Abstract
Background
There is widespread agreement that the full potential of health information technology (health IT) has not yet been realized and of particular concern are the examples of unintended consequences of health IT that detract from the safety of health care or from the use of health IT itself. The goal of this project was to obtain additional information on these health IT–related problems, using a mixed methods (qualitative and quantitative) analysis of electronic health record–related harm in cases submitted to a large database of malpractice suits and claims.
Methods
Cases submitted to the CRICO claims database and coded during 2012 and 2013 were analyzed. A total of 248 cases (<1%) involving health IT were identified and coded using a proprietary taxonomy that identifies user- and system-related sociotechnical factors. Ambulatory care accounted for most of the cases (146 cases). Cases were most typically filed as a result of an error involving medications (31%), diagnosis (28%), or a complication of treatment (31%). More than 80% of cases involved moderate or severe harm, although lethal cases were less likely in cases from ambulatory settings. Etiologic factors spanned all of the sociotechnical dimensions, and many recurring patterns of error were identified.
Conclusions
Adverse events associated with health IT vulnerabilities can cause extensive harm and are encountered across the continuum of health care settings and sociotechnical factors. The recurring patterns provide valuable lessons that both practicing clinicians and health IT developers could use to reduce the risk of harm in the future. The likelihood of harm seems to relate more to a patient's particular situation than to any one class of error.
Key Words: patient safety, health information technology, malpractice claims
Health care in the United States has experienced a remarkable transition from paper to electronic health record (EHR) systems during the past decade. Thanks in large measure to goals set by the Federal Health IT Strategic Plan and financial incentives provided through the ARRA/HITECH act in 2009, more than 75% of physician practices and 92% of eligible hospitals have received incentives to adopt certified EHR technologies through 2014.1
This transformation has been the subject of intense scrutiny to determine if EHRs have achieved the original expectations to improve the quality, safety, and efficiency of health care. A series of 4 comprehensive systematic reviews during this time frame have concluded that health information technology (health IT) has improved in each of these dimensions,2–6 and there is also evidence that the number of malpractice suits has decreased in relation to the implementation of EHRs.7 These findings, however, remain controversial; many organizations have been dissatisfied with their systems, and there is widespread agreement that the full potential of this technology has not yet been realized. A study sponsored by the American Medical Association also cited current EHR technology as a major source of dissatisfaction among providers.8 A host of issues await resolution, including limited interoperability, challenging user interfaces, and software design that can degrade efficient clinician workflow and seems to have been optimized for administrative priorities more than for quality medical care.9–11
Of particular concern are the examples of unintended consequences of health IT that detract from the safety of health care or from the use of health IT itself. These concerns derive from case reports,12 claims databases,13 reports through patient safety organizations,14,15 electronic surveillance (event triggers),16 and adverse and sentinel event reports to The Joint Commission17,18 and the Veterans Health Administration.19 To address these problems will require identifying the specific types and characteristics of events that detract from safety and targeted efforts to address each one.
The goal of this project was to obtain additional information on these health IT–related problems, using a mixed methods (qualitative and quantitative) analysis of EHR-related harm in cases submitted to a large database of malpractice suits and claims. In particular, we sought to identify specific error types or trends that would be amenable to system- or education-focused solutions and the overall value of using medical liability claims databases for this purpose.
METHODS
A retrospective, cohort study of claims in the CRICO Comparative Benchmark System (CBS)20 was conducted for cases coded during the period January 1, 2012, through December 31, 2014. The CBS is a national database of medical malpractice claims from both commercial and captive insurance companies, reflecting both hospital and clinician risk in academic and community environments and across all care settings. The database contains more than 300,000 cases from more than 500 hospitals and 165,000 physicians. Cases selected for this analysis were both open and closed malpractice claims and suits, all filed with regard to injuries incurred during the provision of health care services from 2008 through 2014, which also were coded as having one or more EHR identifiers as a contributing factor in the case. We ultimately analyzed 248 cases. Of these, 147 were derived from cases coded during the period January 1, 2012, to December 31, 2012, using a preliminary set of codes relevant to informatics issues using electronic medical records.13 These codes were reviewed and refined to the current set of 15 proprietary sociotechnical category codes, which were applied to all subsequent cases coded during the period January 1, 2013, to December 31, 2014, from which an additional 101 cases were identified. The original set of 147 cases was then recoded using the newer taxonomy.
Quantitative and Qualitative Analysis
Each claim in the CBS has been previously analyzed by a clinical coding specialist using CRICO's proprietary coding taxonomy. Relevant factors in each case were identified based on a complete review of the medical and legal case file including summaries, medical record data, depositions, and legal proceedings. Coding is typically performed by a single coder after extensive training and is based on extensive guidelines developed to standardize the methodology. To ensure the consistent application of the taxonomy, CRICO holds biweekly calls among all coders, provides 1.5 days of on-site training annually, and audits approximately 15% of all cases. Cases were assigned the following codes:
▪ Major allegation (case type; medication related, diagnostic, surgical, obstetrics, etc)
▪ Setting (inpatient, outpatient, emergency department)
▪ Clinical service (medicine [internal medicine, gastroenterology, cardiology, etc], emergency department, radiology, etc)
-
▪ Severity of the clinical outcome, measured by the National Association of Insurance Commissioner's harm scale:
High: death, permanent grave, permanent major, or permanent significant harm.
