EMR and E-Discovery Part Five

October 11, 2017
Health Care Alert

In the final installment of our series, EMR and E-Discovery, author David Levitt discusses the need for healthcare institutions to develop a management strategy for patient care communications and its impact on standard of care.

Recap of Part Four:

I was once retained to draft hosting agreements for a healthcare system under which the healthcare system would, with the consent of the EMR vendor, provide access to the EMR software to individual medical groups and would host their records on the system’s servers. In the course of that work, I was advised of two points salient to the present discussion: (1) once the record was in the system, it was permanent. Even if the hosting agreement with the medical group expired or was terminated, medical records uploaded into the system up to that time would remain in the system; and (2) any practitioner who was treating a particular patient would have access to all records in the system applicable to that patient, not just those of the particular medical group.

This appeared to be a potential sea change. Before EMR, a physician might have access only to his or her own records on a patient. But after EMR, a cardiologist (for example) might have access not only to his own records, but to those of the internist, the dermatologist, and the gastro-enterologist as well.

Some years ago, I had a conversation with the general counsel of a large healthcare system about the tendency of medical practitioners to discuss patients via text messaging on their cell phones. This general counsel strongly believed that such communications were not part of the patient’s medical chart, and should not be captured or included in it.

Without making a value judgment on whether he was right or wrong, it is important that the use of communication methods outside of the EMR system itself at least be evaluated. It is commonplace in other areas of litigation where e-discovery is at issue for parties to have concerns about gathering information from the cell phones, personal computers, and other devices of appropriate custodians. Medical professionals who communicate about patient care using their own devices should likewise be concerned – and healthcare institutions should strategize on how to manage them.

Nor are communications among providers the only areas of concern. With the advent of patient portals, physicians and their staff communicate via messaging and emails with patients. Even without patient portals, email communications between the practice and the patient is an increasing phenomenon. Do these make it into the chart? Should they?

This goes beyond merely setting up systems to capture all relevant data from all relevant sources once an incident occurs that gives rise to the need to preserve data. It has the potential to impact patient care. If information relevant to that care is not available to others who access the EMR chart, because it was not pulled into the EMR system, the potential risk is clear. Healthcare systems would be well served by evaluating and developing policies, if they have not already, about whether such off-chart communications should or should not be allowed. If prohibited, are mechanisms in place to enforce the prohibition? If allowed, perhaps in recognition of the reality that use of personal devices for everything is becoming engrained in our culture in this century, strategies might need to be developed to capture that information and incorporate it into the EMR system so that it becomes part of the patient’s chart.

It is not too far-fetched to imagine a patient’s attorney demanding to see all of the records available to the physician, regardless of whether they are the physician’s own records on the patient – and then assert that the physician was at fault for failing to notice a particular entry on another physician’s chart that was not taken into account by the defendant/physician. The standard of care itself may be changed regarding information to be reviewed and evaluated by the practitioner in the course of providing treatment.

Plus, the inverse may also be true on some occasions: entries in another physician’s chart may indicate circumstances which, unknown to the defendant-physician, provide important information that assists the defense, showing (for example) that a given condition pre-existed the defendant’s involvement or conduct, or was not impacted by it.

Either way, healthcare and practitioners ought to plan ahead for these eventualities and be ahead of the curve. It is too late after the physician has given a deposition.

Final Thoughts

Healthcare institutions, in essence, should perform a readiness audit. Such an audit would create a roster of the EMR and metadata stored in each of the institution’s several EMR systems. Once performed, policies and procedures can be established regarding how to manage that roster – and while those policies and procedures would be generally applicable to all EMR software systems, variation should be anticipated as a result of the variations between products licensed from different vendors.

Additionally, we are proposing the creation of training and education systems for those professionals who interact with EMR systems. They need to know what remains static and what does not, what the records say about their access to the system, and what records other than their own they may need to review – both in terms of providing the best patient care and in terms of mitigating risk for both the patient and the professional. They, and their counsel in the event that a claim arises, need to know what the EMR system says about their interface or lack thereof before they commit to positions on the facts.