Computer Engineering Expert Witness Advises on Tampering of Electronic Medical Records

A computer engineering and computer electronics expert witness advises on a case involving the alleged tampering of electronic medical records (EMR) arising out of a medical malpractice claim. The issue involves whether or not a referral was made to a cardiologist to prevent further complications to the patient,  who is now deceased. An industry standard Unix operating system and computer software was used to manage and the electronic health records and data. There was a record of the office visit while the patient was alive, but the plaintiff seeks an PC expert to determine whether or not the doctor had made any additions or changes to records or documents, following the patient’s death, to avoid liability. This may include any keystrokes, added words, or signatures.

Question(s) For Expert Witness

  • 1. Please discuss your background in computer engineering as it relates to the electronic health records software.
  • 2. Have you ever served as an expert witness on a case similar to the one described above?
  • 3. If so, please explain. Please tell us why you are qualified to serve as an expert reviewer of this case

Expert Witness Response E-009233

Utilizing a combination of patented web analytics techniques and traditional forensics work, I can tell the story about the client’s electronic health record. I present clear findings that are understandable to investigators, lawyers, judges, and juries. A proprietary platform that I built, is a data analytics application which displays visual interpretations of complex electronic health record (EHR) user data. The platform’s primary source of information is the Electronic Heath Record user-activity log and is capable of ingesting, analyzing, and visualizing millions of records, making sense of otherwise overwhelming information.

The electronic health record software is a certified EHR system and must comply with 45 CFR 170.302(r) and 45 CFR 170.210(b) meaning that users, patients, dates, and events must be recorded and reportable. I propose two approaches to this project- 1. The first approach is to collect logs from the system and utilize my proprietary platform to visualize activity in the patient’s health record. Data that should be collected: A. The entirety of the particular patient’s EHR log. B. Data related to similarly-situated patients which can serve as a baseline of activity. This data should be anonymized as to specific patient identification and will be used to develop patterns of activity across various logged categories. (This request is likely to be objectionable and we should proceed with the first set of data, asking for this second set only if the first set is inconclusive on its own.) The log data will be analyzed to determine usage patterns before and after a particular date. The analysis will be performed across multiple criteria including individual user access, events per date, description of event, and type of event (e.g. created, modified, accessed, or deleted). 2. The second approach utilizes traditional forensic tools and discovery to compare “before” and “after” versions of the individual health record. The “after” version of the record is as it exists today. In order to obtain “before” versions I will examine backups of the All-Script system, exported versions of the individual record, copies of the record which passed through various exchanges, copies of the record on file with other care providers, and other potential sources including paper copies. With my expertise in computer forensics, cyber crime, digital forensics, electronic discovery, and EHR analytics, I can make accurate determinations on exactly what occurred in this case.


Post Tags