Thursday, March 11, 2010

FDA Asks Hospitals to Report Safety Glitches in Digital Health Systems

A theme of my writings on this blog and on my teaching site for the past decade has been mismanagement of healthcare information technology by an industry and people who have been operating for many years far beyond their qualifications and competencies. Technology requiring the highest levels of biomedical-IT cross disciplinary expertise has most commonly been designed, managed, implemented, led and defended by amateurs [see note 1].

As a result of this mismanagement, the technology is not without its perils. The problem is that this industry suffers from constricted information flows for a number of reasons, and we do not know the magnitude of the perils. Even speculation is difficult since data is scarce. The technology remains experimental.

After a commitment of tens of billions of economic recovery act funds to roll out this technology nationally, the Federal government has finally taken notice:

FDA Asks Hospitals to Report Safety Glitches in Digital Health Systems
In Letter to 350 Health Centers, Agency Signals Growing Concern

By Fred Schulte and Emma Schwartz
Huffington Post Investigative Fund
3:24 pm | 11 Mar 2010

Concern over safety risks posed by health information technology has led the Food and Drug Administration to step up scrutiny of the products, including digital medical records systems on which the government plans to spend billions of dollars in coming years.

The FDA last month asked a network of 350 hospitals it set up across the country to report data on potential hazards from a range of computer-assisted medical devices, according to an agency document obtained by the Huffington Post Investigative Fund.

This should have occurred a decade ago, but better late than never (of course, this action will not help people already harmed by this technology such as these and these).

The FDA action comes as federal officials forge ahead with plans to use as much as $27 billion in economic stimulus money to replace paper patient records with digital ones. The Obama administration wants to create a digital health file for every American by 2014, saying the conversion will save money and improve the quality of health care.

From an analysis that I concur with from the Heartland Institute:

... Proponents of this spending rely heavily on a short RAND Corporation analysis from 2005 that predicted $77 billion in annual savings and improved outcomes. RAND estimated “implementation would cost around $8 billion per year, assuming adoption by 90 percent of hospitals and doctors offices over 15 years.” It said, “The benefits can include dramatic efficiency savings, greatly increased safety, and health benefits.”

Unfortunately, RAND assumed an error-free system that is quickly and enthusiastically adopted by virtually the entire health care system. That might happen, but it is an absolute best-case scenario. [See my aforementioned HIT teaching site on why a "best case scenario" is a near impossibility - ed.] Even then, instead of “dramatic savings,” the $77 billion hoped-for savings amounted to a mere 4.5 percent of total costs, placed at $1.7 trillion by RAND.

Far more likely is that every penny of the $20 billion will be wasted on systems that don’t work and can never be implemented.
[As per my Feb. 18, 2009 Letter to the Editor in the Wall Street Journal - ed.] That was the outcome of federal attempts to upgrade technology at the IRS, the FBI, and the air traffic control system. And these are all relatively simple enterprises involving single federal agencies. Health IT is vastly more complex and must include hundreds of thousands of private organizations that have invested in legacy systems that work reasonably well and are as varied as there are providers.

Back to the Huffington Post Investigative Fund article:

... Reports that hospitals send to the FDA are to be posted on an agency Web site. The FDA maintains it has the authority to regulate the technology, but has not taken steps to do so, leaving the industry largely to police itself. Reporting of problems is voluntary and most manufacturers have not done so.

I think it accurate to say reporting is nearly nonexistent, yet I regularly hear stories from colleagues, former students, and others that make my hair stand on end. These people are afraid to speak out publicly, lest their careers be threatened by hospital sham peer review, vendor lawsuits, or other forms of retaliation against 'whistleblowers' (see an example here).

... In the letter sent to hospitals last month, Marilyn Flack, of the FDA’s Center for Devices and Radiological Health, said use of digital medical equipment “continues to grow and affect patient care and safety.” The FDA “is exploring problems….that may affect patient safety,” she wrote.

The agency plans to collect reports using its Medical Product Surveillance Network, called MedSun. It is asking hospitals to note a wide range of problems involving electronic health records and other computerized systems for hospital laboratories, pharmacies and anesthesia and radiology devices, including hand-held ones.

Here is the FDA letter. Click to enlarge:

FDA letter on health IT safety reporting, page 1 (click to enlarge)

FDA letter on health IT safety reporting, page 2 (click to enlarge)

I note that this letter is remarkable, a real breakthrough. It is also remarkable that this 'breakthrough' had to wait until 2010, not 1990 or 2000, and only after the government has pushed hard to spread this technology nationally without knowing the flip side. The expression "ready, fire, aim" comes to mind.

Some of the 'glitches' were mentioned:

... She also cited an example of a software package used in a hospital emergency room in which lab tests “ordered for one patient returned the results for another.”

