Saturday, February 09, 2013

A New ECRI Institute Study On Health Information Technology-Related Events

As I wrote here, I was a reviewer of the report in the PA-based, ECRI Institute-conducted study "The Role of the Electronic Health Record in Patient Safety Events."  ECRI studied the Pennsylvania Patient Safety Reporting System database for HIT-related errors.   

The ECRI Institute is an independent organization renowned for its safety testing of medical technologies and reporting on same, and that "researches the best approaches to improving the safety, quality, and cost-effectiveness of patient care."  I've mentioned it and its bylaws in this blog in the past as a model for independent, unbiased testing and reporting of healthcare technologies.

The full report in PDF is at this link.  In the report, the Pennsylvania Patient Safety Authority analyzed reports of EHR-related events from a state database (the Pennsylvania Patient Safety Reporting System or PA-PSRS, pronounced "PAY-sirs") of reported medical errors and identified several major themes.

My review input led to a discrete "limitations" section.  Also, my invited July 2012 presentation to the PA Patient Safety Authority "Asking the Right Questions: Using Known HIT Safety Issues to Improve Risk Reporting and Analysis" with ECRI in attendance (link to PPT here) on the danger of limited datasets due to systematic impediments to information diffusion was apparently taken seriously. 

ECRI decided to do something about the knowledge gap, and they asked the right questions.

They've just released this summary of a new study they conducted.  I have a few comments which follow:
ECRI Institute PSO Uncovers Health Information Technology-Related Events in Deep Dive Analysis

Data transfer, data entry, system configurations, and more identified as serious problem areas
PLYMOUTH MEETING, Pa., Feb. 6, 2013 /PRNewswire-USNewswire/ -- The federal government is spending about $19 billion to encourage hospitals, physician practices, and other healthcare organizations to invest in their health information technology (HIT) infrastructure with the goal of improving patient safety and quality through the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Concerned about the unintended consequences of HIT and the potential for errors to cause patient harm, ECRI Institute Patient Safety Organization (PSO) recently conducted a PSO Deep Dive™ analysis on HIT-related safety events. Their just-released 48-page report identified five potential problem areas, which can be assessed with the accompanying toolkit. The report and toolkit are available for purchase [appx. $350 U.S. - ed.] without membership in ECRI Institute PSO.

"Minimizing the unintended consequences of HIT systems and maximizing the potential of HIT to improve patient safety should be an ongoing focus of every healthcare organization," says Karen P. Zimmer , MD, MPH, FAAP, medical director, ECRI Institute PSO.

Based on [voluntary - ed.] reports submitted to the PSO from participating organizations, ECRI Institute PSO experts identified the following key HIT-related problems:

  • inadequate data transfer from one HIT system to another
  • data entry in the wrong patient record
  • incorrect data entry in the patient record
  • failure of the HIT system to function as intended
  • configuration of the system in a way that can lead to mistakes
To collect enough reports for meaningful evaluation, ECRI Institute PSO asked participating organizations to submit standardized data about HIT events during a nine-week period. This enabled ECRI Institute PSO to identify patterns and trends from the aggregated data and share the findings, as well as its recommendations. The data in the PSO Deep Dive represents only that collected using the Agency for Healthcare Research and Quality (AHRQ) HIT Common Formats.  [Not the improved formats developed by AHRQ in their IT Hazards Manager project, still in development - ed.]  ECRI Institute PSO data encompasses over 800 HIT-related events.

According to the report, HIT must be considered in the context of the environment in which it operates during the three phases of any HIT project: planning for new or replacement systems, system implementation, and ongoing use and evaluation of the system. "Shortsighted approaches to HIT can lead to adverse consequences," caution the authors.

"Healthcare organizations should consider the findings and recommendations in the PSO Deep Dive as part of their effort to achieve those goals," adds Zimmer.

