Provider misconduct associated with widespread use of insecure electronic health record systems

Credit: public domain CC0

Researchers from MedStar Health, Brigham and Women’s Hospital, and the University of Utah have found that electronic health record (EHR) provider misconduct may have led to widespread use of suboptimal products for more of 70,000 clinicians across the country, as published today in JAMA Health Forum. Six EHR vendors have been involved in settlements with the U.S. Department of Health and Human Services Inspector General’s Office and the U.S. Department of Justice alleging bribery and misrepresentation of product capabilities .

In addition to creating incentives for healthcare organizations to adopt the use of EHRs, the Health Information Technology for Economic and Clinical Health Act of 2009 held that EHR products should be certified as meeting the capability, functionality, and safety requirements adopted by HHS. Violation of this rule can result in complaints and in turn settlements with the DOJ, but unfortunately oversight is limited.

After reviewing every publicly available settlement related to EHR certification violations, MedStar Health researchers found that six EHR vendors had settled settlements totaling more than $379.8 million, with four of the six vendors involved. in regulations related to misrepresentation of product functionality to achieve certification. Based on data from the Centers for Medicare & Medicaid, it is estimated that more than 76,831 unique clinicians used these six providers during the complaints period.

“The widespread use of EHRs has helped providers and healthcare organizations better manage care for their patients. But what if providers can’t be sure that the EHR platform they’re using is safe, secure and can be used effectively? says Raj Ratwani, Ph.D., vice president of scientific affairs for the MedStar Health Research Institute, director of the MedStar Health National Center for Human Factors in Healthcare, and senior author of this article. “These data show that even a handful of examples of EHR provider misbehavior can have a significant impact on patient safety and how providers use these platforms.”

Insights to make EHRs more secure

Today’s release builds on MedStar Health’s Human Factors team’s exploration of the role that EHR systems can play as a contributing factor to overall patient safety, including a study of 2018 which found that EHR use issues may have contributed to harmful events in some healthcare settings.

In addition to examining the design of EHRs, MedStar Health investigators sought to develop actionable solutions to help make EHRs more secure through two primary initiatives:

  1. Develop resources for healthcare organizations to proactively monitor and identify opportunities to optimize the functionality of their EHR platform. More recently, this includes creating an assessment tool that can be used to assess alerting, data entry, and automation processes, as well as visual display.
  2. Provide recommendations for higher security standards in the EHR market. Examples of this work include advocating for HHS to develop a national database for usability and safety reports and encouraging the Joint Commission to adopt accreditation requirements that would incentivize hospitals to implement EHR security best practices.

“The importance of our work in this area is that we can improve EHRs as a critical tool for healthcare facilities and patient safety at the same time,” Dr. Ratwani said. “While we have made incremental progress, success depends on greater transparency in the industry, as well as a shared commitment from governing bodies, health system customers and providers to work together to give the safety first.”

More information:
Nate C. Apathy et al, Electronic Health Record Legal Settlements in the US Since the 2009 Health Information Technology for Economic and Clinical Health Act, JAMA Health Forum (2022). DOI: 10.1001/jamahealthforum.2022.3872

Provided by MedStar Health

Quote: Vendor Misconduct Associated with Widespread Use of Unsecured Electronic Health Record Systems (November 14, 2022) Retrieved November 14, 2022 from non-secure-electronics.html

This document is subject to copyright. Except for fair use for purposes of private study or research, no part may be reproduced without written permission. The content is provided for information only.

Add Comment