Over the past decade, medical records have evolved significantly, with the vast majority of health-care providers now using some form of electronic health record (EHR) system to facilitate and document patient care. For medical providers and hospitals, EHR systems can be a significant benefit or risk. On the one hand, EHR systems are touted as improving quality and coordination of care and simplifying documentation. Financial incentives are also available, such as through the Health Information Technology for Economic and Clinical Health (HITECH) Act. On the other hand, EHRs raise concerns over patient privacy rights, spoliation of evidence, medical malpractice and fraud.

Critics complain that EHRs can be designed, configured, implemented and used to render false representations. This can make unverified EHR documentation the equivalent of “hearsay.” Facts necessary to support accuracy and trustworthiness as business records include: the record's method of operation; the sources of information on which it is based; the procedures for entering information and retrieving information; the controls and checks used to ensure the accuracy and reliability of each record; and the ability to determine that information has not been altered or destroyed. Compounding this pendulum of risk versus benefit is the complexity and variety in EHR software on the market, as well as the lack of legal precedent for evaluating the discoverability and admissibility of data stored within each EHR system.

Emerging to the forefront in health-care litigation is the concept of EHR audits. This article examines how attorneys can use audits to their advantage on either side of a case.