Friday, November 07, 2014

Bug in MetaVision ICU system potentially catastrophic - American bad health IT goes Down Under

I have often written in this blog about healthcare IT defects and the lack of quality control regulation and safety testing.   I have indicated that patients have become guinea pigs for software development and testing, and healthcare facilities a software beta testing "proving ground" and defects remediation site.

This should all be occurring in the lab, not on live patients who've never given their consent to the use of these experimental cybernetic "command and control" systems that, in fact, regulate and govern their care in many ways.

Now there's this from Down Under in the journal Pulse*IT:

http://www.pulseitmagazine.com.au/index.php?option=com_content&view=article&id=2127:bug-in-metavision-icu-system-potentially-catastrophic 

Bug in MetaVision ICU system potentially catastrophic
Written by Kate McDonald on 27 October 2014.

A bug in the MetaVision intensive care software package being rolled out in several Brisbane hospitals has been identified as having the potential to seriously harm or even kill patients, several media outlets are reporting.

Fairfax's The Brisbane Times reported that a risk assessment by the Metro North Hospital and Health Service - which covers Brisbane's Prince Charles and Royal Brisbane and Women's (RBWH) hospitals - had found potentially catastrophic problems with prescription errors caused by the system that had a 60 to 90 per cent likelihood of causing a patient death.

MetaVision, from US vendor iMDsoft, is one of the few specialist critical care software packages on the market. It is able to capture information from medical devices and contains a full medical record specific to ICU patients.

This is U.S. software being foisted onto the very sick ICU patients of another country, Australia.

I should note that the author of the article, Kate McDonald, did an article about me in July 2012 and about my - at the time - upcoming presentation to the Health Informatics Society of Australia in health IT trust (article at http://issuu.com/pulseitmagazine/docs/pulseit_july2012/56, writeup of my presentation and link to slides at http://hcrenewal.blogspot.com/2012/08/my-presentation-to-health-informatics.html).

A 60 to 90 percent likelihood of causing a patient death is of great concern, especially in an ICU.  The likelihood of injury is probably in the same ballpark.

Who detected the problems?  The true experts - those with clinical expertise:

... It also contains medications management and decision support, and is able to interface with the complex IV infusion pumps used to administer medications to patients in intensive care.

The ABC [Australian Broadcasting Company] reported that according to the risk assessment report, “monitoring of patient records by pharmacists has revealed several potentially serious prescription errors specifically caused by the system”.

"Large volume prescriptions and high acuity of patients overlayed [sic] with functional risks of the system increases the likelihood of a SAC 1 (serious harm or death) event.

(Where have I seen computer-caused prescription errors with harm potential caused by bad health IT before?  Here, for one:   "Lifespan (Rhode Island): Yet another health IT "glitch" affecting thousands", http://hcrenewal.blogspot.com/2011/11/lifespan-rhode-island-yet-another.html.)

According to the ABC, the testing of this software was about par for the course in this unregulated health IT industry:

"There is no record of robust regression or functional testing at vendor, Queensland Health corporate or facility level."

Yet the software has been, and is, being rolled out by eager beavers seemingly just jolly at subjecting non-consenting ICU patients to an American experiment:

MetaVision has been rolled out in the ICUs at the Canberra and Calvary hospitals in the ACT, and at the Gold Coast, Prince Charles, Townsville, Rockhampton, Cairns and Logan hospitals in Queensland, where it has been installed for over a year.

It went live at Brisbane's Royal Children's in June, RBWH in September and at Princess Alexandra Hospital (PAH) just last week.

It is live at the Sydney Adventist Hospital and has also been chosen for a statewide roll-out in all ICUs in NSW.

The software company responds:

MDsoft issued a statement late on Monday saying that the problem was unique to the version implemented at Queensland Heath and does not affect any other installations in Australia.

"Late last week, certain clinicians from Queensland Heath highlighted potential risks as a result of prescribing with the MetaVision clinical information system," iMDsoft's director of marketing, Anne Belkin, said.

"iMDsoft is aware of this issue, and has already provided a solution to Queensland Heath. The software fix has been in testing at the site for several weeks and will be implemented in the near future.

First, one wonders why software being rolled out at hospitals in the Australian state of Queensland would be uniquely affected by such a severe bug, while at other sites it has not.  I question if some "new" features are being alpha- or beta-tested there - using Queensland Health ICU patients as unwitting laboratory rats.

Unless that "fix in testing" is being tested completely offline, this suggests patients are being used as literal software debugging test subjects regarding a flaw that could kill them.  The very best interpretation is that clinicians are asked to work around a potentially fatal "bug" in an ICU setting with the very sickest patients while the "fix" for a bug that should not exist in the first place is being remediated.   

"The risks highlighted by the report were originally identified during testing and, with close cooperation between iMDsoft and the clinicians at the Hospital and Health Service sites, a mitigation plan was immediately put into effect.  ... [The Brisbane Times] said the system has been manually over-ridden with medical charts [presumably the electronic charts - ed.] being reviewed daily by ICU specialists.

This suggests workarounds, which can be dangerous themselves ("one should not have to work around that which is not in their way", as I've written.)

