|Home | About | Journals | Submit | Contact Us | Français|
Electronic health records (EHRs) are essential to improving patient safety.1 Hospitals and health care providers are implementing EHRs rapidly in response to the American Recovery and Reinvestment Act of 2009.2-4 The number of certified EHR vendors in the United States has increased from 605,6 to more than 10007 since mid-2008. Recent evidence has highlighted substantial and often unexpected risks resulting from the use of EHRs and other forms of health information technology.8-12 These concerns are compounded by the extraordinary pace of EHR development and implementation. Thus, the unique safety risks posed by the use of EHRs should be considered alongside the potential benefits of these systems.
At a time when institutions are focused heavily on achieving “meaningful use” requirements, we propose that clearer guidance be provided so that these institutions can align activities related to patient safety with the activities required to support a safe EHR-enabled health care system.13 A set of EHR-specific safety goals, modeled after the Joint Commission's National Patient Safety Goals, may provide organizations with areas of focus for sustained improvements in organizational infrastructure, processes, and culture as they adapt to new technology.
EHR implementation is still highly heterogeneous across health care systems and providers, and this heterogeneity leads to equally variable implications for patient safety. For instance, the priorities for patient safety in an organization in the midst of an EHR rollout differ from those of an organization that has used a fully integrated EHR system for 5 or more years. To account for the variation in the stages of implementation and levels of complexity across clinical practice settings, we propose a three-phase framework for the development of EHR-specific patient-safety goals (e-PSGs). The first phase of the framework, aimed at all EHR users but especially at recent and future adopters, includes goals to mitigate risks that are unique and specific to technology14 (e.g., technology that is unsafe owing to unavailable or malfunctioning hardware or software). The second phase addresses issues created by the failure to use technology appropriately or by misuse of technology.15 The final phase focuses on the use of technology to monitor health care processes and outcomes and identify potential safety issues before they can harm patients.16 This framework can lay the foundation for the development of e-PSGs within the context of EHR-enabled health care.
Device failures and both natural and man-made disasters are inevitable. The potential consequences of an EHR failure become of increasing concern as large-scale EHR systems are deployed across multiple facilities within a health care system, often across a wide geographic area. These broadly distributed systems may be tightly coupled and lightning fast, but that also means that a malfunction can rapidly affect not only a single department or institution but possibly an entire community.17 Furthermore, because the operations of such systems are often decentralized and relatively opaque to end users,18 problems evade easy detection and solution. In a recent example, on April 21, 2010, one third of the hospitals in Rhode Island were forced to postpone elective surgeries and divert non–life-threatening emergencies19 when an erroneous automatic antivirus software update set off a chain of events that caused “uncontrolled [computer] restarts and loss of networking functionality.”20 A potential e-PSG, therefore, should be to reduce the effect of EHR downtime on clinical operations and patient safety. Table 1 lists some of the activities that organizations could undertake to achieve this goal.
Safety can also be compromised as a result of miscommunication between the components of an EHR system. For example, it is not uncommon for data-translation tables (used to encode and decode orders transmitted between disparate systems) to have mismatched data fields.34 These mismatched fields may affect orders by introducing inadvertent changes that are virtually undetectable by the computer or by the people not privy to the original sender's intentions. An example of such an error is an order for 30 mg of oxycodone, sustained release, that is correctly entered in the computer-based provider order entry (CPOE) system but erroneously mapped to 30 mg of oxycodone, immediate release, in the pharmacy management system and incorrectly dispensed. Errors related to the transfer of information between systems may be detected by testing interacting components within the “live” EHR environment. However, this process is resource-intensive and therefore may not be carried out with adequate effort or attention. Therefore, an e-PSG could focus on reducing the miscommunication of data transmitted between different safety-critical components of the EHR. Recent evidence has shown that EHR accessibility and information transfer are two of the most common problems reported in EHR-related safety events.9,11,12
One rationale for widespread use of EHRs is that certain patient harms can be prevented when EHRs are used appropriately. For instance, EHRs can facilitate and standardize the transfer of information between providers and help close the communication loop by promptly notifying providers when test results are abnormal. However, these benefits are predicated on the assumption that EHRs will be used correctly and as intended in routine practice.35 For example, if CPOE systems were to be used on some nursing units but not others, clinicians would need to check for orders and test results in multiple locations, increasing the likelihood that some information would be overlooked. Other partial uses of CPOE may leave noncomputerized processes more vulnerable to error. For example, if CPOE is used to order medications but not laboratory tests, there would be no way of ensuring closed-loop electronic communication of test results to the ordering providers, potentially leading to more missed results.36 Another hazard can arise if providers bypass structured data fields in CPOE and instead use EHR-based free-text communication to prescribe or discontinue medications, since free-text orders are not standardized and are vulnerable to miscommunication.37 To reduce these safety concerns, another e-PSG could be to mandate the use of CPOE for all medication orders, laboratory tests, and radiologic tests. Table 1 lists several strategies that may help to achieve this goal.
Second, the implementation and use of complex clinical-decision support (CDS) systems embedded in EHRs are prone to human error and cognitive constraints.38,39 Consequently, decisions related to various aspects of CDS interventions must be evaluated periodically.40 For example, although point-of-care CDS interventions are necessary to achieve the full benefits of EHRs and stages 1 and 2 of the meaningful use payments, outlined by the Centers for Medicare and Medicaid Services (CMS),41 alerts that interrupt the clinician's workflow or thought process must be used judiciously. Many organizations turn on alerts with low specificity, which results in high rates of clinician over-ride.24 Frequent overrides are associated with “alert fatigue,” which can lead clinicians to inadvertently ignore important information. Thus, another potential e-PSG could be to reduce alert fatigue. Alerts with override rates above a certain threshold should be discontinued or modified to increase their specificity.42 Similarly, hard stops (i.e., when users cannot proceed with the desired action) must be used only for the most egregious errors.43 Having such a goal will stimulate a multidisciplinary approach to reducing alerts that involves engaging cognitive scientists, human-factors engineers, and informaticians (i.e., scientists trained to work on the sociotechnical issues of information and communications technologies44,45) to work on these complex issues with clinicians (Table 1).
Third, although there is increased safety associated with integrating free text, dictated reports, radiographic images, and other test results into EHRs (including improved legibility and rapid access),46 many institutions are not currently coding some of the critical data needed to maximize safety. The lack of structured or coded data prevents the system from being able to provide the user with meaningful feedback or interpretation (i.e., an alert regarding the use of lisinopril will not be generated if a patient's history of captopril-related angioedema has not been entered as coded allergen data). Therefore, to realize the full safety benefits of complex CDS tools47 (e.g., checks for drug allergies,48 automatic notification of abnormal test results,28 or reminders related to drug-condition interactions29 [e.g., a warning on the use of isotretinoin in patients who are pregnant]), another e-PSG could focus on ensuring that critical data on medications, allergies, diagnostic test results, and clinical problems are entered as structured or coded data in the EHR49
To achieve the goals of many national initiatives to improve patient safety and to facilitate the prevention of safety events, electronic data must be used to help detect, manage, and learn from potential safety events in near real-time. The stakeholders include the Agency for Healthcare Research and Quality (AHRQ), the Joint Commission, and the recently formed Partnership for Patients.50 In the current methods used to measure safety events, there is an overreliance on incident reports, which detect only a small proportion of events.32 In contrast, systems can be programmed to automatically detect easily overlooked and underreported errors of omission, such as patients who are overdue for medication monitoring, patients who lack appropriate surveillance after treatment, and patients who are not provided with follow-up care after receiving abnormal laboratory or radiologic tests results.51 EHR-based trigger approaches can also be used to detect errors of commission related to preventable adverse drug events,52 postoperative complications,53 and misidentification of patients.54 Organizations must leverage EHRs to facilitate rapid detection of common errors (including EHR-related errors), to monitor the occurrence of high-priority safety events, and to more reliably track trends over time. EHRs could also play a role in improving the existing infrastructure of reporting to patient-safety organizations by facilitating the generation of data files describing particular safety events (e.g., using the AHRQ common format version 1.2).55 Thus, an e-PSG could relate to the use of the EHR to monitor, identify, and report potential safety issues and events. This would make detection and reporting more efficient and help shift resources toward investigation and action.
