A comparative review of patient safety initiatives for national health information technology

https://doi.org/10.1016/j.ijmedinf.2012.11.014Get rights and content

Abstract

Objective

To collect and critically review patient safety initiatives for health information technology (HIT).

Method

Publicly promulgated set of advisories, recommendations, guidelines, or standards potentially addressing safe system design, build, implementation or use were identified by searching the websites of regional and national agencies and programmes in a non-exhaustive set of exemplar countries including England, Denmark, the Netherlands, the USA, Canada and Australia. Initiatives were categorised by type and software systems covered.

Results

We found 27 patient safety initiatives for HIT predominantly dealing with software systems for health professionals. Three initiatives addressed consumer systems. Seven of the initiatives specifically dealt with software for diagnosis and treatment, which are regulated as medical devices in England, Denmark and Canada. Four initiatives dealt with blood bank and image management software which is regulated in the USA. Of the 16 initiatives directed at unregulated software, 11 were aimed at increasing standardisation using guidelines and standards for safe system design, build, implementation and use. Three initiatives for unregulated software were aimed at certification in the USA, Canada and Australia. Safety is addressed alongside interoperability in the Australian certification programme but it is not explicitly addressed in the US and Canadian programmes, though conformance with specific functionality, interoperability, security and privacy requirements may lead to safer systems. England appears to have the most comprehensive safety management programme for unregulated software, incorporating safety assurance at a local healthcare organisation level based on standards for risk management and user interface design, with national incident monitoring and a response function.

Conclusions

There are significant gaps in the safety initiatives for HIT systems. Current initiatives are largely focussed on software. With the exception of diagnostic, prognostic, monitoring and treatment software, which are subject to medical device regulations in some countries, the safety of the most common types of HIT systems such as EHRs and CPOE without decision support is not being explicitly addressed in most nations. Appropriate mechanisms for safety assurance are required for the full range of HIT systems for health professionals and consumers including all software and hardware throughout the system lifecycle. In addition to greater standardisation and oversight to ensure safe system design and build, appropriate implementation and use of HIT is critical to ensure patient safety.

Highlights

► There are significant gaps in patient safety initiatives for HIT. ► Current safety initiatives are largely focused on software. ► The safety of the most common types of HIT systems such as EHRs and CPOE without decision support is not being explicitly addressed in most nations. ► Greater standardisation and oversight is required to ensure safety throughout the lifecycle of all types of HIT systems for health professionals and consumers including all software and hardware.

Introduction

The safety of health information technology (HIT) needs to be urgently addressed [1], [2]. HIT broadly includes computer hardware and software used by health professionals and consumers to support care. Evidence that problems with HIT can pose a risk to patient safety is emerging even though such systems are central to improving the safety and quality of health services [3], [4], [5], [6], [7], [8]. For instance, there were 42 reports of patient harm and four deaths in 436 critical incidents involving HIT that were reported to the US Food and Drug Administration (FDA) over a 30-month period ending July 2010 [5]. HIT problems also disrupt clinical work contributing to new types of errors leading to delays and re-work [4], [9], [10], [11], [12]. Safety issues involving information technology are not unique to healthcare [13], but this sector has lagged behind other industries in addressing such problems [2].

Safety is an emergent system property and needs to be addressed throughout the lifecycle of HIT systems [14]. The safety of patients is not solely dependent upon HIT systems on their own but is influenced by their interactions with users and other technology in a given environment [15]. Patients are harmed when interactions between system components (human and machine) create unsafe states [3]. As safety is inextricably linked to how a system operates, safety considerations should be at the forefront of design and build processes.

All the possible interactions among system components are not predictable at design, especially when HIT are used in context of a broader sociotechnical system. In large complex systems, safety problems tend to emerge from unexpected interactions between system components. Therefore safety must also be addressed during and post system implementation. The potential for unsafe interactions needs to be investigated when HIT are integrated with local clinical workflows including other technology and the organisational structure. Beyond implementation any unsafe interactions that emerge during routine use need to be detected and mitigated by monitoring for critical incidents involving patient harm (adverse events) and near misses.

Historically HIT has not been subject to regulation. In particular standalone software systems (i.e. software not embedded in hardware) such as electronic health records (EHR) or computerised provider order entry (CPOE) systems have not been subject to regulatory requirements whereas software that is part of a medical device is regulated [16]. With the increasing proliferation of HIT, the safety of software is at last being addressed within large national programmes in many countries. Examples of such programmes are the National Health Service (NHS) Connecting for Health (CfH) programme in England; the American Reinvestment and Recovery Act (ARRA) “meaningful use” programme for adoption and use of EHRs; and the Australian Government's Personally Controlled Electronic Health Record System that was launched in 2012.

Little has been published about HIT safety initiatives. Recommended strategies to address software safety are largely based upon increasing standardisation and introducing mechanisms for oversight [2], [17], [18], though some argue that such measures may hamper innovation [19]. The recently revised European Union (EU) Medical Device Directive 93/42/EC (MDD) considers certain standalone software for diagnosis, prognosis, treatment and monitoring as medical devices and has become mandatory [20]. A directive is a type of legislation issued by the EU which sets out certain end results that must be achieved in every member country. As directives are not self-executing each country within the EU is now required to implement the MDD within their national regulations. In this paper we thus set out to collect and critically review current national initiatives for HIT relevant to improving patient safety.

