Yves here. I must confess to not having been sufficiently imaginative. From time to time, we’ve featured posts from Health Care Renewal on the considerable misuse of electronic health records, or EHRs. They offered the promise of much more accurate, consistently documented, and easy to examine patient histories. Instead, they were optimized for billing, not patient care. They’ve become a time sink for doctors and can degrade patient care by forcing the doctor to concentrate on pages of tick the box forms at the expense of examining the case before him.
Here we learn of a new offense: that hospitals are playing definitional games so as to withhold records from patients and the lawyers that represent them, particularly MD notes which can show changes in patient condition versus medical interventions. What is worse, as this post shows, a detailed letter to Mickey Tripathi, the Health and Human Services official responsible for health information technology, got a brush off from a minion.
I encourage concerned readers to write Tripathi and cc their Congresscritters. Merely a short note asking about his lack of interest in this violation of patient rights in the face of HIPAA complaints being ineffective might stir the pot. On issues where bureaucrats expect no one to be watching, it takes surprisingly few letters to get them nervous.
By Informatics MD. Originally published at Health Care Renewal
This exchange I had with the Office of the National Coordinator for Health IT (ONC) at HHS should be of interest. It comes from my now-12-plus years experience as forensic expert in EHR-related litigation:
———————–
April 19, 2023
Micky Tripathi, Ph.D., M.P.P.
National Coordinator for Health Information Technology
Health and Human Services
Washington, DC
Dear Dr. Tripathi,
I am a medical informatics specialist, former Yale NIH postdoctoral fellow 1992-94 and then faculty at the Yale Center for Medical Informatics. I am involved in medico-legal EHR forensics in recent years.
Being involved as an expert in a number of legal matters currently where discovery of electronic records, audit trails and note modifications has been ongoing for up to a decade due to misconceptions, judge confusion, and semantic abuses by the hospital sector has brought me to write to you.
I am writing to you regarding an issue I think ONC needs to comment upon and clarify nationally. The issue concerns EHR information blocking by numerous hospitals and lawyers.
I have experienced many examples where hospitals have arbitrarily defined their “designated record sets” to not include note modifications, and actual note entry times, which in the paper world were an immutable part of the paper record. (The actual entry times were reflected in the note sequence in the paper charts if not written explicitly by authors.) It should be noted that hospitals are taking significant liberties in defining the contents of the DRS so that they mirror the same exceptions of the “legal medical record” when responding to patient requests for their complete medical record.
The hospitals then do not produce note modifications and actual note entry times to patients on electronic record requests, and oftentimes resist requests from their legal representatives. I, in fact, know of a number of cases where this production failure has been ongoing for years, causing significant legal expense in court battles to obtain this information and where justice is thus delayed … or denied.
These actors seem to believe that electronic records reduce patients’ rights to this information compared to patients’ rights with paper records (regarding information that was inseparable from paper records), and that patients and their representatives should be blocked from receiving it in electronic record production.
I think it is self-evident that note changes and modifications in paper records are an immutable part of that paper record and must be produced to patients or the representatives as part of the medical records. Removing, altering or withholding note changes and modifications in paper records would be unquestionably misleading as well as improper spoliation of the records.
In paper records, note corrections through cross-out and user correction/annotation do not turn the original comments into metadata. They remain part of the primary records. Neither do note modifications in electronic records transform the original note into metadata; the modifications remain part of the primary records. Going electronic should not change patient’s rights to this information.
However, in electronic records note changes are usually not shown on the record printout, but only in an audit trail or special report. Hospitals maintain that such record changes including timing of medical record entries are metadata and/or part of an audit trail, and thus not subject to production on ordinary record requests based on their “designated record set” definitions. Production of this information is also often resisted on request of patients’ legal representatives, requiring much legal argument, educating judges on the issues, motions to compel, and wasted time and court resources.
The actual entry order of the notes themselves are also an immutable part of paper records, whereas in electronic records a user-selected display date and time are often used to order the chronologic print out of notes, obscuring the actual sequence of note entry. The actual record times oftentimes are not shown in the standard record printout.
Thus, without the patients’ rights to receive such data with a standard records request, medical care notes and entries can undetectably be entered late – hours, days, weeks or longer after clinical events – and patients and their representatives are misled about when such notes and entries were actually made.
The prevalent standard used by HHS for audit trails in healthcare information systems, ASTM E2147-18, mandates that certified EHRs capture this information – old versions of notes and identity of who changed them and when, and actual times of entry- in their audit trails. But this is being ignored by many healthcare entities in patient record requests.
ASTM E2147-18 Audit trail mandatory content (click to enlarge)
My question is this. Does ONC believe that the move to electronic records from paper records reduces patient’s rights to information such as note modifications and note entry times?
If so, why?
If not, a national clarification is needed from ONC to prevent this problem from continuing to occur.
I have also become aware of a member hospital of a larger national hospital chain’s defense team making the following statement about an EMR record where the forensic evidence is undeniable and shows, among other issues, deletion of an important note, but where the defense states to the court that the chart is fine. The case is of a mother whose child was grievously injured at birth. This statement was filed with the court this month:
“… it is this Defendant’s position that the medical records are subject to the business record exception and therefore are authenticated by virtue of the exception.”