Medium: permanent minor, temporary major, or temporary minor harm.
Low: temporary insignificant harm, emotional harm only, or legal issue only.
-
▪ EHR-related factors: Among the 200+ contributing factors coded for each case, we studied the 15 EHR-related contributing factor codes in CRICO's proprietary Coding Taxonomy. The EHR-related codes distinguish 2 large categories that identify system- and user-related issues that contributed to events resulting in a medical malpractice claim:
▪ System issues include the clinical systems and processes of which the EHR is an expected/integral part and include issues related to availability of data, routing issues, and problems related to alerts and alarms. System-related issues also include technical problems involving hardware or software, such as security, and design features, such as autopopulating.
▪ User-related issues include incorrect or missing information and include such issues as alert fatigue, copy/paste, various workarounds, and user-related difficulties working in the EHR, including accessing data in hybrid record systems or new installations.
Each case that included one or more of the EHR-related contributing factor codes was reexamined for the purposes of this study by 2 different, independent reviewers to ensure that a case was appropriate for inclusion. Of note, this study focuses only on cases with one or more specific EHR-related issues (i.e., specifically involving the patient's chart) and not broader issues that involve health IT such as telemedicine, or electronic devices that interface with the EHR.
Proportions of interest were compared using χ2 tests.
RESULTS
In total, 280 of the cases in the CBS database coded over the preceding period of 2 years were identified as having 1 or more contributing factors relating to HIT. Out of these 280 cases, a subset of 248 cases, those specifically associated with EHR-related factors, are reported here. The 32 cases (of the 280) excluded from this study included broader HIT events not related to the EHR. A qualitative summary of the first 147 cases has been previously published.13 The 101 cases identified most recently (January 1, 2013 through December 31st, 2014) represented just under 1% of the 12,012 cases coded during that period.
Setting and Responsible Service (Table 1, Fig. 1). Most cases derived from the ambulatory care setting [146 ambulatory cases vs 102 from inpatient (77 cases) and ED (25 cases) combined]. There were no cases from extended care facilities. Ambulatory errors outnumbered errors from inpatient care and the ED for every major service except for Nursing, where inpatient errors predominated. The service with the most claims was Medicine, followed by Surgery, Nursing, and Obstetrics\Gynecology, and Radiology.
TABLE 1.
EHR-Related Contributing Factors (Table 2). The current CRICO analytical framework recognizes 2 main categories of contributing factors: System-related issues and User-related issues. Factors from both of these categories contributed to EHR-related factors, 63% of cases involved user-related issues and 58% involved technology related issues; in many cases, more than one contributing factor was identified. Representative case examples from each of the various factors are presented in Appendix A.
TABLE 2.
System-related issues included a wide range of cases that involved technology and software design issues that adversely affected patient outcomes:
▪ A primary care provider could not access the patient's radiology studies at the time of a patient's visit; the paper results were filed without the MD seeing these. The patient experienced delayed diagnosis of lung cancer.
▪ Reminiscent of a recently-publicized case involving a patient with Ebola infection,21 a physician was unable to access the nursing ED triage note, which would have changed management; the patient died of subarachnoid hemorrhage.
▪ Test results and evaluations were filed in multiple locations, contributing to the failure to note the overall decline of a patient's vital signs and lab tests; the patient died of sepsis.
▪ A patient complained of “sudden onset of chest pains with burning epigastric pain, some relief with antacid”; Because the ‘complaint' field in the EHR was too small, the entry was noted only as “epigastric pain”; no electrocardiogram was done and the patient experienced a cardiac event days later.
▪ An order for blood was delayed reaching the lab; the patient expired before the blood arrived.
▪ A Pathology report of adenocarcinoma was delayed in reaching a patient's chart until after inpatient discharge and no alert was sent to the patient's physician, resulting in the delayed diagnosis of cancer.
Similarly, user-related issues, including training and education, were identified in cases that spanned the spectrum of contributory factors:
▪ An obstetrician did not have EHR access and could not access a patient's clinic notes documenting abnormal fetal size; the clinician stated he\she never received training or a password.
▪ A physician received an alert that the patient was allergic to amoxicillin but ordered it anyway, resulting in an allergic reaction.
▪ A patient developed amiodarone toxicity because the patient's history and medications were copied from a previous note that did not document that the patient was already on the medication.
▪ Results of a positive test for C difficile infection went unnoticed, resulting in a 7 day delay in starting treatment.
In the Ambulatory setting, problems relating to hybrid record systems were the leading contributing factor, referring to organizations where both paper and electronic systems were in use at the same time, or during a transition from paper to electronic, or one EHR to another.
In the Inpatient setting, common problems were more evenly distributed, with over 10% of cases deriving from system design issues, breakdowns in communicating data, and having incorrect information in the EHR. In the Emergency setting, design issues were also common, along with a disproportionate number of cases where incorrect information was encountered in the EHR.
