A risk management publication for healthcare organizations.PROTECTOR

Fall 2013

Electronic Health Records: Patient Safety and Liability in the Digital Age

Over the years, the healthcare community has made great strides in the standardization and utilization of health records, which — like other aspects of modern society — have gone digital. In the past decade, particularly, hospi-tals and other healthcare organizations have increasingly moved from paper-based health records to electronic health records (EHRs).

Recent data from the Office of the National Coordinator of Health Information Technology (ONC) show that hospital adoption of EHR systems more than quadrupled between 2008 and 2012.1 Further, hospitals’ exchange of elec-tronic health information is up 41 percent since 2008.2

EHRs are poised to transform healthcare by offering innovative ways to increase efficiency, enhance quality and continuity of care, and improve patient safety through data collection and exchange.

Yet, with new opportunities in patient care come new challenges. EHRs are complex, and efficient use of these systems requires under-standing their benefits and risks. A 2011 white paper about EHRs and liability noted that even

if “failures occur in only 1% of organizations, the negative results could impact thousands of patients every year.”3

When it comes to EHRs, time constraints, poor planning and implementation, inexperience, lack of oversight, and other factors can pose serious risks and jeopardize patient safety. Sim-ilarly, changes in workflow, unfamiliarity with the system and its capabilities, user errors, and lack of guidance can all lead to process break-downs and workarounds.

Awareness of the potential risks associated with EHRs can help hospital leaders, risk man-agers, providers, and staff proactively address them through ongoing staff training, workflow evaluation, and development of comprehen-sive policies and protocols.

This issue of Protector begins with an overview of meaningful use — what’s happening now and what’s likely coming down the road. The rest of the issue focuses on four significant ar-eas of risk related to EHRs — implementation, documentation, alert fatigue, and privacy/security — and provides recommendations for addressing each.

Introduction

Hospital Protector 1 Fall 2013

1. Charles, D., King, J., Patel, V., & Furukawa, M. F. (2013, March). Adoption of electronic health record systems among U.S. non-federal acute care hospitals: 2008-2012. ONC Data Brief, no. 9. Washington, DC: Office of the National Coordinator for Health Information Technology.

2. Commins, J. (2013, August 6). Hospital HIE use up 41%, ONC says. HealthLeaders Media. Retrieved from http://www.healthleadersmedia.com/print/TEC-294908/Hospital-HIE-Use-Up-41-ONC-Says3. Anderson, M. R., & Ozeran, L. (2011). Do EHRs increase liability? Retrieved from http://www.acgroup.org/images/2011_White_Paper_-_Do_EHRs_Increase_Liability.pdf

Meaningful Use

No discussion about EHRs is complete without touching on the concept of meaningful use. At its core, meaningful use is intended to establish consistent standards that will drive quality im-provement. From a risk management perspec-tive, using a certified EHR in a meaningful way can reduce variances in processes and enhance performance improvement efforts.

The purpose of this section is to offer a brief overview of the key elements of meaningful use. The content is meant to provide you with concise, factual information and set the stage for the rest of this issue of Hospital Protector, which will focus on risk management consider-ations associated with implementing and using an EHR system in your facility.

Incentive Programs

The Centers for Medicare & Medicaid Ser-vices’ (CMS’) EHR Incentive Programs are at the heart of the meaningful use discussion. These programs provide incentive payments to eligible hospitals (including critical access hospitals) that adopt and use EHR systems in a meaningful way.

CMS offers two EHR incentive programs, one through Medicare and one through Medicaid. According to CMS, most eligible hospitals will be able to receive payments through both programs.4 To learn more, visit CMS’ Eligible Hospital Information page.

Both of CMS’ EHR incentive programs have three stages of meaningful use. Each stage has its own requirements and objectives.

Stage 1

For Stage 1 of meaningful use, CMS established core objectives and menu objectives that eli-gible hospitals must meet to receive incentive payments (unless they qualify for exclusion).

The core and menu objectives are the criteria that demonstrate whether program partici-pants are using their EHR systems in a

4. The Centers for Medicare & Medicaid Services. (2013, August 20). EHR Incentive Programs: Eligible hospital information. Retrieved from http://www.cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/Eligible_Hospital_Information.html

Hospital Protector 2 Fall 2013

EHR Certification

Because meaningful use requires eligible hospitals to demonstrate that they are us-ing EHR technology to improve health-care safety, quality, and effectiveness, they must use a certified EHR system to qualify for incentive payments under either CMS program.

CMS and the ONC have devised specific criteria that EHR systems must meet to receive certification. These criteria govern how EHR data are stored, as well as the system’s technological capabilities, func-tionality, and security features. To check whether an EHR system is certified, visit the Certified Health IT Product List.

meaningful way. Each objective has an asso-ciated measure that establishes a minimum requirement that participants must meet.

For example, the measure might involve meet-ing a percentage threshold — such as provid-ing patient-specific education resources to more than 10 percent of all unique patients ad-mitted to the hospital’s inpatient or emergency department — or taking an action — such as enabling the function that allows the certified EHR to check potential medication orders against a drug formulary.

Stage 2

Stage 2 of meaningful use includes many core objectives from Stage 1, although some have been combined and others have been elimi-nated. In some instances, although the objec-tives in both stages are the same, the measures have changed.

For example, a Stage 1 core objective requires hospitals to record demographics as structured data for more than 50 percent of all unique patients admitted to the inpatient or emer-gency department. In Stage 2, the objective is the same, but the measure increases from more than 50 percent to more than 80 percent.

Stage 3

Based on current CMS timelines, 2016 marks the first year that eligible hospitals can transi-tion into Stage 3 of meaningful use, provided that they have met the requirements for Stages 1 and 2. Although preliminary guidance for Stage 3 has been developed, final requirements and measures are still forthcoming.

Looking Forward

In the years that follow, the concept of mean-ingful use and the requirements associated with demonstrating it will continue to evolve. As these changes occur, hospitals and provid-ers need to be mindful of how EHR data reflect their efforts to enhance the delivery of care, improve patient outcomes, and comply with various regulations.

To learn more about the Medicare and Medic-aid EHR Incentive Programs and meaningful use requirements, visit CMS’ EHR Incentive Programs page. Additional information about EHR regulations, implementation, and use can be found at HealthIT.gov.

Hospital Protector 3 Fall 2013

Hospital Protector 4 Fall 2013

EHR Implementation

One of the most critical aspects associated with the use of EHRs is implementation. Implement-ing an EHR is risky for a variety of reasons, including the potential for lost data, ongoing process and workflow changes, inexperienced users, etc.

Adverse events may occur as result of human error with the technology, failure of the system design, or problems with the technology infra-structure.5

Minimizing the risks associated with imple-menting an EHR system requires a carefully planned process that:

• Considers any existing workflow issues that need to be resolved prior to implementation;

• Involves thorough research and evalua-tion of EHR products and vendors;

• Assesses the organization’s information technology (IT) needs and its technical capabilities prior to selection and implementation;

• Defines, in detail, the policies for transitioning data between paper and electronic systems and for reconciling electronic records with paper records;

• Evaluates the organization’s existing workflow processes and considers the ways in which these processes will change as a result of the EHR; and

• Takes into account best practices and strategies for EHR implementation.

Staff involvement, cooperation, and compli-ance are critical during the implementation phase. As the ECRI Institute explains, the “cultural changes required by EHR implemen-tation can be more challenging than technology issues or budgetary concerns.”7

The implementation process should involve representatives from the various groups that the new technology will ultimately affect. These individuals might include clinical de-partment heads; physicians, nurses, and other healthcare providers; and staff members from

5. The Joint Commission. (2008, December 11). Safely implementing health information and converging technologies. Sentinel Event Alert, 42. Retrieved from http://www.jointcommission.org/sentinel_event_alert_issue_42_safely_implementing_health_informa-tion_and_converging_technologies/

6. Ibid.7. ECRI Institute. (2011, January). Electronic health records. Healthcare Risk Control, 2.

“If not carefully planned and integrated into workflow processes, new technology systems can create new work, complicate workflow, or slow the speed at which cli-nicians carry out clinical documentation and ordering processes.”6

Fall 2013Hospital Protector 5

Hybrid Paper–Electronic Health Record Systems

Some healthcare organizations maintain hybrid health record systems that include both paper and electronic records. This may occur as part of the transition to an EHR, or it may continue even after an EHR is in place.