In another case, a hospital in the MedSun network reported an operating room software product that often “locked up” during surgery, without alerting anyone that “data entry had ceased.”

According to the FDA letter: “At the end of the surgical procedure, surgical procedure notes were incomplete—compromising the accuracy of the data as nurses had to manually re-enter from memory many of the surgical notes.”

In a third case cited by Flack, a radiology workstation became “extremely slow, delaying procedures and causing X-ray techs to subject patients to repeat X-rays.” The cause was determined to be a software glitch that happened when too many characters were entered in.

These 'glitches' largely come from poor design, engineering, implementation and support and don't even include mission hostile user experiences from software that is 'working correctly.'

... Arthur Bartosch, director of Biomedical Engineering Services at Westchester Medical Center in New York, agreed [that in the past, cinical engineering staff would not have been involved in health IT safety reporting]. He said he planned to circulate the FDA’s alert to the hospital’s chief medical information officer and they would “probably” create a task force to figure out how to document any problems.

It is pathognomonic of IT irrational exuberance and special accommodation given to this technology (greased by ignorance, money, politics and other pathologies among healthcare and hospital leadership juntas) that such 'task forces' are not as common as health IT itself.

... “The fundamental problem we have here is we’re dealing with an industry that really isn’t used to a transparent reporting of problems,” [Paul Egerman, co-chair of a government panel looking at the safety of health information technology] said.

[Isn't used to transparent reporting? I would have said "hostile to the extreme" regarding that kind of transparency - ed.]

Egerman, whose advisory panel expects to make its findings public in April, said government officials have a long way to go in fully understanding the potential hazards of adopting the new technology.

I noted a "hit" from (Executive Office of the President) on my ten year old HIT teaching site just yesterday. I believe it is the first. Welcome to Medical Informatics 101, Mr. President.

“Are there much more serious problems that we would know about if we had the data?,” he said. “These are all reasonable questions to ask.”

I injured my career in the past for asking just those questions, having been badgered to stop asking them essentially to the point of constructive discharge in my former CMIO role.

Let's see if the change of culture is real, or just talk.

It's not that safety reporting and transparency are anything new or special. From the Joint Commission in their August 2009 Sentinel Events Alert #43:

Existing Joint Commission requirements:
The Leadership chapter in the standards manual addresses leadership and safety, specifically relating to the organization's governing body, the chief executive and senior managers, and medical and clinical staff leaders.

The standards specifically require that these three leadership groups create a culture of safety (11) by creating an atmosphere of trust and fairness that encourages reporting of risks and adverse events, by allocating the resources necessary to support safety, by discussing and reporting safety issues and indicators, and by developing plans to assure and improve safety performance, especially in relation to high-risk or problem-prone processes. Other issues covered in the standards are: the implementation of important systems within the organization that support safety; the organization's safety program for reporting adverse events and near misses; and the design or modification of processes to support safety.
Suggested Actions (item #2):
Institute an organization-wide policy of transparency that sheds light on all adverse events and patient safety issues within the organization, thereby creating an environment where it is safe for everyone to talk about real and potential organizational vulnerabilities and to support each other in an effort to report vulnerabilities and failures without fear of reprisal. (8,9)

Finally, considering that the average salary offered to a hospital "Director of Informatics" is a penurious $90-120K per annum with respect to the true expertise required for top roles (don't just take my word for it, take ONC's), and that 'lowball hiring' in terms of expertise is pervasive, I predict that if robust error reporting takes place, the next few years in HIT will be a wild ride indeed.

-- SS

[1] I use the term "amateur" in the same sense that I am a telecommunications amateur, not a professional. Even though I hold the highest license class possible, the Extra, I would not even dream of leading a large telecom project.


Anonymous said...

OMG, you mean these White House trumpeted health care saviors can kill patients? Gee, I hope someone in Congress know this.

Anonymous said...

Does anyone know what companies paid for the now infamous RAND study and did they purchase the favourable conclusion?

Anonymous said...

I find the unabashed belief in technology to be troubling. As a part of the health care reform package is a requirement for a national health card. Along with this comes direct access to financial information, including access to personal bank accounts for the reason of transferring funds to the government. (Page 58)

We have seen in the last couple of days a call for a national right to work card. Only with the presentation of this card will a person be allowed to work in the US.

How hard will it be to then combine these cards as a national identification card with access to personal, medical, and financial information?

Layered on top of this we have the continued push to provide EMR’s in this country within a short time span. Just now we are recognizing the failures and issues with the system and timetable.

Interestingly England shot down the idea of a national ID card as an invasion of privacy. The ACLU has stated they will fight the right to work card. England has also seen their EMR project go down in shambles.

I just have to feel that a lot of the people on the government and business side don’t know what they don’t know. The potential for misinformation and abuse are staggering.

Steve Lucas