EHRs: Pros and Cons from a Legal Perspective

June 6, 2013
Rachel V. Rose, JD, MBA
Rachel V. Rose, JD, MBA

Rachel V. Rose, JD, MBA, advises clients on compliance and transactions in healthcare, cybersecurity, corporate and securities law, while representing plaintiffs in False Claims Act and Dodd-Frank whistleblower cases. She also teaches bioethics at Baylor College of Medicine in Houston. Rachel can be reached through her website, www.rvrose.com.

EHRs can indeed reduce costs and improve patient care, but they can also provide legal issues if the rules for their use are ignored.

A common complaint associated with paper medical records and prescriptions is that the handwriting is illegible and can lead to the wrong course of treatment being carried out, inaccurate dosage of a medication, or the wrong medication altogether. Additionally, the time to compile the information from a paper chart and enter it into another form or program can be time consuming for providers. Thus, highlighting the fundamental shift in the way providers use, compile, and document clinical information.

Various government initiatives provide incentives for healthcare providers to adopt and implement EHRs. The HITECH Act, HIPAA, and even the Stark Law address such changes. For example, under CMS' EHR Incentive Programs, providers apply to receive government funds by proving meaningful use. They also attest, in a manner similar to the CMS Provider Agreement that they will comply with all relevant laws and, in particular, HIPAA. The Stark law added various exceptions and safe harbors to cover "donations" of EHR and e-prescribing items. Yet, many of the same problems that were highlighted with traditional paper medical records and billing can emerge with an electronic version. A provider might "cut and paste" part of a record, when it really is not accurate, and place it in another part of the same patient’s chart or a different patient chart to save time. Or, a general description could be used for an ICD-9 or ICD-10 code instead of the more specific option. In turn, this could mean an increased risk of a RAC audit, failing to meet medical necessity, or the worst case scenario - submitting a false claim to CMS.

EHRs also enable providers to access information anywhere from devices such as smartphones, laptops and tablets. This also means increased vulnerability to HIPAA and HITECH Act violations. Additionally, when e-mailing or texting a patient, providers need to be certain that the patient is in fact receiving the information.

While there are vulnerabilities associated with EHRs, in today’s world, they are also becoming a necessity. As long as the requisite standards are in place and adequate training on the use and liability is conducted, physicians can realize a decrease in the cash gap associated with the revenue cycle and improved patient care through detailed documentation.