Search tips
Search criteria 


Logo of nihpaAbout Author manuscriptsSubmit a manuscriptHHS Public Access; Author Manuscript; Accepted for publication in peer reviewed journal;
N Engl J Med. Author manuscript; available in PMC 2013 June 22.
Published in final edited form as:
PMCID: PMC3690003

Electronic Health Records and National Patient-Safety Goals

Dean F. Sittig, Ph.D. and Hardeep Singh, M.D., M.P.H.

Electronic health records (EHRs) are essential to improving patient safety.1 Hospitals and health care providers are implementing EHRs rapidly in response to the American Recovery and Reinvestment Act of 2009.2-4 The number of certified EHR vendors in the United States has increased from 605,6 to more than 10007 since mid-2008. Recent evidence has highlighted substantial and often unexpected risks resulting from the use of EHRs and other forms of health information technology.8-12 These concerns are compounded by the extraordinary pace of EHR development and implementation. Thus, the unique safety risks posed by the use of EHRs should be considered alongside the potential benefits of these systems.

At a time when institutions are focused heavily on achieving “meaningful use” requirements, we propose that clearer guidance be provided so that these institutions can align activities related to patient safety with the activities required to support a safe EHR-enabled health care system.13 A set of EHR-specific safety goals, modeled after the Joint Commission's National Patient Safety Goals, may provide organizations with areas of focus for sustained improvements in organizational infrastructure, processes, and culture as they adapt to new technology.

EHR implementation is still highly heterogeneous across health care systems and providers, and this heterogeneity leads to equally variable implications for patient safety. For instance, the priorities for patient safety in an organization in the midst of an EHR rollout differ from those of an organization that has used a fully integrated EHR system for 5 or more years. To account for the variation in the stages of implementation and levels of complexity across clinical practice settings, we propose a three-phase framework for the development of EHR-specific patient-safety goals (e-PSGs). The first phase of the framework, aimed at all EHR users but especially at recent and future adopters, includes goals to mitigate risks that are unique and specific to technology14 (e.g., technology that is unsafe owing to unavailable or malfunctioning hardware or software). The second phase addresses issues created by the failure to use technology appropriately or by misuse of technology.15 The final phase focuses on the use of technology to monitor health care processes and outcomes and identify potential safety issues before they can harm patients.16 This framework can lay the foundation for the development of e-PSGs within the context of EHR-enabled health care.


Phase 1: Address Safety Concerns Unique to EHR Technology

Device failures and both natural and man-made disasters are inevitable. The potential consequences of an EHR failure become of increasing concern as large-scale EHR systems are deployed across multiple facilities within a health care system, often across a wide geographic area. These broadly distributed systems may be tightly coupled and lightning fast, but that also means that a malfunction can rapidly affect not only a single department or institution but possibly an entire community.17 Furthermore, because the operations of such systems are often decentralized and relatively opaque to end users,18 problems evade easy detection and solution. In a recent example, on April 21, 2010, one third of the hospitals in Rhode Island were forced to postpone elective surgeries and divert non–life-threatening emergencies19 when an erroneous automatic antivirus software update set off a chain of events that caused “uncontrolled [computer] restarts and loss of networking functionality.”20 A potential e-PSG, therefore, should be to reduce the effect of EHR downtime on clinical operations and patient safety. Table 1 lists some of the activities that organizations could undertake to achieve this goal.

Table 1
Framework for Potential EHR-Related National Patient Safety Goals.*

Safety can also be compromised as a result of miscommunication between the components of an EHR system. For example, it is not uncommon for data-translation tables (used to encode and decode orders transmitted between disparate systems) to have mismatched data fields.34 These mismatched fields may affect orders by introducing inadvertent changes that are virtually undetectable by the computer or by the people not privy to the original sender's intentions. An example of such an error is an order for 30 mg of oxycodone, sustained release, that is correctly entered in the computer-based provider order entry (CPOE) system but erroneously mapped to 30 mg of oxycodone, immediate release, in the pharmacy management system and incorrectly dispensed. Errors related to the transfer of information between systems may be detected by testing interacting components within the “live” EHR environment. However, this process is resource-intensive and therefore may not be carried out with adequate effort or attention. Therefore, an e-PSG could focus on reducing the miscommunication of data transmitted between different safety-critical components of the EHR. Recent evidence has shown that EHR accessibility and information transfer are two of the most common problems reported in EHR-related safety events.9,11,12

