EHR Event of the Month: "Addressee Unknown"
- Michael Victoroff, M.D., Editor-in-Chief
From a health system pharmacist:
For routine med orders, we have e-prescribing. To request non-formulary drugs, our docs send a secure e-mail to the Therapeutics Committee, and a response comes in one day by return e-mail.
But, suddenly providers weren't getting responses after many days, creating lots of heated phone calls. We found dozens of bounced e-mails with bad addresses. Our e-mails use first and last name separated by a period. For the reply, the system automatically puts the "From" address into the "To" field. But, after years working fine, it started reversing first and last names, garbling every address.
As a result, some critical meds were delayed and there was unnecessary labor and irritability.
For want of a nail, the kingdom was lost
We are again reminded of the fragility of software. A stable, boring system on Friday can become weird and exciting on Monday. It's easy to envision one little line of code corrupting thousands of email addresses. Critical systems can quickly amplify tiny errors that propagate to become major events. Fixing the bug might be a 5-minute job. But maintenance, support and testing of complex systems is an infinite – and inherently imperfect – business.
To report a suspected EHR Safety Event, visit www.EHRevent.org.
Expert Commentary: "You Might Want to Read That Contract Again"
- Barbara M. Drury, FHIMSS, President, Pricare, Inc.
Most EHRs now incorporate Clinical Decision Support systems (CDSs). Meaningful Use requires CDSs to be enabled for EHRs to be eligible for incentives. But who is liable if they cause errors?
Most users don't appreciate the fact that liability for EHR malfunctions falls upon them, not their vendors. Typically, EHR contracts contain language making it hard to know who is legally responsible for any harm caused by the software, and requires users to indemnify vendors against it. This may apply even if the vendor was aware of a defect. Unfortunately, few users have negotiating leverage to modify their contracts, and most are unaware of the risk. Notably, most malpractice policies do not cover product liability, and they may exclude coverage if the insured indemnifies a third party.
It's obvious why vendors want protection. If EHRs were exposed to product liability (regardless of whether they were at fault), the cost of defending and settling claims could make it impossible for vendors to sell them at all. This would be analogous to the predicament of vaccine manufacturers before the National Vaccine Injury Compensation Program (VICP). EHR vendors have been known to walk away from multi-million dollar contracts rather than accept product liability. This is ironic, since it's absurd to expect users to test every function of the system before signing off on the installation. On the other hand, vendors know that users may intentionally or inadvertently misconfigure, misuse, modify or disable the best designed product. Moreover, users typically install multiple systems with interactions no vendor can predict.
Today, hundreds of thousands of lopsided contracts are in force, with users insuring vendors against events like the failure of a drug-interaction alert to trigger, the miscalculation of a biophysical parameter or the loss of a critical message. In a 2009 opinion, the American Medical Informatics Association declared such contracts unethical. But, industry practice has not changed. All that keeps EHR adoption going in the face of this impasse is user obliviousness, and the rarity of EHR-related claims.
The FDA has long been ambivalent about whether EHRs are actually medical devices. But, change is coming. And, the plaintiff's bar has awakened to EHR risks and the reality that "professional judgment" cannot always shield manufacturers. The looming question is whether a sane alternative to the tort system can be devised now (like VICP), or if we need to slog through years of wasteful legal conflict first.
Barbara M. Drury, FHIMSS, is the President of Pricare, Inc., a Risk Management Consultant for COPIC and The Doctors Company, and serves on the ONC Technical Expert Panel on Unintended Consequences, the HIMSS Public Policy Committee, and the HIMSS Davies Ambulatory Award Committee.
EHR Video Series
The 2011 PharmEHR Summit featured expert presentations from government and industry leaders on topics related to the rapid rate of EHR adoption, safety and liability, and changes to the healthcare regulatory and marketing environments. The online EHR Academy now features video presentations from the Summit, including:
• EHRs: Product Safety and Liability for Physicians and Manufacturers
- Allen Waxman, Partner & Chair of Life Sciences Group, Kaye Scholer, LLP; Former General Counsel, Pfizer, Inc.
- Salvatore Volpe, MD, FAAP, FACP, Medical Liability Mutual Insurance Company
• FDA EHR Drug Safety Goals & Priorities
- Janet Woodcock, MD, Director of the Center for Drug Evaluation and Research, FDA
• EHRs, Devices and the FDA
- Jeffrey Shuren, MD, JD, Director of the Center for Devices and Radiological Health, FDA
To view additional videos from the PharmEHR Summit
please visit the EHR Academy.