Given that only 48% of all eligible hospitals and only 20% of eligible physicians have currently attested to achieving stage 1 of the CMS meaningful use criteria,56 the development and application of e-PSGs could partially address the Institute of Medicine's recent recommendation to create an EHR safety action and surveillance plan.8 The recommendations of such a plan should be tailored to the stage of EHR implementation. Recent adopters of EHRs could focus on the goals presented in phase 1 of our safety framework, making sure that the technology is safe to use, whereas organizations that have already achieved stage 1 meaningful-use criteria and have been using EHRs for several years could aim for goals from all three phases. Measurements related to e-PSGs would allow nationwide tracking and benchmarking of EHR-related safety performance.57 Policymakers and EHR vendors could collaborate on the development and certification of automated methods to measure and report new indicators annually from meaningful use certified EHRs in eligible hospitals. Examples of potential measures for e-PSGs might include EHR uptime rate (e.g., minutes the EHR was available to clinicians divided by number of minutes in a year23), CPOE rate (e.g., number of orders electronically entered divided by the total number of orders during the year23), and alert override rate (e.g., number of point-of-care alerts ignored divided by the total number of point-of-care alerts generated23).
These goals will also need to be reviewed regularly and updated as needed in accordance with national priorities and research on EHR-related patient safety. In addition, many strategies not addressed in this article could be considered as recommendations or good clinical practices and progress in a stepwise fashion to future e-PSGs.
To create a coordinated, consistent, national strategy that will address the safety issues posed by EHRs, we propose that a concerted effort be made to improve health care safety in the context of technology use. This effort should address preventable risks that may hamper endeavors to create a safer EHR-enabled health care system. Further discussion and consensus among national agencies (e.g., the Office of the National Coordinator for Health Information Technology [ONC], the AHRQ, the Joint Commission, the Centers for Medicare and Medicaid Services) is clearly necessary for the adoption of future national patient-safety goals specific to EHR use. However, this approach must be given immediate priority considering the rapid pace of EHR adoption and the resulting changes in our nation's health care system. National EHR-related patient-safety goals are needed to address current problems with existing EHR implementations and failures to leverage current EHR capabilities. For instance, the ONC has recently taken several important steps in this direction with release of the revised 2014 EHR certification criteria (e.g., emphasis on user-centered design and application of quality management systems in the EHR design and development process58). Such efforts should be expanded in the future. Goals must be technically feasible, financially prudent, and practically achievable within current constraints and be accompanied by specific guidance on achieving them. Input on these goals must be sought not only from EHR developers and clinical end users but also from cognitive scientists, human-factors engineers, graphic designers, and informaticians with expertise in patient safety in complex health care environments. Creating unique EHR-related national patient-safety goals will provide new momentum for patient-safety initiatives in an EHR-enabled health system.
Supported by a Strategic Health IT Advanced Research Projects (SHARP) Program contract from the ONC (10510592) (to Dr. Sittig); a career-development award from the National Institutes of Health (K23CA125585) (to Dr. Singh); the Veterans Affairs (VA) National Center for Patient Safety; the Agency for Health Care Research and Quality (R18HS017820); and the Houston VA Health Services Research and Development Center of Excellence (HFP90-020). These sources had no role in the preparation, review, or approval of this article.
We thank Michael Shabot, M.D., Eric Thomas, M.D., M.P.H., and Robert Murphy, M.D., for their comments on an earlier version of this article; and Annie Bradford, Ph.D., for assistance with the editing of an earlier version of the manuscript.
Disclosure forms provided by the authors are available with the full text of this article at NEJM.org.
The views expressed in this article are those of the authors and do not necessarily represent the views of the Department of Veterans Affairs or any of the funding agencies listed below.