The HIT PSO Deep Dive findings were published in a 48-page report and toolkit with self-assessment questionnaire and action plan form available to all ECRI Institute PSO Members and its partner PSO members. The table of contents of the report is available for free viewing/download. Additional information will be presented in ECRI Institute PSO's Monthly Brief free e-newsletter March edition; go to to sign up. The full report and toolkit are also available for purchase.

For questions about this topic, or for information about purchasing the report, please contact ECRI Institute PSO by telephone at (610) 825-6000, ext. 5558; by e-mail at; by fax at (610) 834-1275, or by mail at 5200 Butler Pike, Plymouth Meeting, PA 19462-1298, USA.

From the free linked TOC document:

Key Recommendations
  • Enlist leaders’ commitment and support for the organization’s health IT projects.
  • Involve health IT users in system planning, design, and selection.
  • Conduct a review of workflow and processes to determine how they must be modified.
  • Evaluate the ability of existing IT systems within the organization to reliably exchange data with any health IT system under consideration.
  • Conduct extensive tests before full implementation to ensure that the health IT system operates as expected.
  • Provide user training and ongoing support; educate users about the capabilities and limitations of the system.
  • Closely monitor the system’s ease of use and promptly address problems encountered by users.
  • Introduce alterations to a health IT system in a controlled manner.
  • Monitor the system’s effectiveness with metrics established by the organization.
  • Require reporting of health IT-related events and near misses.
  • Conduct thorough event analysis and investigation to identify corrective measures.

My comments are these:

  • The ECRI study, report and recommendations are quite welcome.
  • The case reports received were apparently voluntary and probably "conservative" and understated as hospitals are not happy to release data on problems and harms that can lead to, or support, litigation.  
  • The study was just 9 weeks long, and with a limited set of healthcare organizations participating.  800 HIT-related events were identified. 
  •  The relevant issues discovered in the events, as summarized in the bullet points above, are capable of causing clinician distraction, incorrect decisions, "use error" (as opposed to "user error", see here), patient harm, and death.  (I am aware of such issues in the press including harms and deaths, as readers here have read at links such as these and these and these and these, and others about which I am providing expert-witness consultation and cannot share.)
  • I believe ECRI has now begun to peer below the water level, through the muck of industry control of the narrative, of what FDA CDRH leader Jeffrey Shuren MD JD referred to as "the tip of the iceberg" - i.e., the current level of knowledge of health IT difficulties, defects and harms. 
  • The report is yet another red flag for a far more robust (and mandatory, in my view) post-marketing surveillance of health IT.  
  • Those who claim these findings are "anecdotes" (as here) are looking increasingly foolish and cavalier.

Finally, readers of this blog have been reading about these issues for years.  You heard it here first.

-- SS 


Anonymous said...

Just goes to show, an anecdote here and an anecdote there, and pretty soon, you are seeing some serious dangers.

This report is prima facie evidence for the need for the FDA to regulate these devices, and to supervise the surveillance in the after market.

After all, what can ECRI do to assure compliance by vendors who are interested in ringing the cash register rather than patient safety.

I do not see any vendor innovation in this sobering report from ECRI.

Patients are suffering devastaing consequences from this toxicty on a daily basis. I see it first hand.

Anonymous said...

That is a big number of adverse situations and device dysfunctions. I would think that the hospitals sent in their minor events that would not open the medical negligence file. I wonder what they did with the cases of death by HIT defect.

Where are the doctors and nurses amidst this HIT swamp? Why are they silent?

Anonymous said...

9 weeks and 800 events. Hmmm, seems worse than paper records to me. This is similar to my experiences.

Anonymous said...

Funny,at my hospitals, you do not have to dive very deep to find adverse events, crashes, interface failures, unusable human-computer interfaces, medication errors, lost data, misidentifications, and delays in care. None of these are reported because the hospital covers up its errors and threatens those who complain.

Anonymous said...

Where's Roy? Is he buried in a snowdrift?

Anonymous said...

It is despicable that the Congress of the United States has ignored the lack of safety of these systems while spending taxpayers' dollars on them.