7/7/2021 0 Comments
When you send a medical records request to a facility what you are going to get is essentially a printed-out version (or, this day and age probably a PDF of how it would look printed out) of the notes entered about the patient while they were in the hospital as they would appear in the computer system if you were to open up the chart at the facility- which is great, right?
Not necessarily. In this case you are seeing the medical record as the providers and the facility want you to see it.
It could be unchanged from its original state, but since the provider doesn’t have to scratch out their incorrect entries you will not be able to tell when the entries were truly made (despite the time stamp) or whether any entries were deleted or modified. Having slightly late entries is not uncommon and is not necessarily an indication of fraud. In fact, most of the time unless the health care provider is working with a scribe (which is actually becoming pretty common in some settings) they are going to have to document what happens during a patient encounter after-the-fact. Think of it this way, you wouldn’t come out of the room after deposing a client with deposition digest already in hand. You have to review the deposition and complete process it when you’ve had time to think. However one thing the EMR allows providers to do is to edit, delete and add-in entries days, months and even years later but date them for the time of the patient contact. The problem is that in your typical medical records request, that late entry is going to look like it was entered at the time that the patient encounter occurred (if that’s how the person entering the entry wants it to look). It’s very easy to “back-date” an entry so that it looks like something was documented in a timely fashion when it may not have been.
There are federal laws dictating the types of technical safeguards that must be in place for an EMR so that late entries and tampering can be detected (The Cures Act Update 45 CFR § 164.312, HIPAA, HITECH and more). EMRs must have a method of tracking who accesses a medical record, when the medical record was accessed, the terminal or location the medical record was accessed from and what the person accessing it did- including whether they entered, modified or removed data. This is referred to as an audit log or audit trail.
The audit log is basically a timeline that states the name, time, location, and method of access of every person who opened the patient’s electronic medical record. Even if the person who opened it made no change to medical record- didn’t write a note, chart a vital sign, nothing- their name and other pertinent information will show up on the audit log.
The downside to this is you can have a ton of data that translates to very little usable info. Most of the time you won't want to request the audit log for all of the patient's records. You can specifically request an audit log specific to certain dates, for example; or an audit log showing certain actions or all actions taken by a specific provider.
The big take-away here is that the metadata (commonly described as "data about data") available in an audit log is not considered a part of the patient’s medical record. Obtaining the audit trail requires a separate discovery request; but unless you want to scale a mountain of medical records, make your discovery request very specific.
If you request an audit log and you see a lot of modifications (especially if those modification took place much later or after your legal team originally requested access to medical record) there is yet another step you may need to take.
If you have significant reason to believe a record has been tampered with you can also request a revision history. The revision history shows all available versions of a chart, so someone analyzing it can tell what the chart said before a modification was made and what it said afterward. An easy way to think of the revision history is to think about using the “Track Changes” function in Microsoft word. It is a list in chronological order showing the different versions of what has been changed and when. It’s a ton of documentation and will result in an extra cost and time burden if requested, but could be priceless if significant alterations are discovered.
Check out part 1 (Missing and Altered Medical Records: the Value of a Clinical Eye on Deficiencies in Medical Records), part 2 (Why do Parts of the Medical Record Go Missing?) and part 3 (What's an Attorney to Do Regarding Missing Medical Records?) in this series for more information.
To get the most comprehensive and up-to-date information about identifying and handling challenges associated with missing and altered medical records, submit an inquiry below or visit our CLE page.
I'm Jennifer Pettigrew and, true story, I first became interested in Legal Nurse Consulting after my auto insurance company was sued following a car accident in which I was found to be at fault. I wasn't sued until after the statute of limitations was up but an exception was made and the plaintiff alleged that because of being rear-ended he was on pain medications chronically which caused him to develop diabetes and become blind. As a nurse I knew that Diabetic retinopathy cannot develop over the course of just a few years but rather is a complication that develops after several years of untreated or poorly treated diabetes. The case was settled by the insurance company before ever going to court for several million dollars, but from that point on I have been interested in the difference medical professionals could make in legal proceedings.