A better and more ethical solution, in my opinion, to a potentially fatal bug's "mitigation plan" would be to turn the system off in the interim and revert to paper - as if the system had crashed - until the "bug" is fixed.

The company is then quoted as making this statement:

"The underlying risk is unique to the version implemented at Queensland Heath, and does not exist in any prior or subsequent releases for Australia. MetaVision is used at more than three hundred sites worldwide and is regulated by stringent international standards to ensure patient safety."

"Three hundred sites worldwide" is a very small number.  This suggests this is a very recent - or perhaps unpopular - offering.

The company site offers this:

iMDsoft is audited on a regular basis by international agencies. Our core products have been granted FDA marketing clearance and other accreditations. Our quality management system is certified under ISO 13485, which ensures that every working process is controlled and continuously improved to meet market and customer requirements.
iMDsoft is audited on a regular basis by international agencies. Our core products have been granted FDA marketing clearance and other accreditations. Our quality management system is certified under ISO 13485, which ensures that every working process is controlled and continuously improved to meet market and customer requirements. - See more at: http://www.imd-soft.us/about-us#sthash.RZMu32FN.dpuf
iMDsoft is audited on a regular basis by international agencies. Our core products have been granted FDA marketing clearance and other accreditations. Our quality management system is certified under ISO 13485, which ensures that every working process is controlled and continuously improved to meet market and customer requirements. - See more at: http://www.imd-soft.us/about-us#sthash.RZMu32FN.dpuf

It would be interesting to know what "stringent international standards" are being followed to "ensure patient safety" (ISO 13485, http://www.iso.org/iso/catalogue_detail?csnumber=36786 for medical devices is likely the one being cited), and what testing the FDA performed specifically.

I don't know of such standards for ICU health IT in the U.S., the country of origin of this software, where regulation of health IT is in the discussion stages by the government and FDA, and very unsatisfactorily I might add (see "FDA on health IT risk:  "We don't know the magnitude of the risk, and what we do know is the tip of the iceberg, but health IT is of 'sufficiently low risk' that we don't need to regulate it" (http://hcrenewal.blogspot.com/2014/04/fda-on-health-it-risk-reckless-or.html).

Nor do I know of rigorous ICU clinical EHR software evaluation and testing regulations and procedures anywhere else, for that matter, although would be glad to be informed of some that could be adopted in the U.S.

The expected excuses also appear:

Brent Richards, director of intensive care at the Gold Coast Hospital and then chairman of Queensland's Statewide Intensive Care Clinical Network, told Pulse+IT last year that the system delivered improvements in workflow and safety.

“ICU is incredibly complex and can be quite hard to computerise, because we have a lot of data flow,” Dr Richards said. “You want to capture all of that data including the data from the equipment interfaces, which is transferred minutely in MetaVision.

Giving drugs is a lot more complex because ICU patients frequently have numerous infusions, and there is frequent real-time management of infusions – titrating medication infusions is normal in ICU – and the system has got to be able to capture it.”

In response, I penned this letter to Kate McDonald.  It speaks for itself:

From: Silverstein,Scot
Sent: Friday, November 07, 2014 9:58 AM
To: Kate McDonald
Subject: Re: Bug in MetaVision ICU system potentially catastrophic
Re:  http://www.pulseitmagazine.com.au/index.php?option=com_content&view=article&id=2127:bug-in-metavision-icu-system-potentially-catastrophic

Dear Kate,

I hope you are well.  My Australian colleagues alerted me to your article on the Metavision ICU flaws.

The excuse that:

... “ICU is incredibly complex and can be quite hard to computerise, because we have a lot of data flow,” Dr Richards said.

rings incredibly hollow.

If an ICU is so complex, the most stringent IT testing is indicated BEFORE go-live on actual patients.  If this were an aircraft or nuclear energy facility, one might now have a smoldering ruin or a Chernobyl (or Three Mile Island in the U.S., http://en.wikipedia.org/wiki/Three_Mile_Island_accident) radiation cloud.

Live patient environments, especially with the sickest in an ICU, are not proper software beta testing and debugging environments.

This is why in the U.S. I call for mandatory and strict quality and safety regulation of healthcare IT that will be employed on patients, much as software is regulated in other mission-critical and life-critical industries.

The health IT industry has for decades been given an extraordinary regulatory accommodation - that is, little to no regulation - and this can, and has, harmed and killed patients.

Please consider this letter suitable for publication.  I addressed some of these issues in my keynote at HISA 2012 in Sydney.

Sincerely,

Scot Silverstein

I, for one, certainly do not want buggy software deployed in ICU's anywhere near my residence.  Hospitals have a legal and ethical obligation to maintain safe environments for care.

Australian as well as American hospital management seem to have been cavalier about that when it comes to healthcare information technology.

-- SS

4 comments:

Anonymous said...

I have something simple to say: excuses are like a$$holls...everybody has got one!

Anonymous said...

I would like to say that management has become criminally cavalier .....not just cavalier

Steve Lucas said...

Today I read the Apple OS may have a bug leading to possible attack. With so many doctors using Apple products in their everyday lives for medical support this could be catastrophic for the patient.

Steve Lucas

Afraid said...

Nothing to see here, move right along, make it snappy.