Risk Management
<< Back |
The Risks and Benefits of Electronic Health Records
Hans Bruhn, MHS , OMIC Senior Risk Management Specialist
As the use of Electronic Health Record (EHR) systems continues to rise, so do concerns about how their use may affect patient safety and medical professional liability. In many respects, EHR systems significantly expand upon the narrow scope of Electronic Medical Record (EMR) systems, which replace traditional paper medical records with electronic documentation tools. Because of their limited scope, EMRs have been used almost exclusively by health care providers, third party insurance payors, and government entities.
In contrast, an EHR system offers comprehensive assistance to a practice, going far beyond the scope of medical record functionality to include practice management (administration), reporting (for internal use and to external parties), coding (for billing/patient care reimbursement), and document imaging.
Additionally, an EHR system also facilitates communication with pharmacies, transcription services, surgical facilities, labs, and other external parties involved in patient care. One of the most promising functionalities that directly relates to improving patient care is the evidence-based decision support system for clinicians. From drug alerts to diagnosis assistance, EHRs offer real-time help in developing patient treatment plans.
EHR systems also provide various avenues for communicating with patients, such as messaging and allowing patient access to general e-health information and personal health information via desktop computers, PDAs, or computer tablets.
As with any new technology, professional liability risks are emerging as EHRs are adopted on a large scale. Based on early reports, it is expected that liability claims will revolve around issues related to security and confidentiality, documentation, system integration, reporting, and data recovery. One source of these reports, EHRevent.org, is a national reporting database that represents a cooperative effort by professional liability insurers and the not-for-profit iHealth Alliance. Several of the patient care scenarios described in this article come from this source.
Ensure Integrity of Record Entries
In order to be confident that an HER system’s information is accurate—and an effective defense tool in the event of a liability claim—all users should have their own login name, password, and electronic signature. Some systems use the physician’s name as the author of any entry in the medical record, even those made by other staff members. Without individual password access and signatures, it can be difficult, even impossible, to determine when and who made an entry in the system. This uncertainty can lead to an entire medical record being questioned for accuracy and jeopardize the defense of a claim.
Risks of Integration with Other Systems—The Need to Verify
Because information can move very quickly between an EHR and other systems, it is essential to verify its accuracy. Here is an example:
A state prison system has an e-prescribing system that captures medication orders, prints a record for the clinician, transmits the order to the pharmacy, and notifies the nurses at “med-line” what to dispense to inmates. One morning, prisoner A was prescribed a short list of blood pressure medications. The list printed correctly. A dozen other inmates were given prescriptions, which also printed correctly. Later that day, prisoner K was prescribed numerous medications, including anticonvulsants and antipsychotics. The printout looked fine. The next day, prisoner A created a disturbance in med-line when he refused to take his pills because it was “too a big a handful.” The system had dispensed prisoner K’s medicines to prisoner A, who was on the brink of being forced to take them when a nurse practitioner noticed the error.
Concerns with Automation
In an effort to save time and improve the quality of documentation, many EHR systems use drop down menus and templates. The risk here is unintentionally selecting terms that can lead to misdiagnosis and improper treatment or using letter templates that may contain incorrect or incomplete information.
A physician reporting a claim to EHRevent.org4 warned, “I have witnessed occasions where I have definitely selected the correct choice, but in pulling the pen away from the screen, the menu slips down to the next selection: ‘qd’ can easily slip/scroll to ‘qid,’ resulting in a fourfold dosing error…Local pharmacists seem to be adept at catching errors and calling me, but one should not assume that will always be the case.”
Overuse of templates that offer set verbiage describing examination findings and diagnoses has led some physicians to comment that it can be more difficult to review a record on a referral due to unnecessary template wording that conveys very little or no specifics of the patient’s condition. A physician reporting to EHRevent.org commented, “Our EHR generates notes after you check little boxes on millions of pages of menus. The boxes are tiny and menus are incredibly detailed, so it takes forever to find what you want, and easy to miss something or check something wrong…the finished note is incredibly boring and fake, just line after line of mostly normal findings. I can’t find the ‘meat’ in my partners’ notes. My eyes actually blur. I tell myself to read every word, but all notes are 95% identical…You can’t tell what actually happened at the visit, because all the notes look the same…”
Plaintiff attorneys have argued that the presence of identical wording in multiple patient files is evidence that the provider did not make any real effort to document a specific patient’s care, thereby attacking the integrity of the medical record and eroding defensibility of the claim.
System Reports—Verify Information and Format
EHR reporting systems need to be carefully tested and continually reviewed for completeness and accuracy. These reports can be very different in appearance when compared to data viewed on data entry screens. Some reports pull information from various areas of the system making it harder to detect errors. As a risk management strategy,
OMIC recommends carefully working with your EHR vendor to verify that reporting requirements for your practice are being met and, once your system is adopted, performing ongoing reviews of reports before releasing them to others. Duplicate entries and omitted data (requiring manual input and the potential for human error) can lead to inaccurate billing practices and upset patients.
Data Recovery—How Would You Practice Without Your EHR?
