Home  |   Subscribe  |   Resources  |   Reprints  |   Writers' Guidelines

November 2014

Report Analyzes EHR Patient Safety Concerns
By Susan Chapman
For The Record
Vol. 26 No. 11 P. 20

To address a complex issue, experts suggest taking a sociotechnical, proactive approach.

The Institute of Medicine (IOM) recently called for greater attention to be paid to EHR safety issues. In response, a team of VA researchers—Derek W. Meeks, Michael W. Smith, Lesley Taylor, Dean F. Sittig, Jean M. Scott, and Hardeep Singh—analyzed EHR-related safety concerns reported within a large, integrated health care system.

Using an eight-dimension sociotechnical conceptual model accounting for both technical and nontechnical safety dimensions, the team identified common emergent and recurring safety concerns from 344 reported incidents occurring between August 2009 and May 2013. The researchers discovered 74 incidents involving unsafe technology and 25 comprising unsafe use of technology. Seventy percent of the incidents involved two or more of the eight model dimensions.

According to the report, "An Analysis of Electronic Health Record-Related Patient Safety Concerns," published in The Journal of the American Medical Informatics Association, "Most often, nontechnical dimensions such as work flow, policies, and personnel interacted in a complex fashion with technical dimensions such as software/hardware, content, and user interface to produce safety concerns."

"These findings indicate that we need a sociotechnical approach to identify and understand EHR-related safety concerns," says Singh of the Houston VA Center for Innovations in Quality, Effectiveness and Safety and Baylor College of Medicine. "This approach needs to account for the technology itself as well as nontechnological factors such as user behaviors, clinical workflow demands, and organizational policies and procedures."

It's difficult to identify precisely where these errors originate, says Scott, director of informatics patient safety at the VA Office of Informatics and Analytics/Health Informatics. "You can't answer that question one way or the other," she says. "You have to look at the conditions, the design, an organization's culture of safety, and other factors. Because you're looking at the interaction between the human and the technology, you can think of it like driving a car. Did you intend to go through a stop sign or not use the turn signal? Is it your fault if you're driving a different car and the turn signal is actually where the wipers were on your previous car? If the designs are different, then that distracts humans who are trained on something else."

Scott points out that systems become complicated when the software tries to predict physician behavior. There also is the manner in which users interface with the program. "Add to that a complex workflow environment, and you can see that it becomes a complex sociotechnical situation," she says.

While the industry envisioned EHRs reducing mistakes associated with illegible handwritten physician notes, new types of errors have emerged. For instance, a user may select a medication name that looks and sounds like another drug, which can lead to an adverse patient event. "This is much like typing an e-mail address where it autopopulates and you choose the wrong one," Scott says. "The error happens, but it isn't intentional."

Donald Voltz, MD, an anesthesiologist and an assistant professor at Case Western Reserve University School of Medicine, cites the landmark IOM report that estimates 44,000 to 98,000 people die annually from medical errors. "That would mean, using the lowest estimate, medical errors are the eighth-leading cause of death in the United States, resulting in costs ranging from $17 billion to $29 billion each year," he explains.

Voltz says many patient safety issues pertain to the coordination of care, including the use of high-concentration medications that require dilution and modifications when they are administered; the lack of proper documentation of intended medication, route, and dose; poor communication; and omissions in the record. "We can essentially break these mistakes down into four major categories: diagnostic, whether a delay in diagnosis or the wrong diagnosis; treatment; prevention; or other failures, be they in communication, equipment, or systems," he says.

Where Hospitals Are Most Vulnerable
Voltz believes numerous areas are particularly vulnerable to error. "Acute-care settings are at a higher risk due to the complexity of care, time critical interventions, systems, staffing, and communications systems," he says.

Because health care is a dynamic and complex system requiring a great deal of data interpretation, intervention, and communication, solely analyzing hospital data is not comprehensive. "Data need to be synthesized into a picture of health or disease for a given individual," Voltz says. "This process has been called turning data into information. Physicians and other care providers depend on EHRs that have been built and designed around the collection of data, but do not yet bring context to the data. In addition, due to the complexities and differences between EHRs and other health data systems, medical professionals are constantly presented with different user interfaces that must be consciously thought about to appropriately gather data as well as capture their decisions and treatment plans."

