Determining Location of a Mobile Phone – Is it Junk Science?
September 4, 2019Child Pornography Defense Forensics – Countering the Prosecutions Limits on Access to Evidence – Part 5 of 8
December 11, 2019
We often get called to examine Electronic Medical Record Systems by way of a site inspection and have written a suggested order below:
IT IS HEREBY ORDERED:
The Electronic Health Record, Audit and Compliance system inspection is to take place on a date agreed by the parties at [Facility].
IT IS FURTHER ORDERED the following Definitions shall apply:
- The term “meta-data” means: information embedded in a Native File that is not ordinarily viewable or printable from the application that generated, edited, or modified such Native File; and information generated automatically by the operation of a computer or other information technology system when a Native File is created, modified, transmitted, deleted or otherwise manipulated by a user of such system. Meta-Data is a subset of electronically stored information (“ESI”). “Metadata.”
- The term “Native File(s)” means electronically stored information (“ESI”) in the electronic format of the application, in which such ESI is normally created, viewed and/or modified. Native Files are a subset of
- The term “Electronic Health Record” (“EHR”). “EHR” refers to electronic information systems and/or computerized devices containing electronic records of patient data captured in any care delivery setting within [Hospital] and is often referred to as a Electronic Medical Record. Records include, but are not limited, to patient demographics, histories and physicals, progress notes, clinician orders, lab tests, diagnostic imagines, graphical data such as EKG tracings, physiological data such as blood pressure, pulse, respiratory rate and temperature, automated decision support-generated alerts and reminders, and any other
- The term “Database” means a data structure that stores organized information. Most databases contain multiple tables, which may each include several different fields. For example, an electronic health record database may include tables for patients, diagnosis, access and compliance records. Each of these tables would have different fields that are relevant to the information stored in the table
Fourteen (14) days prior to the inspection, Defendant shall provide:
- Identity of the person most knowledgeable for the EHR software/auditing and compliance system;
- Any EHR vendor software/auditing and compliance system changes, within the last 10 years;
- The software name(s) and version(s) of the EHR system, system modules, auditing, and compliance system(s) in use during the time of the patient’s care to date;
- Whether any government funds received by for each practitioner and entity for participation in the Electronic Health Record Incentive Program;
- The dates in which met compliance with Adopt, Implement or Upgrade, Meaningful Use 1 and 2;
- For each EHR system, auditing and compliance module, identify the ONC Certified Health Product number;
- All user, administrative, implementation guides and manuals for the Electronic Health Record system, system modules, auditing, and compliance systems;
- The retention policies, procedures, and schedules in effect regarding the complete EHR in effect during Plaintiff’s stay at [Hospital];
- Besides medical data that is part of the complete medical record produced per request of Plaintiff, identify the metadata that exists in all EHRs or computer-based medical devices from [date] to [date]. This specifically includes, but is not limited to, computer-based medication orders, orders for therapy, instrumentation and interventions, and physiologic data such as blood pressure, pulse, temperature, etc. automatically measured or otherwise obtained; and,
- Whether any changes and/or upgrades that have occurred in [Hospital’s] EHRs since Plaintiff’s treatment that could affect or change the clinical data or metadata as reproduced in response to these requests in any
At the time of the inspection, the Plaintiff and the Plaintiff’s expert shall be entitled to:
- Access to all EHR systems, databases, auditing and compliance systems using the highest-level credentials for login;
- Access to all systems and data to view and capture the date, time, and author from [date] to the present day;
- All dictation audit trails;
- All types of actions to included amendments, additions, copy, print, sign, create, and delete with the original documentation unobscured to the EHR from [date] to the present day;
- All specific portions of the chart accessed from [date] to the present day;
- Terminal/device identification and physical location of all accesses from [date] to the present day;
- Time event stamp and display time stamp;
- Any and all hyperlinked documents (scanned or PDF) in the medical record;
- Clinical data used in monitoring and providing medical care to a patient; and,
- A court reporter and/or videographer to record said
IT IS FURTHER ORDERED:
- Screenshots of the auditing portion of the program will be allowed;
- Defendants will make available the Electronic Health Record system, databases, system modules, auditing and compliance systems to the Plaintiff and its expert as to not restrict any view of data during a site inspection for four hours;
- Defendants will assist by navigating the systems and answering questions as to the system capabilities and navigate of the system;
- Defendants will not answer questions as to the contents of the medical record;
- Plaintiffs will direct defendants when to screen capture certain sections of the systems and those screenshots will be produced within 7 days of the site inspection; and,
- If Defendants cannot navigate to the requested location of the system, Defendants shall engage support from the software manufacturer.
To download this Sample Order Sample Order for Electronic Medical Record Discovery Site Inspection