The evolution of today’s EHR holds much in common with that of the modern railroad. We all take for The evolution of today’s EHR holds much in common with that of the modern railroad. We all take for granted that railroad cars easily move from one track to another and from one company’s lines to another. So, whether the owner of the rail is Union Pacific or Burlington Northern, the gauge is always the same:4 feet, 8-1/2 inches. There was a time, however, when rail construction standards ranged anywhere from three and a half to over seven feet in width. Each gauge had its proponents and each proponent made persuasive arguments (at least to themselves) as to why their approach was superior.
At the outset, these multiple methodologies made little difference as most rails ran point to point and did not intersect. Yet, a common rail gauge was (and is) a critical requirement for interoperability and ease of transport. Without it, passengers and freight had to be offloaded and reloaded into cars that could ride the rails underneath. Costly and time-consuming, such transfers also introduced potential freight loss and error into the system. With the Civil War, the need for a single standard became apparent as the efficient movement of people and goods was essential to the health of the nation. In response, the Lincoln administration made an executive decision and set the gauge for the transcontinental railroad. The critical need for a homogeneous nationwide equipment interchange won out, even though experts agreed that the 4 feet, 8-1/2 inch standard was less than the best.1
In the EHR space, what is needed is an equivalent of Lincoln’s directive at the close of the Civil War: interoperability for the greater good. Unfortunately, many EHR vendors, for seemingly persuasive reasons, still opt for closed networks with disparate and proprietary standards and purposes. These unconnected and competing systems, like the rails of old, carry the potential for organizational train wrecks. Until robust, efficient, and mandatory interoperability standards emerge, providers should consider linking systems through other means, as failure to do so may lead to the malpractice and regulatory compliance issues discussed below.
Medical Malpractice Concerns
An often unforeseen risk with unconnected systems is the possibility of medical malpractice liability arising from reliance on incorrect information retrieved from the EHR. Almost all EHR systems provide input assistance in the form of templates, copy-and-paste, and self-populating data fields. While these functions can be valuable and save time, they can also lead to simple but costly mistakes.2 A few clicks on any electronic chart can generate paragraphs of information.3 A reviewing provider may then overlook important information or potential health issues because of the vast amount of information available and the overwhelming number of “normal” indicators.4 Copying and pasting a patient’s note may seem like the quickest and easiest option to smooth the rails in an unconnected system, but may lead to incorrect or incomplete health information.5
Errors in data entry are exacerbated when physicians must access multiple EHR systems. For example, one hospital’s set up highlighted in the media required physicians to log into an EHR program on a computer in the doctors’ lounge in order to view a patient’s radiology report. When they wanted to see the same patient’s EKG, they were required to use another EHR platform created by another vendor. Pathology reports required booting up yet another program.6 Such disconnects can lead to physicians not being able to access the right reports at the right time.
When this happens and bad outcomes result, medical malpractice claims ensue. Counsel for plaintiffs have become savvy regarding the type of information that can be mined and uncertainty that can be introduced at trial from multiple and unconnected EHRs.7 Because EHR systems capture more data than traditional charts, witnesses are often unable to remember (or, frankly, are unaware of) the details at the time of trial. Thus, plaintiff’s counsel might look to EHR systems to see:
- how long it took to chart the patient encounter;
- the location from which the chart entry was made;
- whether and when a note included information that had been copied and pasted from elsewhere in the EHR;
- whether a note was edited or amplified;
- the precise time certain diagnostic results became available, whether they were read and, if so, when and by whom;
- other EHR information the user reviewed in the chart encounter; and
- the amount of time spent reviewing each note.8
Because plaintiffs’ attorneys see this information as a goldmine to evaluate potential and ongoing suits, healthcare providers should be aware that the more disparate and unconnected EHR systems they have, the more onerous and costly it is to defend malpractice claims which may be brought against them.9
Regulatory Compliance Challenges
Flawed use of unconnected EHR systems also can give rise to False Claims Act (“FCA”) liability.10 Notably, the Office of the Inspector General listed EHR fraud as an area of focus in its 2013 Work Plan.11 To help uncover problematic claims resulting from, among other things, cloning and upcoding, the OIG conducts targeted audits and medical record reviews.12
Cloning occurs when a provider uses precisely the same language in a patient’s EHR for multiple visits, or when a provider uses the identical documentation in different patient EHRs.13 EHR functionalities that allow providers to enter default wording or that are not sufficiently connected may increase FCA exposure because the medical record documentation available to the government may not contain information necessary to establish that a particular service was provided to a particular patient as indicated in a particular claim.
Upcoding is the practice of charging for more extensive and costly services than were delivered.14 Since wholesale implementation of EHR systems, reimbursement rates have been increasing. Although providers argue that this is the result of more accurate billing, the government contends that this is indicative of more prevalent upcoding.15 In an unconnected EHR setting, it is easy to see how this might occur. As with cloning, necessary documentation simply may not be readily available to accurately establish the amount and intensity of the services claimed.
While penalties may arise from submitting faulty claims, steep FCA fines may also be imposed when payment is received (but not repaid within 60 days) for claims about which billing issues are later identified. Currently, the FCA imposes civil penalties of between $5,500 and $11,000 for each claim submitted and three times the amount of the government’s damages.16 Additional state law penalties include possible imprisonment as well as fines of $5,000 to $10,000 per claim.17
Thus, although designed to be provider friendly, certain EHR features may easily lead to cloning and upcoding. The more EHR systems a provider has to manage and the more unconnected they are, the more liability exposure there is.
Driving the Golden Spike
In a perfect world, EHR standards would facilitate communication and create a uniform electronic trail so that healthcare providers could readily and precisely identify the “who, what, where, and when” of the diagnosis and treatment of the patient. Such unified information standards would also (i) support the medical decisions of healthcare providers, (ii) reduce errors associated with EHRs, (iii) ease the burdens of discovery requests, and (iv) accurately support patient claims.
With increased emphasis on patient-centered care, the potential for malpractice driven by competing systems, electronic discovery costs, and the real potential for inadvertent compliance failures, one would think that the incentive exists for a Lincoln-like common-sense approach to constructing the EHR. Until standards emerge, however, providers will have to drive their own golden spikes to tie their systems together (e.g., linking to centralized content management systems by adopting common language taxonomies and procedures) to ensure that even though the systems themselves may not be compatible, the records within them are.