"Everything you've been told about building
an injury law practice is wrong"

How to Avoid the Biggest Mistake in Your Malpractice Case

This story never gets old.

The defense expert is on the witness stand and seemingly out of nowhere, the expert begins testifying about new medical records that you’ve never seen before.  You stand up to object to the newly disclosed medical record, and the defense counsel makes some feeble excuse for non-disclosure.  The Judge takes a recess and ponders what to do next.

You work for years on the case and let’s face it, it sucks to be confronted with new medical records at trial that you and your experts have never seen.  This should never happen.

The 3 Most Common Mistakes that You Must Avoid

The most common mistake in medical malpractice is having less than a complete set of medical records.   This happens all the time, but why?

#1:  Certifications are Meaningless:  A certification that a hospital record is a complete and accurate copy of the original is worthless.  You cannot rely on a certification from a hospital or medical practice. If you do, you will later discover that you are missing crucial records that can make or break your case.

#2:  Patient Portal Records are Never Complete:  The medical records in a patient portal are a small subset of the medical records. The hospital or medical practice provides only a small set of medical records that they want their patients to see, but it is never complete.  Never rely on the records in the patient portal.

#3:   The Most Common Omissions in the Medical Records:  Even when a hospital sends you a certification that the medical records are complete, they do not include critical parts of the record such as billing records, requisition slips for imaging studies, and in birth injury cases, the fetal heart tracings.  

The hospital’s software for electronic medical records (e.g., Epic, Cerner) is often different from the software that is used for fetal heart tracings. The software is loaded with automated alarms and warnings that are activated when there are changes in the patient’s/baby’s condition. You need this information.

The 5-Step Process for Getting a Complete Set of Medical Records

Do not assume that the hospital provided a complete set of medical records. That is rarely true. Follow these 4 steps to ensure the medical records are complete.

Step #1: Onboarding New Clients regarding their Medical History

When you accept a case for litigation, your firm’s onboarding specialist should take a complete history from your client of their medical treatment.  The onboarding should include all hospitals and doctors who have treated your client, as well as operations, therapists, and pharmacists.  

Step #2: Review the Medical Records for Completeness  

Don’t assume the medical provider sent a complete set of medical records. A paralegal in your firm should review the medical records for completeness.

Hospital records should include:

  1. Registration and intake: date and time of the patient’s initial presentation as well as their chief complaint.
  2. Discharge Summary: summarizing the course of the hospital treatment, diagnoses, and plan of treatment.
  3. Consultation Reports: findings of the medical specialists who consulted with the attending physician.
  4. Operative Report(s), including intra-operative anesthesiologist report.
  5. Progress Notes:  showing the patient’s daily care, including changes in their condition.
  6. Blood/lab reports:   Results of blood work ordered for the patient.
  7. Medication administration record:  Medications ordered for the patient.
  8. Imaging Reports:  imaging ordered for the patient, including x-rays, CT scans, PET scans, MRI, and echocardiograms.

You should bates-stamp the medical records for ease of reference at depositions. Ideally, your medical records should contain the same page numbers as those possessed by the defendants’ counsel.  At trial, you can give the same set of medical records to the Judge, defense counsel, and the witnesses for ease of reference.

Step #3: Review the Medical Records to Identify Additional Health Care Providers 

The medical records will often have the names of other medical providers that your client forgot to tell your onboarding specialist.  You should request a complete set of medical records from all medical providers identified in the medical records.

Step #4: Confirm Completeness of the Medical Records with Defense Counsel  

Your paralegal should always confirm with the defendants’ counsel that they possess the same number of medical records.  If the defense counsel possesses 305 pages of the hospital record, then you should have the same number of records.  This is a quick and easy way to confirm that you possess a complete set of medical records.

To be safe, you should send a Notice to Admit. with the medical records annexed, to defense counsel asking them to admit the accuracy and completeness of the medical records that you possess.

Step #5: Conduct an Original Chart Review:  

When in doubt, schedule an original chart review at the hospital or medical practice. 

45 C.F.R. section 164.524 provides the right of access to inspect and obtain a copy of protected health information.   At the original chart review, you will be amazed by the records that were not disclosed by the hospital.

During an original chart review, you compare the electronic medical records of the hospital/medical practice to the records that you possess. You will never really know if you possess a complete set of medical records without an original chart review.

