Catalyst Corner: July/August 2014
EHRs Can Pose Patient Safety Risks
A recent research report published in the Journal of the American Medical Informatics Association (JAMIA) by Derek Meeks and his colleagues points out numerous patient safety issues associated with electronic health records (EHRs), in spite of evidence supporting the use of EHR systems to improve overall healthcare safety and outcomes. The authors note that it is critical to have procedures in place to monitor and resolve patient safety concerns in all phases of EHR implementation, from beginning to maturity. The more complex an EHR system, the more difficult it may be to trace problems, they note.
Meeks and his colleagues used data from the Informatics Patient Safety Office at the Veterans Health Administration division of the VA. The VA has maintained a voluntary reporting system to investigate EHR-associated adverse events since 1999. In analyzing the systems’ data, the researchers found 100 consecutive, unique closed investigations from 344 reported incidents at 55 VA facilities between August 2009 and May 2013. (See box at right.)
EHR implementation and use phases were 1) unsafe technology or technology failures, 2) unsafe or inappropriate use of technology, or 3) lack of monitoring of safety concerns. Of the 100 incidents, 74 were related to unsafe technology. Twenty-five incidents fell into phase two, unsafe EHR use, and one incident was related to monitoring patient safety. Further, the authors noted that as many as 40 incidents could appear in two categories and 23 incidents into three categories.
EHR Patient Safety Issues: The Significant Findings of the VA on Adverse EHR Events
Further analysis allowed researchers to categorize the incidents into four commonly occurring categories, which were unmet information display needs; software modifications; system-system interface; and hidden dependencies in distributed systems.
Looking at the data from this angle, 36 cases involved the display needs, 24 were related to modifications, 17 were interface issues, and 17 concerned system dependencies. In the first area, the contributory dimensions were hardware and software (22 incidents), human-computer interface (22 incidents), workflow and communication (10 incidents), clinical content (9 incidents), people (9 incidents), organizational policies and procedures (2 incidents), and system measurement and monitoring (1 incident). In the second area, the contributory dimensions were hardware and software (21 incidents), clinical content (10 incidents), and workflow and communication (5 incidents). In the third area, dimensions were hardware and software (17 incidents), workflow (6 incidents), and content (5 incidents). Lastly, in the fourth category, concerns were related to hardware and software (14 incidents), workflow (14 incidents), clinical content (9 incidents), and people (5 incidents), all of which were multiple versus single category.
In the report, the authors describe a case in the first category where a patient was given a higher dose of a diuretic than was prescribed, due to a pharmacist overriding a dose error warning known to have a high false positive rate. The override allowed the nursing staff to administer the higher, incorrect dose. The example points to the complex interactions between the hardware, software, interfaces, users, workflow, and communication, the authors note.
System Testing Essential
The researchers also provided some mitigating procedures in each category of concern. For unmet display needs these include: testing the information display in the context of real-world tasks; validating the display with all expected information and reasonable unexpected information; ensuring the essential information is complete and clearly visible on the screen; and ensuring the system messages and labels are unambiguously worded. For the software modifications concern, they recommend that availability and testing of appropriate hardware and software occur at the unit level and as installed before the go-live date; testing changes with a full range of clinical content; and exploring the impact of changes on workflows. In the system-interface area, they suggest understanding, documenting, and testing content and workflow requirements on both sides of the interface; ensuring that communication is complete (disallowing the partial transmission of information); and developing workflows that incorporate backup methods to transmit information. Finally, in the hidden dependencies safety concern area, they recommend documenting ideal actions of the EHR or components; documenting assumptions or making dependencies explicit in software workflows; and establishing monitoring and measurement practices with system-wide scope.
Best Practices in Safe Use of Health Information Technology
In the concluding commentary, the authors highlight the need for most healthcare organizations to have an infrastructure for monitoring health IT-related patient safety concerns, and that such an infrastructure is lacking. People are more focused on meeting government requirements for EHR system implementation than safety, said one author. Besides the authors’ recommendations, another good resource that institutions and vendors can use to assess safety is the Office of the National Coordinator for
In the concluding commentary, the authors highlight the need for most healthcare organizations to have an infrastructure for monitoring health IT-related patient safety concerns, and that such an infrastructure is lacking. People are more focused on meeting government requirements for EHR system implementation than safety, said one author.
Health Information Technology (ONC) Safety Assurance Factors for EHR Resilience (SAFER) Guides. These evidence-based guidelines have practical advice to help users employ health information technology more safely. There are nine SAFER Guides. Each is designed to help care delivery organizations conduct self-assessments of recommended practices in areas of importance to the safety and safe use of health information technology and to implement best practices (see box at left).
According to ONC, the Organizational Responsibilities SAFER Guide should help the leadership of health IT-enabled organizations monitor critical components of the safe use of health IT and make sure that a team of people — including clinicians and safety staff within the organization, as well as health information technology developers — is continuously engaged and focused on safety. The High Priority Practices guide is designed to help organizations explore where they can start to integrate health IT safety into their patient safety programs by identifying high-priority, high-risk practices associated with health IT use, and then suggesting which other SAFER Guides might help. The Contingency Planning, System Interfaces, and System Configuration guides should help organizations ensure that the health IT is safely designed, maintained, and configured, and is reliably available, with accurate and current information. Finally, the Patient Identification, CPOE with Decision Support, Test Results Review and Follow-Up, and Clinician Communication guides should help practices establish systems that will allow them to be more confident that vital clinical information on the right patient will successfully reach clinicians who need it. The guides may be accessed at http://www.healthit.gov/safer/.
As Meeks and his colleagues note, it is up to healthcare organizations and EHR users to perform proactive risk assessments to identity patient safety concerns and work with EHR vendors to address them. Further, the initial research provides a framework for future safety assessment activities, they say. The full report is available in PDF format at http://jamia.bmj.com /content/early/2014/05/20/amiajnl-2013-002578 .full.pdf+html. CT
Marsha K. Millonig, R.Ph., M.B.A., is president of Catalyst Enterprises, LLC, in Eagan, Minn. The firm provides consulting, research, and writing services to help healthcare industry players provide services more efficiently and implement new services for future growth. The author can be reached at email@example.com.