Abstract
The objective of this paper is to analyze healthcare information technology (HIT) events associated with patient harm submitted to the US Food and Drug Administration (FDA) Manufacturer and User Facility Device Experience (MAUDE) database. We examined the problems in 46 relevant events submitted to MAUDE from January 2008 to July 2010 to identify natural categories of problems from a clinical perspective. CPOE and PACS were involved in 93% of the events. Adverse events were associated with medications in 41%, clinical processes in 33%, radiation in 15% and surgery in 11%. There were four deaths. Strategies to improve the safety of HIT should focus on designing safe user interfaces, integrated checks of key identifiers and decision support, and engineering safer clinical processes.
Introduction
Reports about patient safety events are a valuable source of information about problems with healthcare information technology (HIT)1 2. Another potential source of information about HIT problems are reports about equipment failure and hazards submitted by users and vendors3. One source of such reports is the United States (US) Food and Drug Administration (FDA) Manufacturer and User Facility Device Experience (MAUDE) database4. As part of the regulatory requirements of the FDA, manufacturers in the US are required to report medical device malfunction, serious injury and death. MAUDE received around 400,000 reports in 2009 and has been in use since the early 1990s.
At present there is considerable debate in the US about the FDA’s role in regulating HIT5. Although the FDA does not enforce its regulatory requirements with respect to HIT5, some manufacturers have voluntarily listed their devices and the agency has received reports of patient safety events involving HIT. In February 2010 the FDA reported receiving 260 events in the previous two years involving a range of HIT and related devices; these were linked with 44 injuries and six deaths.6 Whilst the MAUDE database has been previously used to examine the safety of specific medical devices (e.g. infusion pumps,7 8 pacemakers 9), there has been limited exploration of its utility for understanding safety problems with HIT10.
We downloaded all 899,768 reports that were submitted to MAUDE from January 2008 to July 2010 and searched for events using a broad definition of HIT as “hardware or software that is used to electronically create, maintain, analyse, store, receive, or otherwise aid in the diagnosis, cure, mitigation, treatment, or prevention of disease, and that is not an integral part of (1) an implantable device or (2) medical equipment.”11 We retrieved and classified 678 reports describing 436 unique events using a previously published methodology12. Of the 436 HIT-related events that we examined, 11% (n=46) were associated with patient harm. The results of our analysis of the 436 HIT-related events are reported in a separate publication13. In this paper we specifically focus on examining the 46 events where HIT problems were associated with patient harm.
Methods
Free-text descriptions of events were examined to identify “natural categories” of problems from a clinical perspective3. For each event the primary problem was examined (the one most related to any actual or potential consequences). When coders disagreed, the event was re-examined and a consensus category assigned. Descriptive analyses were undertaken over all events to examine the distribution of clinical problems.
Results
We examined 46 adverse events that were reported to the MAUDE database from January 2008 to July 2010. Table 1 presents the counts and percentages of events by clinical problem type. Most events related to computerized physician order entry (CPOE) systems (n=29) and picture archiving and communication systems (PACS)(n=14).
Table 1.
Clinical problems in 46 HIT-related events submitted to the MAUDE database.
| Clinical Problem Type | n=46 | % |
|---|---|---|
| Medication problems | 19 | 41 |
| Clinical process problems | 15 | 33 |
| Exposure to radiation | 7 | 15 |
| Surgery problems | 5 | 11 |
Medication problems: Forty-one percent of events related to medication problems. Orders discontinued or lost from the CPOE were associated with “varying degrees of adversity for patients”. A range of error types were reported including:
Wrong patient (n=1): A medication order was assigned and administered to the wrong patient due to problems with selecting the correct patient from a list presented by the CPOE user interface.
Wrong medication (n=3): CPOE interface problems also resulted in administration of the wrong medication. In two cases patients were reported to experience an allergic reaction. In one case a CPOE failed to provide an alert about a medication that had caused an adverse event on a previous occasion.