Research has shown that dual systems decrease efficiency and increase the risk of errors. In an analysis of patient safety events related to EHR use, the Pennsylvania Patient Safety Authority noted that errors associated with hybrid systems “largely include omission and duplication of tasks due to miscommunication among caregivers and can pose serious risk to patients.”9

Consider the following example: Prior to a patient’s surgery, a nurse documented the patient’s health history in the hospital’s EHR system, including the patient’s history of obstructive sleep apnea (OSA). However, the note about OSA was not prominent in the electronic record, and the nurse did not include the note about OSA in the paper record that the hospital also maintained.

Further, the patient did not mention the condition when he spoke with the surgeon and anesthesiologist. As a result, the doctors were unaware of the patient’s OSA status. Following the surgery, the patient received narcotic pain medication overnight. In the early

morning hours, the patient was found unresponsive and died from respiratory arrest.10 •

8. ECRI Institute. (2013, August 28). Managing the medical record in transition. Risk Management Reporter, October 2013.9. Sparnon, E. (2013, June). Spotlight on electronic health record errors: Paper or electronic hybrid workflows. Pennsylvania Pa-

tient Safety Advisory, 10(2), 55–58. Retrieved from http://www.patientsafetyauthority.org/ADVISORIES/AdvisoryLibrary/2013 Jun;10(2)/Pages/55.aspx

10. Fleeter, T., & Sohn, D. H. (2012, August). Potential liability risks of electronic health records. AAOS Now. Retrieved from http://www.aaos.org/news/aaosnow/aug12/managing9.asp

various departments, such as IT, corporate compliance, legal, and coding.8

Throughout the implementation process, careful evaluation of the system and an open dialogue with staff about workflow processes may help identify potential issues early, allow-ing ample time to develop effective strategies.

Additionally, the need for thorough and ongo-ing staff training is imperative. If staff mem-bers are not properly prepared to use the EHR system, errors or inefficiencies (such as various system workarounds) may occur that compro-mise patient safety and data integrity.

• Prior to implementing an EHR system, evaluate your organization’s IT needs and technological capabilities. Work with potential EHR vendors to determine which system best suits your facility.

• Assess your organization’s current workflow processes, and fix any outstanding issues prior to implementation. Consider the ways in which the new technology will alter

existing workflow patterns and patient care.

• As part of the planning process for EHR implementation, include representatives from various groups throughout the organization that will ultimately be affected by the new technology.

• Develop a written plan that describes how the organization will transition data from the old system to the new system. Will some documents be scanned into the new system?

What are the priorities for scanning? How will old records be reconciled with new records?

• Seek input from front-line providers and staff on developing policies and workflow procedures that align with the new system.

• Support providers and staff throughout the implementation phase by including them in the decision-making process, maintaining transparent communication, and establishing

firm expectations related to EHR use.

• Provide training and education during implementation and after to help users acclimate to the new system, recognize potential process or system problems, and work toward reasonable solutions.

• Following implementation, continually monitor and assess the system for errors or opportunities for improvement.

Risk Strategies

Fall 2013Hospital Protector 6

EHR Documentation

Accurate and thorough documentation is the backbone of risk management, as it provides essential patient information, historical details about the course of patient care, and a record of services provided.

EHRs are intended to streamline the documen-tation process, while at the same time captur-ing more information than was previously possible with paper records. Although this may result in more substantive patient information, it also presents new opportunities for error because of features such as copy and paste, data entry fields, check boxes, templates, and metadata.

Copy/Paste

The term “copy and paste,” also called cloning or carrying forward, refers to lifting informa-tion from a previous entry in a patient’s record and placing it in the current entry. It also refers to copying information from one patient record to another, such as through the use of boiler-plate language.

Automated functions within EHR systems facilitate the cloning of information because of the ease with which the user can grab and move content.