This, of course, is a preposterous position regarding authenticity of electronic records, completely ignoring ASTM E2147-18 definitions on authentication and what that entails, but many judges do not know better.
This cannot continue.
Sincerely,
S. Silverstein
—————————————
A response came a few days later:
From: Marchesini, Kathryn (OS/ONC) <Kathryn.Marchesini@hhs.gov>
Date: Mon, Apr 24, 2023 at 3:35 PM
Subject: Re: Letter to ONC DirectorTripathi attached regarding legal issues and EMR information blocking
Cc: Tripathi, Micky (OS/ONC) <Micky.Tripathi@hhs.gov>
Dr. Silverstein:
Thank you for bringing this matter to our attention. From the information you shared with ONC, it seems your questions and concerns relate to the HIPAA Privacy Rule
If you believe that a HIPAA-covered entity or its business associate violated your (or someone else’s) health information privacy rights or committed another violation of the HIPAA Privacy, Security, or Breach Notification Rules, you may file a complaint with the HHS Office for Civil Rights (OCR).
Kind regards,
Kathryn
Kathryn Marchesini, JD, CISSP
Chief Privacy Officer
Office of the National Coordinator for Health IT (ONC)
U.S. Department of Health and Human Services
I responded back:
From: S Silverstein
Date: Tue, Apr 25, 2023 at 12:24 PM
Subject: Re: Letter to ONC DirectorTripathi attached regarding legal issues and EMR information blocking
To: Marchesini, Kathryn (OS/ONC) <Kathryn.Marchesini@hhs.gov>
Cc: Tripathi, Micky (OS/ONC) <Micky.Tripathi@hhs.gov>
Dear Ms Marchesini,
Thank you for your response.
I am aware of the link for filing complaints with the HHS OCR.
The problem I’m describing, however, is a bit different. It is far more pervasive than merely the cases I’ve been involved in, and has a straightforward solution.
What has been ongoing since I started forensics work in 2010 is systematic, ongoing, pervasive discovery abuse and even fraud by a multitude of hospitals and nursing homes in multiple states across this country. My colleagues report the same phenomena.
I’ve personally written dozens of affidavits in the litigation battles for production of complete records, audit trails and note modification histories. I’ve watched delay after delay after delay, wasteful of court resources and money. These battles should be completely unnecessary.
It’s a national problem.
A solution is clarification from ONC and HHS on hospitals obligations for EMR production, that can also educate the judiciary who can be swayed by the most absurd arguments for a healthcare organization’s failure to produce.
For instance, another preposterous claim I’ve heard on numerous occasions in litigation is that the 2010 version of 45 CFR 170.210 did not specifically command hospitals to store or retain note version histories, only user actions. Therefore, prior to the 2012 version (which called for adherence to ASTM E2147), hospitals claim they were given an open license to not store or delete the prior versions of altered notes, turn off that feature in their EHRs, or acquire EHR technology that lacked the capability.
Judges are generally unknowledgeable about these matters.
I hope we can agree that, regarding the 2010 version of 45 CFR 170.210 “Standards for health information technology to protect electronic health information created, maintained, and exchanged”, the stated key issue is:
Protection of health information and electronic medical record integrity.
The 2010 version of 45 CFR 170.210 does not explicitly state that audit trails must contain a note modification history.
However, this regulation could not reasonably be interpreted as overriding paper records standards of care that call for not obscuring or obliterating original versions of altered notes or documents, and giving license to hospitals to capriciously and freely obliterate previous versions of modified notes or documents. That is not protection, that is note destruction.
Such an interpretation is absurd, but is submitted with a straight face in court.
The 2010 version of 170.210 also could not reasonably be interpreted as overriding previous health care information system federal regulations from the very same Dept. of Health and Human Services that regulates hospital electronic medical records systems.
For example in pharma – 21 CFR part 11 of 1997 entitled “Food and Drug Administration, Department of Health and Human Services, ELECTRONIC RECORDS; ELECTRONIC SIGNATURES”, subpart B,
- 11.10 Controls for closed systems,
mandates at (e):
(e) Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. Record changes shall not obscure previously recorded information. Such audit trail documentation shall be retained for a period at least as long as that required for the subject electronic records and shall be available for agency review and copying.
Finally, in 2012 an update to 170.210 did specifically call for electronic medical record audit trails in hospitals to adhere to the ASTM E2147-09 health care audit trail standard of 2009. That standard specifies that in audit trails, pointers must be maintained to previous versions of altered information.
170.210 was later updated to the ASTM E2147-18 2018 version, which about audit trail content says the same as the 2009 version.
Clearly HHS’s intent was to maintain the same standard of care as in paper record keeping, and to not give license to hospitals to obliterate or destroy previous versions of altered notes or documents.
Simple statements from ONC clarifying hospital obligations with regard to production of medical records, note modifications, and other audit data not being optional nor subject to debate, could help resolve the situation that’s ongoing for many years. Discovery resistance is commonly known to EHR forensics specialists and trial lawyers.
The expenses to fight it come from injured patients’ or deceased patients’ family’s potential compensation – that is, when justice is not denied them through manipulation of the EHR discovery process.
Sincerely,
- Silverstein—————————————
I await a further response.
— SS