-
Wrong dose or overdose (n=12): CPOE user interface problems also resulted in patients being overdosed. For example: i) a CPOE system required users to scroll through 225 options on a drop down menu. The options were arranged in a counterintuitive alphabetical order, and resulted in a patient being overdosed with four times more digoxin than required; ii) small font and poor visibility of the medication strength was associated with a ten-fold overdose of epinephrine, resulting in a myocardial infarction. iii) in another case, a cancer patient being looked after by multiple doctors was overdosed on a combination of enoxaparin, unfractionated heparin by continuous infusion, warfarin and asprin; iv) duplicate medication orders were associated with multiple order sets stored in “20 electronic silos”; a patient was infused with total parenteral nutrition and concentrated dextrose causing pulmonary edema; v) random failure of a CPOE in displaying a post-operative order to discontinue fluid in a nurses task list resulted in a patient being overloaded; and vi) failure to display a free-text update for an existing order to hold insulin at night resulted in a patient becoming hypoglycemic with severe symptoms.
In two events overdoses were attributed to mismatches of the system with clinical workflow. A CPOE user interface which did not provide medication doses in milligrams (mg) was associated with administration of three times the maximum dose of an analgesic drug in 24hrs. This resulted in acute renal failure and death. In another case three patients continued to receive antibiotics because a CPOE did not support discontinuation and modification of orders. A doctor unable to discontinue an order left a paper note that was not seen by the nurses.
Overdoses were also linked to issues with data capture. Administration of a wrong dose of ibuprofen was associated with wrong settings on an electronic scale that had been switched to display pounds. In another event, failure of a bar code reader resulted in administration of a wrong dose of a medication on one occasion.
Missed and delayed doses (n=3): Missed medication doses were associated with incomplete CPOE work lists. Prescription orders that did not appear in the work folder led to a 3-day delay in the administration of medications leading to an ulcer requiring emergency gastrectomy. In another case patients were reported to receive medications at the wrong frequency when updates to existing prescriptions were not communicated to pharmacy by the CPOE.
Clinical process problems: One out of three events were associated with clinical process problems. Use errors in entering information had significant consequences. In one case a technician mistakenly entered the date of birth of a baby instead of the study date, making a chest x-ray appear older than it was. A radiologist subsequently viewed the image for central line placement. Seeing that the comparison image did not have the line present, they concluded that the line had been removed and did not verify placement. Unfortunately the line was placed too far in the infant and the pre-mature baby died. In another case, entry of a portable x-ray image into a PACS system under the wrong name resulted in a wrong diagnosis and subsequent intubation which may have contributed to death.
Poor functionality of CPOE and PACS software was associated with delays in diagnosis and treatment including: i) a patient died when a network problem in the PACS system delayed transmission of images to a remote site for diagnosis; ii) a hospital wide breakdown of the CPOE delayed post-surgery treatment resulting in a permanent musculoskeletal disability; iii) orders were not executed and went undetected due to inadequate separation of pre-operative orders from post-operative resulting in a “missed opportunity to diagnose and treat life threatening disease, contributing to death”; iv) a clean post-operative abdomen was wrongly irrigated based on a pre-operative order because pre- and postoperative orders were not easily distinguishable on the CPOE display; v) the diagnosis of chest organ cancer was delayed in more than six patients because specimens were not analyzed as ordered and cytology results were not available; vi) delay in management of a neurological infection; vii) a patient was reported to present back with a widely spread cancer after a radiologist was wrongly shown an image that was two years old; viii) an ambiguous stress test order allowed by a CPOE led to life threatening acute asthma attack due to lack of error checking; ix) failure of a system to produce reports following a software upgrade was associated with a patient missing out on a liver transplant; and x) patients were reported to have developed a clinically significant antibody associated reaction when the expiration date of specimens was wrongly extended in blood bank software due to a configuration problem.
