Monday, March 11, 2013

When "Human Error" Causes EHR Downtime, Who is Liable For Patient Injuries That Result?

In the Pittsburgh Post-Gazette was this story of yet another EHR "glitch":

March 9, 2013 12:17 am 

Human error the cause of UPMC electronic issue

A systemwide problem with UPMC's information systems Wednesday left electronic patient records and other data inaccessible for about three hours. A UPMC spokeswoman said the hospitals "immediately went to manual backup systems, and we quickly identified and fixed the problem." She said there was no indication that patient care was compromised by the incident, which was due to human error.

I will presume the "human error" was not a physician or nurse pressing the wrong button, but a "human error" involving the servers or IT infrastructure such as a botched system upgrade, action that caused a server room power fault, etc.

UMPC is a very large system as their webpage shows, showing approximately fifteen major facilities.

The now-expected "patient care has not been compromised" line was provided to the Gazette, a line so commonly heard after EHR outages that I  use it as a Healthcare Renewal indexing tag (see this query link).

The following questions arise:

  • What, exactly, was the "human error" and why was there no fault tolerance built into these mission-critical systems to account and compensate for it, such as via redundancy?
  • If paper is so bad as a record-keeping medium that hundreds of billions of dollars are being spent to replace it, then how can patient care not be compromised, especially when multiple hospitals unexpectedly and without warning have to return to its use? 
  • How can a very large hospital system rapidly declare that "patient care was not compromised" without a thorough and comprehensive patient review, accounting for possible delayed negative outcomes (by way of just a few simple examples, due to medication or imaging delays?)
  •  Who is liable for any adverse patient outcomes that occurred related to the sudden unavailability of past records:  the clinicians?  The "human" who committed the computer-related error?  The corporation, either for direct negligence in implementing and mandating use of a system prone to mass outage by human error, or vicariously for the negligence and/or misconduct of its information technology employees and/or agents?
  •  How many "outages" will it take before some patient is outright, no-doubt-about-it harmed or killed?  Do we want to find out, or is a priority to have redundancies so these systems don't crash?
I, for one, would not want to have a family member be "crashing" at the time of a sudden, unexpected system-wide EHR outage.

-- SS

No comments: