In last month’s Legal e-Speaking, “ESI Meets Court Order,” I posed a series of questions about preservation and spoliation of electronically stored information (ESI) in the context of an actual order entered in a state court. I also posed those questions to members of The Sedona Conference, a think tank that focuses on, among other things, ESI in civil litigation. The answers to those questions illustrate the pervasiveness of ESI and the electronic health record and how these may be defined in a particular civil action. For example:
- Before you think great thoughts, consider what you are required to do. Most respondents agreed that the order did not require that any ESI be preserved. Absent an order or agreement a party must make a unilateral determination of exactly when it should begin to preserve and what it what should preserve.
- “Better safe than sorry—keep everything.” This was one response to the question of what kind of ESI should be preserved. However, that philosophy can have serious consequences and lead to what has been termed “overpreservation.” Preserving everything can require a lot of storage space and drive up discovery costs when a party reviews and produces ESI.
- There are many “forms” of ESI that might be subject to preservation. ESI can consist of, for example, e-mail, charts, and databases. This requires the healthcare provider to know what ESI it has, where the ESI “resides,” and to define what constitutes the “record” in “electronic health record” for its needs. In other words, EHRs should be governed in a manner consistent with the needs and capabilities of the provider.
- If preservation efforts fail and there is spoliation, someone will be held responsible. Today’s healthcare provider creates and/or maintains ESI from various sources, including medical departments, physicians, third-party affiliates and, increasingly, patients themselves. The consequences of any spoliation will fall on the party responsible for preservation—here, the provider itself. The myriad sources of EHR need to be governed in such a way as to enable the provider to fulfill its obligations.
These answers are straightforward but, in the context of ESI, have implications for healthcare providers as well as individuals and third parties which contribute to the records of electronic information maintained by providers. Those implications lead to a need for effective information governance, a topic I plan to address in next month’s post.
**Editor’s note: The views expressed in this column are those of the author alone and should not be interpreted otherwise or as advice.