Will EHR data stand up in court?

By Jeff Rowe
08:03 AM

While healthcare stakeholders naturally focus on the medical reliability of data recorded in EHRs, there's another question worth asking: Would the information EHRs contain stand up in a court of law? 

According to a new analysis published in the Ave Maria Law Review, the answer is a pretty clear "No."

There has been no shortage of debate among healthcare stakeholders concerning whether EHRs are reliable and, if not, how to make them so. But the three authors of the Ave Maria piece take, not surprisingly, a lawyer's view on the question of reliability. And almost from the beginning they point to some significant problems.

For example, they cited the fact that the data in EHRs are used, naturally, to determine payments to providers. Consequently, "there is a substantial financial incentive to attuning (sic) the record systems' functional priorities to assure that the resulting record artifact leverages the maximum payment, dissociated from its accuracy and reliability as a business record of patient care events."

[See: The Cybersecurity Cold War. CISOs share insights on savvy information security.]

Put in non-legalese, given that financial compensation lies at one end of a provider's data trail, there's a lot of incentive to cook the books for maximum payment. And, in the absence of better regulatory oversight, that incentive means courts should take a skeptical view of any records presented as evidence.

"Furthermore," they explained, "the oft-noted litigious atmosphere in healthcare offers a second and separate incentive for records systems that can represent events, or amend representations of events, according to considerations other than accuracy and reliability as legally sound records."

Translation? The specter of malpractice suits tempts doctors to cast their account of patient interactions in the best possible light, also potentially undermining a record's reliability.

While some might be tempted to dismiss the authors' analysis as too narrowly legalistic, perhaps it would be better taken as further incentive to implement the steps necessary to ensure that EHRs are being used appropriately and, consequently, can be counted on to be the best possible assessment and account of a patient's medical condition.

"Other industries, with simpler business rules, more systematic auditing guidelines, and external references for credibility may share some or all of the vulnerabilities of EHRs as sources of truth," the authors wrote. "In all instances though, organizations are obliged to make certain that their records systems originate, retain, and preserve records by such means and for such lengths of time as required by the rules, regulations, and common practices deemed pertinent to their line of business."

Currently, they point out, healthcare doesn't have a similarly stringent approach to its own record — but if it did, it seems clear that both doctors and patients would benefit.

Related articles: 

6 tips for shifting information security from defense to offense

Why data breach readiness isn't getting much better

A glimpse inside OCR's auditing mindset 

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.