Health information technology is said to be key to improving quality and safety. But even as providers rush to implement and master these expensive systems, there's an underappreciated chance that the use of computers might cause harm, according to a report from the Institute of Medicine.
"Examples of health IT–induced harm that can result in serious injury and death include dosing errors, failing to detect fatal illnesses, and delaying
treatment due to poor human–computer interactions or loss of data," the 197-page report "Health IT and Patient Safety: Building Safer Systems for Better Care" explains.
Flaws in vendor products or common misuse of them, for example, wrong drug listings in a computerized physician order entry (CPOE) system, may elude detection and sharing because of manufacturer confidentiality or non-disclosure agreements that vendors make purchasers sign, the report says.
"Thus, some vendors may impose or enforce such restrictions in ways that
may conceal patient safety issues. As long as vendors may restrict the release of information about safety issues through confidentiality clauses, intellectual property protections, and hold harmless clauses, the healthcare community will be limited in its understanding of how health IT affects
patient safety," the report says.
The report provided one example of an elderly patient who was harmed by an overdose of potassium chloride because of flaws in a CPOE system. The physician used the coded entry field to write the prescription order, but tried to limit the dose by writing an instruction in a comment box.
"However, the nurse either misinterpreted the note or did not read it and the patient received more (potassium chloride) than the diagnosing physician intended. A second physician, not having been informed that the patient was already prescribed (potassium chloride) used the CPOE system to prescribe even more potassium chloride to the patient."
The resulting patient's overdose was ultimately blamed in part on the interface's poor design and its failure to display important lab reports and medication history.
The report mentions another adverse consequence of health IT, the case of a physician who made a "copy paste" error, the result of which gave a woman patient the diagnosis of "scrotal pain, decreased urinary stream, and dysuria."
"I used to be a doctor," the physician told the IOM. "But now I am a typist."
The 18-person committee's report makes 10 recommendations, including raising the possibility that the U.S. Food and Drug Administration might at some point exercise its authority to regulate these systems as medical devices. The committee also calls on Congress to establish an independent federal entity to investigate any patient death, injury or potential unsafe conditions associated with health IT.
The situation could be exacerbated because these days, health professionals rush to get their share of billions in meaningful use incentive payments "to adopt the very products that may be causing harm. These stories are frightening, but they shed light on a very important problem and a realization that, as a nation, we must do better to keep patients safe," the report says.
It says both the private and public sector need to impose greater oversight, with more required reporting. While there have been numerous reports in the media of how computers in healthcare systems have caused harm, there hasn't been a good analysis to assess the extent of the risk.
IOM Committee Recommendations
1. The Secretary of Health and Human Services (HHS) should publish an action and surveillance plan within 12 months that includes a schedule for
working with the private sector to assess the impact of health IT on patient safety and minimizing the risk of its implementation and use. This would include funding from the Agency for Healthcare Research and Quality (AHRQ) and the National Library of Medicine (NLM) for research, training, and education of safe practices such as those related to design, implementation and usability and safe use of health IT by health providers and patients.
Additionally, the IOM calls for the Office of National Coordinator (ONC) for Health IT to fund efforts to improve the way manufacturers and healthcare organizations assess the safety of health IT products, both as they are being designed and after they are marketed.
2. The HHS Secretary should ensure that health IT vendors support the free exchange of information about health IT experiences and issues and not prohibit sharing of such information, including details (e.g., screenshots) relating to patient safety.
3. The ONC should work with the private and public sectors to make
comparative user experiences across vendors publicly available.
4. The HHS Secretary should fund a new Health IT Safety
Council to evaluate criteria for assessing and monitoring the safe use of health IT and the use of health IT to enhance safety. This council should operate within an existing voluntary consensus standards organization.
5. All health IT vendors should be required to publicly register and list their products with the ONC, initially beginning with EHRs certified for the meaningful use program.
6. The HHS Secretary should specify the quality and risk management
process requirements that health IT vendors must adopt, with a particular
focus on human factors, safety culture, and usability.
7. The HHS Secretary should establish a mechanism for both
vendors and users to report health IT-related deaths, serious injuries, or unsafe conditions. It should be mandatory for vendors but voluntary, confidential and nonpunitive by users, and ways to encourage reporting should be developed, "such as removing the perceptual, cultural, contractual, legal, and logistical barriers to reporting."
8. The HHS Secretary should recommend that Congress establish
an independent federal entity for investigating patient safety deaths, serious injuries, or potentially unsafe conditions associated with health IT. This entity should also monitor and analyze data and publicly report results of these activities.
9. The HHS Secretary should monitor and publicly report on the progress of health IT safety annually beginning in 2012. If progress toward safety
and reliability is not sufficient as determined by the Secretary, the Secretary should direct the FDA to exercise all available authority to regulate EHRs, health information exchanges, and PHRs. The Secretary should immediately direct the FDA to begin developing the necessary framework for regulation. Such a framework should be in place if and when the Secretary decides the state of health IT safety requires FDA regulation.
10. HHS, in collaboration with other research groups, should support
cross-disciplinary research toward the use of health IT as part of a learning
healthcare system. Products of this research should be used to inform the design, testing, and use of health IT. Specific areas of research include
- User-centered design and human factors applied to health IT,
- Safe implementation and use of health IT by all users,
- Sociotechnical systems associated with health IT, and
- Impact of policy decisions on health IT use in clinical practice.