Major Allegations (Table 3 and Fig. 2). Medication errors were the most common (76 cases, 31%) allegation type, followed by an almost equal distribution of errors related to diagnosis (69 cases, 28%) and treatment (medical, surgical, or OB\GYN treatment (76 cases, 31%). A large majority of cases (90%) were represented by these 3 categories.
TABLE 3.
Severity of Harm (Table 4 and Fig. 3). Over 80% of cases in each setting were medium or high severity. Cases deriving from ambulatory care were less likely to be lethal (18%) than cases arising in inpatient or emergency settings (39%, Chi square P < 0.01), but even in this setting, over 80% of cases involved medium or high severity of harm. The severity of harm was comparable in both the user-related categories of error (85% medium or severe harm with 29% deaths) and the system-related categories (81% medium or severe harm with 26% deaths).
TABLE 4.
Medication-Related Errors (Table 5). Medication-related errors accounted for the largest fraction of EHR-related errors overall (76 cases, 31%). Within this category, almost half of the errors were related to medication ordering (35 cases, 46%), along with errors associated with improper medication management (19 cases, 25%) and administration errors (12 cases, 16%). Ordering problems were the most frequent problem in all 3 settings of care. Illustrative examples included these:
TABLE 5.
▪ The electronically signed discharge order omitted the patient's warfarin; the patient was admitted days later with a stroke.
▪ A verbal order for morphine was entered without stipulating the upper dose limit; the patient become obtunded and expired.
▪ A patient previously on anticoagulation was admitted for GI bleeding; the physician intended to discontinue the anticoagulant but mistakenly clicked on “continue Lovenox for home use.”
Diagnostic Errors. In both the Ambulatory and Emergency settings, diagnostic errors were the leading allegation. Of these 69 cases, 30 resulted in death. Including 2 cases that involved both types of issues, diagnosis-related cases seemed to more commonly involve user-related issues with the EHR compared to technology related issues (42 user-related issues with 19 deaths vs 29 technology-related issues with 10 deaths, p for proportion of issues = 0.02). Of the 42 cases with a user-related issue, 32 were ambulatory cases, and the dominant EHR-related codes were difficulty during an EHR conversion (16 cases), failing to appreciate a deteriorating clinical situation due to pre-populating or copy\paste (10 cases), and mis-routed information (7 cases).
Twenty eight of the diagnosis-related cases involved delayed diagnosis of cancer. Twenty five cases involved acute problems such as myocardial infarction (5 cases), cardiomyopathies or endocarditis (5 cases), pulmonary embolism (4 cases), pneumonia (3 cases), or other infections (8 cases). The remaining cases involved delayed or missed diagnosis of fractures, HIV, and post-operative complications.
DISCUSSION
The data presented in this study confirms that adverse events related to using electronic medical record systems exist, that they are associated with an appreciable incidence of severe harm and death, and that they are encountered across the continuum of healthcare settings and all 15 of the sociotechnical contributing factors that were used to characterize these cases.
In regard to harm, this data paints a different picture of the risk of injury from EHR-related problems than data obtained through patient safety reporting programs. A recent analysis of reported safety events related to health IT in England identified 850 events reported from 2005 to 2011. Only 3% of these cases involved patient harm, although harm was noted to be 4 times more likely if the underlying causes involved human factors than if the causative factors were more technical.22 Another study of reported health-IT related safety events also found a very low rate of harm, with just 1 death noted in over 3000 reported events.23 Cases identified through a malpractice claims database are pre-selected for harm, as this is one of the cardinal elements of a malpractice claim. Nonetheless, the findings of this study confirm that severe harm occurs at non-negligible rates. The actual incidence of harm cannot be reliably estimated from this data; nonetheless, it is generally agreed that safety events represented in malpractice claims are the “tip of the iceberg,” insofar as the vast majority of cases, even cases that involve harm, do not result in suits.
The severity of harm was less in the ambulatory care setting. We hypothesize that this may reflect the fact that most ambulatory patients have medical problems of lower acuity, making them less susceptible to harm, or that errors in this setting are more easily detected and rectified or mitigated.
Harm was appreciable in the great majority of cases, and thus in each of the different categories of EHR-related contributing factors. We interpret this to indicate that the specific category of EHR-related factors is less important than the clinical circumstances in which it is encountered. As an example, a delay in obtaining a medication in the outpatient setting may be just an inconvenience, but the same type of delay, for example obtaining blood to transfuse a patient who is hemorrhaging, can be lethal. Similar observations have been in regard to the harm deriving from errors in the clinical laboratory; the patient's clinical circumstances outweigh the particular phase of laboratory testing (pre-analytical, analytical, or post-analytical) in determining whether harm will be produced.24 This is an important conclusion that should be validated in subsequent studies, because it implies that it will be impossible to prioritize which specific type of EHR-related error predisposition needs to be addressed first—they are all important and each carries the risk of harm.