Section snippets

Methods

We defined HIT safety initiatives as any publicly promulgated set of advisories, recommendations, guidelines, or standards potentially addressing safe system design, build, implementation or use. Using a broad definition of HIT we included, “computer hardware and software that deals with the storage, retrieval, sharing, and use of health care information, data, and knowledge for communication and decision making” [21]. To understand the full range of initiatives a non-exhaustive set of exemplar

Results

We found 27 safety initiatives for HIT across the six nations examined (Table 1). England had eight initiatives and the USA had nine. HIT safety initiatives predominantly dealt with software systems for health professionals while hardware was implicitly addressed. For example, requirements for appropriate hardware were included within guidance for implementing electronic medication management systems [30] or managing the risks of EHRs [21]. Seven initiatives dealt with software for diagnosis

Current safety initiatives

We found that current national safety initiatives for HIT are largely focussed upon software for health professionals. Standalone software that is “intended by its manufacturer to be used specifically for diagnostic, prognostic, monitoring and/or therapeutic purposes” is subject to regulatory oversight [20]. Where enforced, only a small subset of software is legally required to be safe, the vast majority of common HIT systems such as EHRs and CPOE without decision support are seen to be outside

Conclusions

There are significant gaps in safety initiatives for HIT systems. Current initiatives are largely focussed on software for health professionals. With the exception of diagnostic, prognostic, monitoring and treatment software, which is subject to medical device regulations in some countries, the safety of the majority of all types of HIT is not being explicitly addressed in most nations. England appears to have the most comprehensive programme explicitly addressing the safety of unregulated

Authors’ contributions

This paper emerged from a workshop on the, “Safety of health information technology: Identifying and mitigating risks” by FM, JA, Marie-Catherine Beuscart-Zephir and CN at the XXIII International Conference of the European Federation for Medical Informatics (EFMI), 28–31 August 2011. FM, EC, JA and CN conceptualised the study; all authors contributed to collating the safety initiatives, and the analysis and interpretation of findings. FM drafted the initial version. All the authors contributed

Conflict of interest

MB is Clinical Director for Patient Safety and SH is a Lead Safety Engineer at NHS Connecting for Health, Department of Health Informatics Directorate in England. The other authors have no conflict of interest to declare.

Summary points

What was already known on the topic:

  • Alongside benefits health information technology (HIT) can pose risks to patient safety.

  • The safety of HIT needs to be urgently addressed.

What this study added to our knowledge:

  • There are significant gaps in patient safety

Acknowledgements

This research is supported in part by grants from the Australian National Health and Medical Research Council (NHMRC) Program Grant 568612 and Project Grant 630583. The funding sources did not play any role in the study design, in the collection, analysis and interpretation of data; in the writing of the manuscript; and in the decision to submit the manuscript for publication.

The authors wish to thank Tim Chearman, Stephen Corbett and Don Newsham for information about the English and Canadian

References (65)

  • F. Magrabi et al.

    Using FDA reports to inform a classification for health information technology safety problems

    J. Am. Med. Inform. Assoc.

    (2012)
  • D.F. Sittig et al.

    Defining health information technology-related errors: new developments since to err is human

    Adv. Intern. Med.

    (2011)
  • T.L. Hanuscak et al.

    Evaluation of causes and frequency of medication errors during information technology downtime

    Am. J. Health Syst. Pharm.

    (2009)
  • S.J. Perry et al.

    The role of automation in complex system failures

    J. Patient Saf.

    (2005)
  • T.B. Wetterneck et al.

    Factors contributing to an increase in duplicate medication order errors after CPOE implementation

    J. Am. Med. Inform. Assoc.

    (2011)
  • N.G. Leveson

    Engineering a Safer World: Systems Thinking Applied to Safety

    (2011)
  • F.E. Young

    Validation of medical software: present policy of the Food and Drug Administration

    Ann. Intern. Med.

    (1987)
  • H. Singh et al.

    Creating an oversight infrastructure for electronic health record-related patient safety hazards

    J. Patient Saf.

    (2011)
  • C.A. Longhurst et al.

    Health information technology and patient safety

    BMJ

    (2012)
  • European Commission's Directorate for public health and risk assessment, available from:...
  • S.S. Jones, R. Koppel, M.S. Ridgely, T.E. Palen, S. Wu, M.I. Harrison, Guide to Reducing Unintended Consequences of...
  • NHS Connecting for Health: Clinical Safety, available from:...
  • Dansk Patient-Sikkerheds-Database, available from: http://www.dpsd.dk (September...
  • The Dutch Health Care Inspectorate, available from: http://www.igz.nl/english/ (February...
  • US Office of the National Coordinator for Health IT, available from:...
  • US Food and Drug Administration: Draft Guidance for Mobile Medical Applications, available from:...
  • Health Canada, available from:...
  • Canada Health Infoway, available from:...
  • NEHTA – National E-Health Transition Authority: http://www.nehta.gov.au/connecting-australia/cca (December...
  • Australian Commission on Safety and Quality in Health Care

    Electronic Medication Management Systems – A Guide to Safe Implementation

    (2012)
  • International Organization for Standardization – Medical Devices – Application of Risk Management to Medical Devices...
  • Cited by (0)

    View full text