E-discovery refers to procedures and policies used by staff in any institution while performing their operational duties in an attempt to provide inside information from electronic sources to outsiders especially for litigation purposes. E-discovery policy and procedure is necessary to comply with legal obligations and mitigate losses resulting from litigation. The intention of this paper is to provide a step by step policy and procedure that would be relevant in responding to an e-discovery request.
The first procedure would be accurate patient identification. This process should be conducted by the hospital information management team. In the case of litigation that involves an individual’s medical records, it is paramount to correctly identify the patient in order to obtain the relevant information. Accurate patient identification involves verifying a patient’s identities in the master patient index, medical record number and demographic information .
The second step would be subpoena receipt and official response. The litigation response team should be responsible for this procedure. Upon receiving the relevant patient’s information, the litigation response team should review the subpoenas in order to determine whether it contains all the required elements, the parties, the intended purpose and it meets the scope of information as per the request. The litigation response team does this by validating the subpoenas that have been served before they are officially accepted and verifying that the seal and court signatory are present and valid during service of the subpoena .
The third step would be searching and retrieving the relevant information. It is at this stage that potential sources of the relevant information are identified. Potential informational sources include; Legal Health Records, the hospital’s dedicated server, department computers, home computers-mails-mail trash bin, personal desk files, website archives and removable storage media such as DVDs, CDs and flash disks. The hospital information management team should develop the search parameters, search methodology and conduct the search process. They should then filter the obtained results in order to eliminate any inappropriate information, for example, information outside the requested timeframe or information that may not be relevant to the proceedings. The litigation review team should assist in reviewing the data content to determine its relevancy and information that should be treated as privileged .
The next step is the production of the data and records. The hospital information management team should format the information in the form it will be disclosed depending on the source, data type and the agreed-upon format as per the discovery plan. Legal department should make a final review of the information by redact, mask and retract any privileged, irrelevant or confidential information. The legal department should also retain a duplicate of the disclosed information to the parties requesting .
The forth step should be charging requesting parties for copying and disclosure. The cost of searching, retrieving and disclosing the relevant information should be calculated by the hospital’s established formulas or government established formulas. The requesting parties should then be invoiced for all the charges associated with reproducing the heath information. The legal team should also determine if there are additional expenses that should be charged as per the discovery plan or for negotiation with other litigants and judges .
Sampling and testing may be necessary if any party to the court proceeding requests. However it should be discussed during the pretrial conference and should be included in the discovery plan. Sampling and testing is normally conducted by an attorney or any outside party. The party selects a statistically valid sample and tests it. The charges should be borne by the requesting party .
The last step will be responding to depositions, interrogatories and court procedures. Records custodians may be required to testify about the authenticity of the provided records and if they were kept in the ordinary course of business. System custodians may be required to testify about the system architecture, technical infrastructure, security practices and source applications .
Works Cited
Green, Michelle A and Mary Jo Bowie. Essentials of Health Information Management: Principles and Practices. London: Cengage Learning, 2010.