In the past few years, natural disasters in parts of the country have underscored the need for disaster planning to recover data. An insured recently contacted OMIC to seek advice on how to reestablish his practice after all his medical records, including backups, were destroyed. He did not even have a complete list of his patients due to the scope of the disaster in his area. You can avoid this extreme situation by developing a data recovery plan that truly contemplates worst case scenarios. Consider data backup in a location outside your practice area.
Even seemingly routine maintenance on an EHR system can disrupt patient care. A physician reported to EHRevent.org, “Our vendor upgrades our EHR software every 2 to 3 years. We’re on an ASP (Application Service Provider in which the system is hosted on the web). We knew the system wouldn’t be available intermittently over ‘a day or so.’ We printed out charts for the patients that had appointments. But we were down for a week! Lots of technical glitches and errors, rebooting, telephone calls back and forth. We got ‘data not backed up’ warnings. Temporary paper notes piled up because we couldn’t do data entry. No access to records for 90 patients we saw that week. Major staff stress.”
Physicians should develop policies and procedures for periods when the EHR system is down that allows patient care to continue and ensures that documentation done off system gets into the system once it is back up and running. Keep in mind that even if your EHR system is down, patients expect the same quality of care.
In addition to down time, updates to an EHR system can alter data in the system and corrupt existing records. System enhancements or wider scale modifications should be run in a test environment first to ensure they work as intended.
Clinical Decision Support Systems
Most EHR systems now incorporate Clinical Decision Support (CDS) designed to help physicians better analyze patient data. CDS also helps a practice meet “Meaningful Use” criteria required by Medicare and Medicaid EHR incentive programs.
This criteria was developed to show that a practice is using a certified HER system that improves both the quality of care rendered and the efficiency of the delivery of that care.7
It is important to clarify in the HER system agreement who has liability if a critical functionality such as CDS malfunctions and results in patient harm. OMIC recommends involving an attorney in the selection and implementation of an EHR system and to review the contract between the practice and EHR vendor. The contract should clarify who is responsible for liability claims if errors such as the ones noted here occur. The vendor should accept responsibility for system issues, especially if human error is not suspected and it is the system itself that has failed to function properly.
E-discovery—More Information Means More Scrutiny
The EHR scrupulously tracks access to records. If a provider fails to review data, such as test results that have been received, it’s relatively easy for the patient’s attorney to discover that omission.
Also, physicians should be aware that entry to the system is tracked as well as when data is entered or changed, making it easier to detect record tampering. When a correction needs to be made to the record, it is important to have a protocol and procedure in place to ensure that corrections are transparent and support continuity of patient care.
EHR Adoption Continues
Although still in the early stages, EHRs already represent a significant effort toward improving the quality and efficiency of medicine by organizing the ever increasing amount of information flowing in and out of the system, often from previously unconnected sources such as email and practice websites that allow patient interaction. So far, most practices say they are pleased with the EHR system they have adopted (73% report they are extremely satisfied or satisfied with their selected system). An increase in efficiency is not the only factor encouraging EHR implementation. Federal incentive programs are another motivator for 73% of current non–users who say these economic incentives will influence their decision to purchase a system.
As EHR implementation becomes more widespread, the number of reported issues will grow. Through cooperative ventures with groups such as EHRevent.org, OMIC will continue to learn how such problems arise and develop risk management strategies to reduce errors. Hopefully, with a reduction in errors, the percentage of satisfied practices will grow, patient safety will be improved, and claims will be prevented.
1. 2010 AAOE member survey on EHRs reported 34% of ophthalmologists are using an EHR system.
2. Health Information and Management System Society (HIMSS) definition of EHR systems.
3. Victoroff M, MD. “I Just Eat the Skittles.” EHRevent Report. EHRevent.org, May 2011.
4. EHRevent.org is a claims clearinghouse set up by various professional liability carriers, the PDR Network.
5. Victoroff M, MD. “Yes–It’s a Problem: Click-tation.” EHRevent Report. EHRevent.org, Dec 2011.
6. Victoroff M, MD. “What Goes Up Goes Down.” EHRevent Report. EHRevent.org, June 2011.
7. The American Recovery and Reinvestment Act of 2009 specifies three main components of MeaningfulUse: (1) the use of a certified EHR in a meaningful manner, such as e-prescribing, (2) the use of certifiedEHR technology for electronic exchange of health information to improve quality of health care, and(3) the use of certified EHR technology to submit clinical quality and other measures.
8. Victoroff M, MD, editor-in-chief. EHRevent Report.
9. 2010 AAOE member survey on EHRs.
About EHR EVENTAbout EHR Event
PDR Secure™ was established as a subsidiary of PDR Network, LLC, the publisher of the Physicians’ Desk Reference®, with a few simple goals in mind: to improve patient safety and to help reduce EHR vendor and health care provider liability by encouraging reporting on EHR issues. Working together with medical professional insurance carriers and the not-forprofit iHealth Alliance, PDR Secure has created this reporting system to gather information to help improve EHRs, support patient safety, and help reduce provider liability. By collecting and analyzing EHR-related event data reported by health care professionals, we can all get smarter together. And the privacy of information provided in the EHR Event Reporting Service can be protected by the PDR Secure™ as a certified Patient Safety Organization.
Report an EHR Safety Event at www.ehrevent.org/TOS.
Please refer to OMIC's Copyright and Disclaimer regarding the contents on this website