


42 U.S.C. §1395bb.


Joint Commission on Accreditation of Healthcare Organizations, "Medical Record Services (MR)," Accreditation Manual for Hospitals (Chicago: 1990).


5 U.S.C. §552a.


The threats to patient privacy posed by increased use of computers for health records were detailed by Alan F. Westin in Computers, Health Records and Citizen Rights (Washington, D.C: U.S. Government Printing Office, 1976).

The National Academies of Sciences, Engineering, and Medicine
500 Fifth St. N.W. | Washington, D.C. 20001

Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement