LAWTECH GURU BLOG by Jeff Beard

Legal EHR Summit: Thoughts & Impressions

From the many presentations and discussions at the AHIMA sponsored Legal EHR Summit in Chicago, it's clear that healthcare records and records management in the U.S. are changing.  (In case you were wondering, "EHR" = Electronic Health Record).  In George Paul's (Lewis & Roca) keynote, he shared how the U.S. government is pouring money into healthcare records via incentives in the ARRA and HITECH acts.  Several presenters referred to these changes as the biggest change to healthcare privacy and security rules since HIPAA was enacted.  Indeed, even as we discussed these developments, new security breach notification rules were due out yesterday.  Also discussed in several sessions, these new laws will likely require many business associate contracts to be renegotiated.

It's also interesting to note that as much as some think of U.S. healthcare as high-quality and high-tech, the underlying HIT and records management systems and professionals are struggling with addressing these new changes, challenges, and ramifications, especially with respect to the legal aspects.  For instance, many HIT systems are not geared toward the legal aspects of preservation (think dynamically changing databases on a daily basis) and production.  Not surprisingly, their focus is on enabling the healthcare professionals and organizations in the provision of their services.  Several cases were mentioned where the plaintiff's attorney wanted to see the data and screens of what the doctor saw when he/she was treating the patient.  The response I heard throughout was that this wasn't possible due to the constantly changing nature of the data in these systems.  It doesn't take much imagination to sense how well this goes over in litigation, and the need for creative solutions.  Much discussion also centered around records management and creating/refining document retention policies, and just as importantly, complying with them.

There were also some pretty scary stories relating to Iatrogenesis, or the patient harm caused by the use of computer systems, and the lack of transparency and sharing of those problems by the software vendors.

There's also the issue of creating the necessary interoperability and sharing of information across different HIE's (Health Information Exchanges) - from local to regional to state to national levels.  So there's a fair amount of catching up and transformation that needs to happen in this industry.  The good news is that these issues are being discussed in depth across multiple disciplines - IT (HIT), Records Management, Legal, Risk Management, and Compliance, just to name a few.

With respect to the summit itself, this was the first time I attended an AHIMA conference.  It's been well organized and everyone at AHIMA has been very helpful and friendly.  There is definitely a spirit of cooperation and collaboration among everyone here, including the attending HIT, records and risk managers, consultants, and attorneys.  Indeed, there is a high degree of interest in addressing and resolving these issues through better understanding of the legal issues by health information professionals, better definition of standards (for instance, what constitutes the "Legal Electronic Health Record"?), and transforming the records management systems and processes.

Blogging at the Legal EHR Summit in Chicago Next Week

What do e-Iatrogenesis, HIT, CPOE, EHR, and eDiscovery all have in common?  They're just some of the many medicolegal and technological terms and issues being discussed next week at the Legal EHR Summit at the Chicago Marriott Downtown.  The summit is organized by AHIMA, the American Health Information Management Association.

As our nation's healthcare industry becomes even more computerized and integrated, partly due to ARRA (the American Recovery and Reinvestment Act of 2009), the intersection of healthcare, electronic records, records management, and legal issues (including litigation and eDiscovery) will likely explode as well.

I'll be attending and blogging as time and Wi-Fi access permits.  Please feel free to look me up as I enjoy the many opportunities for discussions at these events.  For the uninitiated, I've put together a quick cheat sheet for a few select terms below, along with their sources on the Web for more in-depth definitions:

HIT:  Health Information Technology

Think of HIT as IT for healthcare-related systems, along with ARRA's goal of establishing a nationwide interoperable Health IT infrastructure.

CPOE:  Computerized Physician/Provider Order Entry - An electronic system that healthcare professionals can use to enter drug prescriptions and diagnostic orders, among other things.

EHR (aka Legal EHR):  Electronic Health Record

The Electronic Health Record (EHR) is a longitudinal electronic record of patient health information generated by one or more encounters in any care delivery setting. Included in this information are patient demographics, progress notes, problems, medications, vital signs, past medical history, immunizations, laboratory data and radiology reports. The EHR automates and streamlines the clinician's workflow. The EHR has the ability to generate a complete record of a clinical patient encounter - as well as supporting other care-related activities directly or indirectly via interface - including evidence-based decision support, quality management, and outcomes reporting.

e-Iatrogenesis:  "Patient harm caused at least in part by the application of health information technology."

Think of e-Iatrogenic events as things that can go wrong for patients when CPOE systems are implemented and involved.  For example, consider errors relating to patient drugs or diagnostic tests, including errors of commission or omission.

This succinct discussion of e-Iatrogenesis contains a nice explanation of the types of "unintended adverse events":

These unintended adverse events may fall into technical, human-machine interface or organizational domains.  Some e-iatrogenic events will represent the electronic version of "traditional" errors, such as a patient receiving the wrong drug dosage due to a human click-error.  But other HIT precipitated or enabled errors may have no exact analog in the non-electronic context. For example, a clinical decision support system (CDSS) embedded within an electronic health record might contribute to a clinician's incorrect diagnosis or treatment plan; this could represent either a "type-one" or "two" error (e.g., making a diagnosis that was not present or missing one that was).

Stay tuned for more blog posts on these topics . . . 

“Moldy” Twitter Post Draws Lawsuit

Yet another twitter post, this one by a Chicago tenant referring to an allegedly moldy apartment, draws a $50,000 lawsuit against the Twitterer for defamation.  As the tweet was reposted within Twitter and around the world, it provides a wealth of evidence as to not only the post itself, but its far reach across the Internet.

Both sides are going to lose in this suit, though.  According to the article, the original poster could very well lose the suit.  Even if she ultimately prevails, it's going to cost her dearly in defense fees.  Likewise, the realty management firm's statement to the the Chicago Sun-Times that "We're a sue-first, ask-questions-later kind of an organization" resulted in a "firestorm of criticism."  It's a harsh lesson that companies sometimes learn the hard way in responding to customer complaints in the online arena.  "This could generate bad press for them for years, and that wasn't (Bonnen's) doing," said Sarah Milstein, co-author of the just-released "The Twitter Book."  Who's going to want to rent from or otherwise do business with a a self-admitted "sue-first" company?

There are lessons to be learned from both sides.  First, don't make posts on public or social networking sites that are intended for a particular individual, especially when you are peeved at something or otherwise under emotional stress.  Public postings on social networking sites amplifies the dangers of bad e-mail decisions by several orders of magnitude.  Far too many people are either unaware of or forget to change their privacy settings so that only those users can see the post.  You might as well be shouting it to the Washington Post, New York Times, your adversary and their counsel.  There is some very good advice in the SFGate article cautioning posters about this.

Likewise, companies also need to be very mindful of their reactions and public responses to such incidents.  They often damage themselves in the public's eye far worse by how they responded to such a posting, than the original posting caused in the first place.  Sometimes lawsuits can be avoided, and sometimes they can't.  Regardless, it's important for businesses to avoid kneejerk responses that only serve to reinforce public opinion that they are the villains.  They may win the suit, but then can lose even more business in the process by generating additional reputational harm whether they realize it or not.  So which was the better business decision?