Legal consequences abound at every corner in healthcare. Each month this blog discusses examples of what those consequences can be.
In last month’s post I raised questions about what might constitute an electronic health record (EHR). Recent action of the Ohio Supreme Court has inspired me to revisit “the EHR”—in the context of what constitutes a “medical record” under Ohio law.
An Ohio statute provides that a personal representative, among others, may “examine or obtain a copy of part or all of a medical record” of a patient. The statute defines “medical record” to be “data in any form that pertains to a patient’s medical history, diagnosis, prognosis, or medical condition and that is generated and maintained by a health care provider in the process of the patient’s health care treatment.” In Griffith v. Aultman Hospital, Slip Op. No. 2016-Ohio-1138 (Mar. 23, 2016), the Ohio Supreme Court interpreted this statute.
The plaintiff in Griffith is the daughter of a patient who had been admitted to the defendant hospital for surgery. During his hospitalization the patient developed intermittent atrial fibrillation and was placed on continuous cardiac monitoring. Following a subsequent incident, the patient suffered brain damage and was removed from life support.
Afterwards, the daughter requested a copy of her father’s complete medical record. After some back-and-forth the hospital produced the medical record that “existed in the medical-records department.” However, the record did not include data captured and stored on a cardiac monitor (related nursing notes were also in issue, but that is a separate discussion), although the hospital did provide printouts of at least some data to the daughter at the direction of its risk management.
The daughter then filed suit to compel the hospital to comply with the statute, arguing that the data were part of the “medical record” as defined by the statute. The hospital argued that the printout came from cardiac monitoring equipment and that the data from that equipment was not part of the hospital’s medical record. The hospital prevailed at the trial level and before an intermediate appellate court. The Ohio Supreme Court reversed.
In reversing, a majority of the Court held that “the physical location of patient data is not relevant to the determination whether the data qualifies as a medical record” under the statute. Instead, the focus of the statute was on “whether a healthcare provider made a decision to keep data that was generated in the process of the patient’s healthcare treatment and pertains to the patient’s medical history, diagnosis, prognosis, or medical condition.” In other words, if the data had been saved it would fall under the statutory definition of “medical record” and be subject to production under the statute whether the data were maintained in the hospital’s medical records or risk management departments. The Court remanded to develop an evidentiary record as there was some doubt as to whether the data existed; it would normally be deleted 24 hours after a patient’s discharge.
Two justices dissented. One argued that records generated and maintained by risk management after a patient’s death were not “used in the process of a patient’s health care treatment” and therefore fell outside the statute. The second argued that the statute gave a hospital “discretion, through its employees, to select, preserve, and store records relevant to the health care of a particular patient in the manner it sees fit,” that the defendant hospital had decided to generate and retain a specific set of records, and these were provided to the daughter. For that reason, and because the daughter received the information she sought in a separate malpractice action which had settled, the matter before the Court was moot.
Lessons Learned From the Griffith Ruling
What lessons relevant to the definition of the EHR might be derived from Griffith? On first blush nothing, unless the reader works for a healthcare provider subject to the Ohio statute in issue. After all, Griffith interpreted a state-specific statute. That interpretation MIGHT inform courts called upon to interpret similar statutes in their respective states.
However, there may be broader lessons:
- First, whatever the controlling statute might be, healthcare providers must be attuned to what electronically stored information (ESI) might be within the scope of an EHR under that statute.
- Second, ESI might exist in various locations and in forms throughout the electronic systems of a healthcare provider and that ESI might be within the scope of a request for production as being a part of the “record.”
This second lesson implicates the role of information governance, and its ever growing importance for today’s healthcare organizations.
**Editor’s note: The views expressed in this column are those of the author alone and should not be interpreted otherwise or as advice.