Factors Related to EHR-Related Error
Cases were encountered across each of the major service lines. In each of these services, ambulatory errors predominated, except for nursing-related cases. The dominance of the ambulatory care setting over inpatient and emergency care settings (59% ambulatory) parallels the distribution of diagnostic errors claims in this database (57% ambulatory),25 and probably reflects the total volume of patient encounters and care in each of these settings. It is not possible from this data to determine whether EHR-related cases are more common or likely in any particular care setting or specialty service, although this information would be valuable to know, and will require study protocols that specifically address these questions.
The distribution of EHR-related contributing factors was not appreciably different between ambulatory and inpatient care settings, but errors encountered in emergency care appeared to more commonly involve incorrect information in the EHR and training issues, compared to the other 2 settings. Although our study did not directly address the factors that accounted for this observation, it is possible that the disproportionate frequency of training-related errors may relate to staff turnover in this setting, and the difficulty of training staff working night and evening tours.
The relative frequency of errors in medication management is not surprising, given the complexity of the process and the volume of orders being processed. The 2 steps that seem most error-prone are those that involve the physician, test ordering and medication management. Similar observations have been made in regard to laboratory-related error, also highly dependent on technology, where the most error-prone steps are those involving the physician, and not the laboratory per se.26
An important observation from this study is that EHR-related issues accounted for less than 1% of the safety events coded during the same period. Thus, in relation to the many other patient safety issues that lead to harm, EHR-related cases comprise just a small minority, albeit an important one.
Problems and Trends Identified
The data from this study suggests that interventions to reduce harm should parallel the sites most at risk (ambulatory care in particular) and the processes that account for the most errors (for example, medication usage, diagnosis) rather than prioritizing specific problems involving the technology per se, the users, or the interface between the 2. These sociotechnical factors were all associated with appreciable harm in this study, as noted above.
Both venders and the user community are already actively engaged in efforts to address the types of unintended consequences identified in this report. Indeed, the EHR offers the potential to address many different patient-safety problems that lead to adverse events.27 The SAFER guides recently issued by the Office of the National Coordinator for Health Informatics provide specific consensus recommendations in this regard, focusing on both the safe use of health informatics tools, as well as the application of these tools to improve the safety of healthcare.28
Each of the cases in this study indicates a specific vulnerability that providers should be aware of and monitor to ensure that a similar problem doesn't recur during the care of their own patients. Looking across cases, several themes were apparent that represent productive areas where providers and their organizations could begin improving the safety of using EHRs:
The danger inherent in hybrid systems and EHR conversions: We identified repeated examples of injurious problems during periods when organizations are transitioning their record systems. Moreover, these conversions will continue to be common in the near term as organizations try to optimize user satisfaction and functionality by changing vendors or record systems, embarking on an upgrade, or adopting new functionality. These transitions require a well-defined action plan and appropriate resources to ensure complete and accurate data is available as rapidly as possible. Providers need to be informed of progress, any delays, and the specific functionalities impacted by the conversion. Providers need constant reminders that these transition periods create greatly increased risk that the data needed for safe patient care may be missing or incorrect.
The dangers of delayed, missing, or incorrect data, services, or actions: Many malpractice claims originated from limitations created by the EHR in providing the correct data, information or services needed for safe patient care. These problems were compounded by the expectation on the part of providers that the medical record system was working as they expected it should, when in fact it was not. Examples included delays in returning critical laboratory values, important pathology results that were lost or misdirected, pasted information that was incorrect, and blood products needed for urgent transfusion that was misrouted. Providers need to appreciate these vulnerabilities so that they can take appropriate steps to validate data, to ensure timely follow up on tests that are ordered, or to inquire directly about services or products that appear delayed. If key data is missing in the EHR, providers need to find it.
The danger of over-reliance on the EHR: As just noted, providers would be well served to be wary of situations where information is incomplete or possibly inaccurate. The electronic record is an ideal tool to support clinical judgment, but cannot not replace it. Just as quality in clinical care involves constant monitoring and questioning to ensure that diagnosis and treatment are correct, there should be a comparable level of vigilance and appreciative inquiry in regard to using the EHR. Data and information that raises an eyebrow should be verified or rechecked.
The inherent risks using copy\paste functionality, over-riding alerts, and employing “workarounds.” These are all well-known vulnerabilities.
In addition to these lessons for providers that would increase safety in using the EHR, we identified 3 major vulnerabilities that EHR vendors and management teams could address to improve safety:
Routing problems: We encountered repeated examples of laboratory results going to the wrong provider, documentation not being available to the providers who needed it, and assorted other problems of getting the right data to the right provider. Given the complexity of today's health care systems, special care and attention is needed to ensure the correct routing of data and services. It is imperative to understand how and why this data is being mis-routed and develop specific solutions that address both system and user contributions.
Pre-population: Although implemented as a time-saver, pre-population by its nature creates the opportunity for data that is outdated or frankly incorrect to be repeated or misinterpreted. A patient's vital signs might indicate deterioration, but pre-populating a note with yesterday's results could mask this. It seems imperative that we explore the timesaving value of this program choice, with the vulnerabilities it produces. Is there a way for the “user” to be alerted to the “auto-populated / repetitive” nature of the data they are trusting—and if so, will the “alarm-weary” clinician actually take note?