Phase 2: Mitigate Safety Concerns Arising from Failure to Use EHRs Appropriately

One rationale for widespread use of EHRs is that certain patient harms can be prevented when EHRs are used appropriately. For instance, EHRs can facilitate and standardize the transfer of information between providers and help close the communication loop by promptly notifying providers when test results are abnormal. However, these benefits are predicated on the assumption that EHRs will be used correctly and as intended in routine practice.35 For example, if CPOE systems were to be used on some nursing units but not others, clinicians would need to check for orders and test results in multiple locations, increasing the likelihood that some information would be overlooked. Other partial uses of CPOE may leave noncomputerized processes more vulnerable to error. For example, if CPOE is used to order medications but not laboratory tests, there would be no way of ensuring closed-loop electronic communication of test results to the ordering providers, potentially leading to more missed results.36 Another hazard can arise if providers bypass structured data fields in CPOE and instead use EHR-based free-text communication to prescribe or discontinue medications, since free-text orders are not standardized and are vulnerable to miscommunication.37 To reduce these safety concerns, another e-PSG could be to mandate the use of CPOE for all medication orders, laboratory tests, and radiologic tests. Table 1 lists several strategies that may help to achieve this goal.

Second, the implementation and use of complex clinical-decision support (CDS) systems embedded in EHRs are prone to human error and cognitive constraints.38,39 Consequently, decisions related to various aspects of CDS interventions must be evaluated periodically.40 For example, although point-of-care CDS interventions are necessary to achieve the full benefits of EHRs and stages 1 and 2 of the meaningful use payments, outlined by the Centers for Medicare and Medicaid Services (CMS),41 alerts that interrupt the clinician's workflow or thought process must be used judiciously. Many organizations turn on alerts with low specificity, which results in high rates of clinician over-ride.24 Frequent overrides are associated with “alert fatigue,” which can lead clinicians to inadvertently ignore important information. Thus, another potential e-PSG could be to reduce alert fatigue. Alerts with override rates above a certain threshold should be discontinued or modified to increase their specificity.42 Similarly, hard stops (i.e., when users cannot proceed with the desired action) must be used only for the most egregious errors.43 Having such a goal will stimulate a multidisciplinary approach to reducing alerts that involves engaging cognitive scientists, human-factors engineers, and informaticians (i.e., scientists trained to work on the sociotechnical issues of information and communications technologies44,45) to work on these complex issues with clinicians (Table 1).

Third, although there is increased safety associated with integrating free text, dictated reports, radiographic images, and other test results into EHRs (including improved legibility and rapid access),46 many institutions are not currently coding some of the critical data needed to maximize safety. The lack of structured or coded data prevents the system from being able to provide the user with meaningful feedback or interpretation (i.e., an alert regarding the use of lisinopril will not be generated if a patient's history of captopril-related angioedema has not been entered as coded allergen data). Therefore, to realize the full safety benefits of complex CDS tools47 (e.g., checks for drug allergies,48 automatic notification of abnormal test results,28 or reminders related to drug-condition interactions29 [e.g., a warning on the use of isotretinoin in patients who are pregnant]), another e-PSG could focus on ensuring that critical data on medications, allergies, diagnostic test results, and clinical problems are entered as structured or coded data in the EHR49

