Embed Size (px)
Citation preview
Avoiding EHR Pitfalls
MICHAEL S. VICTOROFF, MD
Copyright 2012 State Volunteer Mutual Insurance Company
Can information technology reduce malpractice costs?
Reduce or induce ERRORS?
Reduce or induce CLAIMS?
Help or hurt LEGAL DEFENSE?
Premium reductions for EHRs?
Can improve safety, workflow Augment human abilities Memory, calculation Decision support Multiuser access, remote
access Speed, multitasking Benefits are exponential with
connectivity...
EHRs are valuable!
Newton’s first law of computing
But, EHRs are devices!
For every function, there is an equal and opposite malfunction…
Not today… But — ER without an X-ray? Anesthesia without
oximetry? Airplane without a
radio?
Is it malpractice not to have an EHR?
[See The T.J. Hooper, 60 F2d 737 (2d Cir. 1932)]
PIAA companies
PIAA companies
EHR issues
Issues are legion
Cut & Paste
Canned verbiage
Ignoring pop-up notices
No follow up
Failure to resolve the complaint
Lost documents
Incomplete printout
Contradictory templated information
Time of documentation isn’t time of care
Metadata
Important info isn’t evident
Email info doesn’t get into record
Record alteration
EHR issues
“All normal” button
Disabling/ignoring alerts
Paste forward
e-Discovery
False documentation
Poorly formatted printouts
Privacy breach
Inadequate pick lists
Click-through without reading
System crash
Wrong field Identical appearing notes
Record locking
Sequestered information (HIV, psych)
Failing to notice critical information
Evidence issues
Backup and retention
Subpoena of metadata and backups
providers
attorneys
patients
Transferring electronic information:
via internet/FTP
via e-mail
via secure portal
via webmail
via physical media
Providing electronic copies to:
Significant burden on practitioners Research, testing, planning, acquisition TIME, TIME, TIME
– Learning curve – Training – Configuration – Implementation – Repair – Troubleshooting – “Hold music”
Liability Oh, yes – cost
Overload
Information appearing where it shouldn’t Loss of privacy, confidentiality (HIPAA) Physical loss (laptops, media) Copies, networks YouTube, Twitter, blogs, chat, email Information not appearing where it should Warnings, orders, alerts, results Downtime Lost files, media Disaster (Katrina…) Save, delete, overwrite
Information displacement
Key information from legacy charts (scanned, transcribed, summarized) may not make it into the EHR
Must “implement a reasonable
procedure during the transition phase” [to insure data isn’t lost]
– Smith v. United States, 119 F. Supp. 2d 561 (D.S.C. 2000)
Problems during transitions
“I’m positive it was there yesterday!”
“I think I just deleted the
Martinez family…” “What exactly do you mean by
‘backup?’”
Data deletion – manual & automatic
Data scattered all over the chart 27 locations for flu shot Structured fields Primary: Duplicates, alternates Secondary: Synthesized,
derived, computed Unstructured Narrative text (80% of medical
information)
Not lost – just not found
Web access Outlook Web Access,
GotoMyPC, Citrix, LogMeIn, VPN
Peer-to-peer networks Unsecured computer or device Internet café, “open” network Hotel Wi-Fi, “guest” account Smartphone, iPad Device sharing among users
Data leaks
700,000-1,000,000 per year 1.5 million in 2004 – with 3% recovered 1 in 15 chance for any laptop Airports: 12,000 per week FBI: 477 (2002-2007) Bureau of ATF: 418 (2002-2007) Dept. of Defense: 193 in 2008 audit) (“…other than physically accounted for”) IRS: 2,332 in 1999-2002 Banks, industry, government, schools, HIV
clinics Your own doctor…?
Lost devices $49,256
Lost device defense
Laptops – Locate – Alert – Lock – Wipe – Backup
Phones – Same – Call carrier to deactivate
Products – Lo-Jack, Lookout – Many more…
External Malware Sabotage, espionage Hacking, spoofing,
snooping Internal Vindictive mischief Dishonesty, theft Unintentional error
Security breach
Weak security 28% of organizations encrypt PHI 23% encrypt database traffic 15% encrypt backups
Data at rest
Simply must encrypt removable devices!
Backup media (tapes, DVDs) Flash drives CDs/DVDs Laptops, tablets Smartphones Obsolete/unused devices Local drives
Servers, network storage (NAS) Desktop PCs Printer/fax (may have internal storage) Home computer…?
