Healthcare Practice
and entered judgment of liability against the defendant, leaving only the issue of damages in the case.9 The court relied on HIPAA’s “right of access” rule, the HITECH Act, and the Cures Act to conclude that audit trail data and EMR metadata was included in the plaintiff’s right of access and that the defendant had violated the court’s previous orders to produce complete information to the plaintiff. The court criticized the inconsistencies between information learned during in camera inspections of the EMR and statements in affidavits of the defendant’s IT representative that had been filed with the court.
Plaintiffs have learned that protracted litigation over audit trails and EMR metadata can distract from the underlying care issues, create the impression with the judge that defendants are not being candid or forthcoming, and open the door to seek sanctions against defendants. To address these pitfalls and avoid costly litigation over production of EMRs, in some cases (in certain jurisdictions) defendants are electing to provide EMR metadata voluntarily, early in litigation, sometimes by webcam for in camera inspection by the plaintiff’s expert. Defense counsel are finding that this approach can demonstrate to the plaintiff’s counsel and plaintiff’s expert how complex the EMR system is and that it does not produce helpful information for the plaintiff. A plaintiff who has been given such access will have no reason to complain to the court that the defendant is being obstructive.
New rules and case law trends seem to be providing increased support for plaintiffs seeking audit trails and EMR metadata where good cause is shown. Audit trail disputes will likely be a continuing reality in medical litigation. Defendants can and should continue to resist blanket requests for metadata and audit trails, particularly when plaintiffs have failed to establish good cause for requesting such data. Federal statutes and regulations continue to support arguments that audit trails are not considered a part of a patient’s designated record or qualified electronic health record. However, in appropriate jurisdictions and cases in which a showing of cause has been made, defendants might consider making EMR metadata available before engaging in prolonged motion practice with court involvement. Providers are understandably protective of their EMR systems, but this approach can demonstrate that the defendant has nothing to hide and that there is nothing in the EMR that adds to the plaintiff’s case. It can demonstrate to the court that the defendant is cooperating in discovery, it can put to bed a plaintiff’s persistent requests and conspiracy theories, and it can return the focus of the litigation to the care provided, which frequently is the weakest part of the plaintiff’s case.
Mitchell Hall is a Partner at VanAntwerp Attorneys, LLP in Ashland, KY. Contact him at: whall@vanattys.com.
   9 Angelo Prieto v. Rush University Medical Center, et al, Circuit Court of Cook County, Illinois, Civil Action No. 2018 L 003531 (January 18, 2022).
81
FDCC ANNUAL INSIGHTS 2023