Phase 3: Use Ehrs To Monitor And Improve Patient Safety

To achieve the goals of many national initiatives to improve patient safety and to facilitate the prevention of safety events, electronic data must be used to help detect, manage, and learn from potential safety events in near real-time. The stakeholders include the Agency for Healthcare Research and Quality (AHRQ), the Joint Commission, and the recently formed Partnership for Patients.50 In the current methods used to measure safety events, there is an overreliance on incident reports, which detect only a small proportion of events.32 In contrast, systems can be programmed to automatically detect easily overlooked and underreported errors of omission, such as patients who are overdue for medication monitoring, patients who lack appropriate surveillance after treatment, and patients who are not provided with follow-up care after receiving abnormal laboratory or radiologic tests results.51 EHR-based trigger approaches can also be used to detect errors of commission related to preventable adverse drug events,52 postoperative complications,53 and misidentification of patients.54 Organizations must leverage EHRs to facilitate rapid detection of common errors (including EHR-related errors), to monitor the occurrence of high-priority safety events, and to more reliably track trends over time. EHRs could also play a role in improving the existing infrastructure of reporting to patient-safety organizations by facilitating the generation of data files describing particular safety events (e.g., using the AHRQ common format version 1.2).55 Thus, an e-PSG could relate to the use of the EHR to monitor, identify, and report potential safety issues and events. This would make detection and reporting more efficient and help shift resources toward investigation and action.

Application of the Three-Phase e-PSG Framework

Given that only 48% of all eligible hospitals and only 20% of eligible physicians have currently attested to achieving stage 1 of the CMS meaningful use criteria,56 the development and application of e-PSGs could partially address the Institute of Medicine's recent recommendation to create an EHR safety action and surveillance plan.8 The recommendations of such a plan should be tailored to the stage of EHR implementation. Recent adopters of EHRs could focus on the goals presented in phase 1 of our safety framework, making sure that the technology is safe to use, whereas organizations that have already achieved stage 1 meaningful-use criteria and have been using EHRs for several years could aim for goals from all three phases. Measurements related to e-PSGs would allow nationwide tracking and benchmarking of EHR-related safety performance.57 Policymakers and EHR vendors could collaborate on the development and certification of automated methods to measure and report new indicators annually from meaningful use certified EHRs in eligible hospitals. Examples of potential measures for e-PSGs might include EHR uptime rate (e.g., minutes the EHR was available to clinicians divided by number of minutes in a year23), CPOE rate (e.g., number of orders electronically entered divided by the total number of orders during the year23), and alert override rate (e.g., number of point-of-care alerts ignored divided by the total number of point-of-care alerts generated23).

These goals will also need to be reviewed regularly and updated as needed in accordance with national priorities and research on EHR-related patient safety. In addition, many strategies not addressed in this article could be considered as recommendations or good clinical practices and progress in a stepwise fashion to future e-PSGs.


To create a coordinated, consistent, national strategy that will address the safety issues posed by EHRs, we propose that a concerted effort be made to improve health care safety in the context of technology use. This effort should address preventable risks that may hamper endeavors to create a safer EHR-enabled health care system. Further discussion and consensus among national agencies (e.g., the Office of the National Coordinator for Health Information Technology [ONC], the AHRQ, the Joint Commission, the Centers for Medicare and Medicaid Services) is clearly necessary for the adoption of future national patient-safety goals specific to EHR use. However, this approach must be given immediate priority considering the rapid pace of EHR adoption and the resulting changes in our nation's health care system. National EHR-related patient-safety goals are needed to address current problems with existing EHR implementations and failures to leverage current EHR capabilities. For instance, the ONC has recently taken several important steps in this direction with release of the revised 2014 EHR certification criteria (e.g., emphasis on user-centered design and application of quality management systems in the EHR design and development process58). Such efforts should be expanded in the future. Goals must be technically feasible, financially prudent, and practically achievable within current constraints and be accompanied by specific guidance on achieving them. Input on these goals must be sought not only from EHR developers and clinical end users but also from cognitive scientists, human-factors engineers, graphic designers, and informaticians with expertise in patient safety in complex health care environments. Creating unique EHR-related national patient-safety goals will provide new momentum for patient-safety initiatives in an EHR-enabled health system.


