Saturday, July 07, 2012

Manipulation of 12,000 Medical Records Made Easy by EHR

This from a hospital in Canberra, Australia using a common ED EHR in that part of the world, iSOFT:

Canberra Hospital embroiled in data scandal
SBI Magazine (Secure Business Intelligence)
Jul 5, 2012 

A Canberra Hospital executive has admitted to manipulating Emergency Department records to make wait times and stays appear shorter than they were.

The executive told the Director-General of the Health Directorate they had made "approximately 20 to 30 changes to hospital records" a day from "late 2010" onwards.

ABC [Australian Broadcasting Corp.] News reported that the matter has been referred to police, while the executive has been suspended without pay.

Though the data manipulation was initially said to be motivated by concerns over job security, changes in 2011 and early 2012 were said to have been made due to "managerial pressure" to improve publicly-reported performance statistics.

This raises the issue that data manipulation might have been performed not just to improve reported statistics, but to cover up medical error, computer related or not, and thus deny injured patients or their heirs the right to legal redress.

"The only thing that worked to achieve benchmark targets was to alter the data," the executive later told investigators at PricewaterhouseCoopers (PwC), which was engaged by Health to perform a forensics analysis. The analysis is detailed in a new Auditor-General report (pdf).

In total, PwC found 11,700 performance records - about six percent of all records stored in the hospital's iSOFT emergency department information solution (EDIS) - had been altered.

It is believed more staff at Canberra Hospital altered records than the executive that has so far admitted responsibility.  "While an executive has admitted to changing EDIS records, it is probable that EDIS records have also been manipulated by other persons with access to the system," the federal auditor-general noted overnight.

This is another area where electronic records make possible tasks that are probably impossible with paper.  Altering 11,000+ records would be hard in paper charts, as the alterations would likely stick out in a pronounced manner.

"The executive’s admission to Audit does not appear to account for all of the changes to EDIS records that have been made to improve timeliness performance."

For example, changes to EDIS records, albeit a much smaller number, appear to have been made on days when the executive was on leave (seven days in total in 2010-11 and early 2011-12). 

I am saddened to note, a proper term for this activity might indeed be "conspiracy":  a conspiracy is an agreement between two or more persons to break the law at some time in the future.

User access control, IT security failures

Poor controls such as generic logins and inadequate user and password security made it easy for insiders to game the data.

While EDIS was on approximately 259 workstations across the hospital and 253 users had permission to run the software, there were only 23 user accounts.

Of these user accounts, only eight were in regular use, including four named administrator accounts (specific to administrative staff) and four generic user accounts: CLERK, NURSE, DOCTOR and BEDMAN.

The generic accounts could be used by personnel across the hospital, not just within the Emergency Department.

Passwords for the four generic user accounts were "very poor" and had "never been changed". Password expiry was set at a default 999 days.

Audit logs were equally poor, not proactively checked and unreliable.

The proper term for these arrangements might be "gross mismanagement" of clinical information technology.

"A feature of the logging record is that it logs the changed field in EDIS and a number of other fields simultaneously, while not identifying which field was changed and what its original value was," auditors noted.

"Audit also notes that the logging record is also ineffective, because every entry in EDIS is logged from “Workstation 14”.  

"Although EDIS has been disseminated widely throughout the Canberra Hospital each of these users logs into EDIS using the common “Workstation 14”.

"This practice, combined with the use of generic user accounts, makes the EDIS logging information useless for investigations of unauthorised activity."

Furthermore, it was possible to edit EDIS records up to 72 hours after a patient’s treatment, providing a generous window for later unauthorised changes to the records.

These "features" sound like seller misdesign with regard to the metadata (logging records).

Noticing anomalies

It was only in April this year that a full inquiry was commissioned after "anomalies" in performance figures were spotted by the Australian Institute of Health and Welfare (AIHW).

The AIHW found an unusually high number of emergency patients that were reported to have been seen at exactly within the required time for their illness category.

For example, there was an unusually high number of patients who were reported to have been seen at exactly 30 minutes or 60 minutes.

In addition, an unusually high number of people checked out of the Emergency Department precisely 240 minutes after their recorded arrival.

If you're going to engage in this type of activity, at least be competent at it...instead of setting up a red flag bigger than the flag that used to fly over the Kremlin.

The records that were manipulated mean that publicly reported information relating to the timeliness of access to the Emergency Department and overall length of stay in the Emergency Department have been inaccurately reported.

The report could not ascertain the level of over‐estimation due to the lack of a clear audit trail identifying what were legitimate and what were fabricated entries in patients’ records.  

Timelines can be critical to proving medical negligence in court.  Further, if time data could have been manipulated, it seems clinical data could have been manipulated as well.

EHR data manipulation is of unknown magnitude worldwide, but I can imagine if it's easy to do and the benefits potentially substantial, electronic records could possibly be less trustworthy than paper records.

-- SS

Addendum:  while on the topic of clinical IT Down Under, there's also this:

Coast medical records system 'dangerous'
Stephanie Bedo

Doctors have complained about the system, saying some patient documents are missing, it has log-in problems and 10-minute delays in accessing critical information.

Gold Coast Health was the first region in the state to move to electronic record-keeping, rolled out progressively from October last year.

Queensland Health spent about $200 million on the electronic medical record roll-out last year, which was delayed by 12 months because of problems with the software provider.

... Hospital cardiologist Dr Greg Aroney raised concerns about the system at a Griffith University forum on the future of health on the Gold Coast this week.

"Our system is totally inadequate and dangerous," Dr Aroney said.

Read the whole story at this link:

A similar story from the states where the doctors' complaints were actually ignored is at my Sept. 2011 post "Blake Medical Center (Bradenton, Fla.) Ignores Health IT Warning Letter From 100 Staff Physicians." 

Let's hope the Australian physicians' complaints are taken more seriously.

-- SS


Anonymous said...

Meaningful use is indeed a meaningful ruse.

Anonymous said...

The hospital at which the doctors are complaining on the dysfunctional EHR is part of Queensland Health, accused of bias toward IT supplier Cerner Corporation, Kansas City, Mo. The name of the vendor was conspicuously absent from the article you cited.

Live IT or live with IT said...

Oh Scot, say something positive once in a while ...


These sorts of things would NEVER happen in the US, our HHS ONC would make sure we are protected.

No one has ever reported such an error to ANY self reporting EHR glitch application, so no such thing has occurred here.

Afraid said...

Kind of makes upcoding look like a certain result of EHRs.