In 1999, the Institute of Medicine published a report called “To Err is Human,” which estimated that as many as 98,000 patients die every year as a result of avoidable medical error. The report also detailed the “shame and blame” culture in healthcare that leads providers to cover up safety issues.
Congress recognized this issue and in 2005 enacted the Patient Safety and Quality Improvement Act to encourage a culture of safety and continual learning and improvement among healthcare providers. The law authorized the creation of patient safety organizations (PSOs), which serve as safe spaces for the reporting, investigation, analysis, resolution and mitigation of patient safety issues. All information and discussions that happen within the patient safety evaluation system are confidential and privileged, meaning that they cannot be disclosed and cannot be discovered as part of litigation.
In return for these protections, PSOs must publish important learnings from their data, which is aggregated and de-identified. The result has been a new wave of benchmarks, trends and best practices released to healthcare providers across the country. This is the real promise of PSO reporting: By shifting the connotation of disclosure from something shameful to something with real utility, the healthcare community can incentivize honest discussion about the causes of safety events and then learn and improve from those discussions.
There are now approximately 80 PSOs across the country, and they have become a fairly well established piece of patient safety in most health systems. Healthcare providers and administrators are accustomed to handling all sorts of actual or potential safety events, including those that involve a drug or medical device. What happens, though, when we introduce a new and pervasive technology to the delivery of care?
That is exactly the crossroads at which healthcare finds itself with the use of health IT. Thanks in part to the Meaningful Use incentive program, adoption of electronic health records (EHRs) and other health IT has accelerated at a staggering pace. We are not far from the day where every instance of patient care involves the use of an EHR, yet we are only starting to consider the impact of these technologies on patient safety.
Certainly, health IT has the potential to greatly improve patient safety by automating human error-prone tasks, providing alerts or eliminating illegible handwriting, for example. But the introduction of new systems and technologies into care delivery always introduces new risks, and health IT is no exception. The limited existing research shows that safety issues can occur in the design, development, implementation, customization and use of health IT. A comprehensive approach to patient safety learning and reporting is essential to ensure the safe use of health IT in the future.
It is ironic, then, that PSO reporting systems can actually impede the sharing of health IT-related safety events. This is best explained by example: Consider a nurse, Sue, who notices that a patient was prescribed penicillin, to which he is allergic. Glad to have caught this problem before administering the drug, Sue follows her hospital’s process to report this “near miss” to a PSO. In investigating the issue, the hospital’s risk manager discovers that the prescribing physician made an error by failing to consult the patient’s medication allergies before ordering the medication. At the same time, his EHR also failed to trigger the pop-up alert that typically notifies physicians when they are about to order a contraindicated medication.
Though this combination of contributing causes is common, an EHR malfunction often complicates the act of reporting. Currently, many patient safety evaluation systems do not permit sharing of EHR-related incidents with vendors, without destroying the PSO confidentiality protections.
It is for this reason that many health IT vendors and PSOs are exploring partnerships that would allow vendors to be part of a patient safety evaluation system. Quantros and athenahealth formed the first PSO-health IT vendor partnership in late 2013. This relationship will allow athenahealth’s clients to report safety issues to Quantros and allow athenahealth to be part of the investigation and resolution of issues where health IT might be involved – all while maintaining the privilege and confidentiality protections of PSO reporting. Such partnerships are a natural fit, especially for cloud-based health IT developers, which have a high level of visibility into their own systems. In addition to seeing issues reported from users, these vendors discover issues internally, which can also be submitted to a PSO to increase nationwide learning.
We will likely see many more of these partnerships form in the near future. In a recent draft strategy and recommendations for a risk-based oversight framework for health IT, the Food and Drug Administration, Office of the National Coordinator for Health IT and the Federal Communications Commission recommended that PSO reporting become a cornerstone of promoting the safe use of health IT.1 Health IT vendors need to be involved in the process of investigating and resolving issues where their systems may have been involved. That involvement, in the aggregate, will contribute to more information and a greater understanding of how health IT impacts patient safety.
In the end, a rising tide raises all boats. The health IT community is – and will continue to be – interested in how it can collectively contribute to quality patient care. Participation in a PSO should be a basic expectation of all health IT vendors. –athenahealth, Inc.
1. FDASIA Health IT Report, April 2014. http://www.fda.gov/downloads/AboutFDA/CentersOffices/OfficeofMedicalProductsandTobacco/