“You’re on the air…” Your network can leave you exposed Smartphones, tablets Webmail Wi-Fi
– Starbucks – Airport – Hotel – Hospital lobby…
Wireless devices
Katrina Thousands of offices
flooded Millions of records lost Many never recovered
Disaster
Remedies for — Information displacement
– Careful user provisioning and deprovisioning
– Backup – Training – Physical security – Power protection – Disaster planning – Better EHR design – Password discipline – Firewalls, encryption – Clear, published policies
CheckPoint, Credant, McAfee, Microsoft (Bitlocker), IronKey, Oracle, PKWare, Sophos, Symantec/PGP, Trend Micro, TrueCrypt, Trustwave, WinMagic, etc.
The exam room is a recording studio
Copies – authorized and “pirated”
Metadata No “erase” or “rewind”
On the other hand…
Your EHR is watching you… Every keystroke, mouse-click, screen
viewed, record viewed With user ID and timestamp Can support or impeach testimony
“How long did you spend?” “When exactly did you review that test?” “Did you notify the lab?”
Meta2 data? Metadata can be wrong Hard to prove
Metadata
The subpoena demands ― Hard drive Laptop, cell phone, tablet, flash drives,
home computer Passwords for online/offsite storage Hardcopies, printouts E-mails, text messages, documents,
notes Previous versions, alterations Metadata, logs, audit trails * Backups: drive, DVDs, tapes
e-Discovery
Remedies for —
Metadata surveillance – User situational awareness – Written policy about data retention – Written policy about data alteration – Understand what goes on under the
hood
Most records contain information on persons besides the one whose name is on the chart…
Behavioral health Family history Occupational/work comp Trauma Genetics…
The “blended” record
Comingled with records from other people
Misidentified, misfiled, misspelled
Identity stolen or “loaned” Bona fide name changes Aliases Database corruption
The “chimeric” record
Documents that appear in your in-box, unbidden
Orders, results, reports, copies You didn’t expect or request
them Patient may even be unknown What’s your responsibility?
Cuckoo eggs
Remedies for —
Misidentified patients – Slow down – Double check – Verify identities
• photography! – Know your system – In-box management policy
• and contingencies… – One patient on screen at a time
Documentation “macros”
• Neuro intact • Chest is clear to P&A • Alert and oriented times three • Peripheral pulses present and equal bilaterally • The PMI is in the 4th intercostal space; rhythm regular no
gallops, murmurs or rubs • After satisfactory general anesthesia was obtained the
patient was placed in the supine position and prepped and draped in the usual fashion…
• The abdomen is soft without masses, bowel sounds are normal in all quadrants, there is no tenderness on direct palpation or rebound…
Auto-populated notes & templates Like verbal “macros” – but
worse Can produce bizarre errors Templates Check-offs Paste forward Accumulation “Please read the notes on your
last 20 patients with chest pain...”
“Click-tation” Season: Darkness Light Spring Hope Delight Summer Winter Despair Discontent Assessment: Before us: Everything Nothing Something Plan: We are all going Heaven Oth
History (cont): Times: Bad Best Better Good So-so Worst Age of: Aquarius Foolishness Gilded Wisdom Epoch: Belief Futility Incredulity
Imprefection • Patient prepped and raped in the usual fashion
• His headaches began when you’re a goat
• The pharmacist made an error in copulation
• Patient agrees to try home anal replacement
• I saw the patient alone with the president
• Need to consider paint and frame valley
• On arrival, the patient was an extremist
• Was discharged with homo two
• Suspect purple muscular disease
• Will carefully monitor eyes and nose
d ^
one year ago
calcation
hormonal
patent foramen ovale
in extremis
home O2
peripheral vascular
I’s & O’s
The eyebrow test
So, you did it for the money? Original purpose of EHRs ―
cash registers Rapid adoption in late 90s ―
E&M coding Charge capture Unbundling, up-coding Complex, laborious
documentation Risk of audit Net effect ― automated fraud
Alterations Many valid reasons to edit records Paper: 1. Redline without defacing 2. Date and sign the correction EHR: Awkward Built for lawyers May be difficult to view “true and final” Metadata can impeach recollections
Remedies for —
Documentation errors – Read what you wrote – Culture of error management – Design templates with utmost care – Consider a disclaimer on voice input – Use “paste-forward” like chemotherapy
• Least possible dose • Greatest possible monitoring
Signal and noise
Documentation vs.