Intrinsic cross-checking: An intelligent medical record system should be able to detect a decimal point error in ordering a medication, as this would fall outside of the acceptable dosing range. It would detect that an order for potassium in a patient already hyperkalemic is probably inappropriate. Predictive analytics could potentially prevent a substantial fraction of EHR-related safety concerns. Intelligent analytics of this type can be particularly effective in detecting patients at risk for diagnostic error.29
Relationship of these results to other studies. Cases represented in databases of patient claims are a rich source of information about adverse events of all types involving patient safety. As an example, Bishop et al analyzed over 10,000 cases in the National Practitioner Data Bank.30 As in our study, the predominant cause for a claim in ambulatory settings related to diagnosis. Similarly, diagnosis-related claims were the most common type in a recent systematic review of claims analyses in primary care, followed by medication errors.31
The specific role of health-IT in adverse patient safety events has been examined predominantly by analysis of reports submitted to patient safety organizations (PSOs) and other organizations. A study of 2 large PSO databases recently identified over 20,000 safety events involving health IT, 4.7% of all the safety events reported. The most common category of identified errors were medication related.14 As in our study, problems were encountered across the sociotechnical spectrum.
Sentinel event reports submitted to The Joint Commission comprise another source of harm-related events. A recent report identified 80 cases (2.4%) involving the EHR out of 3375 sentinel events reported between January of 2010 and June of 2013.17 Over half of these cases involved a patient's death, and another 11% involved permanent injury. This report shares two common findings with the findings in our analysis: 1) cases involving the EHR made up just a small fraction of all safety-related reports, and 2) the harm involved was substantial A major difference is that not a single case of diagnostic error was included in the sentinel event reports, reflecting the fact that events reportable to The Joint Commission are focused almost exclusively on treatment-related problems.
Implications for Understanding Safety Concerns Using Electronic Medical Records
The various etiologies of error identified in this study are representative of the error etiologies in many other studies, and spanned the sociotechnical dimensions.32,33 Errors were found in all three of the major sociotechnical elements: involving the technology itself, the users of the technology, and the work environment where care is provided at the interface between the two. These included problems with clumsy design features, breakdowns in information flow, copy\paste issues, missing or incorrect information, and problems relating to the transition from paper to electronic records, or from one EHR to a new one. The relative frequency of problems involving transitions to a new EHR may reflect the fact that this study was conducted over a time span when many practices and organizations were just adopting new EHR systems, or advancing to a different one. At the same time, it is likely that conversions and upgrades will continue to be common events given that health IT is rapidly advancing, and both competition and innovation are abundant. In this case, the risks of EHR conversions, transitions, and hybrid systems will be with us for some time to come.
Advantages and Limitations of Studying Medical Malpractice Claims Data
From a research perspective, the use of claims databases to evaluate unintended consequences of EHR adoption has both positive and negative qualities. There are 4 major advantages:
Claims data derives from across the continuum of health care, including both inpatient and outpatient care, including private practices, in both academic and non-academic settings. In contrast, data submitted through patient safety organizations derives almost entirely from inpatient or hospital-associated data, and generally excludes events arising in private practice.
Claims data provides extensive text-based information and analysis from both medical and legal documentation in each case, facilitating the qualitative analysis of any given breakdown, and its contributing factors.
A related strength is that the detailed information on each case increases both the sensitivity and specificity of coding. Although we did not measure sensitivity in this study we did assess specificity. The double verification of each case ensured that each case did in fact reflect EHR-related harm. Thus, almost 90% of the cases identified as being health IT–related in this study specifically involved the EHR. In contrast, a recent follow-up study of safety events submitted to a large patient safety organization found that almost a third of the events submitted as health-IT related were not, and over a quarter of the events which did involve health-IT were not coded as such.14
Claims data uniquely identifies cases known to have caused harm. Although harm data can be extracted from reports of safety incidents to PSOs, these cases generally identify cases with the potential for harm; harm is not a requirement for these reports to be filed, and as we have noted, cases involving severe harm may be frankly unusual in PSO-derived reports.
The limitations of this study, and other studies using claims data, are also numerous and important:
The major limitation of studying claims data is the relatively small number of cases available for analysis. As an example, just 248 cases were identified in the three year coding period of this study, whereas a recent study of health IT–related events reported through a patient safety organization found 191 instances in just 9 weeks,15 and several thousand such events over an 8 year look back.23 Similarly,1100 health-IT related events were reported to an FDA safety database over a period of 2 and a half years,34 and over 63,000 health-IT related problems were identified in reports to another national database of medication errors.35 The small sample size in our study prevents us from addressing many key questions, such as whether the safe use of EHRs, or health IT in general is increasing over time.
Because cases are reported from across the country, there is uncontrolled variability in regard to the EHR's used and the many institution-specific qualities that are relevant to health IT safety, such as resources, safety culture, and local health IT expertise and champions.
Only a very small percentage of adverse safety events result in malpractice claims or suits. For this reason, data obtained from claims and suits cannot be used to estimate the actual incidence of error types, although it does provide insight into the relative frequencies.
Finally, the cases in malpractice claims databases often reflect events that happened years ago. It is impossible to know if the etiologic problems identified in a given case still persist at that institution or whether they have been addressed in the meantime. The static nature of claims data makes it particularly unsuitable to evaluate the remarkably dynamic nature of health IT adoption and evolution. It is fair to note, however, that issues that might be “old” at one organization may still be “new” at another organization that is at an earlier stage of EHR adoption; sharing key risk information may therefore still have considerable value.
In summary, limitations in current EHR systems, and how these are used to provide clinical care by healthcare professionals, can lead to harm and death in some relatively small, but important fraction of cases. It is likely that EHR-related harm can be encountered in any healthcare setting and in any clinical service.
On balance, we believe that the data presented in this report supports the value of conducting analyses of claims data to validate the importance of the problem, but conclude that a comprehensive appreciation of EHR-related safety will require input from a range of different approaches and sources of information. This parallels the conclusion reached in other studies of patient safety events regarding the value of triangulating data from a variety of sources and perspectives.36–38 In particular, research approaches are needed that can provide additional quantitative data to address the question of whether the safety of using EHRs is improving over time, and whether there are particular situations, technologies, or user behaviors that need to be prioritized. In the meantime, the types of errors revealed in this study provide a wide range of safety problems that demand attention. Healthcare professionals, their organizations, and health IT vendors can decrease the risk of harm related to using electronic medical records by appreciating and addressing the lessons that these cases provide.
APPENDIX A. CASE EXAMPLES OF HEALTH IT–RELATED ERRORS, BY CATEGORY TYPE
System Related Issues
System and software design
▪ Fentanyl order altered by a decimal point; patient died.
▪ Insulin order defaulted to wrong preparation (long vs short-acting).
▪ Fentanyl overdose resulting from failed auto-deletion of earlier orders of a lower dose.
▪ The EHR automatically “signed” a test result when in fact it had not been read; Patient did not receive results of co-existing liver cancer and was treated for lung cancer only.
Routing of electronic data
▪ Order for blood delayed reaching lab; patient expired before blood arrived.
▪ Critical blood gas value misrouted to the wrong unit; patient expired from respiratory failure.
▪ Critical ultrasound result routed to the wrong tab in the EHR; MD never saw the result until a year later; patient experienced delayed recognition of cancer
▪ Abnormal cardiac ultrasound results misrouted, would have prompted anticoagulation; patient died of stroke.
System dysfunction or malfunction
▪ Multiple reports of system being “down,” staff unable to access information; In one case, medication reconciliation could not be completed, resulting in an injurious medication error.
▪ Computer crash caused loss of colonoscopy results; follow up delayed and next study disclosed colon cancer.
▪ Nursing staff unable to locate a previous nursing assessment and vital signs; RN asserted that the EHR had just “gone live” and kept “crashing”; delayed recognition of patient's deterioration.
▪ MD not able to access nursing ED triage note, which would have changed management; patient died of subarachnoid hemorrhage.
Integration problems and incompatible Systems
▪ Fetal demise followed by consent for “limited” chromosome testing. Pathology unable to access the specific order, so did full chromosome studies not consented by the family.
▪ Delayed diagnosis of lung cancer; Primary care provider could not access radiology studies at the time of patient visit; paper results filed without the MD seeing these, staff believing the results were available on line.
▪ OB patient requested tubal ligation at the time of her 4th planned Caesarian section. Noted on office record but not integrated with the delivery room system. Covering MD delivered the baby but did not know/see the request for tubal ligation; Patient became pregnant 6 months later.
Lack of or failure of Alert/Alarm/Decision Support
▪ Pathology report of adenocarcinoma delayed in reaching patient's chart until after inpatient discharge and no alert sent to patient's physician; delayed diagnosis of cancer.
Fragmented information
▪ Test results in multiple locations; failure to note overall decline of vital signs and lab tests; patient died of sepsis.
▪ Positive test result for cervical cancer entered into problem list; MD expected it to be in EHR test result section; error not discovered until patient's visit a year later.
▪ RN entered Haldol order as 5.0 mg instead of 0.5 mg; MD meant to sign off on lab results, but signed off on the wrong order by mistake.
All other
▪ Pt complained of “sudden onset of chest pains with burning epigastric pain, some relief with antacid”; Complaint field was too small; entry noted only as “epigastric pain”; no ECG done; patient experienced a cardiac event days later.
▪ Lack of follow up of abnormal PSA; visit notes were sparse due to limited text fields and use of a system that referenced problems by a number, not text.
User-Related Issues
User errors - miscellaneous
▪ Electronically signed discharge order omitted patient's Coumadin; patient admitted with stroke.
▪ Verbal order for morphine entered without upper limit defined; patient become obtunded and expired.
▪ Results of positive test for C difficile not noticed; 7 day delay in starting treatment.
▪ MD unable to find pathology report in the EHR; called Pathology to get a verbal report, which was a normal result from the wrong patient; real patient died of cancer 3 years later, original report was abnormal.
Hybrid health records/Conversion issues
▪ Medication reconciliation list did not include Sotalol; residenct copied the ED medication list; patient went into Afib. The EHR did not list medications from the prior admission and did not interface with the inpatient unit.
