Despite our rapidly-advancing digital age, obtaining a complete copy of an electronic medical record (EMR) can prove to be a significant challenge. Unlike paper records, which are commonly organized in a specific fashion, electronic records often make little sense when simply printed out. As discussed in earlier posts, a printed electronic record often uses excessive amounts of paper to record a limited amount of information. That information is rarely presented in a logical format. This causes attorneys and legal nurse consultants frustration in trying to understand the chronology of the patient’s care and the development of symptoms.
You may need a forensic data retrieval firm. Be sure to request all available data, including older paper records kept in storage. You want all of the relevant data from all core data sources, not just the ones that are easiest to print. Data can reside in obscure locations: Medical devices such as vacuum extractors in labor and delivery units may contain chips that store data, such as when the device was turned off and on. All of these forms of electronic data can provide critical information about the timing of events.
You might obtain a PHI (Protected Health Information) disclosure log, for example. This will give you the trail of where a medical record has gone. As a result, you may be able to track down other copies of the patient’s medical records for comparison.
To ensure that you're receiving complete data, ask each records provider for the physician’s orders as they originally appeared on the computer screen. The IT department may be reluctant to produce this information, because that may require the healthcare facility to print each screen individually. Plaintiff attorneys have been allowed into provider facilities (after negotiating with the opposing counsel and Risk Management) to view screens and determine which orders were relevant to a case. Another alternative is for the facility to supply read-only screenshots in PDF form so that the attorneys can see the exact images the provider saw. These documents are discoverable, and are not protected by peer privilege; they are medical records.
Audit Trails Help Pull Back the Curtain
As discussed in my last post, tampering with handwritten medical records can be fairly obvious. Electronic medical charts can be altered occurs, but detecting that requires digging into the electronic record.
An audit trail shows the way an electronic system captures changes made to a medical record. It records the who, what, and when of changes. The audit trail includes the additions, deletions, and edits for the time frame at issue. It identifies which people documented when. It also shows anyone who reviewed the record. You might see, for example, that a risk manager looked at a record shortly after an incident. The format of audit trails is specific to each software vendor.
A query audit trail or medical record review inquiry will provide even more information. The query audit trail or medical record review inquiry detail who looked at the medical record, when and for how long and whether the hard copy of the medical record left the medical records department.
On the provider side, the facility staff must have procedures in place to regularly review their records and ensure that audit logs are available and generating information. It's of paramount importance that current policies are effective and are protecting the integrity of each record.
You Have the Right to Request Audit Trails
Attorneys have the right to request audit trails. The Information Technology (IT) department is obligated to respond to the request in a user friendly/readable format. It might not be a straight narrative, but it has to be something that you can understand and interpret.
Healthcare facilities are required to retain patient data for six years; the time frame for litigation purposes is usually less than that. Be aware that records generated more than six years prior to your request may not be available.
Audit trails can span multiple systems; the information that’s housed at one facility may also be tracked at another facility. Although institutions aren’t allowed to make the cost of obtaining audit trails prohibitive, they do charge a fee. For this reason, attorneys won't always initially request audit trails. They may wait until they get further into the case to determine the need. Request for audit trails are usually based on a suspicion of record tampering or staff integrity.
Specify Your Request
If you think a case involves record tampering, your first step is to request the audit trail for that particular patient’s records. Some systems are able to provide a more finite audit trail, while others may provide an audit trail for several admissions as a batch file. In the latter case, you may have to weed out irrelevant content, but the IT department should be able to limit the information and provide records for only the patient in question. A narrow and specific request can expedite delivery and save you from unnecessary sorting on the your end.
Still, as with other medical records, you may receive an audit trail in an undesirable format. You might prefer the EMRs to be printed by medical department, or from earliest entry to most current entry, but the system may not be set up that way.
The audit trail parameters might include a range of dates, but not necessarily be by department. Information may be stored on different servers. The IT department may need to pull information from multiple places. Information may be collated by the patient’s name, dates of service and whatever other parameters they have to identify that patient. The software vendor—not the institution— basically sets the order in which information will print.
Watch the Metadata
The metadata is another piece of an audit trail. It’s actually the electronic fingerprint. IT uses metadata to track the information that you’re looking for in an audit trail. The metadata is the “data about the data,” and it shows how the computer was used and by which person. Every key stroke and deletion or any change made to this record is tracked in the metadata. You need to examine the metadata when you think there’s something wrong with the record: perhaps tampering or a questionable date or time entry.
Metadata analysis can be the key to a case. For example: One lawsuit was about a patient who hemorrhaged to death. The physician was named as a defendant, as were the nurses. The physician said, “The nurses never told me. I didn’t know. Nobody notified me. I had no idea she was bleeding. Nobody told me about the hemoglobin and hematocrit results.”
But analysis of the metadata showed the doctor, signed onto the computer in the operating room and pulled up the laboratory results. The screen was open for a minute before being closed, and on that screen were the laboratory results the doctor swore she hadn't seen. The physician was found negligent at trial, and the nurses were exonerated.
Mining Electronic Records
Electronic medical records, though initially vast and overwhelming, can contain key details that unlock cases. Knowing what to ask for and how to navigate through that content saves time and wins verdicts. The experts at Tanner Legal Nurse Consultants know how to wade through superfluous patient data and pinpoint vital evidence, better equipping you to serve your client.