How to Discover the Secrets within Electronic Medical Records

Audit trails capture the content of every entry in the electronic medical records, including deletions and alterations. You have the right to see who is looking at your record as well as any changes and deletions to the record.  

Audit trails should be provided as a matter of course and are an important discovery tool. You will not get this information from the printed chart.  You should get the audit trail up to the date of the last entry, including all the way up to the date of production.

Do not accept a PDF of the audit trail. A PDF is a static document. You should request the audit trail in an electronic spreadsheet, namely, the format that it was generated in.  You want an unlocked file with no hidden or deleted fields. You want to view the medical records in the format that the medical providers saw them. 

Why the Audit Trail is Essential to Your Malpractice Case

Electronic medical records are notoriously unreliable and vulnerable to manipulation. It is very tempting for medical providers to change the medical records after the fact.

In one of our cases, the audit trail revealed that the attending physician made changes in the electronic medical records 19 days after the patient’s death. There is no medical reason to alter a medical record weeks after the patient’s death.  Without the audit trail, we would never have known about the changes to the electronic medical records.

6 Excuses You Are Certain to Face from Defense Counsel

Be prepared for a fight with defense counsel over your clients’ right to the audit trail.  These are a few of the excuses you will face from defense counsel.

Excuse #1The Audit Trail is not a Part of the Medical Records

WRONG!  Audit trails are medical records. Healthcare information is any information in any form that identifies the patient and relates to their care.  The HITECH Act of 2009 clarifies that 45 C.F.R. section 164.524 applies to electronic information. When you ask for protected health information, you have the right to get it in electronic format.

Pursuant to 45 C.F.R. section 160.103, entitled “Definition of health care information”, “Health information is any information in any form that is created or received by a health care provider and relates to the past, present or future medical care of the patient.”

Audit trails are in a patient’s record and were made by hospital personnel while treating the patient.  Audit trails are individual health information for the purpose of federal health regulations. The entries in the audit trail are made by hospital personnel while the patient is being diagnosed or treated in the hospital.

Excuse #2:  The Audit Trail is subject to the Peer Review Privilege

WRONG!  Audit trails are not created for the purpose of litigation.  There are no mental impressions or legal theories of the defendants’ attorney in the audit trail. Menasha v. U.S. Department of Justice, 707 F.3d 846, 847 (7th Cir. 2013).  You should be able to see what the defendants see.

Pursuant to Education Law section 6527 and Public Health Law section 2805-m, the privileges pertaining to peer review are inapplicable to the audit trail. Hall v. Flannery, 2015 U.S.Dist. LEXIS 57454 (U.S.D.C., S. District of Illinois, 2015). This is not a confidentiality issue and an audit trail is not material prepared in anticipation of litigation. 

Excuse #3:  Plaintiff has to Identify which Metadata They Want

WRONG!  Plaintiffs do not have to identify what they don’t know.  That’s not how it works. 

The court in Gilbert v. Highland Hospital, 52 Misc.3d 555, 31 N.Y.S.3d 397 (Sup. 2016) held that the decedent’s estate was not required to make a showing that the medical records already produced were not authentic before being entitled to receive the audit trail.  The court in Gilbert stated that the audit trail would reveal whether the attending physician accessed and viewed the patient’s records prior to her discharge from the hospital. 

The audit trail may indeed lead to evidence that is relevant. The audit trail will set forth each time the decedent’s electronic medical record was accessed and by whom, even if that person did not enter any information in the chart. 

Excuse #4:  The Disclosure of Audit Trails is not Necessary

WRONG!  The audit trail is a necessary tool to authenticate the medical records.

The Medicare Program Integrity Manual, section 3.3.2.5, entitled “Amendments, Corrections and Delayed Entries in Medical Documentation”, states that the “Audit trail provides a reliable method to identify the original content, the modified content and the authorship of each modification of the record.”

The majority of the cases support disclosure of the audit trail.  The court in Gilbert v. Highland Hospital, 52 Misc.3d 555, 31 N.Y.S.3d 397 (Sup. 2016) held that the audit trail should be disclosed to the plaintiff as material and necessary.  The court held that the audit trail and metadata are relevant “if establishing who received what information and when is important to the claims or defenses of a party.” Citing, Aguilar v. Immigration and Customs Enforcement Division of U.S. Dep’t of Homeland Sec., 255 F.R.D. 350, 354 (S.D.N.Y. 2008).  