Supported by a Strategic Health IT Advanced Research Projects (SHARP) Program contract from the ONC (10510592) (to Dr. Sittig); a career-development award from the National Institutes of Health (K23CA125585) (to Dr. Singh); the Veterans Affairs (VA) National Center for Patient Safety; the Agency for Health Care Research and Quality (R18HS017820); and the Houston VA Health Services Research and Development Center of Excellence (HFP90-020). These sources had no role in the preparation, review, or approval of this article.

We thank Michael Shabot, M.D., Eric Thomas, M.D., M.P.H., and Robert Murphy, M.D., for their comments on an earlier version of this article; and Annie Bradford, Ph.D., for assistance with the editing of an earlier version of the manuscript.


Disclosure forms provided by the authors are available with the full text of this article at

The views expressed in this article are those of the authors and do not necessarily represent the views of the Department of Veterans Affairs or any of the funding agencies listed below.


1. Blumenthal D, Glaser JP. Information technology comes to medicine. N Engl J Med. 2007;356:2527–34. [PubMed]
2. CMS Medicare and Medicaid EHR incentive programs, and the Office of the National Coordinator for Health IT, Certified Health IT Products List., 2012 (
3. Tagalicod R, Anthony R, Kahn J. Medicare & Medicaid EHR Incentive Programs. 2012
4. Blumenthal D. Stimulating the adoption of health information technology. N Engl J Med. 2009;360:1477–9. [PubMed]
5. CCHIT certified ambulatory EHR. Certification Commission for Healthcare Information Technology. 20072007
6. CCHIT certified inpatient EHR. Certification Commission for Healthcare Information Technology, 2007. 2007
7. Certified health IT product list. Office of the National Coordinator for Health Information Technology.
8. Institute of Medicine. Health IT and patient safety: building safer systems for better care. Washington, DC: National Academies Press; 2012.
9. Myers RB, Jones SL, Sittig DF. Review of reported clinical information system adverse events in US Food and Drug Administration databases. Appl Clin Inform. 2011;2:63–74. [PMC free article] [PubMed]
10. Harrington L, Kennerly D, Johnson C. Safety issues related to the electronic medical record (EMR): synthesis of the literature from the last decade, 2000–2009. J Healthc Manag. 2011;56:31–44. [PubMed]
11. Magrabi F, Ong MS, Runciman W, Coiera E. Using FDA reports to inform a classification for health information technology safety problems. J Am Med Inform Assoc. 2012;19:45–53. [PMC free article] [PubMed]
12. Warm D, Edwards P. Classifying health information technology patient safety related incidents — an approach used in Wales. Appl Clin Inform. 2012;3:248–57. [PMC free article] [PubMed]
13. Radecki RP, Sittig DF. Application of electronic health records to the Joint Commission's 2011 National Patient Safety Goals. JAMA. 2011;306:92–3. [PubMed]
14. Kilbridge P. Computer crash — lessons from a system failure. N Engl J Med. 2003;348:881–2. [PubMed]
15. Sittig DF, Singh H. Defining health information technology-related errors: new developments since To Err Is Human. Arch Intern Med. 2011;171:1281–4. [PMC free article] [PubMed]
16. Jha AK, Classen DC. Getting moving on patient safety — harnessing electronic data for safer care. N Engl J Med. 2011 [PubMed]
17. Perrow C. Normal accidents: living with high-risk technologies. Princeton, NJ: Princeton University Press; 1999.
18. The Menlo report: ethical principles guiding information and communication technology research. 2011 Sep 15;
19. National Public radio. Anti-virus program update wreaks havoc with PCs. 2010 Apr 21;
20. Patel N. Botched McAfee update shutting down corporate XP machines worldwide. 2010 Apr 21;–shutting-down-xp-machines/
