Providers often use electronic medical record (EMR) functions that result in authorship falsification, disabling of auditing functions, and document misattribution without realizing the legal implications of these functions, says Reed D. Gelzer, MD, MPH, founder of Trustworthy EHR, a Newbury, NH-based data quality and information integrity consultancy specializing in the legal aspects of EMRs.
"People will do things in an EMR record that they would never do in a paper record," he says, such as copying information from previous visits and attesting to them being unique, new records, and deleting previous records or portions or records.
Data integrity failures with health information technology (IT) systems is number one on the ECRI Institute’s top 10 patient safety concerns for healthcare organizations. (To download the full report, a slideshow, and a poster, go to https://www.ecri.org/PatientSafetyTop10.) The ECRI Institute is a Plymouth Meeting, PA-based nonprofit organization that researches approaches to improving the safety, quality, and cost-effectiveness of patient care.
"It is a shared clinical responsibility to reduce the risks of data integrity failures with EMRs," says Karen P. Zimmer, MD, MPH, FAAP, medical director of the patient safety, risk, and quality group for the ECRI Institute’s Patient Safety Organization. (An ECRI 2013 White Paper, "How to Identify and Address Unsafe Conditions Associated with Health IT" can be accessed at http://bit.ly/1uQ6ReM.)
Data integrity failures can occur for several reasons, such as data entry errors, missing or delayed data delivery, inappropriate use of default values, and copying and pasting. Zimmer offers these risk-reducing practices:
• Hospitals and physician practices should involve the end-user when determining default values. "It is crucial to have end-users and IT departments working together when implementing new systems," says Zimmer.
• Physicians can avoid inadvertently entering data on the wrong patient by only opening one medical chart at a time.
• Organizations can provide an easy and accessible way for physicians to report problems when there are immediate issues, such as when data is not fully transmitted.
In a 2012 analysis, ECRI asked organizations to submit at least 10 safety events associated with health IT. "We learned there is underreporting and lack of understanding when health IT may play a role in an event," says Zimmer. An event initially might be identified as a medication error, but further investigation might reveal there was a health IT component. Here are EMR charting practices that might reduce physicians’ legal risks:
• Functions that "bring forward" or duplicate from prior records must not be misrepresented as new records.
A statement such as "the patient’s grandchild is at the bedside visiting" could be copied forward every day of the patient’s admission, for example. "Those kinds of things are so easy to ridicule in a legal proceeding," says Gelzer.
• Functions that support one author "taking over" or editing the documentation of another professional must be used with full awareness and care.
The patient care record might make it appear there was a single author when multiple professionals actually provided the clinical services.
"At the least, the original version of a licensed professional’s clinical observations must not be incidentally obliterated or authorship reassigned’ without preservation of the original content intact and accessible by some means," says Gelzer.
• Providers should never disable audit controls.
"This is similar to using correction fluid on a paper record. It demonstrates an ability and a willingness to alter records," says Gelzer.
Most clinical facilities assume that if the function exists in the system, it must be an acceptable one.
"However, EMR vendors are under no obligation to make sure that their systems comply with the laws of your state and the requirements of your insurers or any oversight agencies," says Gelzer.
