The Consent Record Is Now Evidence

For much of medical history, a consent form was a signed piece of paper that lived in the medical record. As long as there was no legal reason to dig the form out, no one paid any more attention to it. Ambient AI has changed the nature of consent. The ambient system has captured and transformed consent into a digital stream of continuous data, and that stream has legally become the record.

The change is easy to miss because the form has remained mostly the same. The difference is what surrounds the form. When an ambient AI technology captures a patient interaction, the system does not just record a signed consent. The system records the onset of the consent, what interaction occurred before anyone on the AI team said the word consent, and whether there was ever any opportunity for the patient to say no to the recording. All of that is auditable, and all of that is accessible to the people who work in the legal department to identify the difference between the standard operating procedures and the data that actually occurred.

Moving from a signed form to a record of the data and the time it was captured is what ambient AI has done to the legal meaning of consent.

The old question was simple. What does the form say? The new questions are of a different nature. What is the ambient record? When did the recording start? Was the recording paused to give the patient an opportunity to say no?

These cannot be answered by a signature. They would require some metadata and some system logs the tool recorded with no one thinking about it at the time. An organization could point at a signed document and consider it the end of the line. The signed document is merely one exhibit, and the rest were produced automatically with no one deciding what they would show.

When the record contradicts itself

The larger problem occurs when the pieces disagree. A clinical note says one thing, system logs say another, and the audio starts before the note says consent was given. When the pieces of the record disagree, the record loses the functionality of being the only source of truth, and the contradiction itself becomes the main issue of the case.

This is where the automated consent documentation becomes problematic. A tool that automatically writes patient consented into the note is not a time saving tool. It is creating a document that the surrounding data would contradict. A human can be asked in an interview about what they remember and about what they wrote. A tool that wrote an answer would not be able to provide an answer; it would solely provide a claim next to a timeline that would disagree. When the two do not agree, the organization is not defending a decision. It is explaining a contradiction.

Retention Is Not Protection

The instinct to delete records to reduce exposure is understandable. The logic is that by keeping the data for a shorter period of time, there is less to find. While there is some degree of comfort that comes from short data retention, most of that comfort is psychological. Deletion does not eliminate the issues. Most of the time, the focus shifts from what the organization is doing to the reason for the deletion and whether there is a connection between the deletion and the other activities of the organization.

Deleting records on a retention schedule that is documented in advance and is followed consistently is defensible. However, a retention schedule that is inconsistent or that deletes records surrounding the time a complaint is filed, becomes evidence in and of itself. Most of the time, the deletion of a record is as interpretable as the record itself. An organization cannot solve a problem by deleting records of a situation that was never planned for.

How this impacts leaders

The first step is to assign a person as the owner. Someone at the senior level must take responsibility for how the organization captures consent and for how the organization is able to demonstrate that consent. This new responsibility is at the intersection of the care of patients and the exposure to legal liability, and currently is within no existing department. The next step is the unexciting inventory, which, in most organizations, is a list of the tools that capture audio or consent records and which organizations still cannot produce.

Going forward, the goal should be to unbundle proof of consent from clinical records. This way, proof of consent can be documented as a separate, authentic, and verifiable event, as opposed to a phrase that the system dumped into a note. Consent should also be structured so that consent refusal can be documented, and that this can be done in an unambiguous manner. If an acceptance process cannot literally capture an unambiguous refusal, then it cannot capture an unambiguous acceptance either. All of this must be planned in advance, as it cannot be done retroactively. In order to be effective, it must be integrated into the process of capture before the tool is used on a large scale. Once the data is captured, the account is already set, and there is no way to go back and change it.

The record will be read by someone you did not expect

Unfortunately, consent records can no longer be viewed as internal documents. They will inevitably become external documents that an outside party will read in a detailed and systematic order under rules and procedures that the issuing organization did not create. Such a reader will have no interest in the purpose of the document. They will focus on what the data conveys.

This should not prompt an aversion to the new technology. This should motivate a greater focus on the now inherent value of the consent record in order to construct the record in a manner that tells a clear and honest story. Organizations that do this will have records that protect them. The ones that treat consent as a mere formality will have records that testify against them.

Christopher Hutchins Founder and CEO, Hutchins Data Strategy Consultants