21. Sittig DF, Ash JS, Jiang Z, Osheroff JA, Shabot MM. Lessons from “Unexpected increased mortality after implementation of a commercially sold computerized physician order entry system. Pediatrics. 2006;118:797–801. [PubMed]
22. Wright A, Feblowitz JC, Pang JE, et al. Use of order sets in inpatient computerized provider order entry systems: a comparative analysis of usage patterns at seven sites. Int J Med Inform Assoc. 2012;81:733–45. [PMC free article] [PubMed]
23. Sittig DF, Campbell E, Guappone K, Dykstra R, Ash JS. Recommendations for monitoring and evaluation of in-patient Computer-based Provider Order Entry systems: results of a Delphi survey. AMIA Annu Symp Proc. 2007:671–5. [PMC free article] [PubMed]
24. Lin CP, Payne TH, Nichol WP, Hoey PJ, Anderson CL, Gen-nari JH. Evaluating clinical decision support systems: monitoring CPOE order check override rates in the Department of Veterans Affairs' computerized patient record system. J Am Med Inform Assoc. 2008;15:620–6. [PMC free article] [PubMed]
25. Phansalkar S, Desai AA, Bell D, et al. High-priority drug-drug interactions for use in electronic health records. J Am Med Inform Assoc. 2012 Apr 26; Epub ahead of print. [PMC free article] [PubMed]
26. Sittig DF, Teich JM, Osheroff JA, Singh H. Improving clinical quality indicators through electronic health records: it takes more than just a reminder. Pediatrics. 2009;124:375–7. [PMC free article] [PubMed]
27. Osheroff JA, Teich JM, Levick D, et al. Improving outcomes with clinical decision support: an implementer's guide. 2nd. Chicago: Healthcare Information and Management Systems Society; 2012.
28. Kuperman GJ, Teich JM, Tanasijevic MJ, et al. Improving response to critical laboratory results with automation: results of a randomized controlled trial. J Am Med Inform Assoc. 1999;6:512–22. [PMC free article] [PubMed]
29. Gandhi TK, Zuccotti G, Lee TH. Incomplete care — on the trail of flaws in the system. N Engl J Med. 2011;365:486–8. [PubMed]
30. American Society of Health System Pharmacists. ASHP guidelines on pharmacy planning for implementation of computerized provider-order entry systems in hospitals and health systems. Am J Health Syst Pharmacol. 2011;68(6):e9–e31. [PubMed]
31. Haynes K, Linkin DR, Fishman NO, et al. Effectiveness of an information technology intervention to improve prophylactic antibacterial use in the postoperative period. J Am Med Inform Assoc. 2011;18:164–8. [PMC free article] [PubMed]
32. Shojania KG. The elephant of patient safety: what you see depends on how you look. Jt Comm J Qual Patient Saf. 2010;36:399–401. [PubMed]
33. Classen DC, Lloyd RC, Provost L, Griffin FA, Resar R. Development and evaluation of the Institute for Healthcare Improvement Global Trigger Tool. J Patient Saf. 2008;4:169–77.
34. Hamblin JF, Bwitit PT, Moriarty HT. Pathology results in the electronic health record. Electronic Journal of Health Informatics. 2010;5(2) 2010;5(2)e15.
35. Sittig DF, Singh H. A new sociotechnical model for studying health information technology in complex adaptive healthcare systems. Qual Saf Health Care. 2010;19(3):i68–i74. [PMC free article] [PubMed]
36. Singh H, Wilson L, Petersen LA, et al. Improving follow-up of abnormal cancer screens using electronic health records: trust but verify test result communication. BMC Med Inform Decis Mak. 2009;9:49. [PMC free article] [PubMed]
37. Singh H, Mani S, Espadas D, Petersen N, Franklin V, Petersen LA. Prescription errors and outcomes related to inconsistent information transmitted through computerized order entry: a prospective study. Arch Intern Med. 2009;169:982–9. [PMC free article] [PubMed]
38. Koppel R, Metlay JP, Cohen A, et al. Role of computerized physician order entry systems in facilitating medication errors. JAMA. 2005;293:1197–203. [PubMed]
39. Wetterneck TB, Walker JM, Blosky MA, et al. Factors contributing to an increase in duplicate medication order errors after CPOE implementation. J Am Med Inform Assoc. 2011;18:774–82. [PMC free article] [PubMed]
