Thursday, August 23, 2012

From the University of Chicago EHR Helpdesk Call Line

I was alerted this morning (Aug. 23rd) to this message currently in the telephone message of the CBIS [Chicago Biomedicine Information Services] Service Desk at University of Chicago Medical Center:

"Thanks for calling the CBIS Service Desk.  Your call is very important to us. We are currently experiencing troubles with our Citrix logon.  It may log you on under a different profile.  Please check before you go any further when you're logging in to Citrix."

Citrix is a computer program that allows remote access to information systems.

I imagine the meaning of "log you on under a different profile" means "logging you on as a different user."

The chances of a security breach (ability of unauthorized user to peer into patient's charts they have no business seeing), unauthorized history/order manipulation, or even misidentification error (e.g., a clinician inadvertently acting upon a patient of some other clinician who has a similar name to their own patient) and other distracting work disruptions due to the inconveniences this "trouble" creates are worrisome.

One wonders how every user is being informed of this problem, as not everyone makes it a habit to call the service desk before logging in to clinical systems...

But, alas, this is just a "glitch" (the euphemism used by technophiles for malignant software defects), and, of course, patient safety is never compromised by "glitches."


Patient Safety Will Not Be Compromised, We Predict ... So Say Us All.


-- SS

8/29/12 Addendum:

Apparently the problem was finally solved between 5:30 PM and 9 PM CST on August 27.   I first became aware of it at around 8 AM EST August 23.  Brings to life the line "either you are in control of your information systems, or they are in control of you."

Also, see the comment thread to this post here, specifically the comments starting at August 28, 2012 12:16:00 PM EDT, to see yet another demonstration of the illogic, unserious attitudes and feelings of entitlement towards patient risk and transparency characteristic of the health IT industry.  The anonymous commenter also alleges to have firsthand knowledge of the problem, suggesting they are from U. Chicago, but this cannot be confirmed.

-- SS

15 comments:

Anonymous said...

The August 23, 2012 Akron Beacon Journal story Health-care groups team up, Summa, physician practices form a for-profit billing, management company to cut cost and improve care, really adds confidence to the patient doctor relationship with this quote:

“Initially, the business will focus on providing software credentialing, billing and collection services.”

I for one already feel better knowing there is a for-profit doctor service that’s main focus is on billing and collection services. Yep, no need for patient records if the billing codes are correct. (Sarcasm)

Doctors are very concerned with their loss of status in society. The tendency of patients to challenge decisions, both for more testing and less treatment, and we find an article like this in the business section of a regional newspaper. How can a patient trust their doctor if their computer systems main function is billing and debt collection?

Steve Lucas

InformaticsMD said...

Steve Lucas writes:

How can a patient trust their doctor if their computer systems main function is billing and debt collection?

Not easily, especially if they are also using badly done EHR's - which could be called "EDRs" for "electronic danger records."

-- SS

Anonymous said...

It is 7:11 pm cst on August 23 , 2012, and, they have not corrected the problem.

Anonymous said...

It is 5:30pm cst on August 24 and they have not corrected the problem.

Anonymous said...

It is 5:00am cst on August 25, 2012 and the log on troubles persist,

When a doctor logs on and another doctor's patient list appears, that is a HIPAA violation. Most hospitals discipline and fire doctors who log on as someone else. When such violations are facilitated by the hospital, will a doctor get trapped?

What also is interesting is how can a doctor ever trust anything they see on these devices upon knowing of this and other computer interface generated misidentifications.

Anonymous said...

It is 7:11 pm cst on August 25, 2012, and, they have not corrected the misidentification hazard.

Anonymous said...

Still logging on under a different profile as of 5:31 pm cst. Wow!

Anonymous said...

Alas, it is August 27, 9pm cst, and the recording has been changed to reflect that the misidentification glitch has been solved.

Afraid said...

Reality check -- no one cares.

Anonymous said...

Dear Anonymous poster -- Go find something better to do than posting during work hours....

InformaticsMD said...

Anonymous August 28, 2012 12:16:00 PM EDT writes (presumably directed at the other anonymous posters):

Dear Anonymous poster -- Go find something better to do than posting during work hours....

What's better, I ask, than pointing out potential dangers to patients by bad IT?

-- SS

Anonymous said...

Scot - Pointing to the IT department and working with to resolve the issue is best, other than writing shock articles that do not address the real issue. Citrix was not an issue.

So by using your logic... Since people die everyday due to a non-complete understanding of the human body. Doctors are "Bad Doctors"??

Anonymous said...

I find this comment conversation to be of more than passing interest. You published the truth, nothing more, nothing less. Yet, someone became irritated to read of this truth.

I do not see how any physician at UVMC can trust the devices it is using to run the care of its patients. How can you ever believe that what is on the screen is of the patient of concern when you have logged on and found a gross error of misidentification? Nightmarish!

InformaticsMD said...

Anonymous August 28, 2012 5:16:00 PM ED said...

Scot

For an anonymous poster, you are rudely informal.

... other than writing shock articles that do not address the real issue. Citrix was not an issue.

Strawman fallacy. The issue is being logged on under another profile.

Pointing to the IT department and working with to resolve the issue is best

There's the "you cannot report a problem if you cannot or will not fix it" argument again, but let's apply non-controversial consulting SOP to your purely altruistic suggestion that I offer my help:

You think U. Chicago would allow me to "work with them to resolve the problem?" Do you think they do not have enough talent to handle it all by themselves? Further, do you think it's my obligation, or should I do it as a favor (with an expected quid pro quo), or a gift? Why? If not a gift, how would I be compensated? What confidentiality agreement would need to be signed? How would I avoid liability for any untoward results? What would be the timeframe to settle all these issues?

I expect a concise, logical answer to each of these questions.

Further, anonymous writes:

So by using your logic... Since people die everyday due to a non-complete understanding of the human body. Doctors are "Bad Doctors"??

That's certainly not logic. It's illogic. In fact you just committed the red herring fallacy in several dimensions.

A red herring is a fallacy in which an irrelevant topic is presented in order to divert attention from the original issue. The basic idea is to "win" an argument by leading attention away from the argument and to another topic. This sort of "reasoning" has the following form:

Topic A is under discussion.
Topic B is introduced under the guise of being relevant to topic A (when topic B is actually not relevant to topic A).
Topic A is abandoned.

Finally:

Please try a little harder to make sense. Thank you.

-- SS

InformaticsMD said...

Anonymous August 29, 2012 6:14:00 PM EDT writes:

I find this comment conversation to be of more than passing interest. You published the truth, nothing more, nothing less. Yet, someone became irritated to read of this truth.

I'd say the proper term might be "embarrassed."

I do not see how any physician at UVMC can trust the devices it is using to run the care of its patients. How can you ever believe that what is on the screen is of the patient of concern when you have logged on and found a gross error of misidentification? Nightmarish!

I don't know what UVMC refers to, but "glitches" as reported on this blog should make any clinician - and patient - wary of the technology in its present state.

Clinicians, here's a hint: it's now easy to photograph computer screens, either old CRT or newer flat panels, with a cellphone camera. When you see something you are concerned about...you have the tools to document and share as necessary with the appropriate authorities, and to protect yourself.

-- SS