In-Person Direct Access Provides Additional Information

An in-person on-site discovery will allow you to view what the EMR notes look like at different points in time, and gain access to inactive or deleted records. Check out this blog to learn more!


In-person direct access is what is often required to be able to get a complete view of what happened, because some of the data doesn’t show when you’re just looking at the produced printed charts. Such missing items may include: routing history, what the notes look like at different points in time, access to inactive or deleted records, and communications. Below is a screenshot from a popular Health Information System, Epic.

EPIC

Epic Notes View

So this is Epic and here you see the notes view and when you’re entering into the system, there’s routing which can give you additional detail about what happened in terms of the routing of the notes. You have a note time, a filed time, and a note time. In this case, all these records with exception of this one down here, the 10:04 AM note time was filed 15 minutes later. So it’s important to have both date and timestamps because sometimes, the file times are many days after discharge or nowhere contemporaneously to the events and that’s important if notes are being entered into this EMR days after something awful happened, you really want to know when those notes were filed. If they’re filed long after things went wrong, oftentimes, that suggests that fabrication of the EMR took place. You can see here, here’s some of the routing, it allows for you to specify different recipients and so knowing that routing of information, that’s important because it’s not always evident when you’re looking at the chart. Here’s an example of adding a note and you can see here, there’s the ability to copy and paste different notations. The date and time on these notes when you first go to create a note, default to the current computer’s clock time but it’s totally possible to change the date and time to put it back in time by dates or hours and that information is relevant. Here’s an example of the Cerner notes. Again, Cerner allows the user to change the date to something other than the current date and time. And it still stores, again, the creation time of that note, even if the note purports to be days earlier. And there are also different filters here, when you’re looking at the EMR with power notes on Cerner, there are different filters, such as my notes only, there’s inactive, active, and so on.

Watch other videos making up this 4 part series, Unlocking the EMR Audit Trail.

Part 1 of 4: “The Keys to Unlocking Electronic Medical Records”
https://enigmaforensics.com/blog/keys-to-unlocking-the-emr-audit-trails-electronic-medical-records/
Part 2 of 4: “HIPAA”
https://enigmaforensics.com/blog/health-insurance-portability-and-accountability-act-of-1996-hipaa/
Part 3 of 4: “Navigating to Trial or Settlement”
https://enigmaforensics.com/blog/navigating-to-trial-or-settlement/
Part 4 of 4: “In-Person Direct Access”
https://enigmaforensics.com/blog/in-person-direct-access-provides-additional-information/

Keys to Unlocking the EMR Audit Trails (Electronic Medical Records)

Have you ever requested Electronic Medical Records (EMR’s) and its beyond difficult to read? The printed pages are not searchable, mixed in with junk, lacking versions that you know should be recorded? Check out this video blog with transcripts. Lee Neubecker, CEO and President of Enigma Forensics offers keys to unlocking the mystery of EMR’s.

Click to view Video on Keys to Unlocking the EMR Audit Trails
(Electronic Medical Records) 



Video Transcripts follows:
EMR Audit Trails, as produced by Healthcare Providers during medical malpractice discovery, frequently filter out the important history of the patient’s medical record. Learn how to compel discovery of the patient’s complete EMR history.

Lee Neubecker: So today, we’re going to be talking about the keys to unlocking Electronic Medical Record Audit Trails. We have a mixture of people on the webinar today. I know some people represent healthcare providers. Other people represent litigants involved with medical malpractice. I’m going to be talking a little bit today about how the process works.


Scenarios where Electronic Medical Records (EMR) are important

  • Eldercare neglect or abuse
  • Failure to provide appropriate & timely care leading to patient injury
  • Failure for staff to provide to correct type of care
  • Credentials of staff that performed procedures
  • Discussions between staff are relevant
  • Establishing the supervising physician neglected appropriate care
  • Allegations involving child welfare accusing parents of harming a child

Lee Neubecker: We’ll begin with discussing some of the scenarios where Electronic Medical Records are relevant and important. If you’re suspecting that the elderly has been abused in a nursing home, that could be important to know. Records of care when medications were provided, whether or not patients were neglected. All of that information can be discerned from reviewing the electronic medical record history. In some cases, there’s allegations about not providing appropriate care over time or the staff providing the wrong type of care. So, many of these cases become litigated in various medical record experts or clinical experts get involved. We’ll be talking about later today about how you really want to start with getting command of the EMR or Electronic Medical Records so that it can be efficiently reviewed not only by you and your team but also by any experts that might be retained to assist with the case. It’s important to understand that there might be discussions between staff, physicians and nurses and whatnot that aren’t in the progress notes or printed medical record. So we’ll be covering that in a little bit. Allegations about harm to children by parents or healthcare providers. That’s also relevant as well. In some cases, we’ve seen situations where the chart reflects a certain color of bruising many days after a child was admitted into a facility for care but the coloration of bruises often can suggest that the bruising happened before entry into a facility. On a case like that, knowing whether or not the child was bathed and whether it was reported early on can help determine was the child injured in the health care provider’s place of care or did it happen prior to admission?

What typically happens when you request the EMR

  1. Printed pages (not searchable)
  2. Mixed in with junk
  3. Sorted most recent to oldest
  4. Lacking version historical revisions
  5. Limited reports that have unnecessary filters
  6. Hold back on communications (Sticky Notes / Routing)
  7. Records entered not contemporaneously to events 

Lee Neubecker: So what typically happens when you ask for the electronic medical record for your patient or your chart, the healthcare providers will often produce it in the most unhelpful way. They might print it if it’s printed or dumped to a PDF that’s flattened, it’s not searchable.

It might be included with lots of redundant information, out of order, sorted not intuitively from oldest to newest, but backwards. Oftentimes, the version revision history of the progress notes are completely missing. So, for instance, if you have an Epic EMR production. With Epic, they have the ability to enable the specific version number so that you can determine the revision history over time and that isn’t always what’s included in the printed report that gets produced.

Some reports will have unnecessary filters. For instance, if only named providers are shown and you don’t see a mixture of healthcare staff providing care to a patient, that might suggest that the report was produced with only the name key healthcare providers included. And so, when you’re requesting electronic medical records, you really want to be very specific to say, use no other filter other than the patient identifier or the patient medical record number, date filters and whatnot, narrowly defining the date and time when the patient was in the hospital or healthcare facility might result in filtering out of important records that show that the chart might’ve been modified or manipulated well after the patient’s departure from the facility and after the patient experienced some type of harm.

Another thing I see, sorry about that. Another thing I see that happens sometimes is in addition to different filters, such as like filtering by date or filtering by healthcare provider or department, sometimes the filters aren’t displayed on the reports and you really want to be able to understand what filters are used. One other filter that might be used without your knowledge is whether or not the record is considered confidential.

Confidential would suppress the record oftentimes from appearing on the printed medical record report. So you want active, inactive, all version history, confidential, you want the entirety.

Another important thing that is relevant in many cases involves the communications between healthcare providers. With Epic, you have the ability and with Cerner, you have the ability for routing of communications, either almost like an email system within the healthcare system or something known as sticky notes, which is basically like an instant messaging platform between healthcare staff about a patient.

And there’s documentation out there where hospitals say that sticky notes are not part of the medical-legal record. Well, HIPAA requires that all that data be retained. So the data is in there, it’s in the backend database or you have to inspect the hospital information system to be able to document it on the photo or on video.

Another thing that we see a lot of our records that are entered in, after the fact, when you enter a record into a hospital information system, you can list the reported date and time of the event but that is oftentimes different than when the record was actually saved and created in the system. So we’ll talk about that more as we go through.

Important Concepts & Terms

  • (EMR) Electronic Medical Records
  • (EHR) Electronic Health Record
  • (HIS) Health Information System
  • (PACS) Picture Archiving and Communication System
  • (ePHI) / (PHI) Electronic Protected Health Information
  • Data Dictionary
  • Delimited Format
  • Native Files
  • Audit Trail
  • Audit Logs
  • Pivot Tables
  • OCR (Optical Character Text Recognition)

Lee Neubecker: First, I’d like to cover some important concepts and terms that are relevant to Electronic Medical Records in medical malpractice litigation.

EMR, Electronic Medical Records is synonymous with EHR, the Electronic Health Record. A hospital Information System is sometimes referred to as HIS and that’s like Cerner or Epic or Meditech or whatever software system is being used to manage the patient care and store their electronic medical record. PACS is specific to video, phototypes involved with the documentation of electronic medical records, as it pertains to things like MRIs, x-rays, videos of surgeries, and so on. And each of these systems often has its own audit logs separate from the HIS system. ePHI is Electronic Protected Health Information. That’s what all the stuff is about.

Data dictionaries are abstract or key to help you to cross-reference the initials of the health care provider or the department or procedures or lab test results to the friendly name. And if you’re working on one of these cases, you want to include in your request for production, a production of the data dictionary, so that you can make sense of the charts and records that are produced to you.

Another thing that I like to ask for when I’m getting electronic medical records is to request that that data be produced in what’s known as a delimited format, which is like a spreadsheet format, sometimes known as comma-delimited. That allows you to manipulate the data much more easily and filter and aggregate and do things that can help you see into what’s happening quickly without having to review oftentimes tens of thousands of pages.

Native files refer to the file as it exists. Like if there’s a transcription that’s saved as a WAV file that has the original doctor’s notes, asking for the native file of the transcriptions would give you the actual file that was recorded, as opposed to some transcription of the file.

Audit trail or audit logs, HIPAA requires that data be stored about the creation, modification and access of electronic health records. And these audit logs will show when things are added, updated, modified. The logs and audit trails that are produced often don’t answer the key question about what changes are happening. And usually, I get involved with helping the parties understand well, what really happened? What was a real revision history? When did it occur? Who did it, from what computer? At what date and time was data deleted? Was it added? And that’s very relevant to many medical malpractice cases. When we’re analyzing data, some of the things we can do, we can take the electronic medical records if they’re produced in a delimited format, we can quickly prepare aggregate summary charts that might show how many minutes did, or how many interactions with the EMR did the supervising physician have? What dates and time where the records looked at? When did modifications occur? If modifications occurred after a patient’s discharge, which I see quite a lot of times, that can be suggestive of efforts to fabricate the medical record history.

When we get the data, in addition to trying to get it into a delimited or a spreadsheet format, we’d like to make sure that the data is OCRed, which is optical character text recognition, that allows for searching and key concepts, names of providers, dates and times and so on. And all of that can be very important as you work a case.

Watch other videos making up this 4 part series, Unlocking the EMR Audit Trail.

 

Part 1 of 4: “The Keys to Unlocking Electronic Medical Records”
https://enigmaforensics.com/blog/keys-to-unlocking-the-emr-audit-trails-electronic-medical-records/
Part 2 of 4: “HIPPA”
https://enigmaforensics.com/blog/health-insurance-portability-and-accountability-act-of-1996-hipaa/
Part 3 of 4: “Navigating to Trial or Settlement”
https://enigmaforensics.com/blog/navigating-to-trial-or-settlement/
Part 4 of 4: “In-Person Direct Access”
https://enigmaforensics.com/blog/in-person-direct-access-provides-additional-information/

How to Unlock Electronic Medical Records

Electronic Medical Records can make or break a case! Do you want to learn how to unlock an Electronic Medical Record Audit Trail? Check out this complimentary MCLE (1 hour) credit seminar via Zoom, as Enigma Forensics CEO, Lee Neubecker offers keys to unlock the mysteries of the EMR audit trail. Read through this blog to register for this complimentary event.

Please join Enigma Forensics as our CEO, Lee Neubecker, as he presents:

“Keys to Unlocking Electronic Medical Records EMR”

Tuesday, May 25,

noon-1:00 p.m. Via Zoom

This complimentary program is offered for 1 hour of MCLE Credit in Illinois.

Register here: https://osadil.eventsair.com/2021-the-keys-to-unlocking-electronic-medical-records/2021-thekeystounlockingelectronicmedrecords/Site/Register

Enigma Forensics is partnering with the following sponsors:
The Family Justice Resource Center

If you are facing a wrongful allegation, The Family Justice Resource Center can help. The process of overcoming a medically-based wrongful allegation is exceedingly difficult. They offer a place to turn for families facing allegations of abuse and neglect. By learning the keys to unlocking the Electronic Medical Records it will become easier to uncover the root cause of every allegation. #https://www.famjustice.org/

Center for Integrity in Forensic Sciences

The Center for Integrity in Forensic Sciences (CIFS) is the first non-profit organization in the United States to bring exclusive focus to improvement of the reliability and safety of criminal prosecutions through strengthening the forensic sciences. Its educational and service goals span legislation, all facets of the judicial system, and experiential education of tomorrow’s lawyers and scientists. Its innovative approach allows law students and both undergraduate and graduate students in the sciences to work collaboratively, expanding the knowledge and competency of students across that broad spectrum. #https://cifsjustice.org/about-cifs/

Illinois Innocence Project

The Illinois Innocence Project (IIP) is dedicated to freeing innocent men and women imprisoned in Illinois for crimes they did not commit. They advocate on behalf of this silenced population by researching and investigating claims of innocence and providing legal representation and other assistance to prove credible claims of actual innocence. #https://www.uis.edu/illinoisinnocenceproject/about/

Illinois Public Defender Association

The Illinois Public Defender Association was incorporated in 1969 as a non-profit 501 [c][6] an educational organization for Public Defenders. The goals of education, interchange of ideas, and camaraderie are reflected by semi-annual seminars serving Public Defenders and court-appointed counsel in all 102 counties. #https://www2.illinois.gov/osad/PublicDefenderInformation/Pages/PDAssociation.aspx

Enigma Forensics

Lee Neubecker is CEO and Founder of Enigma Forensics. We are a computer forensic company that focuses on Electronic Medical Records and Data Recovery. We are pleased to offer this complimentary MCLE credited event.

To learn more about the keys to unlocking Electronic Medical Records EMR

How to Compel Discovery of Electronic Medical Records

EMR Audit Trails as produced by Healthcare Providers during medical malpractice discovery frequently filter out important history of the patient’s medical record. Learn how to compel discovery of the patient’s complete EMR history.

Are you attempting to compel the production of a patient’s electronic medical chart and the complete electronic medical record audit trail?

Medical malpractice litigation today routinely requires obtaining the complete electronic medical record audit trail. Compelling the entire patient’s EMR Audit Trail Discovery is vital to the case. Hospitals, clinics, dentists, and other health providers are required to document patient interactions in electronic HIPAA compliant Healthcare Information Systems (HIS). Electronic Medical Records (EMR) also referred to as Electronic Health Records (EHR) are used almost interchangeably. Requesting and receiving the complete EMR for a harmed party can be a daunting process, especially when health care providers produce voluminous audit trail reports in paper form that lack any clear documentation of exactly what changes were made to the EMR.

HIPAA compliant HIS software providers are required to log all access, review, editing, and deletion of records. Such logs must include a record of the user making the change, the source computer that made the change, the date and time of the records actual creation (this can be different than the date and time stamp that appears on the printed patient chart or progress notes), and all versions of the chart as it existed at various points in time. While the HIS software providers maintain HIPAA compliance, ensuring that deleted or revised patient records remain in the HIS record, those earlier revision instances or deleted (marked inactive) records are routinely left off the patient’s printed EMR. By design, the EMR audit trail reports lack the specific modifications being made and by whom. It is often necessary to formulate your discovery request in a specific way to ensure that all audit trail logs from all of the various HIS-connected systems are produced in such a way that provides a clear understanding of health care events that took place.

The following graphic depicts the typical process involved with retaining a computer forensics expert skilled in deciphering EMR to assist with compelling discovery of the complete patient electronic medical records, including the revision history.

1. Request Patient’s Complete Electronic Medical Records (EMR)

It is important that your discovery request includes important relevant details and enough specificity to ensure you receive a comprehensive production of available information without having unnecessary filters applied. We have seen routine usage of filters such as named users, narrow start and ending dates, departments and other available filters that result in receiving an incomplete production of the patient’s EMR. If you would like a sample electronic medical record discovery request list of items, please call us and we would be happy to share our sample request with you. Engaging our firm early on in the process can help speed things along.

2. Review Produced EMR Records

Reviewing the timeline of events and the complaint to develop an understanding of the critical moments when decisions were made or not made leading to harm to the patient is usually the starting point for engaging a computer forensics expert to assist you. Following the review of the case documents, converting the EMR produced to a more usable format is important before analysis begins. Ensuring that the EMR has been OCR’s, adding page labels to the document if missing saves time downstream and allows for surgical review of voluminous EMR to isolate records of care by date, time, health care provider name, medication, or other activity. Summarizing data and performing focused reviews around key dates and times can provide important insights.

3. Identify examples of withheld records or apparent manipulation

During the review process, it is helpful to identify examples of abnormalities or notations that indicate other data referenced is not contained in the production of the patient’s EMR. Reviewing the complete EMR records produced, not just the critical dates and times, can often help establish normal patterns of EMR and can be used in contrast to critical dates and times where EMR appears to be missing from the record. Skilled and experienced EMR data forensics experts often find indicators of manipulation that may not be readily apparent to someone who is not an EMR data forensics expert. Plaintiff’s medical malpractice counsel should send a written or emailed request to the health care provider to produce apparently missing records. This documentation of asking for the missing data will be helpful later when a motion to compel is filed with the court. Judges always like it when litigants attempt to work things out first amongst themselves before seeking judicial intervention. It is not uncommon that our firm is retained at this stage when the non-expert has reviewed the EMR produced and suspects something is hinky. Having your EMR data forensic expert assist with drafting the follow-on request for missing EMR can help lay the foundation for a later affidavit in support of a motion to compel.

4. Review Supplemental Production of Records if Received

In many cases, healthcare providers will partially respond to a supplemental request for EMR. The production oftentimes still lacks the clear ability to correlate the revision history of the patient’s chart and medical record. The review of all of the EMR produced to date is important in beginning to build the argument to be included in the future EMR expert witness affidavit in support of an onsite inspection of the HIS to obtain the patient’s complete EMR including the revision history.

5. Affidavit in Support of Motion to Compel Onsite Direct Inspection

The EMR data forensics expert must lay the foundation documenting their credentials, what they reviewed, significant findings, notes of any deficiencies in the production, and establishing that additional information not produced by the health care provider may be available from performing an onsite inspection. Direct engagement with the HIS can often reveal additional details such as the actual time or original entry of a notation as well as the life cycle of modification over time showing which device was used to access or modify the notation, what user accessed/modified the record, and the current status of records entered into the EMR. Inactive or deleted notations may be revealed on some HIS systems by toggling the view settings to show inactive records. The sworn statement by the EMR data forensics expert is an important tool in winning your motion to compel and often is filed with the motion, or submitted shortly after and before the hearing on the motion. In some cases, sharing the EMR data forensics expert’s curriculum vitae with the health care provider and the signed affidavit in support of the motion to compel onsite recorded inspection of the patient’s EMR may result in an agreement to allow inspection without the court’s order or an acceptable settlement offer. It never hurts to try.

6. File Motion to Compel Onsite Direct Inspection of the EMR System

Usually, to obtain direct onsite inspection of the healthcare provider’s HIS is a request likely to encounter objections and resistance. Filing a motion to compel and providing a supporting EMR expert witness affidavit can help overcome objections. A federal U.S. District Court ordered a hospital to provide such direct access to a patient plaintiff in a medical malpractice case. (Borum v. Smith, W.D. Ky. No. 4:17-cv-17, 2017 U.S. Dist. LEXIS 109249 (July 14, 2017)). The court’s decision and arguments can be viewed at this link. Onsite inspections can also be performed using remote control/viewing software such as WebEx, Zoom, TeamViewer, and others if the court allows and so orders. Typically, healthcare provider staff or HIS software consultants with administrative access to the HIS will perform the actions directed by the plaintiff’s EMR consultant and allow for recording screenshots of the patient’s EMR as viewed within the software.

7. Court Testimony in Support of Motion to Compel Onsite Direct Inspection

Having your EMR expert present in the hearing on your motion to compel usually takes place in person or via a remote video conferencing tool such as Zoom. Since the outbreak of Covid-19 began to escalate in 2020, courts have become more comfortable with allowing remote experts to appear via electronic video conferencing, making it easier to retain the most knowledgeable EMR computer forensics expert witness without concerns over the geographic location of your expert witness. Allowing the judge to ask questions of your EMR expert witness directly and assist you with responding to any raised objections has been proven to be highly effective in winning the motion to compel onsite inspection of the plaintiff’s EMR.

8. Onsite Inspection

Once the court has granted the motion to compel an onsite inspection, it is important to ensure that any in-person meeting isn’t a waste of everyone’s time. Problems that can arise include the health care provider producing someone to operate the computer terminal who is not knowledgeable about how to use the HIS or that lacks full administrative access to the complete backend databases containing detailed historical information including revision history of the EMR. In some cases, such as Cerner and Epic, some screens can be viewed in the software that will show progress notes and the revision histories including the user name modifying or entering the record and the times the record was updated by the user. In other systems, it may be necessary to access the back-end database system with administrative credentials to perform Structured Query Language (SQL) queries to identify the relevant record history. Having an EMR expert that has experience writing SQL database queries is important when the HIS doesn’t offer a built-in report or display view that can show the complete historical record of events.

9. Review Records Captured Onsite

Following the onsite inspection, it is often necessary to review in more detail the screenshots and video footage documenting the EMR in the HIS. Reports generated during the onsite may need to be compared against earlier productions of EMR to help document any records that were withheld. Where it is provable that the healthcare provider withheld patient EMR, it may be possible to petition the court to order reimbursement of expert witness fees associated with the consulting engagement.

10. Write Final Report

Many times, a final report is not necessary. Typically, once it is established that records were withheld, or it is believed to be known that this may be the case, it is more often than not that a settlement offer is made to the plaintiff when obfuscation or manipulation of the patient’s EMR took place. If no acceptable settlement is reached, writing a final report in the form of a sworn affidavit to detail the delays and extra costs associated with discovery is important for petitioning the court to award expert fees. Other times, the data obtained from the onsite inspection can be presented without a report or sworn affidavit. Photos and videos can sometimes avoid the need to generate a final report.

11. Expert Witness Deposed

Should an acceptable settlement offer not have been reached, the EMR expert witness will be deposed. This typically is preceded by a request for the disclosed expert witness’s communications with counsel and any work product or notes. Working with an EMR expert witness that has been deposed numerous times and has achieved successful outcomes following the given deposition can make or break your case. If the defense counsel can undermine the credibility of your expert, the admissibility of any of the opinions sworn to by your expert may be excluded. If your EMR expert witness is successful at establishing that records were held back or manipulated and provides a reliable deposition in support of those opinions, your case matter is likely to receive a reasonable settlement offer proportionate to the offenses and harm caused to your client.

12. Trial Testimony

It is rare that you will need your EMR Expert Witness to testify at trial regarding manipulation or withholding of evidence. If the facts exist and have been produced, they often speak for themselves. Many healthcare organizations face frequent malpractice litigation. If it is established in the public record that a healthcare organization permanently deleted a patient’s EMR, that organization could lose Medicare/Medicaid funding for not maintaining HIPAA compliance, a problem that could far exceed paying out a settlement to a single aggrieved party.

13. Case Settles

Medical malpractice cases often settle when it has been established that the records have been altered to distort the true record of patient care. Having news reports published detailing how a healthcare organization manipulated historical patient EMR to mask a mistake resulting in the harm of the patient would only invite more litigation by other harmed patients. In the interest of protecting their organization from further litigation and more intrusive discovery, healthcare organizations need to maintain their profitability and minimize costs paid out for ongoing litigation.

Summary

When you are getting stonewalled by a healthcare organization and feel that you are receiving cryptic EMR audit trails, or a production that is missing data that should exist, having an experience EMR computer forensics expert witness and consultant on your side can help you achieve a better outcome for your client. If you would like to discuss a case matter with us, we are happy to provide a complimentary consultation. Call us today at 312-668-0333.

Electronic Medical Records Manipulated Post Lawsuit

Hiring an expert in electronic medical records (EMR’s) will help uncover record manipulation that will assist law professionals in winning medical malpractice cases for their clients. Check out this blog to see how a Kentucky woman waged a monumental fight against the medical system that failed her!

A site visit by an expert pays off, a Computer Forensic Expert Finds the Smoking Gun in the Electronic Medical Record (EMR) audit trail!

Kim Johnson noticed a lump on her right breast and because her mother died of breast cancer she feared the worst. In January 2015, she went to Fleming County Hospital in Flemingsburg, Kentucky, to get a mammogram. When she received a letter from the hospital that proved she had “no evidence of cancer”, this Kentucky mother of eight breathed a huge sigh of relief. Several months had passed and the lump continued to grow so she decided to get a second opinion. She was horrified to learn she has stage 4 cancer.

Sadly, Fleming County Hospital had sent the wrong letter, giving Johnson the all-clear instead of directing her to return for a follow-up examination. In September 2016, Johnson filed a lawsuit against the hospital claiming doctors misdiagnosed her, and that two employees deleted evidence of the letter saying she didn’t have cancer. How did she know this?

She hired a digital forensic expert!

Ms. Johnson and her lawyer’s hired a digital forensic expert skilled in examining EMR audit trails. During a court-ordered on-site visit, they found employee EMR entries that edited the history and deleted the evidence of the erroneous letter claiming that she was cancer-free.

In the wake of the misdiagnosis by the hospital, Ms. Johnson is left with a long battle with cancer. If her cancer would have been recognized at an earlier stage her quality of life would have been different as a result. She trusted the system and it failed her.

Who protects the patient? The HIPPA law ensures accountability

Required by the Health Insurance Portability and Accountability Act (HIPAA), hospitals and healthcare providers are to maintain an audit trail of all access, entry, and modification of the patient’s EMR to ensure accountability. Hiring a computer forensics expert that has experience with examining Health Information Systems (HIS) and the related EMR audit trails that can make or break your case. Call Enigma Forensics staff today if you think you may have a case requiring similar assistance. 312-668-0333.

To Learn More About EMR Audit Trails

Filters Used to Withhold the Complete Electronic Medical Records

The universal implementation of electronic medical records (EMRs) has become the single most important piece of evidence used in medical malpractice litigation. In response to an EMR Discovery request, healthcare providers use various filters to create useless or hard to read data. Hire an expert to help you weed through the audit trail and to present Discovery requests relevant to the case.

Healthcare providers use filters to withhold electronic medical data when complying with a court order and producing EMR audit trails. During the discovery period, EMR audit trails are commonly used as the single most important piece of evidence in medical malpractice litigation. Knowing evidence is in the details, has led to a chess game of filters proving “Not all electronic medical records (EMRs) productions are created equal!” Figuring out how electronic medical records (EMRs) are filtered is a game changer!

Follow the filters!

When counsel requests a patient’s electronic medical records (EMRs) to review for evidence, the production is often delivered in non-electronic limited formats, such as; scan documents, PDF, or image files. Filters provide limited format productions of (EMRs) therefore it becomes extremely difficult to read and find evidence. Are hospitals and healthcare facilities doing this on purpose? Are they filtering their production to include irrelevant information with very little details about the event in question? They are not making it easy that’s for sure. In truth, they are complying with the court order and producing files that include the electronic health records of the plaintiff. They’re just not providing data information in its completeness. Using filters to produce audit trails is fairly common, but for the injured party and representing counsel these tactics are extremely excruciating. Requesting electronic medical records (EMR’s) is now a challenging game of filtering chess!

Forensic Experts know how to request data essential to your case.

It is quite common that hospitals and healthcare facilities use a variety of filters that will result in an incomplete production. When forensic experts study the production headers they uncover filters that were used to produce an incomplete EMR audit trail. Experts know how to ask for relevant data and dig deeper to find evidence.

Filters, Filters, and More Filters!

  1. Date filters that are applied could exclude alteration of records after the event took place. We suggest the best practice is to use the earliest known date prior to the medical event as a starting point and place the end date the same as the current date of the request. Pushing the end date to reflect the current date will show who looked at the record post-event.
  2. Department filters will only return records that are from one particular department, such as radiology or another department.
  3. Employee filters include specific employees of the healthcare facility. If an EMR record only shows entries related to a physician’s user IDs this can be problematic. It’s important to know all of the names and user IDs of all healthcare providers that visited the patient.
  4. Workstation filters are specific to desktops and/or workstations and could be the cause of incomplete production.
  5. Location filters are used by healthcare providers to limit the full scope of production. It is not uncommon for physicians to access important medical records remotely. This could cause manipulation of data by remote access and filter out data after the event in question.

Enigma Forensics has years of experience developing requests for electronic medical records (EMRs). Our experts know how to ask the right question to retrieve the necessary data to be used as evidence. Save yourself time and expense and hire an expert! Our experts are CISSP certified (Certified Information Systems Security Professional) that provide testimony as a professional witness in a court of law.

Please call Enigma Forensics at 312-669-0333 for a complimentary consultation.

EMR or EHR what is the difference?