Besides the potential for errors at the care level, other components of the health care system that communicate information for tests, orders, and other interventions may be affected by misguided EHRs. "This leads to the potential for even more errors," Voltz says. "For example, users of these systems are constantly searching for the data they need to make and modify treatment decisions. There is not a uniform display or presentation of the data in a way that reduces errors. Providers are required to search through multiple screens of information, jump to different parts of the EHR, or even access various EHRs or other health information data sources in order to construct a complete data package for a single patient."

Because data can be entered into various areas of the EHR, it's possible that information may be duplicated or omitted, Voltz says, adding that documentation located in different folders can span several computer screens, causing users to overlook information.

Users also may experience "alert fatigue," a phenomenon that occurs when multiple alerts or warnings appear during EHR interactions such as placing patient orders. Alerts and warnings, which may be implemented without consideration for complex clinical workflows, sometimes are developed in silos with little testing before they are embedded in the EHR software. Therefore, experts say many developers are unaware of how they will affect users.

Singh says vulnerability can, and often does, begin at the software development level. "When vendors develop software in a lab and it works just fine, they might think it's good to go," he says. "However, when you implement some of these software programs in real-world scenarios, that may not be the case. A mismatch often occurs when you actually put technology into the complex workflow of the health care system. Implementation could present a high risk for some of these mismatches to lead to errors.

"It's been about 14 years that the VA implemented their EHR, and the VA is one of just a few health care organizations that dedicate specific resources to investigation and improvement of EHR-related safety concerns," he adds. "Some of these concerns continue long after the EHR goes live, and we constantly have to be on the watch for things going wrong. There are risks with upgrades, for example, and we need to look for problems proactively, before things go awry. Testing has to continue years after implementation, and error logs need to be kept and analyzed. The best strategy requires constant monitoring for problems."

While technological challenges remain an ongoing concern, Dick Taylor, MD, managing director and chief medical officer at MedSys Group, believes the primary vulnerability in any EHR system resides with the end user. "In hospitals, more data are lost or corrupted by people using the system with their approved access than in any other way," he says. "This is true with accidental damage, deliberate misuse, and even malware."

How to Prevent Errors
Dick Taylor says training is key to reducing errors. "Be sure that users are well trained from the start. Require this as a part of implementation, and don't make exceptions," he says. "If you have a need for relatively untrained users to utilize the system, implement a system of support such as scribes or concierges who can help. In addition, utilize audit charts not just for compliance, but also for completeness and revealing evident errors. If you find them, fix the systems that produced them. Then, use your lean and Six Sigma systems to attack complexity and ambiguity. Error reduction is like adverse-event reduction; it's a continuous battle, not a one-time fix."

Scott recommends hospitals work closely with vendors to help mitigate risks. "Ask vendors what they've done beforehand for usability," she says. "If possible, incorporate end users into the design of the system. It's important to know what type of reporting system the vendor has and how it will share the information it gathers with the hospital. Through collaboration, the issue becomes not just how hospitals can prevent EHR errors, but how the vendor and hospital can prevent them together. Look deeper into patient safety reporting. Through root-cause analysis reports, you can begin to understand the scenario of when an error occurs and investigate whether or not that mistake had an element of the EHR."

Voltz believes hospitals must develop their own technology to lessen the possibility of providers using workarounds and to address specific departmental needs. "In looking at the various issues, the number of EHR systems, and the complexity of health care, we need a platform that can interface with these systems and provide consistent, reliable displays of information and enhance communication of patient care among various providers and across the continuum of care," he says.

A platform that addresses interoperability and health information exchange must be paramount, Voltz says. "Accountability and answerability of information generated and care provided to a patient, including escalation of alerts when issues are not being addressed in a timely and appropriate manner, are necessary," he says. "As are allowing for documentation and the automated capture of critical information from a clinical, quality, and administrative standpoint."