40. McCoy AB, Waitman LR, Lewis JB, et al. A framework for evaluating the appropriateness of clinical decision support alerts and responses. J Am Med Inform Assoc. 2012;19:346–52. [PMC free article] [PubMed]
41. Blumenthal D, Tavenner M. The “meaningful use” regulation for electronic health records. N Engl J Med. 2010;363:501–4. [PubMed]
42. Paterno MD, Maviglia SM, Gorman PN, et al. Tiering drug-drug interaction alerts by severity increases compliance rates. J Am Med Inform Assoc. 2009;16:40–6. [PMC free article] [PubMed]
43. Sittig DF, Singh H. Rights and responsibilities of users of electronic health records. CMAJ. 2012;184:1479–83. [PMC free article] [PubMed]
44. Gardner RM, Overhage JM, Steen EB, et al. Core content for the subspecialty of clinical informatics. J Am Med Inform Assoc. 2009;16:153–7. [PMC free article] [PubMed]
45. Kulikowski CA, Shortliffe EH, Currie LM, et al. AMIA Board white paper: definition of biomedical informatics and specification of core competencies for graduate education in the discipline. J Am Med Inform Assoc. 2012 Jun 21; Epub ahead of print. [PMC free article] [PubMed]
46. Powsner SM, Wyatt JC, Wright P. Opportunities for and challenges of computerisation. Lancet. 1998;352:1617–22. [PubMed]
47. Wright A, Sittig DF, Ash JS, et al. Development and evaluation of a comprehensive clinical decision support taxonomy: comparison of front-end tools in commercial and internally developed electronic health record systems. J Am Med Inform Assoc. 2011;18:232–42. [PMC free article] [PubMed]
48. Kuperman GJ, Gandhi TK, Bates DW. Effective drug-allergy checking: methodological and operational issues. J Biomed Inform. 2003;36:70–9. [PubMed]
49. Wright A, Goldberg H, Hongsermeier T, Middleton B. A description and functional taxonomy of rule-based decision support content at a large integrated delivery network. J Am Med Inform Assoc. 2007;14:489–96. [PMC free article] [PubMed]
50. Partnership for patients: better care, lower costs.
51. Singh H, Thomas EJ, Mani S, et al. Timely follow-up of abnormal diagnostic imaging test results in an outpatient setting: are electronic medical records achieving their potential? Arch Intern Med. 2009;169:1578–86. [PMC free article] [PubMed]
52. Nwulu U, Nirantharakumar K, Odesanya R, McDowell SE, Coleman JJ. Improvement in the detection of adverse drug events by the use of electronic health and prescription records: an evaluation of two trigger tools. Eur J Clin Pharmacol. 2012 Jun 17; Epub ahead of print. [PubMed]
53. Griffin FA, Classen DC. Detection of adverse events in surgical patients using the Trigger Tool approach. Qual Saf Health Care. 2008;17:253–8. [PubMed]
54. Adelman JS, Kalkut GE, Schechter CB, et al. Understanding and preventing wrong-patient electronic orders: a randomized controlled trial. J Am Med Inform Assoc. 2012 Jun 29; Epub ahead of print. [PMC free article] [PubMed]
55. The Patient Safety Organization Privacy Protection Center (PSOPPC) home page (
56. More than 100,000 health care providers paid for using electronic health records: CMS and ONC surpass 2012 goals for EHR adoption and use Press release of the. Centers for Medicare & Medicaid Services; Jun 19, 2012.
57. Singh H, Classen DC, Sittig DF. Creating an oversight infrastructure for electronic health record-related patient safety hazards. J Patient Saf. 2011;7:169–74. [PMC free article] [PubMed]
58. Department of Health and Human Services, Office of the Secretary. 45 CFR Part 170, RIN 0991–AB82 — Health information technology: standards, implementation specifications, and certification criteria for electronic health record technology, 2014 edition; revisions to the Permanent Certification Program for Health Information Technology. Fed Regist. 2012;77(171):54163–260. [PubMed]