legal health record (LHR)

What is a legal health record (LHR)?

A legal health record (LHR) refers to documentation about a patient's personal health information that is created by a healthcare organization or provider. The healthcare entity uses the LHR as a business record and is required to make it available upon request from the patient to whom the LHR belongs or from law enforcement or legal entities.

An LHR usually documents the various medical services provided to a patient by a healthcare organization. It also documents the patient's health status and the provider's observations, instructions and actions taken. There is no specific standard or template to create LHRs, so different healthcare organizations define and maintain LHRs in their own way. The specific components of an LHR can also differ between organizations.

Every LHR contains individually identifiable data, meaning Patient A's LHR will be different from Patient B's, Patient C's and so on. Before the prevalence of digitization, all LHRs were created and maintained in paper form. In recent decades, more healthcare facilities have adopted electronic health records (EHRs), so LHRs are also usually in electronic or digital format.

An electronic health record screen.
Example of a legal health record in electronic form.

EHRs are not the only source of patient information. Modern healthcare providers also use health apps to monitor patient health outcomes, disease registries, intake forms, pharmacy records, lab results and other sources to gather important health-related data. As a result, defining and creating LHRs is becoming increasingly complex. The following circumstances can further increase complexity:

  • Multiple documents comprise one LHR.
  • Records are in different formats, such as email, diagnostic images, physician notes and voice files.
  • Records are stored in separate electronic or paper-based databases.

What is included and not included in a legal health record

These documents might be part of a patient's LHR:

  • Diagnostic test results.
  • Pharmacy and medication records.
  • Physician records or notes.
  • Physical examination records.
  • Patient health history.
  • Immunization records.
  • Consultation reports.
  • Administrative and financial data.
  • Records of physical, occupational or speech therapy.
  • Discharge instructions.
  • Care plans.
  • Advance directives from the provider.

In addition, consent-for-treatment forms, intake/output records, patient-provider communications such as email messages, and nursing assessments can also be part of an LHR.

Health records that are created, managed or controlled by the patients themselves are considered patient -- or personal -- health records (PHRs). Examples include glucose-tracking records, immunization records and medication records. These are not part of LHRs. That said, patients can share their PHRs with providers, and providers might add this information to the LHR for any of these reasons:

  • To improve and personalize patient care.
  • To review patient data and use the findings to inform the care plan.
  • To document specific observations or provide instructions regarding that patient.

If patients don't provide PHRs to the healthcare organization, then only the documents that are created and maintained by the healthcare organization constitute its official or business records known as LHRs.

Administrative data is also not considered part of the LHR. This data is patient identifiable and usually used for administrative, regulatory and payment purposes. Examples include biometrics, death certificates, patient-identifiable claims, authorization forms for release of information and practice guidelines that do not embed patient data.

Importance of legal health records

An LHR serves as a healthcare organization's business and legal record for each patient within its care. It provides written proof of the services provided to a patient and documents their caregivers' specific care decisions and the reasons for those decisions. This proof can serve as legal testimony if the patient takes the organization or its caregivers to court following an injury, illness, surgery or other health event. An LHR is an effective legal document if it does the following:

  • Provides a detailed view of a patient's health history and prognosis.
  • Records caregivers' observations and measurements.
  • Provides evidence that a certain type of care was necessary and what standards were used to deliver it.
  • Documents the patient's response to the care given.

The LHR is also important in other ways. It shows that caregivers adhered to the organization's standards and procedures while delivering care. It also serves as a way for practitioners to plan care for the patient and to communicate with other practitioners serving that patient.

Furthermore, LHRs can do the following:

  • Support any medical claims the patient or organization submits to insurance companies.
  • Act as supporting documentation if any services provided to the patient are reimbursable.
  • Provide a resource for practitioner education and awareness.
  • Support business decision-making.
  • Provide useful data for clinical health and public health research efforts.

Patient-identifiable source data in legal health records

Patient-identifiable source data can be part of an LHR. It might be confidentially and safely maintained in a separate location or database. Usually, documents such as interpretations, summaries and physician notes are derived from patient-identifiable source data.

Examples include the following:

  • Video recordings of meetings between a physician and patient.
  • Diagnostic films and images.
  • Audio files, including caregivers' dictations.
  • Procedure or therapy videos.
  • Analog or digital patient photographs.
  • Tests from which interpretations are derived, such as electrocardiogram tracings.

Compliance standards for legal health records

There are no specific regulations or laws governing the creation or format of LHRs. However, every LHR must adhere to the organization's own standards and procedures. Healthcare organizations must also consider the applicable federal and state data privacy laws when creating LHRs. And they must consider and comply with the retention and classification requirements as specified by federal and state laws.

Providers must think carefully about what is appropriate to reveal in the LHR. In addition, they must ensure secondary records containing patient-identifiable source data are provided the same level of confidentiality as primary documents in the LHR.

Learn how health informaticians weave medicine tech and science together and see how CIOs can help alleviate EHR issues.

This was last updated in July 2023

Continue Reading About legal health record (LHR)

Dig Deeper on Clinical documentation

Cloud Computing
Mobile Computing