EMR or EHR are synonymous. Both are medical records. The electronic medical records or EMR reveal an audit trail of what transpired during a medical or health visit. Each record is unique and tells a story about the patient. We are experts that can assist you to win your case!

Electronic data records are taking the place of the old school hard copy files and completely revolutionizing the way data is gathered and stored. Electronic Health Records (EHR) or Electronic Medical Records (EMR) are synonymous with each other. (EHR) is data that includes the patient’s vital information such as an address, medical history, allergies, immunizations, lab tests results, radiology images, and vital signs, also, personal statistics like age, weight, sexual orientation, and insurance information. (EMR) is an individual’s private health data that is stored in a protected database only accessible to medical personnel in compliance with The Health Insurance Portability and Accountability Act (HIPAA) regulations. EHR’s or EMR’s make patient charting easier and results in fewer errors and keeps this delicate personal information private and secure.

Medical data can be manipulated!

Medical data can be altered and inserted into EMR systems and made to look like it was there all the time or not there at all. Medical malpractice lawyers rely on EMR audit trails to tell the story of either side of a case; the plaintiff or the defendant. Medical records are marked by metadata or raw data. This data is developed separately from the EMR system making manipulation detection visible by reviewing the raw data and the database logs. Metadata can also be described as underlying data, like a digital footprint that creates an audit trail. In order to analyze raw data, you will need to hire Enigma Forensics; we are experts in the field of electronic medical records (EMR) or (EHR).

During a forensic review of EHR’s or EMR’s, we can authenticate or reveal backdating, back charting, data editing, or falsification of records. We have been on both sides of medical malpractice cases and almost always save our client a considerable sum of money. We work closely with the attorneys involved to help with eDiscovery verbiage and assist with what to look for.

Electronic Medical Records
Electronic Health Records and eDiscovery

Complete list of eDiscovery Questions For Electronic Medical Records

Enigma Forensics are experts in collecting and understanding electronic medical records or the EMR audit trail. Check out this blog to view our list of EMR Discovery Questions.

Electronic Medical Records (EMR) can be tricky! In most cases, during eDiscovery, you get what you ask for and only what you ask for! Every Discovery request involving a healthcare provider has unique aspects that need to be considered.

Enigma Forensics is an established Computer Forensic Expert Witness firm that has been involved in many medical malpractice cases and specializes in interpreting electronic medical records (EMR) audit trail or audit logs. Our staff has extensive experience with numerous EMR applications and can assist you with navigating through the challenges of EMR Audit Trails and/or Audit Logs. Electronic Medical Record a.k.a., EMR audit trail or log is the answer to who knew what when, in essence, it tells the story about what took place during the treatment of that patient.

The following is a list of important questions to file for the demand for eDiscovery for Electronic Medical Records, in a medical malpractice case.

  1. Provide the name of all medical software applications utilized to store [Patient Name]’s Electronic Medical Records (EMR).
  2. For each medical software application that contains [Patient Name]’s EMR, please provide the specific version of the software as well as the name of the company that produces the software during the relevant time period beginning on [beginning date] through the present date.
  3. For each medical software application that contains [Patient Name]’s EMR, please indicate if any of the specified software applications were migrated off to a new platform and what the current status is of [Patient Name]’s EMR on the original system.
  4. For each medical software application that contains [Patient Name]’s EMR, please provide the application administrators that have full access to the stored data and audit trails.
  5. For each medical software application that contains [Patient Name]’s EMR, please provide all user and administrator manuals for each of the medical software applications.
  6. For each application that contains [Health Care Provider Name]’s EMR, please provide the current retention settings for the audit trail for all patient’s EMR. Are the privacy log retention settings sent to a secondary audit log (e.g., Fair Warning)? Is the secondary audit log retention configurable within the systems and/or applications?
  7. For each application that contains [Health Care Provider Name]’s EMR, please provide the earliest date that [Patient Name]’s EMR appears in the application’s audit trail.
  8. Please provide the complete EMR audit trail for [Patient Name] detailing any health care provider’s access, review, modification, printing, faxing, or deletion activities in a comma-delimited format with any and all corresponding native files that may relate to the Electronic Medical Record for [Patient Name] as required by the Health Insurance Portability and Accountability Act § 164.312(a)(1).  Such an audit trail should include the original values and new values for any alteration of the EMR and shall indicate the user making the change and the date and time of the change.
  9. Please provide the data dictionary for each software application containing  [Patient Name]’s EMR.  Such dictionary shall include the username key that maps the real names of individuals to their unique user login account IDs for each medical software application containing any EMR for [Patient Name] as required by the Health Insurance Portability and Accountability Act § 164.312(a)(2)(i). Additionally, any lab test, codes, or other short-form identifiers included in  [Patient Name]’s EMR Chart or EMR audit trail should be provided as part of the data dictionary production.
  10. Please provide any and all original voice transcription recordings that were made by [Health Care Provider Name], or any other staff that related to [Patient Name].
  11. Please provide any other native electronic files or emails that relate to  [Patient Name] in the native format with an index containing the original unmodified metadata for each of the native files or emails produced.
  12. Please provide any DICOM files that were captured as part of [Patient Name]’s treatment by [Health Care Provider].
  13. Please provide electronic records of any outbound faxes and/or other methods of communication that were utilized by [Health Care Provider Name] to [EMR Recipient], in its native form with a corresponding comma file listing containing all available metadata in a delimited format with the corresponding file path to the native file produced for each record.
  14. Please provide the name and title of the person most knowledgeable for the [Health Care Provider Name]’s software/auditing and compliance system. 
  15. What customizations and settings were active at the time when the plaintiff was admitted into the hospital? What privacy-related logging is in place for each such system and/or application? Are privacy log retention settings in place for each such system and/or audit log?

EMR Audit Trails

An electronic medical record (EMR) audit trail is a log file required by HIPAA of all electronic medical record software systems. The EMR audit trail documents all points of access of a patient electronic medical record system including any actions to modify, view, print or amend the record by replacing or adding new data.

