Keep up with the latest on information governance as this key strategy emerges for addressing a myriad of information management challenges in healthcare. This blog will highlight the trends and opportunities IG presents for ensuring information is treated as an organizational asset.
By Dawn Paulson, MJ, RHIA
For the last decade (and beyond), a common theme amongst healthcare organizations has been the transition to the electronic health record (EHR), as well as efforts to develop a strategy for managing electronically stored information (ESI). This quickly growing technology presents the need for a clearly defined information governance (IG) plan that contains specific details that promotes a proactive response to an e-discovery request.
The Sedona Conference has defined some general challenges in managing ESI for evidentiary purposes:
- Determining the owner
- Identifying qualified custodians for testimony
- Threats of data integrity
- Limits of technology in authentication
- Volume overload
The e-discovery elements of the IG plan require a healthcare organization to identify all information assets and then develop policies to include topics such as: the proper retention and disposal schedules, storage criteria, metadata capture, security, privacy, litigation hold, and disclosure management of ESI.
Identification of information assets and associated owners is a first step to develop an inventory of the various systems/sources of information. Policies must define the official business record, and to identify the subset of the EHR that comprises the official health record that is disclosed upon request.
Retention schedules for all information and all sources allows for the healthcare organization to comply with state/federal regulations while defining the business needs for operational purposes, as well as the obligation to preserve information when required for regulatory or litigation purposes. Solid policies around an organization’s retention schedule clearly define the life of the ESI and the destruction process upon expiration of the retention period. The policy also defines the process to suspend destruction of information when required by law.
When a healthcare organization becomes aware of potential litigation, or reasonably believes that litigation may occur, they are obligated to preserve all relevant information. Procedures must be developed to ensure such information is maintained and risk of spoliation is avoided. Policies should define all stakeholders as well as detail of the information asset that may be involved.
Having a good IG plan in place changes a healthcare organization’s response to an e-discovery request from a reactive response to a more proactive approach by establishing clear policies and procedures to maintain and produce complete, accurate, and timely information as needed and is producible to comply with the Federal Rules of Civil Procedure.
Baldwin-Stried Reich, Kimberly et al. E-Discovery and Electronic Records. Chicago: AHIMA Press, 2012.
Dawn Paulson is assistant director, health information management at UW Health – University of Wisconsin Hospitals and Clinics.