Although copying and pasting information within or between records may seem like a

time-saving measure, it can have detrimental consequences, such as:

• The proliferation of incorrect or nonap-plicable information throughout elec-tronic records;

• Treatment and care decisions based on faulty or outdated information;

Hospital Protector 7 Fall 2013

11. Hersh, W. (2007, July/August). Copy and paste. Web M&M, Agency for Healthcare Research and Quality. Retrieved from http://webmm.ahrq.gov/case.aspx?caseID=157

Case Example

A patient who had a history of pulmo-nary embolism was admitted to a hospital for diarrhea and dehydration following chemotherapy treatment for ovarian cancer. The admitting intern doc-umented in the electronic record that the patient would receive an anticoagulant to prevent venous thromboembolism. However, the medication was never ordered. Subsequently, the patient’s care was transferred to another team, and the note regarding the anticoagulant was copied and pasted in the patient’s record for 4 consecutive days. The patient was discharged without ever receiving the medication. Two days later, she returned to the hospital after experiencing short-ness of breath and was diagnosed with pulmonary embolism.11

Hospital Protector 8 Fall 2013

• Inaccurate accounting and billing for services, which may result in allegations of fraud; and

• Negative effects on data integrity, which may have long-term implications for population health studies, disease track-ing, and data mining.12

These consequences create “the potential for serious regulatory, reimbursement, and compli-ance problems, as well as harm to patients.”13

Data Entry Fields, Check Boxes, and

Templates

One of the proposed benefits of EHRs is structure and standardization. When used ap-propriately, data entry fields, check boxes, and templates help generate consistent documenta-tion across providers.

Yet, standardization also can cause problems. For example, the data entry fields might not match the clinical situation, the system may automatically default to “normal” for condi-tions that were not evaluated, or a provider may accidentally select the wrong template or check box. All of these circumstances can lead to inaccuracies in the electronic record.

Also, although data entry fields, check boxes, and templates can save time, over-reliance on these functions can result in records that lack

specificity. Without the unique patient narra-tives that were customary in paper records, it may be difficult to distinguish one patient encounter from the next.

12. Dimick, C. (2008, June). Documentation bad habits: Shortcuts in electronic records pose risk. Journal of AHIMA, 79(6), 40–43. Re-trieved from http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_038463.hcsp?dDocName=bok1_038463

13. ECRI Institute, Electronic health records.14. Sparnon, E. (2013, September). Spotlight on electronic health record errors: Errors related to the use of default values. Pennsylvania

Patient Safety Advisory, 10(3), 92–95. Retrieved from http://patientsafetyauthority.org/ADVISORIES/AdvisoryLibrary/2013/Sep;10(3)/Pages/92.aspx

15. Magrabi, F., Ong, M., Runciman, W., & Coiera, E. (2011). Patient safety problems associated with healthcare information technology: An analysis of adverse events reported to the US Food and Drug Administration. AMIA Annual Symposium Proceedings, 853–857.

Risks Associated With Default Values and Settings

Many hospital EHR systems use default values to standardize medication order sets. These values may indicate type of medication, dosage, route of administra-tion, timing of medication or lab draws, and automated stopping (to discontinue therapy). Although these defaults are intended to improve efficiency and con-sistency, they also can create risks when not properly used.

For example, in one case, a patient’s antibiotics were discontinued because the system’s automated stopping func-tion cancelled the order. As a result, the patient’s temperature spiked, and the medication had to be restarted. In another case, a patient was given more antibiotics than needed because the system did not allow the physician to modify the default setting. Although the doctor left a paper note to discontinue the order, it was not seen.14,15

Metadata

A distinguishing characteristic of EHRs is their ability to collect metadata, or “data about data.” The metadata generated by an EHR might show who accessed a record and when, the date and time test results were reviewed or a record was modified, and how long a pro-vider had a record open and how quickly he or she selected various options.

For some doctors, metadata might necessitate a change in workflow. For example, providers who have typically entered some information

into patient records prior to the actual patient encounters may need to adjust their processes. Otherwise, metadata might show inconsisten-cies in the timing of events.

The implications of metadata on malpractice litigation are still evolving. In theory, metadata could work for or against the defense — either by confirming the defendant’s recollection of events or showing discrepancies in the defen-dant’s statements. Individual state laws will determine whether, and to what extent, meta-data is discoverable in litigation.

Hospital Protector 9 Fall 2013

• Prior to selecting an EHR, verify with the vendor that the system’s features can be tailored to meet the needs of your organization.

• Establish policies that define when copy/paste is prohibited and when it may be used with extreme care. Ensure that the organization’s policy stipulates the need for providers to carefully review any copied information and sign the record indicating their approval.

• Routinely audit records to check for errors that may have resulted from copying and pasting patient information.

• Educate staff about the dangers and consequences of using poor documentation practices and shortcuts, such as misinformed treatment decisions and fraudulent billing.

• Be aware of whether your system automatically defaults to certain values or settings in any fields. If so, ask providers to carefully review the record at each encounter to ensure the defaults are correct or changed as appropriate.

• Occasionally print out records to ensure information is presented in a logical, accurate format.

• In addition to using data entry fields and check boxes, ensure providers are including patient-specific notes and comments in the record, as appropriate and necessary.

Risk Strategies

Hospital Protector 10 Fall 2013

• Ensure that those who are using the system are aware of how the metadata function works and the types of metadata the system collects; work to develop documentation policies around that knowledge.

• Adjust workflow processes as necessary to eliminate inconsistencies in metadata (e.g., entering procedural or treatment-related details before the patient encounter actually occurs may result in inaccurate records).

• Develop guidance for how to appropriately amend or update an electronic record. Without a defined policy, changes to the record may raise questions about falsification of information.

Alert Fatigue

Perhaps one of the most powerful patient safety capabilities of EHR systems is their po-tential to analyze patient data, provide clinical decision support, and send providers alerts about possible contraindications (such as dan-gerous drug–allergy interactions). These tools are valuable, but only if they’re utilized in an efficient way.

Systems that bombard providers with an over-abundance of alerts can be frustrating and lead to a phenomenon known as “alert fatigue,” in which providers ignore or override alerts with-out verifying their content.

A 2012 American Medical News article attrib-uted alert fatigue to the “frequency and often lack of necessity” of alerts and noted that sev-eral studies that have found the ignore rate for

alerts is between 80–90 percent.16 This sug-gests that when providers are inundated with massive numbers of noncritical or nonrelevant notices, the likelihood that important informa-tion will be overlooked increases.

After receiving a number of unhelpful alerts, a doctor might bypass the next alert based on the assumption that it is another “false alarm” — when in fact, it might contain critical information.

To complicate matters, not all alerts that are overridden are the result of providers ignoring the system. Many times, alerts are overridden for valid clinical reasons. But metadata that capture overrides likely won’t distinguish between the two.

16. Dolan, P. L. (2012, April 16). Search is on to cure EHR alert fatigue. American Medical News. Retrieved from http://www.ama-assn.org/amednews/2012/04/16/bil10416.htm

Hospital Protector 11 Fall 2013

17. The Office of the National Coordinator for Health Information Technology. (2012). Guide to privacy and security of health informa-tion. U.S. Department of Health and Human Services. Retrieved from http://www.healthit.gov/sites/default/files/pdf/privacy/privacy-and-security-guide.pdf

• Determine whether your EHR’s alert functions can be modified to meet the specific needs of your organization. For example, can the system’s alerts be classified based on severity or other factors?

• If possible, set alerts for only the most critical or troublesome areas.

• Implement alerts gradually, so as not to overwhelm providers.

• Ensure that your organization’s EHR documentation policies specifically state the need for providers to carefully document decisions to override clinically significant alerts.

• Audit alert reports from the EHR to determine whether providers are using alerts as intended, and to determine whether a high percentage of certain alerts are being ignored.

Risk Strategies

Privacy/Security

Patient privacy and security of personal pro-tected health information (PHI) have been at the forefront of healthcare for a number of years. Many healthcare organizations are well aware of their obligations to protect PHI under state and federal regulations. Protection of pa-tient’s health information also is a requirement for demonstrating meaningful use.

As information has gone digital, new questions and concerns about privacy and security have arisen. Factors that were never relevant to pa-per records now must be considered, such as:

Data Mobility

PHI is much more mobile in electronic format. It can easily be transmitted or taken out of the

facility on laptops, jump drives, smartphones, etc. Without safeguards in place, the risk of lost, stolen, or unauthorized access to data increases.

System Platform

Some EHRs are stand-alone systems that ex-ist within an organization, while others are accessed through the Internet. Both types of systems offer security features not available with paper records, but both also involve risks. For example, with an onsite system, a disaster — such as a fire or tornado — could damage the system and destroy patients’ PHI. With an Internet-based EHR, vendors manage many security settings, and their standards may be difficult to assess.17

Hospital Protector 12 Fall 2013

18. Buppert, C. (2010, Jan. 13). Electronic medical records: 18 ways to reduce legal risks. Medscape. Retrieved from http://www.medscape.com/viewarticle/714812

System Users

Different individuals within an organization may require different levels of access to EHR information, depending on their positions. Levels of access among users should be care-fully considered, and safeguards should be put in place to prevent users from accessing unau-thorized information.

