The following appeared a few days ago.
When EHRs Meet Malpractice Suits: New Concerns
Electronic health record data stores bring legal liability fears, logistical headaches for healthcare organizations, attorneys say.
By Neil Versel, InformationWeek
August 17, 2011
An electronic health record (EHR) is more than just an electronic representation of a paper chart. It is a legal representation of a patient's medical condition and treatment at a given point in time, one that could be admissible in court. And that could present a whole new set of challenges for healthcare organizations.
"There is no guide out there to walk people through all that changes with an EHR," Adam Greene, a Washington, D.C.-based partner in the law firm of Davis Wright Tremaine, said this week at the American Health Information Management Association (AHIMA) Legal EHR Summit in Chicago.
EHRs make patient information more readily accessible to far more people than any paper chart stashed away in a filing room. They also change how and to what extent medical professionals document patient encounters and add in safety-related features such as clinical decision support.
"There are all sorts of liability fears with all these improvements," Greene told InformationWeek Healthcare. The Health Insurance Portability and Accountability Act privacy and security rules require anyone that handles electronic healthcare data to keep an audit log of access to any personally identifiable information, and records have helped organizations catch employees taking unauthorized looks at patient records--sometimes also landing the organizations themselves in hot water.
Indeed, some worry that audit logs can reveal too much. "There are concerns by providers that access reports could be used in malpractice suits," Greene said.
In fact, such reports already are, according to Stacey Cischke, an attorney with Chicago firm Cassiday Schade who teaches a course in legal issues in e-health at Loyola University Chicago. "The scope of traditional discovery is expanded," Cischke said. "More and more courts are finding that metadata and access to the inner workings of the EHR system is relevant and discoverable."
The general public and even plaintiffs' attorneys do not always comprehend how EHRs work, Cischke added. Because there is so much to chart, physicians and nurses are rushed and things get missed. From the patient's perspective, all the doctor should have to do is click and check off boxes in a list, but, according to Cischke, physicians often are "overwhelmed" by time and economic pressures, and skip steps or simply forget to check some boxes. "The metadata will show this," Cischke said.
Much more here:
This report prompted me to think about few aspects of the PCEHR.
As I understand it in legal cases both written and electronic information are ‘discoverable’ within the legal process.
With this being the case, once proceedings are commenced it will be vital for both sides that the electronic information is reliable and trustworthy - and can be correctly interpreted.
From the point of view of the proposed PCEHR this means that the audit trail is able to correctly identify the user who made the entry in the record and to ensure the information has not been tampered with in any way.
This means that the only acceptable model for the PCEHR is one that uniquely and positively identifies the user (provider or consumer) - i.e. organisation and shared logons are not good enough - and that the system is not used until that can be achieved.
I do not think we have arrangements in place to handle this from feeding systems - maybe when NASH is actually delivered and fully implemented the situation will be fixed.
The only other possibility I can see is that the Government declare the PCEHR records to be privileged and not discoverable through legislation.
Note that this is important for both sides as getting a reliable view of all the facts is the first step to achieving justice - witness the effect of CSI etc.
So information provenance in the PCEHR must be assured and additionally once the Government takes on operating a PCEHR system it has a responsibility to maintain all the information over time and for quite extended periods. Failure to do could cause all sorts of problems.
It is also not clear how information sourced from primary systems will be treated vis a vis the secondary information held in the PCEHR - recognising, of course, the patient contributed information will be primarily sourced from the PCEHR. What to do when interpretations differ I will leave to legal experts.
There is also the issue of what is the ‘source of truth’ clinical document as compared to the document that was reviewed in the PCEHR and possibly acted upon.
We also need to understand what would be ‘reasonable care’ in assessing and judging the validity of some contents in a PCEHR. How entitled is a practitioner to rely on the contents and how do they confirm that view?
Second last there was a recent medico-legal submission on the PCEHR pointed out that there were situation where medico-legally the PCEHR might be forced to turn over information to the courts or lawyers against the wish of the patient. I wonder will there be a disclaimer when you sign up that this might happen?
Lastly there are sure to be issues around the quality and reliability of software that is operationalized and implemented in considerable haste. Who is responsible for errors and how does a complainant obtain access to system internals to check etc. etc.
The harder you think about this - the harder this becomes both for current systems and for the proposed PCEHR.
Does anyone know of any good legal writings on this topic? My brain starts to hurt just thinking about it!