In London v. The Mount Sinai Hospital, 2023 WL 4706644 (New York County, Supreme Court, 2023), the court granted the plaintiff’s motion to compel disclosure of the audit trail.  The plaintiff relied upon the expert affidavit of Saira Pasha, Esq., an attorney who has “extensive experience managing records systems for medical facilities.”  

The plaintiff’s expert stated that:

“In the healthcare setting, ‘legal medical record’ refers to a subset of records from the patient’s electronic record that an institution decides it will produce in response to a formal attorney’s request for a patient’s medical records.  ‘Legal medical record’ does not include all the records/data from a patient’s chart. I have seen a significant variance in what institutions will designate as part of their legal medical record set, even between institutions in the same jurisdiction.”

With respect to whether the production of the audit trail was warranted, the plaintiff’s expert opined such production “would be the best way to review all of the pertinent medical records that were created for this patient and identify not only what has not been produced, but also if any notes were deleted or modified before production. It only takes seconds to generate a patient’s Epic audit trail in Excel format.”

The court in London held that the audit trail or other referable metadata from the decedent’s hospital chart is information that is “material, relevant and necessary to the prosecution of this action, as the plaintiff has shown ‘beyond mere conjecture’, that there is relevant information to be gleaned from metadata and audit trails which cannot be obtained from other sources, including the medical records and deposition testimony.” 

See also, Punter v. New York City Health & Hosps. Corp., 2019 N.Y. Slip Op. 31065 (Supreme Court, New York County 2019); Vargas v. Lee, 170 A.D.3d 1073, 1076 (2nd Dep’t 2019)(disclosure of the audit trail was needed to enable plaintiff’s counsel to ascertain whether the patient record that were eventually provided to them were complete and unaltered); Heinrich v. State, 73 Misc.3d 650, 155 N.Y.S.3d 671 (Court of Claims, 2021)(court held that the EMR and audit trail would potentially uncover useful information).

Excuse #5:  An Access Log is the Same as the Audit Trail

WRONG! Access logs or disclosure logs are not the audit trail.  

The access log just shows who looked at the medical records, but it does not tell what happened during access to the record.  The audit trail is a combination of the access log, disclosure log, and the audit log.

At a minimum, within an audit trail, the exact date and time of the access event and the exit event performed by a user are recorded. An action can be additions, views, changes, edits, queries, printing, copying, modifying, or a specific action.

Excuse #6:  The Audit Trail does not Exist

WRONG!  The audit trail is required by federal law and must be maintained for 6 years.  The court in London v. The Mount Sinai Hospital, 2023 WL 4706644 (New York County, Supreme Court, 2023) noted that hospitals are required to maintain audit trails under federal and state law (45 C.F.R. section 164.312(b); 10 N.Y.C.R.R. 4305.10(c)(4)(v)).

The American Society of Testing and Materials (ASTM) developed ASTM E2147-18, “entitled “Standard Specification for Audit and Disclosure Logs for Use in Health Information Systems”, which is incorporated under 45 C.F.R. section 170.299 and set as the federal standard required to protect electronic health information under 45 C.F.R. section 170.210.

If the defense attorney claims that the audit trail does not exist, they have not bothered to look for it.  The audit trail is automatically generated by the software used by the hospital for electronic medical records.

Special Warning:  A Motion to Compel Disclosure of the Audit Trail will almost always be Necessary

You will have to fight to get the audit trail. In most cases, you will need to make a motion to compel the disclosure of the audit trail. But once you get a favorable decision from the court, you will have a template for the motion that you can use in your malpractice cases.

A Special Offer for You

We will be happy to share our motion to compel the disclosure of the audit trail as well as the court’s Decision and Order in Melkonian v. Albany Medical Center, which granted our motion.  Just send an email to jfisherlawyer@gmail.com with the subject line, “I want the Audit Trail Motion” and we will send the motion and the Decision and Order to you.


Image by PikWizard
Leave a comment below telling me what surprised, inspired or taught you the most (I personally respond to every comment). And if you disagree with my take on running a personal injury law firm, or have a specific, actionable tip, I’d love to hear from you.
CLOSE
CLOSE