Electronic Medical Record (EMR) Audit Trails are key to effective electronic discovery during medical malpractice litigation. Renowned EMR Computer Forensics Expert, Lee Neubecker interviews Insurance Defense Attorney Bill McVisk who usually helps defend hospitals embroiled in medical malpractice litigation. McVisk discusses common areas of confusion during discovery of patient medical records. Neubecker relays some of his past experiences helping plaintiffs uncover important medical records that are often hidden from plaintiffs during discovery. Enigma Forensics has assisted counsel with conducting depositions relating to Electronic Health Records (EHR) and EMR. The two discuss how electronic medical record systems have often made the process of discovery more difficult and confusing to attorneys and litigants.

The transcript of the interview follows:

The transcript of the interview follows:

Lee Neubecker: Hi. I’m here today with Bill McVisk. He’s a patient medical records expert, a litigator. He works with hospitals that are dealing with EMR-related patient medical records and whatnot. I had him on my show today because I want to talk a little bit about electronic medical records. Bill, they said that electronic medical records were going to revolutionize everything and make everything so much better. What’s the reality of what’s happened since we’ve brought about medical records?

Bill McVisk: A lot of EMR has been great. I mean, there’s an ability of doctors to provide records to other people that they couldn’t have done before. There’s the ability, for instance, of a radiologist to look at a film that was taken, and he can be in San Diego, and the patient can be in New York, and it still works. The problems, though, there are some problems. I mean, the biggest problem I see is that anyone who’s ever gone to a doctor’s… the doctors are focused on their computers instead of focusing on the patient. What they’re doing is hitting all sorts of drop-down menus and stuff, and I think we’re losing something from the standpoint of presenting physicians and nurses in malpractice cases. It creates a situation where you don’t really get a sense of exactly what that nurse or doctor is thinking, and so the records just aren’t quite as helpful in medical malpractice cases as they used to be. On the upside, we can read them now, whereas in the past we had to worry about doctors’ handwriting.

Lee Neubecker: Yeah. I know from experience working as a EMR, a patient medical record expert, that discovery can often become challenging. When an attorney is preparing a witness for deposition related to patient medical records, what are some of the things that you look for and care about in that process?

Bill McVisk: Well, the first thing, quite frankly, is to make sure I have the entire record. I can’t tell you how often I’m getting records where I get part of the record, and for some reason, I don’t know if it’s stored on a different server or what, I’m not getting all of the record. I may get all the physician’s part of the record but not the nurse’s part of the record, and obviously, that’s essential. Other problems, like when I’m preparing a witness for a deposition, the big problem is that they’re not used to seeing these records printed out. I mean, in the past, they would look at the chart, it would be exactly the same as the chart they were looking at in the hospital. Now, they are looking at the chart on a computer screen when they’re in the hospital, but when you’re preparing them for a deposition, you’ve got a paper chart, and the paper chart prints out terribly. Every time there’s a slight change of any kind in the record from one minute to the next, the chart prints out the page again and again and again, so there’s all this stuff, and it’s just getting the nurses and the doctors to know where in the chart their entry is going to be makes it a little bit harder.

Lee Neubecker: Yeah. I have experience working with that, and I know that HIPAA requires that every instance of that medical record, pre-editing and post-editing, that that data be preserved and discoverable, but in reality, a lot of the software packages, they only have reports that run the last version, so to get into the true audit trail, you often have to get into the database backend to get access to that information.

Bill McVisk: Well, and I think audit trails are the other aspect of things that makes it a little bit harder in this situation. In the past, we basically, I could give the original medical record to the plaintiff’s attorney to inspect. If somebody had erased something or done something like that, it’d be pretty obvious. I would hopefully know about it before the plaintiff’s attorney would know about it. Then I’d deal with that. But, it may not be obvious now because people can go in, change records, and now, if an audit trail is suddenly showing me, “Oh, my god, somebody was in and did something “to the record,” and it’s two or three weeks after the treatment was over, or, say, two or three hours after a terrible incident occurred, that’s going to make it look concerning. So I think from our standpoint, it’s a matter of making sure healthcare providers are aware of how to do it in a way that isn’t going to look like you’re trying to fake or lie.

Lee Neubecker: And there’s a big difference between accessing a medical record, and editing it.

Bill McVisk: Right.

Lee Neubecker: That’s where sometimes attorneys on both sides become confused about the significance of what’s happening with the patient record.

Bill McVisk: Right. I mean, records get accessed all the time. Maybe it’s to prepare for a deposition. You have to access the record to look at it. Maybe it’s because there’s followup treatment and you need to access the record. That happens all the time, but sometimes, on these audit trails, it’s not always easy. Is this just an access, or is somebody going in and changing something?

Lee Neubecker: And there’s a whole other layer, too. I know from my experience working with many of the packages that the hospitals often use systems that have something known as sticky notes, where they can put comments about a patient. There’s a wide perception that those notes aren’t discoverable. Just because the software doesn’t have a report that will run it, doesn’t mean that if someone like me is coming in, and I get access to the backend database, those comments about the patient and whatnot become apparent. But unfortunately, it’s difficult to get at that data if you don’t know what you’re looking for.

Bill McVisk: And that creates a real problem if you’re defending the hospital, because if I don’t know about these sticky notes in the beginning, first of all, I’m not going to be thinking, “Oh, my goodness.” Then, if you come and discover them, it obviously is going to be, “Oh. I was trying to hide those notes,” or, “The hospital was trying to hide those notes,” which is always the worst thing you can do as a defendant in litigation. And they’re clearly, if there’s something about a patient in those notes, it’s almost never privileged, it is discoverable, and it should be provided immediately.

Lee Neubecker: Also, you know, there’s a tendency I see for the hospitals to try to cover things up. Do you think that there’s some value in bringing in, when you’re defending a hospital, your own forensic expert to dig around and find out what’s really happening?

