EHR Forensic Expert Witness
EMR Audit Trails are complex and require detailed understanding of Standards in the HITECH Act
Developing an effective electronic discovery strategy for fraud, personal injury, medical malpractice, and HIPAA breach litigation
Finding an EHR Forensic Expert Witness: Electronic Medical Record experts can assist in developing electronic discovery strategies.
- Contrary to popular belief, EHR audit trails are only one component of a multi-faceted electronic health record forensic audit.
- Depending on the clinical context in medical malpractice, Standard of Care, and medical billing fraud, several Standards may be relevant. (See information regarding the HITECH Act and Meaningful Use).
- Electronic Medical Record Audit trails ( EMR Audit Trail), also known as Electronic Health Record audit trail ( EHR audit trail), are useful in determining whether Protected Health Information (PHI) was accessed and viewed improperly.
- The HITECH Act requires Safeguards that may be examined using a competent forensic expert.
- Stimulus funds paid to Medicare and Medicaid providers
- Medicare stimulus funds paid to Eligible Providers and Eligible Hospitals for attesting that they met the HITECH Act Safeguards as well as Standards regarding audit logs and other forensic provisions. The financial amounts of these payments were significant for large health systems.
- Similarly, state Medicaid paid stimulus funds to contracted providers in a given state who similarly attested under the HITECH Act and Meaningful Use.
- If the attestation was made but inaccurate, health care providers could be subject to penalties under the False Claims Act.
- Importantly, clinical decision support and medication alerts such as drug-drug interactions may be audited as they are relevant in the medical decision-making process of treating clinicians.
- An electronic medical record audit trail expert witness should be able to articulate the Standards pertaining to raw data, reporting and data elements commonly found in an audit log
- Electronic health record audit logs have also been useful in cases of elder abuse, and alleged failure to stabilize a patient under EMTALA.
- Recent studies published by the Journal of the American Medical Association (JAMA Internal Medicine) indicate that data provenance logs can use used to determine whether information was typed in, automatically integrated from another healthcare EHR, prescribing or imaging system for example. Data provenance logs may also be used to determine if a healthcare provider copied and pasted information from a progress noted another chart. Not all E.H.R.s have provenance logs, however. This type of medical documentation electronic plagiarism has increased with the advent of electronic health records.
Electronic Health Record Data Forensic Audits
An EHR Forensic Expert Witness may be useful in fraud cases and medical malpractice cases.
- As a result of the HITECH Act of 2009, the majority of hospitals and outpatient facilities use EHRs.
- The quid pro quo to access a portion of the $30 billion in stimulus funds is that hospitals and physicians must attest under penalty of perjury that they have become meaningful users of EHRs.
- The EHR has anti-tamper capabilities.
- A skilled Expert Witness in Electronic Health Records can use this as a forensic platform to extract data for fraud, medical malpractice, and Qui Tam False Claims Act cases.
- Audits may reveal whether the eligible hospital or eligible provider properly configured their system before petitioning for stimulus funds.
- A false statement may lead to a qui tam investigation by the Government, whether DOJ, HHS OIG or HHS OCR.
- HIPAA Breaches have also been sentinel events that trigger Federal Audits.
Additionally, medical necessity is determined by clinical documentation which is now stored in electronic health records. How procedures are documented and coded and ultimately reimbursed will depend on three things:
- The quality of the coding is based on ICD-10 CM diagnosis codes for all HIPAA Covered Entities, and ICD-10 PCS for all HIPAA Covered Entities who bill for inpatient medical procedures.
- Clinical documentation that supports the condition of the patient (diagnosis) and the resulting medical procedures
- The system of record that contains discrete data supporting the documentation, better known as an electronic health record (EHR) or electronic medical record (EMR) and whether the system of record and audit trail match the documentation.
Litigation Discovery and the EHR Forensic Expert – Plaintiff Perspective
The HITECH Act amplifies HIPAA and provides for penalties for failure to comply. Therefore with respect to litigation discovery:
- If a healthcare provider defendant refuses to produce information that in the plaintiffs view as pertinent to litigation, the defendant could be found to be non-compliant with the HITECH Act.
- 45 CFR Part 160 RIN 0991–AB55 HIPAA Administrative Simplification: Enforcement provides, “The Secretary of the Department of Health and Human Services (HHS) adopts this interim final rule to conform the enforcement regulations promulgated under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to the effective statutory revisions made pursuant to the Health Information Technology for Economic and Clinical Health Act (the HITECH Act), which was enacted as part of the American Recovery and Reinvestment Act of 2009 (ARRA). More specifically, this interim final rule amends HIPAA’s enforcement”
Litigation Discovery and the EHR – Defendant Perspective
Defendants may use these same Standards to demonstrate that the implementation of the E.H.R. and supporting clinical decision support and alert systems work properly. Attestation records and audit logs, implementations, etc. may be used. Rather than waiting for the Plaintiff to go on the attack, defendants may want to be proactive in taking the initiative to demonstrate that implementation Standards that ultimately may support the Medical safety Standards or medical Standard of Care were met.
In our experience, this may move the litigation toward what was reasonable, rather than resulting in subjecting a defendant to unsubstantiated claims that they were attempting to withhold discoverable information.
EHR Forensic Expert Witness audit capabilities:
- Forensic audit methodologies that meet generally accepted Standards for expert reports
- Expert consulting regarding discovery
- Expert testimony
- Audit log subpoenas, audit log discovery, audit log analysis, determination whether audit log meets Standards
- Verification that audit logs are complete and meet the Standards
- Audit log verification
- Clinical decision support logs
- Electronic medication administration (eMAR)
- Drug-drug interaction alerts
- Patient documentation review in comparison to audit logs and alerts
- On-Site inspection and review of live electronic medical records to verify that the live data matches the EMR audit trail / EHR audit trail logs and the produced documentation
- Forensic checks of tamper-proofing checksums and hash codes used to detect changes in the protected code.
An electronic health record expert witness can be essential in litigation where data discovery to determine the veracity of one party’s assertions is concerned.