Exposure to radiation: Fifteen percent of events were associated with exposure to radiation. Due to a range of hardware and software problems in acquiring, storing and accessing images, imaging procedures were repeated resulting in patients being re-exposed to radiation. In one case a test using radioactive tracers was erroneously ordered and given to the wrong patient because of problems with selecting information presented as lists in small font within the CPOE user interface.
Surgery problems: Eleven percent of events were associated with surgery. Unnecessary surgery was associated with a PACS that displayed old results as new and vice versa because the settings had reverted back to the default configuration. In another case a surgeon was reported to operate on the wrong side of patient’s head when left and right orientation markers were swapped. Similarly, CT sinus images that reverted to their original orientation when output from a PACS to a CD burner led a surgeon to operate on the wrong side. Poor CPOE user interfaces contributed to erroneous selection of the wrong test for the right patient and vice versa, resulting in the wrong patient being sent to surgery. Another case involved surgery on the wrong patient when a user merged incorrect data and mistakenly rejected the original images after the merge.
Discussion
Three out of four adverse events were associated with medications and clinical processes. Medication problems were primarily linked to poor CPOE user interfaces indicating a critical need to design and implement usable interfaces for HIT that: i) fit clinical workflow (e.g. pre-operative orders should be separate from post-operative orders); and ii) task requirements (e.g. medication doses should be displayed in standard units).
Almost one out of three events involved problems in clinical processes, many of which could be prevented by engineering safer processes. HIT can support safer clinical processes by alerting doctors when there is an unacceptably long delay or failure in executing orders. For example, the doctor ordering a test and/or members of their team should be alerted if: i) specimens are not analyzed as ordered; or ii) cytology results are not posted; or iii) results are not accessed in a timely manner. The use of such alerts should be selective to prevent information overload and additional unintended consequences 14. In addition to the appropriate application of automated solutions, strategies to improve the safety of HIT should also include manual error checking and redundancy at critical points in clinical processes. Although the majority of medication problems we found were associated with failures in ordering, patient harm could be prevented by error checking at subsequent stages in the medication process (e.g. by a pharmacist dispensing the medication and/or nurse administering the medication).
Differing from a recently published study of HIT-related events reported to the FDA we retrieved a greater number of reports and examined the consequences10. This disparity is explained by our approach. Myers and colleagues used the FDA’s online search facility to retrieve reports about clinical information systems by manufacturer. Their strategy identified 120 reports from 1984 onwards. Whereas we downloaded all reports from the MAUDE database, linked those belonging to the same event and then searched the free-text narratives for events involving a broad range of standalone clinical software including PACS and blood bank systems. Our strategy identified 436 events from 678 HIT-related reports submitted in 18-months ending July 2010.
Compared to our previous analysis of patient safety events submitted by healthcare workers to a voluntary incident reporting database across one Australian state we found a greater proportion of events associated with patient harm (MAUDE=10.6% vs. AIMS=3%)12. As reports are not a true representation of the incidence of HIT events, we do not know whether this difference represents a genuine difference in types of events, or more likely a selection bias amongst reporters who identify the type of event they think is worth reporting to the FDA.
Despite their limitations voluntary reports are useful for examining the nature of HIT events associated with patient harm. Monitoring of events on a large scale such as the FDA’s MAUDE database has the potential to examine the nature of safety problems involving a broad range of systems and brands across diverse implementation contexts. Importantly event reporting allows early detection of safety problems which might not be detected by other methods.
Conclusion
Voluntary reports are useful for examining the nature of HIT events associated with patient harm involving medications, clinical processes, radiation and surgery. Medication ordering problems can be prevented by designing safer user interfaces for CPOE systems. Automated and manual error checking can be used to reduce clinical process problems.
Acknowledgments
This research is supported in part by grants from the Australian Research Council (ARC) (LP0775532 and DP0772487) and NHMRC Program Grant 568612. This research was initiated while FM was supported by an ARC APDI Fellowship and the University of New South Wales, Faculty of Medicine; and MO was supported by an ARC APA(I) Scholarship. The authors wish to thank Dr. S. Anthony for his assistance with extracting the MAUDE database.
References
- 1.Sittig DF, Classen DC. Safe electronic health record use requires a comprehensive monitoring and evaluation framework. JAMA. 2010;303(5):450–1. doi: 10.1001/jama.2010.61. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 2.Walker JM, Carayon P, Leveson N, Paulus RA, Tooker J, Chin H, Bothe A, Jr, Stewart WF. EHR safety: the way forward to safe and effective systems. J Am Med Inform Assoc. 2008;15(3):272–7. doi: 10.1197/jamia.M2618. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 3.Runciman WB, Edmonds MJ, Pradhan M. Setting priorities for patient safety. Qual Saf Health Care. 2002;11(3):224–9. doi: 10.1136/qhc.11.3.224. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 4.Manufacturer and User Facility Device Experience Database - (MAUDE) accessed July 2010.
- 5.Goodman KW, Berner ES, Dente MA, Kaplan B, Koppel R, Rucker D, Sands DZ, Winkelstein P. Challenges in ethics, safety, best practices, and oversight regarding HIT vendors, their customers, and patients: a report of an AMIA special task force. J Am Med Inform Assoc. 2011;18(1):77–81. doi: 10.1136/jamia.2010.008946. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 6.US Office of the National Coordinator for Health IT, HIT Policy Committee, Adoption/Certification Workgroup meeting February 25, 2010: available from healthit.hhs.gov/ accessed April 2010.
- 7.Nemeth C, Nunnally M, O’Connor M, Klock PA, Cook R. Making Information Technology a Team Player in Safety: The Case of Infusion Devices Findings. In: Henriksen K, Battles JB, Marks ES, Lewin DI, editors. Advances in Patient Safety: From Research to Implementation (Volume 1: Research Findings) Rockville (MD): Agency for Healthcare Research and Quality (US); 2005. [PubMed] [Google Scholar]
- 8.Zhang J, Patel VL, Johnson TR, Chung P, Turley JP. Evaluating and Predicting Patient Safety for Medical Devices with Integral Information Technology and Methodology. In: Henriksen K, Battles JB, Marks ES, Lewin DI, editors. Advances in Patient Safety: From Research to Implementation (Volume 2: Concepts and Methodology) Rockville (MD): Agency for Healthcare Research and Quality (US); 2005. [PubMed] [Google Scholar]
- 9.Hauser RG, Katsiyiannis WT, Gornick CC, Almquist AK, Kallinen LM. Deaths and cardiovascular injuries due to device-assisted implantable cardioverter-defibrillator and pacemaker lead extraction. Europace. 2010;12(3):395–401. doi: 10.1093/europace/eup375. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 10.Myers RB, Jones SL, Sittig DF. Review of Reported Clinical Information System Adverse Events in US Food and Drug Administration Databases. Applied Clinical Informatics. 2011;2:63–74. doi: 10.4338/ACI-2010-11-RA-0064. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 11.Agency for Healthcare Research and Quality . Rockville, Maryland: US Department of Health and Human Services; Common formats. available from http://www.pso.ahrq.gov/formats/commonfmt.htm: accessed July 2010. [Google Scholar]
- 12.Magrabi F, Ong MS, Runciman W, Coiera E. An analysis of computer-related patient safety incidents to inform the development of a classification. J Am Med Inform Assoc. 2010;17(6):663–70. doi: 10.1136/jamia.2009.002444. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 13.Magrabi F, Ong MS, Runciman W, Coiera E. Using FDA reports to inform a classification for health information technology safety problems. doi: 10.1136/amiajnl-2011-000369. under review. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 14.Ash JS, Berg M, Coiera E. Some unintended consequences of information technology in health care: the nature of patient care information system-related errors. J Am Med Inform Assoc. 2004;11(2):104–12. doi: 10.1197/jamia.M1471. [DOI] [PMC free article] [PubMed] [Google Scholar]