Risks of EHRs

June 29, 2019

How to protect yourself from EHR technology-related legal danger

Originally heralded as a tool that would make healthcare more efficient and effective, EHRs have revealed themselves to be a mixed blessing.
In addition to frustrations over badly designed interfaces and interoperability issues, physicians are coming to realize that the software they rely on to manage their practices can be putting their patients at risk of medical error and themselves in danger of medical liability.

The problems were highlighted in a recent joint Kaiser Health News and Fortune investigation that showed that EHRs are not living up to their promise, but they have been blamed for everything from incorrect prescriptions to patient deaths and serious injuries. 

And while many practices have come to working terms with their EHRs, they might be unaware of the malpractice dangers they can pose. “It’s definitely on our radar,” says Robert Hanscom, JD, vice president, business analytics at Coverys, a medical liability insurer. “We are urging [physicians] to pay more attention.”

Three years ago Coverys created a code to flag EHR-related malpractice claims.The number of cases rose from 21 in 2013 to 63 in 2017 and continues to climb, Hanscom says.

In the Medical Economics 2018 EHR Scorecard, dozens of practicing physicians commented on how their EHR systems made them more prone to errors.

“I make more prescription errors with the EHR than I ever did with paper charts,” said one respondent.

Unintended consequences

Many of the problems stem from the fact that EHRs were forced into widespread adoption after the passage of the HITECH Act in 2009. Rather than mandating a universal standard based on design research, best practices and user experience, the government allowed competing vendors to develop their own EHRs. The result is a hodgepodge of systems that creates unnecessary risk, says Hanscom.

User difficulties and risks are compounded for doctors who work on multiple EHR systems, each with its own user interface, quirks and design flaws. “There are components that can come back and bite physicians if they’re not handled correctly,” Hanscom says.
Another insurance executive says he has seen malpractice cases stemming from EHR-related errors that led to incorrect medication doses and even removal of a wrong kidney.

“Even though the frequency is small, the potential for harm can be catastrophic,” says Darrell Ranum, JD, vice president of patient safety and risk management, The Doctors Company.

EHRs are not going away and the patchwork of competing systems, many of which still don’t work well together, is not going to be replaced anytime soon by a universal, interoperable network. So what can doctors do to prevent errors and subsequent liability?

Test your EHR

No matter how long they’ve used a particular system or how satisfied they are with its performance, practices should test their EHR’s capabilities, says Lorraine Possanza, DPM, JD, MBE, director of the Partnership for Health IT at ECRI Institute, an independent nonprofit authority on the safety of medical practices and products.

Double check to make sure the system is doing everything it should, such as prescribing the correct amount of drugs, delivering prescriptions to pharmacies and sending orders to labs, she says. “The objective is you don’t want to make a mistake you shouldn’t have made. And you don’t want a system that makes it easier to make a mistake,” she says.

Physicians often have no idea how frequently EHRs can make mistakes, says Zach Hettinger, MD, MS, medical director and director of cognitive informatics, MedStar Health National Center for Human Factors in Healthcare. The center tests EHRs and one recent evaluation of a common system revealed a 40 percent error rate in writing prescriptions, Hettinger says.

The center offers free tools that allow practices to test their EHRs. Its “EHR See What We Mean” program explains many common problems with electronic records and how their designers could avoid errors.

In one example, a physician treating an adult male wants to prescribe Tylenol 500mg and, upon entering “Tylenol”, is confronted by more than 80 options, many of which are not relevant to the patient, such as children’s Tylenol. An attempt to narrow the search by adding “500” after Tylenol fails to turn up anything because the EHR search engine, unlike public search engines, does not recognize near matches and requires exact wording. The doctor returns to the original screen of 80 possible matches and scrolls through to find 500mg, which is the 68th option.

A better system would have screened out options irrelevant because of the patient’s age, gender or other factors and presented Tylenol 500mg, the most common adult dosage, as an easily selected choice.

Possanza also recommends creating backups and contingencies in case an EHR does fail. Common measures include security measures to prevent hacking, data backup and retrieval tools and more.

Report problems

While some EHRs allow users to modify them, most improvements must be made by the vendor, either through regular upgrades or specific fixes.

And a vendor can’t fix a problem if it doesn’t know it exists, says Possanza, so she urges users who notice a persistent or dangerous problem with EHRs to document and report it to the manufacturer. Though not always as responsive as users would like, vendors do want to make their products more reliable and user friendly and eliminate errors, she says.

ECRI formed a patient safety organization, where clinicians and healthcare organizations can report, aggregate and analyze data related to patient safety, including EHR faults. Problems also can be reported to the Office of the National Coordinator for Health Information Technology at the Department of Health and Human Services. 

“This is a really complex system we’ve implemented and we need to have a multidisciplinary approach to solving the problems,” says Hettinger. “Sharing and collaborating on the information is the only way the system is going to get better.”

However, even if an EHR is fully or partially responsible for a medical error, physicians should not think that blaming the software will get them off the malpractice hook.

“It’s never not the physician’s fault,” says Hanscom, adding that many EHR vendor contracts include “hold harmless” provisions that protect the manufacturer. And while some patients have successfully sued EHR vendors in addition to the healthcare providers, the resulting settlements are usually not disclosed.

Best practices

Practices should ban copying and pasting information from one form or page to another, says Ranum. This simple function saves time for users in a rush, but it’s one of the worst dangers posed by EHRs.

Copying and pasting on a chart can propagate incorrect or outdated information, Ranum says, a harmful error that can easily spread like a virus as other users do the same. “We want physicians to be extremely careful with copying and pasting. It’s often better to type it in yourself to make sure it’s the most recent,” he says.

Ironically, an EHR feature designed to prevent mistakes is proving to be one of the biggest problems. Systems come with alerts and alarms that appear when a potential problem is indicated by the information entered, such as a drug allergy or incorrect dosage.

However, some users complain that there are so many alerts-many of which are irrelevant-that they are ignored, which can sometimes cause errors. Hanscom cautions users who do ignore or deactivate alarms to document it and explain why in order to protect themselves in the event of litigation.

Some practices employ medical scribes in order to allow physicians to focus on patients during visits. That can avoid data entry mistakes caused by divided attention and reduce the number of users of the EHR system, which could lead to fewer mistakes.

Share information

Most practices have been working with their EHR systems long enough to have uncovered many of their weaknesses, quirks and blind spots. However, that level of knowledge can vary among users in a practice, depending on their jobs and experience with the system.

Consequently, it’s important that all users in a practice share best practices about the system and know its dangers, says Possanza. Likewise, any workarounds or steps that can prevent errors should be implemented as practice policy, she says, adding that any fixes must be shared among users, as well.

It’s important that new employees be brought up to speed, particularly if they’re used to a different system.

x