▪ Patient underwent colonoscopy for bleeding per rectum but exam was incomplete. MD changed EHR's which didn't convey the incomplete exam; patient had delayed diagnosis of colon cancer.
▪ Pediatric patient received ampicillin in the ER despite known allergy, which had been documented in the paper record but not uploaded into the EHR.
Incorrect information
▪ Facility with new EHR dosage of Benemid copied over from paper record incorrectly; patient received double doses, developed seizures and died.
▪ Patient previously on anticoagulation admitted for GI bleeding; MD intended to discontinue the anticoagulant but mistakenly clicked on “continue Lovenox for home use.”
▪ Ultrasound results never scanned into the EHR; delayed diagnosis of thyroid malignancy.
▪ MD intended to order Flonase accidentally selected Flomax from a drop down menu.
Prepopulating; copy and paste
▪ History copied from a previous note which did not document patient's amiodarone medication; delayed recognition of amiodarone toxicity.
▪ Patient was to receive 6 injections of a medication; The EHR reflected 66 injections based on use of wrong template.
▪ Incorrect conclusion that patient was on indomethacin when it was automatically pulled forward from an outdated medication list.
Training and education
▪ Covering obstetrician did not have EHR access and could not access clinic notes documenting abnormal fetal size; stated he\she never received training or password.
▪ Urologist failed to appreciate abnormal test results; CT results were placed in the new EHR but MD assumed he'd receive a paper copy.
All other
▪ Amoxicillin ordered for patient allergic to penicillin had allergic reaction; MD over-rode the alert.
▪ Oxycodone allergy overrode by MD which removed it from allergy list; on transfer to.
▪ Alerts on abnormal blood culture ignored; patient died of endocarditis.
▪ Alert to NSAID allergy was ignored.
Footnotes
The authors disclose no conflict of interest.
This report was sponsored by the Office of the National Coordinator for Health Technology under contract number HHSP23320095651WC_HHSP23337047T to RTI International.
REFERENCES
- 1.Office of the National Coordinator for Health Information Technology. Federal Health IT Strategic Plan 2015–2020. 2014. Available at: http://www.healthit.gov/policy-researchers-implementers/health-it-strategic-planning. Accessed June 2015.
- 2.Office of the National Coordinator for Health Information Technology. Recent Evidence that Health IT Improves Patient Safety. Available at: www.healthit.gov. Accessed June 2015.
- 3.Chaudhry B, Wang J, Wu S, et al. Systematic review: Impact of health information technology on quality, efficiency, and costs of medical care. Ann Intern Med. 2006;144:742–752. [DOI] [PubMed] [Google Scholar]
- 4.Goldzweig CL, Towfigh A, Maglione M, et al. Costs and benefits of health information technology: new trends from the literature. Health Aff. 2009;28:w282–w293. [DOI] [PubMed] [Google Scholar]
- 5.Buntin MR, Burke MF, Hoaglin MC, et al. The benefits of health information technology: a review of the recent literature. Health Aff. 2011;30:464–471. [DOI] [PubMed] [Google Scholar]
- 6.Jones SS, Rudin RS, Perry T, et al. Health information technology: an updated systematic review with a focus on meaningful use. Ann Intern Med. 2014;160:48–54. [DOI] [PubMed] [Google Scholar]
- 7.Quinn MA, Kats AM, Kleinman K, et al. The relationship between electronic health records and malpractice claims. Arch Intern Med. 2012;172:1187–1189. [DOI] [PubMed] [Google Scholar]
- 8.Rand Corporation. Factors Affecting Physician Professional Satisfaction and Their Implications for Patient Care, Health Systems, and Health Policy. 2014. Available at: http://www.rand.org/pubs/research_reports/RR439.html. Accessed June 2015. [PMC free article] [PubMed]
- 9.Sinsky CA, Beasley JW, Simmons GE, et al. Electronic health records: design, implementation, and policy for higher-value primary care. Ann Intern Med. 2014;160:727–728. [DOI] [PubMed] [Google Scholar]
- 10.Classen DC, Bates DW. Finding the meaning in meaningful use. N Engl J Med. 2011;365:855–858. [DOI] [PubMed] [Google Scholar]
- 11.Meeks DW, Smith MW, Taylor L, et al. An analysis of electronic health record-related patient safety concerns. J Am Med Inform Assoc. 2014;21:1053–1059. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 12.RAND Health. Promoting Patient Safety Through Effective Health Information Technology Risk Management. 2014. Available at: http://www.rand.org/pubs/research_reports/RR654.html. Accessed June 2015. [PMC free article] [PubMed]
- 13.Ruder DB. Malpractice claims analysis confirms risks in EHR's. Patient Safety Qual Healthc. 2014:20–23. [Google Scholar]
- 14.Office of the National Coordinator for Health Information Technology. Health Information Technology Adverse Event Reporting: Analysis of Two Databases. 2014. Available at: http://healthit.gov/sites/default/files/Health_IT_PSO_Analysis_Final_Report_11-25-14.pdf. Accessed June 2015.
