As care coordinators, nurses have a primary responsibility to be aware of the potential risks that may accompany the increasing use of technology in the healthcare environment. Being able to capture and document patient data at the point of care in an electronic format brings with it many benefits. But there are also inherent risks that come with the use of health information technology (IT) that may impact patient safety and data integrity.
Consider these examples:
- A medication is prescribed to be given as an I.M. injection. It's actually intended to be given I.V.; however, the physician selects the wrong delivery route from the drop-down menu when prescribing the drug in the electronic health record (EHR) system.
- A pharmacist processes a medication prescription for acetaminophen for the wrong patient because he has two patient records open at the same time and becomes distracted during the prescribing process.
There are also many examples of how well-designed EHRs and strong clinical processes can improve safety through their ability to provide historical data, offer clinical decision support, and facilitate communication among care providers.1 In order to realize these benefits, it's important to identify and analyze the factors that can lead to health IT-related errors.
How do we minimize risks?
The Joint Commission has issued a Sentinel Event Alert on the safe use of health IT.2 This report analyzes factors contributing to 120 health IT-related sentinel events. The analysis focused on eight general categories:
- human-computer interface (33%)—ergonomics and usability issues resulting in data-related errors
- workflow and communication (24%)—issues relating to health IT support of communication and teamwork
- clinical content (23%)—design or data issues relating to clinical content or decision support
- internal organizational policies, procedures, and culture (6%)
- people (6%)—training and failure to follow established processes
- hardware and software (6%)
- external factors (1%)—vendor and other external issues
- system measurement and monitoring (1%).
Recommended actions to reduce these risk factors include creating an organization-wide culture of safety and implementing effective change management protocols. These actions involve systematically analyzing each adverse event to determine if health IT played a role and what can be done to prevent a similar event from happening in the future.
A proactive approach to process improvement should be implemented to continually assess for health IT-related patient safety risks. This approach includes comprehensive testing of health IT hardware and software to ensure that it's free from malfunctions; configuring the system to allow clinicians to clearly identify patients and maximize use of the EHR to prescribe medications, tests, and procedures; and providing patients with access to their electronic records via portals to enable them to review those records for accuracy. For example, organizations participating in the OpenNotes project are seeing improvements in quality and safety over the 5 years of the study, including enhanced error reporting, more effective catching of medication errors, and improved care coordination.3
Additional actions suggested by The Joint Commission to reduce risks emphasize the importance of leadership and oversight of health IT planning, implementation, and evaluation. This oversight involves examining workflow processes for inefficiencies, choosing and optimizing systems that align with the work of clinicians, continually improving system interoperability, and monitoring system effectiveness according to established metrics. But the ultimate responsibility for minimizing the potential negative impact of health IT lies with the end users who should be aware of potential risks to patients in any clinical situation.
Another resource that offers a plan for protecting patient safety and improving care quality is the recently published Office of the National Coordinator for Health Information Technology's Health IT Safety Center Roadmap.4 Central to the proposal is creating a health IT safety center or “collaboratory” that welcomes stakeholders from across the healthcare spectrum and government into a trusted space for collaborating on solutions. This center will provide a forum for the exchange of ideas and information focused on promoting health IT as an integral part of patient safety and carry out the following activities:
- collaborate on solutions to address health IT-related safety events and hazards
- improve identification and sharing of information on health IT-related safety issues
- report evidence on health IT-related safety solutions
- promote health IT-related safety education and competency.
The center will also play an important role in gathering and analyzing evidence for preventing low-frequency, high-severity events, such as wrong-site surgery, in which the stakes are high but the causes are poorly understood.
Several healthcare technologies used daily by nurses are identified as potential areas of risk by two reports published by the ECRI Institute.5 The top two hazards in each of these reports were 1) alarm hazards due to inadequate alarm configuration policies and practices and 2) data integrity failure due to incorrect or missing data in EHRs and other health IT systems. Examples of data integrity failures as listed in the ECRI Top 10 Health Technology Hazards for 2015 report include the following:
- appearance of one patient's data in another patient's record
- missing data or delayed data delivery
- clock synchronization errors between medical devices and IT systems
- default values being used by mistake or fields being prepopulated with erroneous data
- inconsistencies in patient information when both paper and electronic records are used
- outdated information being copied and pasted into a new report.6
To address these problems, organizations should assess their health IT systems and identify data integrity failures, correcting them to prevent similar problems from recurring. Organizations should also empower users to report all types of health IT-related incidents, including those that don't cause any harm and near-misses, because staff members don't always recognize health IT's contribution to an event. Nurses should be especially mindful of the risks of copying and pasting information from one episode of care to another. When errors in documentation are made, incomplete, inaccurate, or out-of-date information can end up in a patient's record, potentially leading to incorrect treatment decisions or ultimately causing patient harm.
Where will technology take us?
It has been projected that by 2020 the average household will contain several hundred smart objects, including LED light bulbs, domestic appliances, sports equipment, and medical devices. These smart objects are a part of the “Internet of Things” and most of them will be able to communicate with an app on a smartphone or tablet. Although it's appealing to anticipate having dinner prepared by our smart appliances, we can also imagine the impact these innovations will have on healthcare.
Monitoring data from a patient's wearable technology or maintaining an accurate up-to-date inventory of the right supplies and equipment will allow healthcare organizations to stay ahead of the curve. Implementing innovative solutions that capture and analyze data in real time can improve healthcare quality by finding common patterns and anticipating outcomes. With smart technologies rapidly maturing, the healthcare industry stands to benefit from this enhanced intelligence to improve performance through innovation.
Another emerging technology is remote patient monitoring, which merges wireless technology and healthcare to focus on chronic conditions such as heart disease and diabetes. Some healthcare providers are installing devices in patients' homes to collect continuous data on weight, BP, blood glucose, and blood oxygen levels. These integrated systems can allow providers to detect and address issues before they have serious health consequences. The use of technologies, such as wearables, telehealth, text messaging, and smart devices, can potentially help reduce rehospitalizations and promote prevention, allowing for earlier diagnosis and intervention.7 The challenge for nurses is to ensure that we maintain a meaningful provider-patient relationship while leveraging the power of high-tech monitoring and treatment approaches.
Although these emerging and innovative technologies may improve health and healthcare, they can also introduce new security vulnerabilities.8 During a recent hearing, lawmakers heard testimony from industry leaders about both the benefits and risks to consumers of connected health devices that may hold large amounts of personal health information.9 Individuals looking to exploit this valuable health data can hack into these systems, cutting to the very core of personal privacy.
Cybersecurity protections are rapidly becoming essential safeguards for EHRs that are connected with mobile devices.6 Acknowledging that mobile devices are increasingly being used to store, process, and transmit patient information, the National Cybersecurity Center of Excellence has developed resources to help organizations implement advanced technologies to ensure the security of patient information transmitted on such devices.10 Organizations can use these resources to implement relevant standards and best practices to minimize vulnerability to attack. These guidelines should be used as part of a continuous risk management process that will increase the security of EHRs.
Safe and secure
The role of today's nurse in safeguarding patient care is increasingly complex. Understanding the potential risks of health IT and mobile technologies, as well as adopting essential safeguards, will ensure that care isn't compromised and errors are mitigated. Resources are available to equip nurses to navigate this evolving frontier, ensuring patient safety and high-quality, coordinated care.