Error-Reporting Systems
Over the years, hospitals have attempted to refine the concept of error reporting. Scott believes more robust and resourceful infrastructures must be in place that specifically investigate HIT-related patient safety issues. "Often, existing patient safety reporting systems are not specifically looking for these issues," she says. "That said, the VA has established a specific, dedicated office to analyze HIT safety concerns from VA facilities across the nation."

Dick Taylor takes a more inquisitive approach. "The more interesting question, in my mind, is how often hospitals use the systems they already have in place for actually reporting EHR-related errors," he says. "In my experience, unless the error involved patient harm, it is very unlikely that EHR-related errors are reported or tracked the way that other medical errors are. In partial defense of this, it's probably the case that with a written record, errors were virtually never reported and tracked. Even significant errors like medication mistakes never saw the light of day in those systems. So the concept of ignoring EHR-related errors tracks back to the written record."

While the IOM calls for mandatory and voluntary reporting of all medical errors, Dick Taylor says EHR-related mistakes are not widely reported. "There is no national body that collects this information systematically, and few that even sample it effectively," he explains. "Much of what we know about EHR-related errors is anecdotal or restricted to narrow events or studies."

In general, medical errors can be reported to several organizations, including the Joint Commission and various private agencies. "In my specialty, anesthesiology, The Anesthesiology Patient Safety Foundation has been established to specifically look at errors," Voltz says. "Other specialties have been established and newly created groups have and are being established to look at patient data, patterns, and safety concerns with the EHR. These include data marts to aggregate patient information and look for patterns for disease management as well as errors."

Additionally, the Health Care Assurance Act of 2001 amends the Social Security Act to establish a state-based medical error reporting system. According to the IOM website, "Under Title VIII, Safety and Cost-Effective Medical Treatment, it provides for Medical Error reduction and inserts error definitions and state-based reporting programs. It also requires demonstration projects to reduce medical errors, improve patient safety, and evaluate current reporting systems."

Internal Reporting Systems
Voltz recommends developing systems that can sit atop and interact with care delivery flow. "There are limitations in that EHR systems were not designed to look at the information required to assess and evaluate flow as well as to document how providers and systems generate, interact with, and utilize patient data in the delivery of care," he says. "A bunch of data are generated or collected and assessed by providers intermittently such as when a patient comes into the office for a visit or patients are rounded on once or twice a day in the hospital. Having the ability to connect and share information as it is being generated is an important component to changing this pattern of care delivery."

According to Voltz, the current process for viewing health information, from a provider's viewpoint, is a "manual pull" in which physicians often keep information in their heads or on notecards. "EHR systems do not have a task list of open loops that need to be addressed or followed on a given patient. This is why we need to keep lists and provide transfer of care reports to other providers when they take over care," he says. "This process is open for missed information and can lead to errors or failures to follow up and address a given issue."

Voltz says a system that shares the information collected, interventions undertaken, and pending tests and labs would create an accountability stream and the ability to determine who is addressing a given situation and viewing the data.

"Any EHR error-reporting infrastructure needs to be simple, automated, and blame-free," Dick Taylor says. "It should also gather the information needed to categorize the error and identify root causes, so it's not enough simply to have text and a date—you have to do some serious design to determine what you're trying to address. The system should focus on things that the hospital has prioritized. A one-size-fits-all system is unlikely to be useful or to be used extensively."

Singh believes that health care organizations must create robust safety monitoring systems like the VA's to identify and prevent EHR-related safety concerns. The data then should be aggregated and analyzed on a national scale. "However, we're still struggling with how to categorize these events," he says. "For instance, if a physician enters the wrong drug into the EHR because he was sleepy, and the patient gets the wrong dose, is that an EHR-related event? Or is an EHR event only when something went wrong with the technology?

"There is a lot of learning and categorizing we have to do to understand this complex interaction between technology and humans. Therefore, we have to look at this as a three-phase scenario where one, we must get the technology right; two, we use it safely—for example, avoid causing situations such as alert fatigue—and three, use the EHR as a means to monitor and improve patient safety."

— Susan Chapman is a Los Angeles-based writer.