Electronic health records systems: testing the limits of digital records' reliability and trust.

Author:Drury, Barbara
Position:Electronic Discovery and Digital Evidence

The United States healthcare system accounts for nearly twenty percent of our nation's Gross Domestic Product. Its vast information ecosystem comprises nearly 700,000 physicians; (1) over fifteen million healthcare workers; (2) 5,900 hospitals; (3) 16,000 nursing homes, (4) and numerous other facilities; enormous insurance interests; mandated, untested national technology strategies; and hundreds of millions of critically concerned actors--all combining in interlocking, information networks. It is a system worthy of examination. Is the evidence created by this vast information ecosystem reliable?

The following Article summarizes systemic defects in our nationally mandated healthcare information systems. The authors examine the critical doctrines animating our current evidentiary rules. Time after time our medical records systems are revealed to be defective. Authenticity is suspect as an endemic matter, just as is trusted reliability for clinical and business purposes. Certainly there is a looming evidentiary defect undermining the very purpose for the records' existence.

Why are there such catastrophic failures? Here, the authors make their original and lasting contribution. Viewing the issue as more than the reliability of discrete records, the authors examine the invisible societal processes causing records-systems' dysfunctionality. They demonstrate our current system is unrealistic in that it ignores the complexity in our economy. As one example, our system purposefully ignores the fact that healthcare records are used arguably as much to obtain payments as they are to document clinical facts. The authors demonstrate that a more realistic approach is necessary if we are not to delude ourselves. In this regard, the Article is an example of an updated empiricism--informed by more advanced, appropriate, and prudent ideas about technology.


Electronic records systems are bringing unprecedented changes to the United States Healthcare Industry. As an objective of economic stimulus legislation, under the American Recovery and Reinvestment Act of 2009 (ARRA), (5) billions of taxpayer dollars are leveraging additional billions of private dollars to accelerate clinicians' and clinical organizations' uptake of these as yet non-standardized and minimally regulated systems. The history and the rationale for the uptake stimulus, as well as risk considerations, have been thoroughly reported elsewhere. (6) Of particular note is that the stated objectives of ARRA address the security and exchange of information from Electronic Health Records (EHRs), (7) and are effectively silent on whether the information originates from a reliable and trustworthy source.

This Article is unique from prior summaries, including those detailing risks, in focusing specifically on EHRs as sources of records for United States legal proceedings and processes, and therein offering exemplary illustration of how EHRs can pose unique challenges to those legal proceedings. The resulting challenges derive from, generally speaking, fundamental operational characteristics of these systems that can vary widely from records management and digital records norms, giving rise in turn to potential impeachability on grounds of unreliability and untrustworthiness, as well as unfitness for the stated business of the industry itself, clinical care, whether by design or by use, known or unknown. The Article will also note direct and indirect market forces for preferentially selecting "unfitness" in the evidentiary capacities of electronic health records management systems.


It is important to note that the path traced by digital records in United States healthcare has been substantially influenced by interests and market forces that may vary from those of other industries. For example, medical records themselves play a substantial role as intermediate artifacts for payment, with the record of care demonstrating and affirming "care necessity" as the stated object of insurer's payment policies. Since third-party (public or private insurer) payment requires records of care as artifacts whose content explains or justifies services, then records themselves behave as a primary determinant of payment and, at least implicitly, the objective of the service. Generally speaking, the results of the service do not influence payment for service. In effect, the record of care has a greater role in determining payment than the service work-product itself or its benefit to the patient. In contemporary parlance, past and current payment systems emphasize quantity over quality, with evolving and future payment models aiming to shift "from payments based on volume to payments based on performance," (8) reorienting payments toward care quality and improved clinical outcomes of patient care services.

In (oversimplifying) sum, previous payment systems brought the United States a phenomenon representing the logical result of payment for volumes of records detailing volumes of care of unknown value or benefit, rather than payment for care results. Current Federal Health Information Technology policies, such as incentive payments for EHR implementations and limited use, are intended to speed the uptake of information systems that are presumed to, among other projected or potential benefits, report the clinical quality measures (CQMs) that form the basis for ongoing development of these transitional and future payment models. (9)

However, in this construct, given that EHRs are non-standard, variant, and even aberrant records systems, there is a substantial financial incentive to attuning the record systems' functional priorities to assure that the resulting record artifact leverages the maximum payment, dissociated from its accuracy and reliability as a business record of patient care events. Furthermore, the oft-noted litigious atmosphere in healthcare offers a second and separate incentive for records systems that can represent events, or amend representations of events, according to considerations other than accuracy and reliability as legally sound records.

Nonetheless, recognizing that better, cheaper, faster work-product records data systems were necessary, the United States' initiative for following Western European leads in digitizing healthcare records got further underway in earnest with the Institute of Medicine's Computer Based Patient Record: An Essential Technology for Health Care report in 1991, which included a forecast that all would be on EHRs by 2001. (10) The 1997 update, as a "progress check," noted little movement forward and attributed the lag to a lack of common data standards and privacy rules, among other things. (11) The vigor of the United States' efforts then renewed under policies promulgated by the George W. Bush and Obama Administrations. Healthcare organizations have been encouraged to adopt new health information technologies (HIT) via regulation, incentive programs, and future penalties. (12) The stated purposes of these programs are in line with broad national interests in improving the healthcare industry's effectiveness and costs as represented in the oft-referenced Triple Aim of better care for individuals, better health for populations, and lower per capita costs. (13) Many others have presented the presumed future benefits of EHRs, particularly, the oft-cited and respected EHR authorities Sharona Hoffman and Andy Podgurski. (14) However, even their generally positive inventory includes reference to presumptive benefits' dependency on fundamentals of system fitness: "The benefits of EHR systems will outweigh their risks only if these systems are developed and maintained with rigorous adherence to the best software engineering and medical informatics practices and if the various EHR systems can easily share information with each other." (15) In prioritizing records systems' derivative end-uses ahead of their reliability, the United States has created consequences for presumptions of fitness as reliable records without affirmation, testing, or standardization against existing applicable international EHR Systems Standards or Business Records requirements. (16)

Recent publicly available statements have further substantiated the reality of system aberrancies' risks. One was the 2012 published letter signed by U.S. Attorney General Eric H. Holder, Jr., and the Secretary of the Department of Health and Human Services, Kathleen Sebelius, regarding EHR mediated falsification of records for the purpose of getting paid improperly. (17) Another was a Request for Proposal from the federal government to purchase services to study how to mitigate errors in quality incentive payments, including errors arising from "gaming" the EHR-data submissions reporting systems. (18) In late 2011, General Electric published a letter that acknowledged defects in its EHR's reporting functions that could lead to improper payments. (19) More recently, the Office of the Inspector General for the U.S. Department of Health and Human Services, reported its hospital survey results showed that "nearly half of hospitals (44 percent) reported that they can delete their [EHR] audit logs." (20)

In the following sections, we will introduce the bases for addressing EHR systems as a general class of records management systems providing evidence that digital records systems require special treatment when called upon to support business records requirements in legal proceedings.


    1. 901(b)(9) Evidence About a Process or System

      In Rule 901(b)(9) of the Federal Rules of Evidence, it is stated that a requirement for validating business records is "[e]vidence describing a process or system and showing that it produces an accurate result." (21) Rule 901(b)(9) is designed for circumstances and systems where ongoing experience with evolving...

To continue reading