Dr. Farzad Mostashari, the national health IT coordinator, said that agencies in the Health and Human Services Department will work closely to craft a surveillance and action plan to keep patients safer through health IT, and it will be done sooner than called for by the Institute of Medicine.
An IOM report published this week directed ONC as the office that oversees health IT to complete its plan within 12 months.
“We appreciate the IOM’s recommendations in making sure that we really do have a coherent structure for reporting, analyzing and acting on the information about EHR-related safety incidents,” he said at the Nov. 9 meeting of the advisory Health IT Policy Committee.
He added that the committee will be an important part of bringing health IT stakeholders together for discussions about patient safety. The IOM calls for the freer flow of safety-related information and action by all stakeholders.
Mostashari said that the Office of the National Coordinator for Health IT will coordinate with the Food and Drug Administration (FDA), which regulates medical devices, and the Agency for Healthcare Research and Quality (AHRQ), which sponsors patient safety organizations, and the National Institute for Standards and Technology (NIST).
[Related: NIST's 10 cloud computing requirements.]
ONC has worked with AHRQ and FDA to promote reporting by EHR vendors on adverse events through patient safety organizations and with NIST to develop standards for EHR testing, measuring and usability.
In its report, IOM reaffirmed its faith in the potential for health IT to improve safety, Mostashari said. But it also made important recommendations to make sure that health IT’s potential is fully realized. The report becomes part of ONC’s long-term strategy for building in safety from the beginning as adoption of health IT moves forward, he said.
Safety is not just about reliable EHR system software product performance. Mostashari said that the report emphasized that “safety is a system.”
“Successful use of health IT means that we have to understand safety as part of the systematic approach. It means, system usability issues, having the right relationship between design of EHRs and the workflows,” he said.
In response to questions about whether FDA should be regulating EHRs as devices, Mostashari said that it was “clearly one of the most controversial issues that the committee struggled with.”
”My understanding of the report is that one of the key issues was the recognition that a broader set of issues needs to be addressed, not just the devices, but the entire system of how care is delivered, how training is done, and how workflows are done,” he said.
The report cites the need to balance the innovation agenda, and some of the concerns they expressed around the expertise needed for this may be different from device regulation in general, he said.
According to the IOM recommendations released Nov. 8, HHS should establish some mechanism for both technology vendors and users to report health IT-related deaths, injuries or unsafe conditions. Adverse event reporting related to patient safety should be required for vendors and voluntary, confidential, and non-punitive for healthcare providers, according to the report, “Health IT and Patient Safety: Building Safer Systems for Better Care.”
Also, Congress should establish an independent federal entity, similar to the National Transportation Safety Board for health IT, to investigate patient deaths, injuries, or potential unsafe conditions associated with health IT and make non-binding recommendations that allow for HHS, providers and vendors to determine the best course forward.
IOM also recommended that HHS fund a Health IT Safety Council to evaluate criteria and develop methods for assessing and monitoring safety and measuring impacts of health IT on safety.
That includes making sure that health IT vendors support the free exchange of information and not discourage health care providers from sharing patient safety concerns, including screen shots. Nondisclosure agreements in contracts between vendors and healthcare providers and "hold harmless" clauses that shift the liability of unsafe health IT features to care providers greatly discourage information sharing, the report said.
HHS should also establish quality management principles and risk management processes in designing and implementing health IT products, which can be complex and difficult for doctors and nurses to use. Alerts in technology systems should be designed to have lower false-alarm rates and computer interfaces need to be more intuitive for users.
