January 30, 2012

A Call for Oversight
By Susan Chapman
For The Record
Vol. 24 No. 2 P. 20

A report makes the case for establishing a national EHR error review board dedicated to patient safety.

At the 2011 American Medical Informatics Association annual symposium, Dean Sittig, PhD, a professor at University of Texas-Memorial Hermann Center for Healthcare Quality and Safety, spoke about the creation of a national review board that would gather and investigate EHR errors. Currently, EHRevent.org, a service of PDR Secure that was established by medical professional insurance carriers and the iHealth Alliance, is the most visible system in place to report EHR mishaps. Sittig and other experts argue that while this system is helpful, EHRs require more stringent oversight.

In the Journal of Patient Safety policy article “Creating an Oversight Infrastructure for Electronic Health Record-Related Patient Safety Hazards,” Sittig and coauthors Hardeep Singh, MD, MPH, and David C. Classen, MD, MS, delineated the need for a program that “calls for data gathering, investigation/analysis, and regulatory components. … Nationally, we propose the long-term creation of a centralized, nonpartisan board with an appropriate legal and regulatory infrastructure to ensure the safety of EHRs.”

Opportunities for Error
As healthcare organizations and providers work diligently to meet EHR incentive deadlines, the likelihood for EHR errors increases, says Sittig, who adds, “Usually an error in medicine stems from many things that have gone wrong. Everything is connected so if the hospital or healthcare provider stopped one error, the whole chain of errors would not have happened.”

Sittig notes that by using computers, the healthcare system essentially eliminates human double-checks, and the lack of such review can lead to problems. “For example, there can be two patients with similar names, and lab results can be assigned to the wrong patient,” he says. “The doctor orders new medications on Patient A based on the incorrect results from Patient B. Then a covering nurse who does not ‘know’ the patient administers the wrong medications as ordered and later something goes wrong. In this case, a computer error set off the event. But often people don’t recognize that the original error was in the computer and that the covering nurse was not able to perform the customary double-check before administering the meds.”

Other more common errors can have a broader domino effect. For instance, a technician’s data input error, or “fast fingers,” can lead to a computer logic issue, which then propagates the mistake. Or in the case of a software system that is used around the country, a systematic error could have far-reaching effects.

“In many large systems, if something goes wrong with the software, it can affect all clinics and hospitals that belong to the system,” Sittig says.

Edward Fotsch, MD, CEO of PDR Network, LLC, agrees. “Paper doesn’t have leverage the way a computer does, which is why, in total, EHRs appear to be far preferable to paper-based healthcare. But if something goes wrong with a paper record, one patient is affected, and the event is over. With computers, one data input error can cause a cascading series of effects. On one hand, leverage makes EHRs powerful, but on the other, it’s problematic,” he says.

In the Journal of Patient Safety article, the coauthors illustrated this point. “A major adverse event related to an EHR could affect thousands of patients if not corrected rapidly,” the article stated. “For example, in 2006, the UK National Health Service was forced to notify more than 900 clinicians that their patients who were prescribed Zyban may have mistakenly been given Viagra owing to an error in the dispensing pharmacy’s medication mapping table.”

“In a case such as that in England, it was easy to make a mistake,” Sittig says. “One line on the table could have been entered wrong, which then caused everything after that to go wrong. Still, a person input the data so while it’s easy to blame the person, it does not help our understanding of the hazardous situation.”

With the ubiquity of computers in healthcare, Sittig says the industry has begun to move away from human intervention. He believes there is a strong need for such intervention and reiterates the vital nature of human review to prevent the potentially far-reaching effects of computer error.

Sittig notes that when computer software is upgraded, “It can be a risky time. It’s a lot like when cars were first on the road. Drivers couldn’t see when it rained. After a number of accidents, windshield wipers were invented, and they improved safety. In the same way, when new programs are first implemented, we need to carefully study them, creating the correct enhancements to make them safe. And we have to keep patients safe during those crucial testing periods.”

The Call for an EHR Board
According to Michelle Dougherty, RHIA, CHP, director of practice leadership at AHIMA, there are different industry perspectives on the value of creating a board to oversee EHR errors. “The Institute of Medicine [IOM] has mandated that vendors must establish some sort of regulatory process or the IOM will move to a regulatory process that they may not like,” she says. “But without a regulatory process, some in the industry would choose not to participate, even vendors. It would be business as usual without the driver of oversight.”

Sittig envisions a regulatory agency much like the National Transportation Safety Board (NTSB) that would consist of core members who know how to investigate EHR errors and experts familiar with particular health systems.

“Once it was determined that an EHR event had occurred, the EHR board would be notified,” he says. In their article, Sittig and the coauthors offered details on how the board would operate: “The program calls for data gathering, investigation/analysis, and regulatory components. The first two functions will depend on institution level EHR safety committees that will investigate all known EHR-related adverse events and near-misses and report them nationally using standardized methods. These committees should also perform routine safety self-assessments to proactively identify new risks.”

