E-Discovery in Medical Liability Claims
Part 1: Complying With E-Discovery Requests
After a medical malpractice lawsuit is filed, attorneys for both parties begin a process referred to as “discovery.” In the pretrial phase of discovery, attorneys gather information about the facts of the case. The widespread use of Electronically Stored Information (ESI) has resulted in parts of the process now being referred to as e-discovery. In medical liability claims, patient records are a key part of e-discovery. You may want to take steps now to ensure that your office is prepared to respond to an e-discovery request.
In 2006, the Federal Rules of Civil Procedure were revised to reflect the role of ESI in civil litigation. Rule 34 of the Federal Rules of Civil Procedure addresses producing documents or electronically stored information, and more specifically, Rule 34(b)(2)(E) (ii) provides: “If a request does not specify a form for producing electronically stored information, a party must produce it in a form or forms in which it is ordinarily maintained or in a reasonably usable form or forms . . . .”[1]
If you receive an e-discovery request specifying that patient records be submitted in an electronic format, how should you transmit the information to the requesting attorney?
In 2015, the Office of the National Coordinator for Health Information Technology (ONC) issued guidelines to enhance the interoperability of Electronic Health Records (EHRs) among health providers, laboratories, and payors. The guidelines recommend that EHRs utilize the Consolidated-Clinical Documents Architecture (C-CDA) markup standard. C-CDA defines how EHR data should be encoded. Ask your EHR provider if their system conforms to this standard, which will reduce the potential of format incompatibilities during e-discovery.
When responding to an e-discovery request, provide records only for the dates indicated. Check with your EHR provider about the correct method for extracting and saving a patient’s electronic records. Let the provider know that you need to save everything in the record (for a given date range) including lab results, consultant reports, medications, emergency room visits, and any other medical details in the patient’s record.
Verify that your office has a process for incorporating the following information into the patient’s record and including it in a response to an e-discovery request: 1) Notes detailing phone interactions with patients; 2) Secure text messaging with patients that include both sides of the conversation as well as the dates; 3) Email interactions with patients; and 4) Information provided by any digital medical device used to monitor and treat patients.
A key reason plaintiff attorneys request patient records in electronic format is that they want access to the “meta-data.” See Part II of this article, What Your EHR Knows Can Hurt You for a discussion of metadata.
If an e-discovery request does not specify “electronic records,” it may be acceptable to submit printed records. However, be aware that printouts of a patient’s EHR may not display the information in the interactive format in which it was originally viewed. Printed records may not show drop-down menu choices or alerts, and the printout may skip pages that contain important information about the patient’s care and your treatment decisions.
As part of your office’s preparation for responding to e-discovery requests, you may want to test the accuracy of your EHR’s printing capability. The following test is best performed by someone with full access to patient records and medical knowledge.
- Select a patient with a complex medical history that includes multiple referrals and a variety of laboratory testing.
- Print the patient’s records as if you were doing so to fulfill an e-discovery request.
- Review the printouts and compare them to the EHR. Pay particular attention to drop-down menus and alerts. Look for other details that may show on the EHR screen but not be reflected in the printouts.
- Check the page numbering to be sure no page numbers are missing and no blank pages (with or without numbers) are printed. Do not ignore blank pages. These pages could be used by a plaintiff attorney to suggest that information was deleted from the record. If the record prints without page numbers, let your EHR provider know that you need this capability.
- Create a list of any patient information or portions of the record that do not print. Tell your EHR provider that you need the capability to print all relevant information contained in the EHR. (If you give the EHR provider the sample printouts, be sure they have signed a Business Associate Agreement. You may want to redact the patient name, address, birthdate, social security number, and health insurance information.)
- After the EHR provider creates an upgrade, conduct a second test.
If the EHR provider cannot resolve printing problems, create a log of the discrepancies between the printed record and the EHR. In the event of a claim, lawsuit, or records request, let your attorney and/or Medical Mutual know about the problem before you fulfill any e-discovery request.
Once you have prepared the data requested, if you plan to send it via email or through a portal, be certain this method is secure and does not violate HIPAA. It may be best to put the information on a flash (thumb) drive and encrypt the drive with a password. Deliver the drive to the party who requested it, and ask the person to call your office to obtain the password. Be sure at least two people in your office know the password and that they identify the person to whom it is provided.
It is a good idea for your office to establish a procedure for responding to e-discovery requests. Your IT advisor and EHR provider can assist you in creating the plan.
Additonally, if you receive a request from an attorney for copies of a patient’s EHR record and are uncertain how to proceed, contact our Risk Management Department at 800-492-0193.
Sources
Office of the National Coordinator for Health Information. 2015 Edition. Accessed Feb. 28, 2019.
https://www.healthit.gov/topic/certification-ehrs/2015-edition
Office of the National Coordinator for Health Information. Implementing Consolidated-Clinical Document Architecture (C-CDA) for Meaningful Use Stage 2. Accessed Feb. 28, 2019.
https://www.healthit.gov/sites/default/files/c-cda_and_meaningfulusecertification.pdf
Practice Fusion Understanding the C-CDA Standard for Meaningful Use EHR Certification. April 11, 2014. Accessed Feb. 28, 2019.
https://www.practicefusion.com/blog/understanding-c-cda-standard-ehr-certification-meaningful-use/
American Society for Health Care Risk Management. EHRs and e-Discovery Evolving Expectations. Accessed Feb. 28, 2019.
https://forum.ashrm.org/2018/04/04/ehrs-and-e-discovery-evolving-expectations/
Nephrology News & Issues. Best practices for mitigating the risks of EMR eDiscovery. Nov. 17, 2017. Accessed Feb. 28, 2019.
Oregon Health & Science University. E-Discovery, EHR and Medical Liability. Accessed Feb. 28, 2019. http://www.clinfowiki.org/wiki/index.php/E-Discovery,_EHR_and_Medical_Liability
[1]Cornell Law School, Legal Information Institute. https://www.law.cornell.edu/rules/frcp/rule_34. Accessed February 28, 2019.
