An internet television program that explores the intersection of medicine and the law.

ALL MD attorney Whit Johnson (full episode)

By Whitman Johnson to EMR/EHR


In this episode, Healthcare Matters interviews ALL MD attorney Whit Johnson on how the move from paper to electronic medical records (EMRs) has affected the best practices for entering data into a patient’s chart, how he would advise EMR companies improve their product as its relates to medical liability defense, how plaintiff’s counsel can exploit an EMR’s audit and access log in a malpractice trial as well as risk management tips for maintaining HIPAA confidentiality in regard to EMRs.

Johnson is a shareholder at CURRIE, JOHNSON, GRIFFIN & MEYERS P.A. He practices law in Mississippi, specializing in trial work, with a focus on the defense of physicians, hospitals and other health care providers from claims of medical negligence. Johnson was recognized in 2011 as “Lawyer of the Year” by Best Lawyers in the field of medical malpractice law.

Johnson is a charter member of the Association of Liability Lawyers in Medical Defense (ALL MD), a nationwide organization that connects healthcare providers with attorneys who specialize in medical malpractice defense.

Interview recorded June 30, 2015


Mike Matray: Hi I’m Mike Matray, your host of Healthcare Matters where the medical and legal communities come together to discuss health care matters. Today’s guest is Whit Johnson. Whit is a share holder with Currie Johnson Griffin & Myers in Jackson, Mississippi, where he specializes in trial work, focusing his practice for the past 30 years on the defense of physicians, hospitals, and other health care providers from claims of medical negligence. He was recognized as lawyer of the year by Best Lawyers for 2011 in the field of medical malpractice law. Mr. Johnson is a frequent speaker to medical organizations including the Mississippi State Medical Association, the Mississippi Medical and Surgical Association, Medical Insurance Company of Mississippi, and various departments and groups within the University of Mississippi Medical Center. He has been publishing the journal of the Mississippi State Medical Association, and both risk management, and litigation issues. Welcome to the program, Whit.

Whit Johnson: Thanks, I’m glad to be here.

Mike: How has the move from paper medical records to electronic medical records affected best practices for entering data into a patients chart? And what guidance would you give physicians, so that they’re using best practices when entering data into the patient’s medical records?

Whit: You know I’m not sure that the best practices themselves have actually changed, yet the best practice is simply to pay attention and be focused on documenting in a timely, and an accurate fashion. But having said that, I think the guidance that I’d give to my clients is that you need to be focused, and pay attention. There are a couple of things that you can do. You can be sure that you’re the only one entering information into the chart. You can be sure that other people who may have access to the chart that you take the opportunity to review what they’ve done to be sure that you all are consistent. You don’t want to get, I guess what’s best called as clickitis where you literally are just clicking down through various boxes, showing them all as normal, because you have to click on one box to get to the next box. But having said all that, it still is no different than before. Pay attention to what you’re doing, and put in right, and put it in on time.

Mike: A recent Rand Corp American Medical Society Study called for a complete design overhaul of electronic medical records to improve usability. If you had the opportunity to advice an EMR company on a redesign of its products, what changes would most benefit the defensibly of a medical liability claim?
.Whit: You know the primary thing I think most defense lawyers would tell you is that we need to do away with the templates that are so ubiquitous now. The interesting thing is that doctors have always used templates. Even before EMR, you can take a surgeon’s op report from five similar surgeries, and they’ll be almost identical with just minor changes. So they were using templates in their mind even if they weren’t created. And I don’t know if we’ll ever get full away from the templates, but I think the thing that bothers me more than that are the drop down boxes. So often the drop down boxes don’t include what they need to include. There really needs to be one for other, and the doctors need to pay attention, and use that other box as often as it is applicable. I would also like to see a situation where you aren’t required to click on every box. You know on the history and physical, the physical exam a lot of times these doctors have to click on every separate system without regard to whether it has anything to do with that particular patient’s issues that they’re seeing the doctor for. So I’d like to see a situation where the only thing that a doctor clicks are the pertinent negatives.

And then finally, one of the things that I would love to see happen, I would love to see a situation in which the patient is part of the electronic medical work. I know that sounds funny, but I’d love to see a situation when the patient goes in to the doctor’s office, you sit down at a computer, and they fill out things. They type in what their chief complaint was, they type in the medicines they’re on, they type in if they have anything else going on. And then that goes into the chart, and if you’re going to set it up electronically, then get them to fill out every time they come in, why they’re there, what’s going on with them, do they have any other problems, what other doctors they’re seeing. And then scan into the EMR, and that way when I’m defending a case, I’ve got the patient’s own words describing the history.

Mike: An EMR as audit log and access log can be in an Achilles heel when defending a medical malpractice claim. Can you explain the audit access log to our viewer? How plaintiff’s counsel can exploit it and how a healthcare professional can avoid these specific pitfalls when using an electronic medical record?

