Electronic Health Records and Liability Concerns

MattFisherIssues that can Result in Potential Liability

By Matt Fisher, Esq
Twitter: @matt_r_fisher

Electronic Health Records (“EHR”) have widespread adoption at an incredibly fast rate of the previous few years. As is well known, the Meaningful Use incentive program from the federal government has been the primary driver of that acquisition and implementation. Under the Meaningful Use program, the federal government providers eligible professionals (whether individual physicians or hospitals) with federal money to help offset the cost of an EHR, if the eligible professional can show that it has fulfilled certain measures.

The Meaningful Use program has arguably resulted in all types of providers acquiring an EHR and then using the EHR in a way that is not necessarily conducive to good practices. Criticism of Meaningful Use seems to focus on the stifling of innovation, the race to an artificial goal and poorly constructed systems. Since the government created a target, developers aimed for that target as opposed to what may have actually be in the best interests of medical practices or even the individual customers. Developers are not the only parties to blame as eligible professionals also, from some views, rushed to adoption without putting a solid plan into place that would ensure the EHR was used in a manner that increased the quality of care.

From the legal perspective though, there are a couple of issues that can result in potential liability for eligible professionals that do not use an EHR in an allegedly proper manner. One issue is the increased ability to “copy and paste” information from one note to each successive note. At first blush the mere act of copying and pasting would not appear to be troublesome. However, carrying information forward from one note to the next could give the appearance that the same services were rendered multiple times. If the services were arguably rendered each time, then those services would likely be billed. Unfortunately, only the first billing would be appropriate and all subsequent billings for the “copied” services would be inaccurate. As such, a provider could overbill and receive reimbursement for services not rendered. Such payments would be improper and an act of fraud in the eyes of the government.

Concern over copying and pasting in EHRs is not a new issue. The Office of the Inspector General of the Department of Health and Human Services flagged copying and pasting as a major issue for potential fraud over the winter. In an audit report, the OIG cautioned against use the copy and paste function and suggested that records be audited or monitored for inappropriate usage of the function. As explained above, the concern is that services can be carried over from one note to the next and enable billing when not called for. Additionally, the OIG believes that many EHR systems have the ability to control copy and paste use, but the relevant controls are not enabled or used.

Given the attention being shifted to copy and paste functionality in EHRs, it is advisable to adopt a policy concerning its use. While copying and pasting can be appropriate under certain circumstances, it will be helpful to use the functionality under controlled circumstances. Additionally, it would also be a good idea to audit and monitor records for compliance with any policies adopted. Further, the auditing and monitoring can be used to review records and potentially catch problematic records before being released for billing or other purposes.

Medical malpractice claims is a second legal issue that has received a fair amount of attention recently. Individuals who received allegedly substandard care are looking at EHRs as a source of claims for a number of reasons. Research by CRICO, a Harvard affiliated medical professional liability organization, identified some of the leading issues asserted in malpractice claims based upon EHR issues. The top issues identified by CRICO include: incorrect information in the EHR, paper to electronic conversion or hybrid use, copy and paste errors and lack of interoperability. While it is unlikely that an issue stemming from EHR use will be the sole basis of a malpractice claim, these issues listed do present serious questions and concerns about EHR usage.

That being said, some of the issues identified seem to be well known in the health information technology field. Foremost among the hotly debated issues is interoperability. Arguably, it should be expected that one EHR system will be able to communicate freely with another, thus allowing information to flow between the systems seamlessly. In reality, as is pretty well known, this does not occur. From the standard of care perspective, the lack of information flow presents problems because one provider may assume that all other providers caring for a patient know what services that patient has received. This is not always the case, even within one provider system. If providers do not have the full care picture, then mistakes can arise that could form the basis of a malpractice claim.

Interestingly, copy and paste errors are also an issue on the malpractice side. The fraud issues are discussed above, but copying and pasting could also present an issue in the malpractice setting if, for example, the incorrect information is added to a record or one patient’s information is put into a different patient’s record. Say two patients are being readied for surgery and patient X needs a left leg operation whereas patient Y needs a right leg operation. The same surgeon will perform both surgeries and while doing a preoperative note mistakenly copies all of patient X’s information into patient Y’s record. On the day of the surgery, the preop note is reviewed and patient Y is wheeled into the operating room with patient X’s information forming the basis for the surgery. Now, instead of operating on the right leg, patient Y receives a major surgical procedure on the left leg and there are complications. The wrong surgery occurred because of misinformation in the EHR. As this example shows, bad information in the EHR could easily and quickly lead to potential malpractice liability.

As with any advance, potential liability will exist. That liability can be minimized or managed though if care is taken in the use of the new technology and good policies and procedures are put into place. If providers and others are aware of the potential issues, then it is possible to plan for those issues and put preventive measures into place. Just remember, while an EHR does offer a lot of promise, there is also a lot risk involved. As is said often in Spiderman movies, comics and other media, with great power comes great responsibility.

About the author:  Matthew Fisher is the chair of the Health Law Group at Mirick, O’Connell, DeMallie & Lougee, LLP, in Worcester, MA.  Mat advises his clients in all aspects of healthcare regulatory compliance, including HIPAA, the Stark Law and the Anti-Kickback Statute.