Communication
Remedies for —
Usability problems – Design is 75% a vendor problem – But, 25% is configuration – I.T. staff must be at the table with providers
• Determining specifications, negotiating contracts • Implementation and configuration • Feature selection (templates, etc.) • Training, support
Human assisted error
Display/interpretation errors Graphs Scrolling off screen Execution errors Drop-down lists Duplicate entries Failure to save/confirm “Mouse bite” (mis-clicking) Neglecting or disabling alerts Overriding alarms Bypassing security
Visual display errors
02468
1012141618
0
20
40
60
80
100
120
140
! !
Challenger, 1986
Visual display errors
?
Computer assisted error Automatic calculations Drug doses Body surface area Glomerular filtration rate Q-T interval Coding assistance Standard order sets Alarms, warnings, limits Diagnostic suggestion systems Guidelines, protocols, policies
Software glitch
89045 octachlorostyrene 89046 pendimethalin 89047 pentachlorobenzene 89048 phenobarbital 89049 polychlorinated biphenyl 89050 polyethylene glycol 89051 potassium acetate 89052 potassium chloride
89045 octachlorostyrene 89046 pendimethalin 89047 pentachlorobenzene 89048 pentobarbital 89049 phenobarbital 89050 polychlorinated biphenyl 89051 polyethylene glycol 89052 potassium acetate
Calculation errors Spreadsheets, tables Timers and calendars Doses and mixtures Physiologic parameters
Embedded software Hardware failures Software updates Elves…
Order list Test list
Decision support systems
How would you know, if it malfunctioned?
Where did your guidelines come from?
Are they current, valid? Has the system been tested? How?
Queries and reports
Question Search for “Diabetes Mellitus” Terms: “ketoacidosis,” “insulin,”
“DM,” “Glucophage,” etc… Result 1,200 children with diabetes!?
The DM mystery
CT calibration event
February 2008 New protocol for a scanner
used to diagnose strokes Factory pre-set instructions
overridden, to provide more useful data on bloodflow
206 patients received 8x normal radiation dose
Error undetected for 18 months…
Body hacking?
Millions of patients attached to devices on “Very Short-Distance Networks”
Hospitals, ambulances, surgicenters
Few are secure from tampering
Alarm fatigue
Wolf!
Failure to use the technology “I think our system can do that,
but…” … I’m not authorized to use it … we never got trained on it … we never implemented it … it’s too hard to use … it doesn’t work right Failed follow-up may account for
35% of malpractice claims
Training & support See one, do one ―
ooops? Physicians aren’t like
other users Competency testing? Maintenance? Documentation? Helpdesk?
Poorly implemented technology Cumbersome security procedures Induce work-arounds Record locking Last entry overwrites prior Last file closed stamped “most recent” Messaging No receipt verification, complex delegation, limited or
re-formatted attachments Reminder tracking Rigid categories, inadequate comments Note creation Auto paste-forward, invisible edits, synthetic text User interface problems are legion
Issues in connectivity
Interoperability is inter-liability Just because systems connect, it
doesn’t mean they are communicating
System1 – System2 interactions are not transparent
Imported data needs review and
cleaning
“Cloud” services
Hosted server Powerful, flexible, secure All sensitive data on a “server farm” Server is more robust than a PC Can access from unsecured
locations Multiple users Strong security Drawbacks Need connectivity Downtime Attractive hacker targets
Many EHR vendors; Amazon, Google,
Microsoft, Verizon, etc.
Hey, Doc, For CPR, is it 2 compressions every 30 breaths, or 30 compressions every 2 breaths? Hope to hear from you soon! Joe’s wife
Interpersonal distance
“Pay no attention to the little man behind the curtain…”
© Thomas G. Murphy, MD JAMA. 2012;307(23):2497-2498. doi:10.1001/jama.2012.4946
Risk audit Organization level
– Security – Training – Configuration – Disaster preparedness, backup – Power failure, network failure, theft, vandalism
User level – Data entry (notes, orders, lists, logs, results, appointments) – Data retrieval, lookup, extraction, mining – Output (reports, printouts, correspondence, charges) – Communication and delegation – Recall and tracking (alerts, prompts, reminders)
Application level – Design flaws (data entry, display, navigation) – Telemetry, monitoring, interfaces – Decision support (calculations, references, guidelines)
Save the baby! Backup! Password discipline Clear policies Physical security Training Cross-training Backup! Disclosure/consent User groups Proficiency testing
Audits Encryption Beta testing “Fire drills” Surveillance Situational awareness Competent human oversight Did we mention backup…?