- 15. ECRI Institute. ECRI Institute PSO Deep Dive: Health Information Technology. Plymouth Meeting, PA; 2012.
- 16.Singh H, Giardina TD, Forjuoh SN, et al. Electronic health record-based surveillance of diagnostic errors in primary care. BMJ Qual Saf. 2012;21:93–100. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 17.The Joint Commission. Investigations of Health-IT–Related Deaths, Serious Injuries, or Unsafe Conditions. Washington, DC: Office of the National Coordinator for Health Information Technology; 2015. [Google Scholar]
- 18.Castro G. Investigations of Health IT-related deaths, serious injuries, or unsafe conditions. ONC HIT Safety Webinar, December 18, 2014. 2014. [Google Scholar]
- 19.Meeks DW, Meyer AN, Rose B, et al. Exploring new avenues to assess the sharp end of patient safety: an analysis of nationally aggregated peer review data. BMJ Qual Saf. 2014;23:1023–1030. [DOI] [PubMed] [Google Scholar]
- 20.Siegal D, Ruoff G. Data as a catalyst for change: stories from the front lines. J Healthc Risk Manag. 2015;34:18–25. [DOI] [PubMed] [Google Scholar]
- 21.Upadhyay DK, Sittig DF, Singh H. Ebola US Patient Zero: lessons on misdiagnosis and effective use of electronic health records. Diagnosis. 2014;1. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 22.Magrabi F, Baker M, Sinha I, et al. Clinical safety of England's national programme for IT: a retrospective analysis of all reported safety events 2005 to 2011. Int J Med Inform. 2015;84:198–206. [DOI] [PubMed] [Google Scholar]
- 23.Sparnon E, Marella WM. The role of the electronic health record in patient safety events. Pa Patient Saf Advis. 2012;9:113–121. [Google Scholar]
- 24.Graber ML, Morgan LC, Tant E, et al. Proactive Risk Assessment During the Laboratory Testing Process to Reduce Diagnostic Error: Literature Review for the Agency for Healthcare Research and Quality. Rockville, MD: Agency for Healthcare Research and Quality; 2012. [Google Scholar]
- 25.CRICO Strategies. Annual Benchmarking Report—Malpractice Risks in the Diagnostic Process. 2014. Available at: http://www.rmfstrategies.com/Products-and-Services/Comparative-Data/Annual-Benchmark-Reports. Accessed June 2015.
- 26.Plebani M. Exploring the iceberg of errors in laboratory medicine. Clin Chim Acta. 2009;404:16–23. [DOI] [PubMed] [Google Scholar]
- 27.Zuccotti G, Maloney FL, Feblowitz J, et al. Reducing risk with clinical decision support: a study of closed malpractice claims. Appl Clin Inform. 2014;5:746–756. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 28.Office of the National Coordinator for Health Information Technology. SAFER GUIDES—Safety Assurance Factors for EHR Resilience. Available at: http://wwwhealthitgov/safer/safer-guides. Accessed June 2015.
- 29.Graber ML, Trowbridge R, Myers JS, et al. The next organizational challenge: finding and addressing diagnostic error. Jt Comm J Qual Patient Saf. 2014;40:102–110. [DOI] [PubMed] [Google Scholar]
- 30.Bishop TF, Ryan AM, Casalino LP. Paid malpractice claims for adverse events in inpatient and outpatient settings. JAMA. 2011;305:2477–31. [DOI] [PubMed] [Google Scholar]
- 31.Wallace E, Lowry J, Smith SM, et al. The epidemiology of malpractice claims in primary care: a systematic review. BMJ Open. 2013;3:e002929. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 32.Sittig DF, Singh H. A new sociotechnical model for studying health information technology in complex adaptive healthcare systems. Qual Saf Health Care. 2010;19:i68–i74. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 33.Magrabi F, Ong MS, Runciman W, et al. Using FDA reports to inform a classification for health information technology safety problems. J Am Med Inform Assoc. 2012;19:45–53. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 34.Magrabi F, Ong MS, MBiomed E, et al. Patient safety problems associated with healthcare information technology: an analysis of adverse events reported to the US Food and Drug Administration. AMIA Annu Symp Proc. 2011;2011:853–857. [PMC free article] [PubMed] [Google Scholar]
- 35.Schiff GD, Amato MG, Eguale T, et al. Computerized physician order entry-related medication errors: analysis of reported errors and vulnerability testing of current systems. BMJ Qual Saf. 2015;24:264–271. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 36.Tsang C, Majeed A, Aylin P. Routinely recorded patient safety events in primary care: a literature review. Fam Pract. 2012;29:8–15. [DOI] [PubMed] [Google Scholar]
- 37.Levinson DR. Adverse Events in Hospitals: National Incidence Among Medicare Beneficiaries. Washington, DC: Department of Health and Human Services, Office of Inspector General; 2012. [Google Scholar]
- 38.Levtzion-Korach O, Frankel A, Alcalai H, et al. Integrating incident data from five reporting systems to assess patient safety: making sense of the elephant. Jt Comm J Qual Patient Saf. 2010;36:402–410. [DOI] [PubMed] [Google Scholar]