Whit: Well first off, let me say I’m not sure you can ever avoid them. I suspect most of the doctors out there have children, and I suspect that most of those children are on social media, and I can guarantee you everyone of those doctors has sat down and told their child ” Do not post something on the internet that you don’t want everybody to see, and that you might be ashamed of 20 years later. Because once it’s on the internet, it’s there forever. ” Well let me tell you, once it’s on the computer, its there forever too. And it’s not only there, it’s there as to when it got there, it’s there as to what changes have been made, it is there as to who put it there. Every piece of information that has anything to do with that information is on the computer. That’s why they call it metadata, meta essentially meaning everything. It is information about information, and the only way to avoid the pitfalls is, gets back to the first question you asked about EMR and best practices. You’ve got to put your stuff in on time, and you’ve got to put it in accurate, because if you don’t, and you try to change it. The plaintiff’s lawyers will know who changed it, they’ll know when it was changed, and they’ll know what it was before you changed it. There was actually a study, I think it was out of Kansas, it’s in 2008 Journal of American College of Surgeons, and that was where they studied all of the different times that various specialities got into the radiological studies. And they were able to determine by type of doctor, because they knew everybody’s passwords, they were able to determine what speciality looked at the radiology filmed themselves most often when they looked at them. They even ended up saying there’s a big drop off at the end of the week regarding the number of times the scans are viewed. So they were able to show that everybody is focused early in the week, but come Friday nobody cares.

Mike: In our defensive medical liability claims, what have been the most common errors or liabilities in physician use of electronic medical records? How do you advice your physician clients on avoiding these errors, liabilities in the future?

Whit: Well this is going to be a scary thought because most of the errors that I’ve had to deal with have actually been errors not from my clients, but from some other healthcare provider that adversely affected him. For example, we talk about EMRs being a relatively recent thing, but in certain areas, it’s been around for a long time. For example at pharmacies, the individual pharmacies would have each patient’s individual drug log for lack of a better way to put it. And I’ve had two cases where my client got sued or two different clients got sued for having prescribed certain medication, and they weren’t the ones that prescribed the medication, the pharmacist inputting it, he just input the wrong doctor, because my client was the regular doctor, and this was somebody else who the patient had seen out of town or in another clinic or something like that. And I ended up having to go pull the original hard copy of the script from the pharmacy to show that my guy hadn’t written the script.

Another case I had that I recall was a drop down box issue where the whole issue and the case, it was a uterine rupture case after multiple C-sections, and the whole issue was that the patient in pre-term labour. The nurse who was seeing the patient when she first got admitted, the drop down box for why are you here included onset of labour, and that’s what she clicked, because it was closest, and the patient was like 32 weeks, and just had some uterine irritability, but the closest thing to what it was was onset of labour. So that’s what she clicked, and now the whole trial, I’m having to face, well look the nurse knew she was in labour, how come you couldn’t tell she was in labour? From an individual physician stand point, I think what I see is again just not paying attention. I actually had a case one time where this wasn’t an issue, but the medical records it involved a patient who had been paraplegic and wheelchair bound for 30 years from an accident he suffered when he was a teenager. Well my client who’s examining him is just clicking boxes, and he clicks gate in station normal. So the things I see really are almost all related either to somebody else who’s not paying attention or to the physician himself who is not paying attention.

Mike: HIPPA data breaches are emerging as one of the largest systemic risks a hospital or group faces in the modern healthcare delivery system. What risk management advice would you give physician clients for maintaining HIPPA confidentiality with their EMR system?

Whit: There’s actually some good news on that, because I think the law recognizes that a lot of time in these breaches what happens is you have someone within the facility, or someone within the physicians office who is using the medical records for their own purpose, for their own reason, just being nosy, whatever. And they tend to be a little bit protective of physicians or hospitals who do a good job trying to place that, and who take action after the fact to show that it’s not something that will be tolerated. So keeping that in mind, I think the first thing you have to do is you have to get every employee, even the old ones who’ve been there forever, you’ve got to get everyone to sign a very strict confidentiality statement. It’s something we actually do in our office. You make them sign something, you put it in the employee manual, then you make them sign something saying ” I understand that the information within this office is confidential, it’s protected by Federal Law, it’s protected by State Law. I understand I can only use it for the purposes within this office. I understand I cannot access it except for the purposes within this office.” Something that is very firm, and finite, and leaves no question about their responsibilities.

Next I think you need to make them understand what you just asked me about, which I doubt a lot of doctors understand, and that is the metadata situation, and the audit trail. They need to understand that they cannot do anything on that system without that system remembering it forever. And that you as a physician will be able to tell who got into the system, when they got into the system, where they got into the system from, what they looked at. You can tell exactly what was accessed, so they need to understand that, because I suspect a large part of this is people thinking well I can go to the file. They can go to the hard copy file, and look, and nobody will ever know. You can’t do that with the EMR.

Next I think you have to have a very strict password situation. I don’t know what doctor’s offices require. Interestingly a lot of our carriers, and our own malpractice carrier require us to have various password requirements, including on our mobile devices, because our mobile devices are a lot of times hooked to the internal server here in the office. So you have to have passwords on your phone, you have to have passwords on your computer, some of our carriers require the passwords to be changed every so often. So you have to have a very strict password situation. I think you need to be sure that each of your employees understands that inappropriately accessing someone’s electronic medical record is a firing offense, and it is a firing offense first offense without any excuse without any rationalization. And the reason for that is if the facility or the doctors office does not fire that person on first offense, they can be deemed to have ratified that person’s actions, and now they have lost the protection that the courts will generally try to give to a group that’s trying to do the right thing.

Mike: Excellent. Well Whit, thank you for joining us today on Healthcare Matters. And I hope to talk to you again soon.

Whit: Sounds good. I hope this helped.

Mike: Thank you.