Wow- interesting discussion! I wouldn't totally ignore the EULA, but I wouldn't give it the importance that some have stated. It should possibly be reworded as to alleviate some of the expressed concerns. You might wish to discuss this further in conference at the ACAC this summer. Just be sure that before you sign the contract that you have a way to access your records in the future should you have to switch to another EMR.
Nobody usually reads EULAs, and owners of the EMR software and their lawyers always try to make the EULA as far reaching as possible in case of future litigation, since there are no laws currently that really address this issue well. Although written by lawyers, the EULA frequently contains language that is purposely vague and at times, favors their clients (the owners) and may not be enforceable. The problem is, you don’t want to get into future expensive litigation with a software owner over contract law issues just because you ignored what the EULA stated. Most EMR owners will refuse to make concessions to what is in the EULA, and many, s.a. what I’ve read at emrupdate years ago with the likes of Praxis, will refuse to sign on with a purchaser if said purchaser refuses to accept the EULA. They don't frequently know what's in their own EULAs, so to do so would require consultation with their lawyers and could cause problems with other EMR clients.
An EMR (electronic medical record) is the organized collection of all records about an individual patient stored in the computer systems and databases of all the providers who have provided care to that patient. It conveys an interface to your property rightly owned by both the physician and the patient. It is up to you, the purchaser of an EMR to make sure that at the time of purchase, that you will have access to your data in an organized, readable manner should you decide to move on to another data interface ("EMR").
The Department of Health and Human Services' HIPAA Privacy Rule in 2002 gave patients more control and to examine their health information. Any entity that stands in the way of HIPAA could be legally held responsible to make that data available to both the physician and the patient.
As a programmer, I’ve seen that Jon makes the table data very accessible- just look at the addin that I wrote a few weeks back that accesses simple data- the patient last name, first name, date of birth and chart number easily. In the MS Access platform you can encrypt the database code by writing an “MDE” file, but the table data can usually be seen "in the raw" easily. You can encrypt it beginning with MS Access 2007, but that makes the data accession slower and can cause corruption, and again it's based on a password technology that can be broken. Any password that one applies can be broken by any number of password crackers out there that are available for either a small fee or for free. In fact, there now exists crackers to break into the MDE too… so not even the project code is 100% protected. You can even hide the tables, but a good programmer can extract the tables into a new “container” effortlessly.
So it comes down to who you are dealing with- if the owner of the software is credible, as is Jon, then at least for the short-term you have nothing to worry about. In the long-term, it’s a crapshoot. Heck, at emrupdate that is one of the things that I’ve argued over and over about- folks shouldn’t spend mega-bucks for an EMR for “protection”, as the enterprise EMRs have just as much chance of being bought out or going bankrupt as the smaller, cheaper EMRs. The only difference is that the end-user has more money at risk. Even CCHIT, which tries to guarantee “assurance” has had several EMRs on their list suffer financial troubles with one even going bankrupt within the first year of CCHIT's existence. Amazing Charts can be sold off to a totally new owner at which time you’ll have to reassess your EMR options. In fact, the odds are that it will happen. That is the nature of software industry.
So if in the far future you have problems with your EULA, you'll have to rely more on a programmer than with a lawyer, but you'll need both.
Cheers,
Al
Bibliography:
• “The Michigan EMR Initiative”,
http://www.memri.us/faq.html• “EMR Ownership Quesitons” ,
http://www.entrepreneur.com/tradejournals/article/166979199.html• “Digital Rights Management from a Consumer’s Perspective”,
http://www.obs.coe.int/oea_publ/iris/iris_plus/iplus8_2005.pdf.en