Password Security

To help prevent data breaches, individuals who are authorized to access the EHR system need unique passwords or passcodes to help the system authenticate their identities. Protocols for logging in and out of the system should be strict, but not overly time-consuming.18

Data Encryption

Encryption refers to coding information in a way that prevents unauthorized users from reading it. This technology can protect PHI when it is stored on a device or transmitted electronically.

Time-Outs and Record Locks

Even the most cognizant provider can forget to close a record or log out of a system. A system that shuts down or locks records after a certain period of inactivity can add an extra layer of security that helps prevent unauthorized

access to patient’s PHI. Record locks also can be used to prevent providers from inappropri-ately modifying records (per your organiza-tion’s medical record policy).

Health information Exchange

The healthcare community is seeing an increas-ing emphasis on the electronic exchange of patient information as a way to improve effi-ciency and share patient’s medical information. However, electronic exchange of protected health information must strictly adhere to state and federal privacy and security regulations.

The information in this section is certainly not exhaustive, but it does provide some broad considerations related to privacy and security of electronic health information.

• When evaluating EHRs, carefully research the systems’ privacy and security features. For Internet-based EHR systems, ask vendors about compliance with HIPAA and HITECH privacy regulations.

• Ensure that the Business Associate Agreement your organization has with its EHR vendor requires HIPAA/HITECH compliance and details how access to data is obtained, how information is secured, and how the vendor ensures privacy and security.

• Review your organization’s privacy and security policy to ensure it adequately covers risks related to electronic data.

• Issue unique usernames and passwords to each individual who will access the system. Strictly prohibit password sharing and placing written passwords in an easily accessible place (e.g., taped to a computer monitor).

• Enable system time-outs and record locks to prevent unauthorized access to patient data.

• Use encryption technology to protect stored and transmitted data.

• Ensure your organization has well-defined processes in place for handling security breaches and noncompliance with privacy and security policies. These processes should comply with state and federal regulations.

• Provide ongoing staff training on privacy and security policies and breach notification protocols.

Risk Strategies

Hospital Protector 13 Fall 2013

Hospital Protector 14 Fall 2013

Resources

Agency for Healthcare Research & Quality (AHRQ)

• Guide to Reducing Unintended Consequences of Electronic Health Records

• Health Information Technology

• Health IT Tools and Resources

American Health Information Management Association (AHIMA)

• AHIMA’s HIM Body of Knowledge™

• Integrity of the Healthcare Record: Best Practices for EHR Documentation

• Maintaining a Legally Sound Health Record — Paper and Electronic

• Rules for Handling and Maintaining Metadata in the EHR

Centers for Medicare & Medicaid Services (CMS)

• Certified EHR Technology

• EHR Incentive Programs

• Eligible Hospital Information

ECRI Institute

• Healthcare Risk Control: Electronic Health Records

Healthcare Information and Management Systems Society (HIMSS)

• Electronic Health Records

• 2012 HIMSS Analytics Report: Security of Patient Data

The Office for Civil Rights, U.S. Department of Health and Human Services

• Health Information Privacy — For Covered Entities and Business Associates

• Understanding HIPAA Privacy — Health Information Technology

The Office of the National Coordinator for Health Information Technology, U.S. Department of Health and Human Services

• Benefits for Critical Access Hospitals and Other Small Rural Hospitals

• EHR Incentive Programs

• Guide to Privacy and Security of Health Information

• Health Information Exchange

• Implementation Support for Critical Access Hospitals and Other Small Rural Hospitals

• Meaningful Use for Critical Access Hospitals and Other Small Hospitals

Stratis Health (Minnesota’s Quality Improvement Organization)

• Health Information Technology Toolkit for Critical Access and Small Hospitals

Hospital Protector 15 Fall 2013

Product availability varies based upon business and regulatory approval and differs between companies. All productsadministered and underwritten by Medical Protective or its affiliates. Visit medpro.com/affiliates for more information.©2013 The Medical Protective Company.® All Rights Reserved.