The relevance of electronic medical records in Nigeria cannot be over-emphasized. However, implementing a functional and effective EMR system requires a collaborative and multi-faceted approach that addresses legal, technological, cultural, and organisational issues. Periodic but regular communication and collaboration among stakeholders are essential for a successful implementation.
There should also be inclusiveness that allows all parts of the country to be involved during the national discourse and implementation phases. Nigeria should also develop a policy for the meaningful use of EMRs to enhance healthcare delivery, improve efficiency, quality, and safety, and ensure the proper management of health information and patient data. Here are some steps that can be considered to develop a policy for using EMRs in Nigeria:
The first step is for government to evaluate its IT infrastructure for healthcare. There is a need to assess carefully the existing healthcare IT infrastructure in Nigeria, including the prevalence of EMR use, the level of technology adoption, digital literacy among healthcare providers, and the scope of any existing policies, guidelines, or regulations related to healthcare information technology.
To evaluate the current IT infrastructure in Nigeria, the following key points are worth considering: hardware and software, network infrastructure, interoperability, scalability and future readiness.
Army rescues Another Chibok girl, Lydia Simon
Borno approves N1.3bn scholarship for 997 nursing, midwifery students
There are five yardsticks that could be used to measure the level of the country’s readiness and scalability. First is the population growth and healthcare demand. Nigeria’s rapidly growing population and increasing demand for healthcare services should be taken into cognizance when designing EMR policies. Accordingly, the scalability of the EMR system to accommodate a larger patient population, more healthcare providers, and expanded healthcare facilities should be thoroughly and continually assessed.
The second factor is technological advancements. A policy should be implemented to support operators of EMRs to stay abreast of technological advancements in healthcare IT, such as cloud computing, artificial intelligence (AI), and the Internet of Things (IoT), and their potential impact on EMR systems. As part of a comprehensive pre-deployment evaluation, the scalability of the EMR infrastructure to leverage emerging technologies for improved data management, analytics, and patient care should be performed.
Thirdly, we must consider data volume and storage capacity. It is of considerable importance to evaluate the scalability of data storage infrastructure to accommodate increasing volumes of patient records, medical images, and other healthcare data over time. Appropriate scalable storage solutions should be considered, such as cloud-based storage or distributed storage architectures, to accommodate growing data requirements cost-effectively.
Also accessibility and mobility of the EMR. In light of Nigeria’s growing adoption of smartphones and other mobile devices for healthcare delivery, there is a need to evaluate the scalability of EMR systems to accommodate mobile access and telehealth services. EMR policies should, therefore, consider variations of user interfaces, connectivity needs, and scalability of mobile applications for remote healthcare delivery.
There must also be regulatory compliance and standards. It is highly advisable that EMR policies comply with regulatory requirements and standards for healthcare data management and privacy, such as the Nigerian Data Protection Regulation (NDPR) and international standards like HL7 and DICOM.
Assessment should be made of the scalability of compliance mechanisms and data security protocols to adapt to evolving regulatory frameworks and best practices. Another factor for consideration is training and capacity building. Investment needs to be made in training programmes and capacity-building initiatives to ensure that healthcare providers and IT professionals have the skills and knowledge to support the scalability and future readiness of EMR systems. This includes the provision of ongoing skill-based and hands-on education and support to address emerging challenges and opportunities in healthcare IT.
By prioritising scalability and future readiness in EMR policies, Nigeria can build a robust healthcare IT infrastructure that can adapt to the country’s evolving healthcare needs and technological advancements.
In order to implement a successful EMR system, there must be stakeholder engagement: Key stakeholders such as government health agencies, non-governmental health organizations, healthcare providers, IT professionals, regulatory bodies, patient advocacy groups, and other relevant entities should be involved in EMR pre- and post-deployment phases. Key stakeholders play crucial roles in EMR implementation in Nigeria. Healthcare providers are pivotal for user adoption and training, ensuring seamless integration into daily practices.
IT experts contribute by ensuring technical feasibility and system security. Government officials facilitate regulatory compliance and policy alignment. Patient involvement is essential for fostering awareness and addressing concerns, while vendors provide support and customization. Effective collaboration among these stakeholders ensures a holistic and successful EMR implementation in the Nigerian healthcare system.
Nigeria’s regulatory and legal framework needs to be reviewed to update existing healthcare laws and regulations that will accommodate the use of EMRs in Nigeria. There is a need to develop new regulations that address patient data security, privacy, and other legal considerations.
Establishing a robust legal framework for EMR implementation involves issues like Regulatory Compliance. The compliance is essential for EMR implementation in Nigeria to ensure the security, privacy, and integrity of patient health information. Some key aspects of regulatory compliance to consider include the following: Nigerian Data Protection Regulation (NDPR): Compliance with the provisions of the NDPR, which govern the processing of personal data in Nigeria, could easily be incorporated into the regulatory framework. That step will ascertain adherence of EMR systems to data protection principles such as lawful and fair processing, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.
Secondly, there is a need to look at the Health Information Privacy Laws. There are existing laws at the federal and state levels concerning privacy of health information which could be a significant source for the establishment of an EMR regulatory and compliance framework. In addition, elementary ethical standards, such as proper consent procedures for data sharing and processing, as well as shielding patient health information from unauthorized access, use, or disclosure should be included.
Another area for consideration is the Medical Records Management Guidelines: There are also established guidelines and standards for medical records management issued by regulatory bodies such as the Medical and Dental Council of Nigeria (MDCN) and the Health Records Officers Registration Board of Nigeria (HRORBN) which represent important sources that could be reviewed and harmonised to feed the EMR regulatory and legal framework based on recency, relevance and the need for flexibility and feasibility.
We must take a look at the Telemedicine Regulations. Adherence to all applicable rules and guidelines for telemedicine practice in Nigeria will be pertinent when integrating telemedicine services with the EMR system. These include standards for remote consultations and requirements for healthcare providers’ licenses. The general cybersecurity risks and vulnerabilities associated with EMR systems could be mitigated by implementing appropriate technical and organizational measures to safeguard patient health information. Currently, such risks could be reduced through Compliance with cybersecurity regulations and guidelines issued by regulatory bodies such as the National Information Technology Development Agency (NITDA) and the Nigerian Communications Commission (NCC).
Some of these cyber measures could be selectively incorporated into the EMR regulatory corpus. We cannot ignore the Electronic Transactions Laws. There are existing laws and regulations governing electronic transactions in Nigeria, and these could be applied selectively to electronic transactions involving medical records, such as electronic prescriptions and digital signatures.
Prof. Salihu is the CEO/DG of Kano Independent Research Centre (KIRCT), also known as ‘Pfizer Research Centre [email protected]