Bill McVisk: See, I don’t think the hospitals are intentionally trying to cover stuff up. I really don’t think that’s, I’ve almost never seen that happen. There may be, you know, one or two, but in most of these cases, I think the hospitals are trying to find out what the truth is. That being said, the hospital may not be aware that some of these things, because the risk management for the hospital might not be fully aware of all of the situations that are involved in electronic medical records, and yes, at that point, it may be a good idea for me just to have somebody like you go through those records, let me know. Before I produce them to the plaintiff, I would like to know what’s out there.

Lee Neubecker: It would probably be a lot more useful for you to get just a listing of the changes on the record so you’re not looking at the whole document, but maybe here’s a first instance, and then change one, change two, change three, so you can see before text, after text.

Bill McVisk: Sure.

Lee Neubecker: That’s the type of thing that, unfortunately, there’s not canned reports that are in the software that do that. I think that could be by design of the software makers because they don’t want to make it worse for their clients, the hospitals, but it’s certainly possible that it’s just something that was never asked for.

Bill McVisk: That’s quite possible, and I don’t know any of these software makers, but to me, it would be really helpful to know what those are. Of course, that does make it more discoverable, easily discovered by the plaintiff’s attorneys, but on the other hand, I as a defense attorney need to know about it, and if there’s a change that’s improper, I need to know about it right away.

Lee Neubecker: Yeah. What kind of problems can occur when different providers have different EMR systems?

Bill McVisk: Well, that can create problems of a number of ways. Sometimes, the software of one hospital doesn’t communicate with the software of another. There have been situations, for instance, where a physician enters an order for something to happen, and then because of the software problems, it doesn’t get to the provider who’s supposed to do it, and they don’t know that they’re supposed to do it. That creates serious problems for patient care. And similarly, it’s like, if a hospital is discharging a patient to a nursing home, and they want the nursing home to have a certain specific type of care regimen afterward, that can create problems if they don’t communicate well.

Lee Neubecker: Well, thanks a bunch, Bill, for being on the show. I appreciate it.

Bill McVisk: Lee, thanks so much.

Other Medical Related Posts:

Related Links on the Web:

Related Links on the Web:

Computer Forensics in Medical Malpractice

Importance of Computer Forensics in Medical Malpractice Litigation by revealing patient electronic medical records.

Computer Forensics Wins Litigation

Enigma Forensics CEO & President Lee Neubecker interviews James Meyer a personal injury attorney from Ialongo and Meyer. Computer Forensics uncovers answers to important questions such as; what orders may or may not have been entered as a result of that medical test. In this video, Lee and Jim share some of the changes that have ocurred that impact medical malpractice litigation. Tune in to find out how using computer forensics can make or break a case.

The transcript of the video interview follows:

Lee Neubecker: Hi this is Lee Neubecker, I’m here with Jim Meyer from Ialongo and Meyer, and we’re here today talking about patient medical records, specifically electronic medical records. Some of the changes that have happened that impact medical malpractice litigation. So Jim, can you tell me a little bit about EMR and how computer forensics plays a role in cases that you’re litigating, where you’re trying to get a result for your client?

Jim Meyer: Well EMR has changed everything, in regards to medical records. HIPAA is required that the electronic medical records, both be secure and private, that requirement provides that a lot of metadata is collected with every electronic medical record. That metadata itself is very important in… Capturing information about where, when, how and whom, made the medical record, can be crucial in any medical investigation.

Lee Neubecker: Look, can you tell me an example of what type of metadata you might be asking for, and why it would be relevant to the outcome of litigation?

Jim Meyer: Well… The metadata that is most interesting in most cases is, when certain events occurred in a medical record. When a test was ordered, when it was performed, when the results were placed in the patient’s medical record, when the physician saw those results, what orders may or may not have been entered as a result of that medical test. When medication is prescribed, when it’s administered, who administered the medication. Many of these details are now electronically captured, as opposed to being physically noted, as they were in old written medical records. It can make a… Big difference in trying to determine when events occurred in a case.

Lee Neubecker: I know one of the cases I was involved in, I discovered that many of the different default reports that are provided with these medical software packages, don’t necessarily show all available metadata. In fact, what we had to do on one of the cases, we had to work through discovery to try to get the scheme of the database. And then we discovered in once instance that there was something known as a sticky note, that the nurses and physicians could type little comments in, but there was a presumption that would never get printed because it’s not in any of the default reports. So what we actually had to do is find the table that had these notes, and then work to get the data dumped. And as soon as we found that, the case quickly settled, because obviously, the hospitals don’t want everyone knowing what’s going on.

Jim Meyer: That’s a disadvantage that a plaintiff in a case may have. Hospitals often times have entire departments in medical informatics, departments in which they have experts that know the in’s and out’s of the EMR, the metadata collected, often times plaintiffs do not, but they should be aware of the fact that that metadata exists. Extracting it from the record is often times… It is a need for an expert at computer forensics, expert, an IT expert. But it’s important that plaintiffs, and all attorneys, defense attorneys and plaintiffs attorneys realize that that information exists as metadata in these records, it can be obtained. We take great deal of effort to obtain it, but it’s there.

Lee Neubecker: And Jim and I co-authored a paper along with another attorney that appeared in the Illinois State Bar Association on EMR patient medical records, the audit trail and other things impacting HIPPAA and medical malpractice regulations. We’ll put that up here too so that you check that out. Anything else you’d like to add about your practice, Jim?

Jim Meyer: No, we’re happy practicing attorneys in Chicago, Illinois. I would recommend any attorney who is involved in any issue similar to this, to take a look at the article that Lee was kind enough to co-author with me and John Tomes, it really is a lot of information. Detailed information that attorney’s should know.

Lee Neubecker: Great, thank you.

Jim Meyer: You’re welcome.

To Learn More about Computer Forensics and Patient Electronic Medial Records

Read the Illinois State Bar Article co-authored by the interviewed subjects on Patient Medical Records.