Fotsch agrees that an EHR board would act much like the NTSB, but there are significant differences in how airline and EHR events would have to be investigated. “When there’s a plane crash, it generally involves one pilot and one plane that’s not connected to a network of other planes. Healthcare is much more complex,” he explains.

While Fotsch sees EHRevent.org as a step toward making EHRs safer, he notes that any regulatory agency would need to take investigations much further.

“EHRevent.org is a self-reporting database that ensures the anonymity of the reporting party. It was spearheaded by liability carriers who defend doctors, trade associations, and medical societies. But root-cause analysis can’t be done on a form,” Fotsch says. “In the dozens of reports we’ve seen thus far, these events are more complicated, and follow-up is needed. Many EHR incidents involve some level of user error. More often, they’re a combination of technology and human mistakes. A healthcare provider won’t voluntarily report a mistake that would then increase their own liability.”

All parties concur that the goal is to make systems safer. Currently, healthcare is zeroed in on efficiency, but experts want to shift that focus more toward safety. “We’re trying to avoid those cascading events,” Fotsch says.

Dougherty agrees with the recommendations in the paper, pointing out that an EHR board should include clinicians, statisticians, informaticians, and experts in human-factor engineering who could help determine whether errors occurred in programming or workflow.

In addition to an external review board, it is generally recommended that organizations have an internal oversight process. “There is also a role for the HIM profession in patient safety issues,” Dougherty says. “Any internal oversight board process would need someone who can transcend IT. An HIM professional can transcend technology and understand the clinical component as well as the data analytics component. We need to move our mindset to the improvement. We need a nonpunitive investigative improvement process. HIM should at least be at the table, but optimally in a key position to lead as well.”

With billions of taxpayer dollars being devoted to EHR adoption, Fotsch says there must be feedback and accountability at the highest levels. “The federal government has to be involved at some level,” he says. “And we have to have the participation of the practitioners, liability carriers, and vendors. If any group feels disadvantaged, then they won’t participate.”

Fotsch envisions an EHR error review board as essentially being a patient safety organization (PSO) with liability carriers playing the main role. “Everyone respects and understands the power of the professional liability companies because they are 100% focused on patient safety and reduced liability. They make a living reducing liability and improving patient safety. But they have great relationships with doctors,” he says. “And they have no reason to disadvantage EHR vendors. In the iHealth Alliance, the FDA has a liaison. We’re hopeful that the federal government would have a role, which would ensure collaboration between public and private sectors. It’s the fastest way to move forward and get widespread participation.”

The overarching question, Fotsch says, is how to fund and maintain funding for a national EHR safety reporting system, affirming that the federal government is best positioned to provide resources. “There needs to be funding and an infrastructure,” he says. “That can be complicated and expensive. A heavy-handed government approach won’t work. The flipside, though, is that there is no obvious way to fund an EHR oversight group or a recurring way to staff it without the government being involved. There is no obvious way to fund either the creation of the system or ongoing support at this point. The dilemma is how not to be a government bureaucracy but still get some level of support as well as involvement from the federal government which is underwriting EHR adoption using taxpayer money.”

Privacy Concerns
Dougherty notes that HIPAA regulations would play a major role in the operations of an error review board. “As any EHR board reviews incidents internally, the process would need to be cognizant of identification issues,” she says. “Organizations would have to review notice of privacy practices, which would reflect how information is updated and used, and operate within privacy parameters. They’d also have to make consumers aware of how information is used and minimize patient identification.”

Adds Fotsch, “PSOs would be allowed to send information to the board. The PSO would be allowed to report to them, but the information wouldn’t be seen by outside attorneys, and hospital records would be protected.”

Moving Ahead
In the past, EHR events were reported only to EHR vendors. While they addressed the problems, they never published case studies or other beneficial event information. Vendors would not expose themselves—particularly if there were a user-error aspect to the incident.

Fotsch believes that with EHRevent.org, the liability carriers have brought the right people together to handle such reporting and will be able to take the appropriate steps to move forward on the creation of an EHR board. “EHRevent.org is a strong basis,” he says. “It could help make the board be in place [this year]. The AMA [American Medical Association], National Patient Safety Foundation, and others are all there, the liability providers have brought together the right team, and it’s all ready to go.”

It means the time to act is now, Forsch says. “If we wait for the government to go through the FDA, it will likely take a very long time,” he says.

Dougherty believes the industry remains in a learning phase when it comes to how best to manage EHR migration. Ascertaining the type of data that would be generated by a regulatory agency is necessary to pinpoint where improvements can be made, she notes.

“We need reporting on a timely basis so that individuals are not harmed. The need for safety is critical,” Dougherty says.

In their article, Sittig, Singh, and Classen set forth a measured approach to bring an EHR board to fruition. “To jump-start the creation of this program, we propose that local institutional-level initiatives to collect and analyze data must be bolstered immediately. This would help characterize the various types and frequencies of EHR-related errors and adverse events.”

The authors contend that such a method “would ensure that there is adequate strength of the evidence to justify the scope and cost of implementation of the independent national board, which clearly will take longer to get established.”

— Susan Chapman is a Los Angeles-based writer and author.