Admitting the Electronic Health Record into Evidence

Legal consequences abound at every corner in healthcare. Each month this blog discusses examples of what those consequences can be.


Civil actions involving healthcare providers sometimes go to trial. When that happens, electronically stored information (ESI)—including electronic health records (EHR)—deemed relevant may be offered into evidence. The process of admitting ESI into evidence may be costly to a provider. However, recent amendments to the Federal Rules of Evidence may reduce that cost.

Federal Rule of Evidence 901(a) provides that, “[t]o satisfy the requirement of authenticating or identifying an item of evidence, the proponent must produce evidence sufficient to support a finding that the item is what the proponent claims it is.” Traditionally, and absent an agreement with the other side, a representative of a provider would be called to testify about the authenticity of ESI, that is, about how the ESI was created and maintained and whether the ESI being offered was an accurate reproduction of what was maintained.

However, there is a category of items, defined to be “self-authenticating” under Federal Rule of Evidence 902, that does not require extrinsic evidence (for our purposes, the testimony described above). On December 1, 2017, the following items were added to the self-authenticating category:

(13) Certified Records Generated by an Electronic Process or System. A record generated by an electronic process or system that produces an accurate result, as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12). The proponent must also meet the notice requirements of Rule 902(11).

(14) Certified Data Copied from an Electronic Device, Storage Medium, or File. Data copied from an electronic device, storage medium, or file, if authenticated by a process of digital identification, as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12). The proponent also must meet the notice requirements of Rule 902(11).

The reason for Rule 902(14) is described in an accompanying note as follows:

The amendment sets forth a procedure by which parties can authenticate data copied from an electronic device, storage medium, or an electronic file, other than through the testimony of a foundation witness. *** the Committee has found that the expense and inconvenience of producing an authenticating witness for this evidence is often unnecessary. It is often the case that a party goes to the expense of producing an authentication witness, and then the adversary either stipulates authenticity before the witness is called or fails to challenge the authentication testimony once it is presented. The amendment provides a procedure in which the parties can determine in advance of trial whether a real challenge to authenticity will be made, and can then plan accordingly.

Today, data copied from electronic devices, storage media, and electronic files are ordinarily authenticated by ‘hash value’. A hash value is a number that is often represented as a sequence of characters and is produced by an algorithm based upon the digital contents of a drive, medium, or file. If the hash values for the original and copy are different, then the copy is not identical to the original. If the hash values for the original and copy are the same, it is highly improbable that the original and copy are not identical. Thus, identical hash values for the original and copy reliably attest to the fact that they are exact duplicates. This amendment allows self-authentication by a certification of a qualified person that she checked the hash value of the proffered item and that it was identical to the original. The rule is flexible enough to allow certifications through processes other than comparison of hash value, including by other reliable means of identification provided by future technology.

Nothing in the amendment is intended to limit a party from establishing authenticity of electronic evidence on any ground provided in these Rules, including through judicial notice where appropriate.

A proponent establishing authenticity under this Rule must present a certification containing information that would be sufficient to establish authenticity were that information provided by a witness at trial. If the certification provides information that would be insufficient to authenticate the record of the certifying person testified, then authenticity is not established under this Rule.

The reference to the ‘certification requirements of Rule 902(11) or (12)’ is only to the procedural requirements for a valid certification. There is no intent to require, or permit, a certification under this Rule to prove the requirements of Rule 803(6). Rule 902(14) is solely limited to authentication, and any attempt to satisfy a hearsay exception must be made independently.

A certification under this Rule can only establish that the proffered item is authentic. The opponent remains free to object to admissibility of the proffered item on other grounds—including hearsay, relevance, or in criminal cases the right to confrontation. For example, in a criminal case in which data copied from a hard drive is proffered, the defendant can still challenge hearsay found in the hard drive, and can still challenge whether the information on the hard drive was placed there by the defendant.

A challenge to the authenticity of electronic evidence may require technical information about the system or process at issue, including possibly retaining a forensic technical expert; such factors will affect whether the opponent has a fair opportunity to challenge the evidence given the notice provided.

The reference to Rule 902(12) is intended to cover certifications that are made in a foreign country.

 

 

In other words, ESI can now be authenticated in any federal court if a certification of a “qualified person” is submitted that complies with either 902(13) or (14). This makes it unnecessary for a health care provider to incur the cost associated with sending someone to a courthouse to testify.

Unsurprisingly, authenticating particular ESI does not guarantee its admissibility. The ESI must be relevant. It must not be inadmissible hearsay. And there are other reasons why a judge might decide not to admit the ESI. However, assuming the person who signs the required certification is “qualified,” the ESI can go in without the need for “live” testimony about it.

 

**Editor’s Note: The views expressed in this column are those of the author alone and should not be interpreted otherwise or as legal advice.

Ron Hedges, JD, is a former US Magistrate Judge in the District of New Jersey and is a writer, lecturer, and consultant on topics related to, among other things, electronic information. He is a Senior Counsel with Dentons US LLP.

Submit a Comment

Your email address will not be published. Required fields are marked *

Share This

Share This

Share this post with your friends!