Foundational concepts of the legal EHR

 By Carol Ann Quinsey, RHIA, CHPS
© American Health Information Management Association 2007

 The concept of a legal health record, whether paper or electronic, is generally well understood within the health information management (HIM) profession. However, during the transition from paper to electronic records some organizations are expressing concern about the use of the terms “legal health record” and “legal electronic health record.”

 Multiple purposes

Health records serve purposes across every care setting. They are the basis for communication among healthcare providers, documentation of patient care, the source of data for patient care evaluation, the source of research data for improving the quality of care and the source for reimbursement for services.

In addition, health records have historically been the recognized legal business record for healthcare organizations, and as such, health records can be admitted into legal proceedings as an exception to the hearsay rule in most states. The Federal Rules of Evidence (803(6)) and the Uniform Business and Public Records Act adopted by most states allow this exception for health records maintained in the regular course of business as long as the record was:

• Documented in the normal course of business,

• Kept in the regular course of business,

• Made at or near the time of the matter recorded,

• Made by the person(s) within the business with knowledge of the acts, events, conditions, opinions or diagnoses appearing in it.

 Health information managers were, and continue to be, the record custodians, managing them in a way that ensures documentation standards are developed for and followed by the organization. Such standards meet applicable requirements promulgated by relevant accreditation bodies and agencies such as the Centers for Medicare and Medicaid Services (CMS), in addition to pertinent state and federal laws and regulations.

The landscape of laws, regulations and practice standards for the creation and maintenance of legal health records is complex and consistent by neither care setting nor state. HIM professionals have traditionally been recognized as the experts on what is required for defining a legal health record in individual healthcare organizations. They are charged with developing and implementing policies and procedures necessary to create and maintain a legal health record (i.e., business record) for the organization.

This process generally starts by reviewing the requirements found in applicable federal and state laws, rules for compliance and accreditation standards. It is then a matter of striking an acceptable balance between the requirements and being able to use health information appropriately. Practical concerns having to do with the technology must also be considered.

Among the many organizational policies and procedures necessary to permit health records to be recognized as legal business records is a policy specifying what documents may be disclosed in response to a valid request for disclosure, whether from a patient, third-party payer, legal counsel or court. Policies and procedures identify the exact subset of documents that will be released upon receipt of a valid request for disclosure. Many additional documents may be discoverable, but there should be a clear subset of documents that are released initially.

 Life cycle of records

A health record’s life cycle is made up of stages with certain actions that occur at each stage. Although the method of taking the necessary actions at each stage may vary depending on whether the record is in paper or electronic format, the basic actions are the same. These actions are part of the process required for the record to be considered the legal business record of the healthcare organization.

1. In the first stage the record is created. Documentation about a patient’s care is collected from a variety of sources. Records are reviewed to ensure their accuracy and completeness prior to moving to the next stage.

2. Once records are deemed complete, they are maintained (or archived) in a manner that preserves the integrity of the record for patient care, research, payment and evidentiary purposes. In this stage records are made available for legitimate business purposes, which include responding to valid requests for documentation. All such disclosures are guided by organizational policies.

3. If the organization chooses to dispose of health records at some point, a policy based on applicable laws guides this process. Such policies and procedures define how, when and by what method its business records may be destroyed. Additionally, they typically define what sort of documentation must be maintained regarding the destruction of these records.

 Moving to EHR

Transitioning from paper to electronic health records (EHRs) requires healthcare organizations to reevaluate their definition of the legal health record as new modes of creating and maintaining health record documentation are deployed. Defining the legal health record has become more complex as organizations move to electronic media. However, the fundamental principles that allow paper health records to constitute the legal business record of a healthcare organization and be admissible in court remain the same regardless of media for the creation and maintenance of health records.

One of the challenges faced in the move from paper to electronic records is maintaining an accurate description of exactly what will be released upon receipt of a valid request for documentation. As organizations implement various components of their EHR, careful documentation of when each component moved from paper to electronic format and whether or not the component constitutes part of the record that is released pursuant to valid request is required. This process requires diligence and careful tracking of exact dates when changes occur.

Concern has arisen in some organizations as to whether or not documents created in paper then scanned into imaging systems can be considered the “legal” EHR. These concerns may be based on what level of trust attorneys and courts have with the accuracy of the imaged record. If there is any concern that a legible copy of the original paper health record cannot be presented for use in the event of legal action, a requirement may be imposed by organizational legal counsel to maintain paper copies as the “legal” record. Clear policies for quality control should be useful in alleviating these concerns, along with results of quality monitoring. In addition, the costs of maintaining duplicate paper and electronic records should be documented as well as the risks inherent in trying to maintain duplicate records. •

  Copyright 2007 by the American Health Information Management Association. Reprinted with permission.