Professional Standards

Preamble

This professional standard replaces the Patient medical record professional standard 

This professional standard sets out the expectations regarding the management of patient medical records. In addition to this standard, physicians must comply with all legislative, ethical, and regulatory requirements related to the patient medical record, including but not limited to the requirements set out in the Personal Health Information Privacy and Access Act (PHIPAA).  

This professional standard applies to all individuals registered with the College. For ease of reading, we have used the term physician(s) to refer to all individuals registered with the College.  

This professional standard applies to both paper and electronic medical records. 

For the purposes of this professional standard, a reference to medical records includes Personal Health Information as defined in the Personal Health Information Privacy and Access Act.  

Institutional settings

Where this standard imposes requirements more onerous than those of the institution, then the more onerous requirements in this standard must be followed. However, where this standard imposes requirements less onerous than those of the institution, then the more onerous institutional requirements must be followed. 

Group or collaborative practice settings 

A group or collaborative practice setting exists when any of the following factors are met:

  • The physician is practicing in a setting where there are multiple contributors to a record-keeping system (e.g., a group or interdisciplinary practice, settings with a shared electronic medical record),
  • The physician is not the owner of the practice, or
  • The practice setting is considered a group medical practice (i.e., multiple registrants practicing in association).

When a physician practices in a group or collaborative setting, they must have a written agreement that establishes:

  1. who is the custodian of the patient medical records,
  2. who becomes the custodian in the event a physician leaves or closes their practice,
  3. Sets out roles and responsibilities, with respect to patient medical records, regarding:
    1. Privacy;
    2. Security;
    3. Storage of records;
    4. Retention of records;
    5. Destruction of records; and
    6. Enduring access for physicians and patients.

Content of patient medical records 

A physician must document in the patient medical record all encounters and communications related to clinical care. This includes encounters and communications that do not occur in person (i.e. telephone, email, digital or virtual means). The type of encounter or communication must also be documented in the patient medical record.

A physician must document the entries as soon as possible after the patient encounters. Patient records must be kept in a systematic manner which maintains security from unauthorized access. The documentation must be clear and legible. Abbreviations should not be used unless they are universally accepted. If the patient's medical record is in an electronic database, it must be available to be produced in hard copy. 

A physician must ensure that each patient medical record contains the following information: 

  1. Identification and contact information, including:
    1. Patient’s name,
    2. Address,
    3. Date of birth,
    4. Gender,
    5. Telephone number,
    6. Health card number, and
    7. An emergency contact person if applicable.
  2. A cumulative patient profile, including:
    1. Documentation of each treatment prescribed or administered by the member,
    2. Ongoing health conditions and identified risk factors,
    3. Medical history, including family medical history,
    4. Presenting concern, relevant findings, assessment, and plan,
    5. Details of each medical examination done by the member, including any investigations ordered and the investigation reports. If the investigation reports are available in a provincial database, the physician is not required to transfer these reports into the patient medical record. However, the physician must document the results of the investigations in the patient's medical chart,
    6. A record of professional advice given by the member,and
    7. Details of any referral made by the member.
  3. Information about referrals, consultation, and collaboration with other health care providers, including:
    1. For a consultation, the name and address of the primary care physician and of any health professional who referred the patient.
    2. Every report received respecting the patient from another member or health professional.

Patient access to medical records 

A physician must provide the patient with timely access to their medical records.  In accordance with the Personal Health Information Privacy and Access Act, the patient is entitled to examine or receive a copy of their medical records. The physician should familiarize themselves with the concept of “custodian” and their full obligations under the Personal Health Information Privacy and Access Act. Some of these obligations include:  

  1. A custodian shall respond to a request as promptly as required in the circumstances, but no later than 30 business days after receiving it, unless the time limit for responding is extended under the Personal Health Information Privacy and Access Act.
  2. A custodian shall confirm the identity of the person making the request and ensure they are legally entitled to receive the information.
  3. A custodian shall take reasonable steps to ensure that any medical records intended for an individual is received only by that individual.
  4. A custodian shall, on request, provide assistance to an individual in reviewing their medical records

Denial of access 

The Personal Health Information Privacy and Access Act contains an exhaustive list of instances where the physician may deny a patient access to their medical records, or a portion of their medical records. The physician should familiarize themselves with this list. Below are some of the most common circumstances: 

  1. Disclosure of information would create a risk of harm to the patient or others.
  2. Disclosure of the information would reveal Personal Health Information about another person who has not consented to disclosure.
  3. There is a clear sense that information provided by a third party (such as a family member) was done so in confidence.

Fees 

When responding to a request for medical records, a custodian may charge fees in accordance with Regulation 2010-112 under the Personal Health Information Privacy and Access Act.  

The custodian must consider the personal circumstances of the individual making the request. A custodian may waive all or part of the fees if they are satisfied that payment would impose an unreasonable financial hardship on the individual. 

Requests for records by third parties

When considering requests for records by third parties, consider first the wellbeing of the patient. Failure to respond to requests for records in a timely manner may negatively impact the patient’s physical, emotional and financial wellbeing. 

Keeping in mind the above paragraph, a physician must: 

  1. Always ensure to respond in a timeline that is appropriate considering the circumstances. Generally speaking, requests for records should be honored within 30 days or less if it is in the patient’s best interest to do so,
  2. Only transfer copies of patient records to a third party when they have the explicit consent of the patient, the patient’s legal representative, or where they are otherwise permitted or required by law to do so, 
  3. Transfer patient records in a secure manner, and 
  4. Document the date and method of transfer in the original patient medical record.  

Correction of medical records 

Original entries in patient records must not be altered after the entry is made. However, the Personal Health Information Privacy and Access Act does provide a mechanism for patients to request corrections to their records, as follows:  

  1. If the physician agrees with the suggested correction, it should be in the form of an addendum to the record, so the fact of the change is clear.   
  2. If the physician objects to the request for a correction, such objection must be recorded and become part of the patient’s record.
  3. If a correction, or refusal of a correction, occurs following the transfer of information to another party, the latter must be advised of the change or the physician’s refusal.

Retention of records 

A physician is required to retain the original patient medical records for medico-legal reasons as follows:

  1. Records should be retained for 10 years after the patient is last seen.   
  2. In the case of minors, records should be retained for 10 years after the patient has been last seen, or until the patient attains 21 years of age, whichever is longest. 
  3. In the case of deceased patients, records should be retained for 10 years after the patient was last seen.

The physician must maintain a list of each destroyed record, with a description of the period covered in the record. This list must be maintained for as long as there is a possibility that a patient whose records were destroyed could request them. This obligation continues even after the physician has closed or left their practice.

Closing or leaving a practice 

A physician that closes their practice, whether planned or unexpectedly, must ensure appropriate storage and access to patient records. The physician is required to meet the requirements set out in the Closing or leaving a practice professional standard

ACKNOWLEDGEMENTS

CPSNB acknowledges the assistance of the College of Physicians and Surgeons of Nova Scotia, the College of Physicians and Surgeons of Ontario, the College of Physicians and Surgeons of Alberta, and the College of Physicians and Surgeons of Manitoba in preparing this document.  

APPROVALS

Initial adoption date: April 1996
Version: 5
Amendments: April 1, 2025

REVIEW DATE

March 2028