Litigation support · Nationwide
Before anyone interprets the medical record, authenticate it
Independent analysis of EMR audit trails and metadata for plaintiff attorneys — surfacing late entries, post-event edits, backdating, deletions, and access patterns that don't show on the face of the chart.
CHPSE · HIPAA Certified · 15+ years enterprise healthcare IT
| Timestamp (UTC) | User | Action | Detail |
|---|---|---|---|
| 2024-03-11 22:47:03 | RN J. Doe | CREATE | Progress note created — status: draft |
| 2024-03-11 23:02:10 | RN J. Doe | VIEW | Vitals flowsheet opened |
| 2024-03-12 08:55:41 | Dr. A. Roe | VIEW | Progress note opened |
| 2024-03-12 09:14:55 | RN J. Doe | EDIT | Flagged: Progress note edited — entered late, back-dated to 03-11 |
| 2024-03-12 09:15:10 | RN J. Doe | SIGN | Progress note signed |
Every engagement
Six deliverables, built to file
- 01
EMR authenticity & completeness report
Independent verification that the record produced in discovery is the complete, unaltered electronic record.
- 02
Audit-trail & metadata findings
Late entries, post-event edits, backdating, deletions, and the access log — drawn from the system's own logs.
- 03
Annotated chronology
An event timeline synced to exhibits and pleadings, annotated against the audit-trail evidence.
- 04
Standards-of-care cross-references
Documented variances framed in terms a trier of fact can follow.
- 05
Provider background summary
Licenses, board certifications, disciplinary actions, and publicly available history.
- 06
Filing-ready declaration template
Declaration or affidavit language tailored to the jurisdiction, ready for your review and execution.
See a redacted sample findings report or how the underlying audit-trail analysis works.
How it works
From production to discovery-ready findings
Send the production
Forward the records and any audit-trail or access-log data the provider produced. I'll tell you what's present, what's missing, and what to demand next.
Forensic analysis
I reconstruct the record's history from the audit trail and metadata — entry timing, edits, deletions, copy-forward cloning, and the gap between when documentation was authored and when events occurred.
Findings memo + discovery language
You get a clear written findings memo and model request-for-production language tuned to the specific EMR — ready to drop into discovery, motion practice, or deposition prep.
Why providers must keep — and produce — these logs
The audit trail is data the law requires
Audit trails aren't a courtesy a provider may have chosen to keep. Three layers of federal law make them required records — and steadily harder to lawfully withhold.
HIPAA Security Rule
Audit controls are required
The Security Rule obligates providers to implement audit controls — mechanisms that record and examine activity in systems holding electronic protected health information. The audit trail isn't optional; it's the output of a control the provider was already required to operate.
HITECH Act
Enforcement with teeth
HITECH strengthened HIPAA enforcement and raised the stakes for actually maintaining those controls. Practically, that means audit data is more likely to exist, be retained, and be retrievable than a 'we don't really keep that' objection suggests.
21st Century Cures Act
Information blocking rules
The Cures Act's information-blocking rules press providers and their EMR vendors toward making electronic health information available rather than withholding it. A 'too burdensome' objection runs against the direction of federal health-information policy.
This is technical and regulatory context, not legal advice — the application to your case is your call. Read more on HITECH records requests and Cures Act information blocking
Cross-vendor coverage
Every major EMR audits differently
What to demand in discovery — and where productions fall short — depends on the system. Guides for each major platform: