What impact would an EHR have on the likelihood of a medical error?

From *RTI International, Research Triangle Park, North Carolina;

†CRICO, Cambridge, Massachusetts; and

‡Office of the National Coordinator for Health Technology, Washington, District of Columbia.

Correspondence: Mark L. Graber, MD, FACP, 5 Hitching Post, Plymouth, MA 02360 (e-mail: ).

The authors disclose no conflict of interest.

This report was sponsored by the Office of the National Coordinator for Health Technology under contract number HHSP23320095651WC_HHSP23337047T to RTI International.

This is an open-access article distributed under the terms of the Creative Commons Attribution-Non Commercial-No Derivatives License 4.0 (CCBY-NC-ND), where it is permissible to download and share the work provided it is properly cited. The work cannot be changed in any way or used commercially without permission from the journal.

Journal of Patient Safety 15(2):p 77-85, June 2019. | DOI: 10.1097/PTS.0000000000000240

• Open

Abstract

Background 

There is widespread agreement that the full potential of health information technology (health IT) has not yet been realized and of particular concern are the examples of unintended consequences of health IT that detract from the safety of health care or from the use of health IT itself. The goal of this project was to obtain additional information on these health IT–related problems, using a mixed methods (qualitative and quantitative) analysis of electronic health record–related harm in cases submitted to a large database of malpractice suits and claims.

Methods 

Cases submitted to the CRICO claims database and coded during 2012 and 2013 were analyzed. A total of 248 cases (<1%) involving health IT were identified and coded using a proprietary taxonomy that identifies user- and system-related sociotechnical factors. Ambulatory care accounted for most of the cases (146 cases). Cases were most typically filed as a result of an error involving medications (31%), diagnosis (28%), or a complication of treatment (31%). More than 80% of cases involved moderate or severe harm, although lethal cases were less likely in cases from ambulatory settings. Etiologic factors spanned all of the sociotechnical dimensions, and many recurring patterns of error were identified.

Conclusions 

Adverse events associated with health IT vulnerabilities can cause extensive harm and are encountered across the continuum of health care settings and sociotechnical factors. The recurring patterns provide valuable lessons that both practicing clinicians and health IT developers could use to reduce the risk of harm in the future. The likelihood of harm seems to relate more to a patient's particular situation than to any one class of error.

Health care in the United States has experienced a remarkable transition from paper to electronic health record (EHR) systems during the past decade. Thanks in large measure to goals set by the Federal Health IT Strategic Plan and financial incentives provided through the ARRA/HITECH act in 2009, more than 75% of physician practices and 92% of eligible hospitals have received incentives to adopt certified EHR technologies through 2014.1

This transformation has been the subject of intense scrutiny to determine if EHRs have achieved the original expectations to improve the quality, safety, and efficiency of health care. A series of 4 comprehensive systematic reviews during this time frame have concluded that health information technology (health IT) has improved in each of these dimensions,2–6 and there is also evidence that the number of malpractice suits has decreased in relation to the implementation of EHRs.7 These findings, however, remain controversial; many organizations have been dissatisfied with their systems, and there is widespread agreement that the full potential of this technology has not yet been realized. A study sponsored by the American Medical Association also cited current EHR technology as a major source of dissatisfaction among providers.8 A host of issues await resolution, including limited interoperability, challenging user interfaces, and software design that can degrade efficient clinician workflow and seems to have been optimized for administrative priorities more than for quality medical care.9–11

Of particular concern are the examples of unintended consequences of health IT that detract from the safety of health care or from the use of health IT itself. These concerns derive from case reports,12 claims databases,13 reports through patient safety organizations,14,15 electronic surveillance (event triggers),16 and adverse and sentinel event reports to The Joint Commission17,18 and the Veterans Health Administration.19 To address these problems will require identifying the specific types and characteristics of events that detract from safety and targeted efforts to address each one.

The goal of this project was to obtain additional information on these health IT–related problems, using a mixed methods (qualitative and quantitative) analysis of EHR-related harm in cases submitted to a large database of malpractice suits and claims. In particular, we sought to identify specific error types or trends that would be amenable to system- or education-focused solutions and the overall value of using medical liability claims databases for this purpose.

METHODS

A retrospective, cohort study of claims in the CRICO Comparative Benchmark System (CBS)20 was conducted for cases coded during the period January 1, 2012, through December 31, 2014. The CBS is a national database of medical malpractice claims from both commercial and captive insurance companies, reflecting both hospital and clinician risk in academic and community environments and across all care settings. The database contains more than 300,000 cases from more than 500 hospitals and 165,000 physicians. Cases selected for this analysis were both open and closed malpractice claims and suits, all filed with regard to injuries incurred during the provision of health care services from 2008 through 2014, which also were coded as having one or more EHR identifiers as a contributing factor in the case. We ultimately analyzed 248 cases. Of these, 147 were derived from cases coded during the period January 1, 2012, to December 31, 2012, using a preliminary set of codes relevant to informatics issues using electronic medical records.13 These codes were reviewed and refined to the current set of 15 proprietary sociotechnical category codes, which were applied to all subsequent cases coded during the period January 1, 2013, to December 31, 2014, from which an additional 101 cases were identified. The original set of 147 cases was then recoded using the newer taxonomy.

Quantitative and Qualitative Analysis

Each claim in the CBS has been previously analyzed by a clinical coding specialist using CRICO's proprietary coding taxonomy. Relevant factors in each case were identified based on a complete review of the medical and legal case file including summaries, medical record data, depositions, and legal proceedings. Coding is typically performed by a single coder after extensive training and is based on extensive guidelines developed to standardize the methodology. To ensure the consistent application of the taxonomy, CRICO holds biweekly calls among all coders, provides 1.5 days of on-site training annually, and audits approximately 15% of all cases. Cases were assigned the following codes:

• ▪ Major allegation (case type; medication related, diagnostic, surgical, obstetrics, etc)
• ▪ Setting (inpatient, outpatient, emergency department)
• ▪ Clinical service (medicine [internal medicine, gastroenterology, cardiology, etc], emergency department, radiology, etc)
• ▪ Severity of the clinical outcome, measured by the National Association of Insurance Commissioner's harm scale:
• High: death, permanent grave, permanent major, or permanent significant harm.
• Medium: permanent minor, temporary major, or temporary minor harm.
• Low: temporary insignificant harm, emotional harm only, or legal issue only.
• ▪ EHR-related factors: Among the 200+ contributing factors coded for each case, we studied the 15 EHR-related contributing factor codes in CRICO's proprietary Coding Taxonomy. The EHR-related codes distinguish 2 large categories that identify system- and user-related issues that contributed to events resulting in a medical malpractice claim:
• ▪ System issues include the clinical systems and processes of which the EHR is an expected/integral part and include issues related to availability of data, routing issues, and problems related to alerts and alarms. System-related issues also include technical problems involving hardware or software, such as security, and design features, such as autopopulating.
• ▪ User-related issues include incorrect or missing information and include such issues as alert fatigue, copy/paste, various workarounds, and user-related difficulties working in the EHR, including accessing data in hybrid record systems or new installations.

Each case that included one or more of the EHR-related contributing factor codes was reexamined for the purposes of this study by 2 different, independent reviewers to ensure that a case was appropriate for inclusion. Of note, this study focuses only on cases with one or more specific EHR-related issues (i.e., specifically involving the patient's chart) and not broader issues that involve health IT such as telemedicine, or electronic devices that interface with the EHR.

Proportions of interest were compared using χ2 tests.

RESULTS

In total, 280 of the cases in the CBS database coded over the preceding period of 2 years were identified as having 1 or more contributing factors relating to HIT. Out of these 280 cases, a subset of 248 cases, those specifically associated with EHR-related factors, are reported here. The 32 cases (of the 280) excluded from this study included broader HIT events not related to the EHR. A qualitative summary of the first 147 cases has been previously published.13 The 101 cases identified most recently (January 1, 2013 through December 31st, 2014) represented just under 1% of the 12,012 cases coded during that period.

Setting and Responsible Service (Table 1, Fig. 1). Most cases derived from the ambulatory care setting [146 ambulatory cases vs 102 from inpatient (77 cases) and ED (25 cases) combined]. There were no cases from extended care facilities. Ambulatory errors outnumbered errors from inpatient care and the ED for every major service except for Nursing, where inpatient errors predominated. The service with the most claims was Medicine, followed by Surgery, Nursing, and Obstetrics\Gynecology, and Radiology.

TABLE 1:

EHR-Related Events in Medical Malpractice Claims

FIGURE 1:

Distribution of Coded Cases by the Setting of Care.

EHR-Related Contributing Factors (Table 2). The current CRICO analytical framework recognizes 2 main categories of contributing factors: System-related issues and User-related issues. Factors from both of these categories contributed to EHR-related factors, 63% of cases involved user-related issues and 58% involved technology related issues; in many cases, more than one contributing factor was identified. Representative case examples from each of the various factors are presented in Appendix A.

TABLE 2:

EHR-Related Etiologies Across Settings

System-related issues included a wide range of cases that involved technology and software design issues that adversely affected patient outcomes:

• ▪ A primary care provider could not access the patient's radiology studies at the time of a patient's visit; the paper results were filed without the MD seeing these. The patient experienced delayed diagnosis of lung cancer.
• ▪ Reminiscent of a recently-publicized case involving a patient with Ebola infection,21 a physician was unable to access the nursing ED triage note, which would have changed management; the patient died of subarachnoid hemorrhage.
• ▪ Test results and evaluations were filed in multiple locations, contributing to the failure to note the overall decline of a patient's vital signs and lab tests; the patient died of sepsis.
• ▪ A patient complained of “sudden onset of chest pains with burning epigastric pain, some relief with antacid”; Because the ‘complaint' field in the EHR was too small, the entry was noted only as “epigastric pain”; no electrocardiogram was done and the patient experienced a cardiac event days later.
• ▪ An order for blood was delayed reaching the lab; the patient expired before the blood arrived.
• ▪ A Pathology report of adenocarcinoma was delayed in reaching a patient's chart until after inpatient discharge and no alert was sent to the patient's physician, resulting in the delayed diagnosis of cancer.

Similarly, user-related issues, including training and education, were identified in cases that spanned the spectrum of contributory factors:

• ▪ An obstetrician did not have EHR access and could not access a patient's clinic notes documenting abnormal fetal size; the clinician stated he\she never received training or a password.
• ▪ A physician received an alert that the patient was allergic to amoxicillin but ordered it anyway, resulting in an allergic reaction.
• ▪ A patient developed amiodarone toxicity because the patient's history and medications were copied from a previous note that did not document that the patient was already on the medication.
• ▪ Results of a positive test for C difficile infection went unnoticed, resulting in a 7 day delay in starting treatment.

In the Ambulatory setting, problems relating to hybrid record systems were the leading contributing factor, referring to organizations where both paper and electronic systems were in use at the same time, or during a transition from paper to electronic, or one EHR to another.

In the Inpatient setting, common problems were more evenly distributed, with over 10% of cases deriving from system design issues, breakdowns in communicating data, and having incorrect information in the EHR. In the Emergency setting, design issues were also common, along with a disproportionate number of cases where incorrect information was encountered in the EHR.

Major Allegations (Table 3 and Fig. 2). Medication errors were the most common (76 cases, 31%) allegation type, followed by an almost equal distribution of errors related to diagnosis (69 cases, 28%) and treatment (medical, surgical, or OB\GYN treatment (76 cases, 31%). A large majority of cases (90%) were represented by these 3 categories.

TABLE 3:

Major Allegations

FIGURE 2:

The Major Allegations in 248 Cases Involving EHR-Related Safety Issues.

Severity of Harm (Table 4 and Fig. 3). Over 80% of cases in each setting were medium or high severity. Cases deriving from ambulatory care were less likely to be lethal (18%) than cases arising in inpatient or emergency settings (39%, Chi square P < 0.01), but even in this setting, over 80% of cases involved medium or high severity of harm. The severity of harm was comparable in both the user-related categories of error (85% medium or severe harm with 29% deaths) and the system-related categories (81% medium or severe harm with 26% deaths).

TABLE 4:

Severity of Harm

FIGURE 3:

The Relative Degree of Harm in Cases from Ambulatory, Inpatient, and Emergency Settings.

Medication-Related Errors (Table 5). Medication-related errors accounted for the largest fraction of EHR-related errors overall (76 cases, 31%). Within this category, almost half of the errors were related to medication ordering (35 cases, 46%), along with errors associated with improper medication management (19 cases, 25%) and administration errors (12 cases, 16%). Ordering problems were the most frequent problem in all 3 settings of care. Illustrative examples included these:

TABLE 5:

Medication-Related Errors

• ▪ The electronically signed discharge order omitted the patient's warfarin; the patient was admitted days later with a stroke.
• ▪ A verbal order for morphine was entered without stipulating the upper dose limit; the patient become obtunded and expired.
• ▪ A patient previously on anticoagulation was admitted for GI bleeding; the physician intended to discontinue the anticoagulant but mistakenly clicked on “continue Lovenox for home use.”

Diagnostic Errors. In both the Ambulatory and Emergency settings, diagnostic errors were the leading allegation. Of these 69 cases, 30 resulted in death. Including 2 cases that involved both types of issues, diagnosis-related cases seemed to more commonly involve user-related issues with the EHR compared to technology related issues (42 user-related issues with 19 deaths vs 29 technology-related issues with 10 deaths, p for proportion of issues = 0.02). Of the 42 cases with a user-related issue, 32 were ambulatory cases, and the dominant EHR-related codes were difficulty during an EHR conversion (16 cases), failing to appreciate a deteriorating clinical situation due to pre-populating or copy\paste (10 cases), and mis-routed information (7 cases).

Twenty eight of the diagnosis-related cases involved delayed diagnosis of cancer. Twenty five cases involved acute problems such as myocardial infarction (5 cases), cardiomyopathies or endocarditis (5 cases), pulmonary embolism (4 cases), pneumonia (3 cases), or other infections (8 cases). The remaining cases involved delayed or missed diagnosis of fractures, HIV, and post-operative complications.

DISCUSSION

The data presented in this study confirms that adverse events related to using electronic medical record systems exist, that they are associated with an appreciable incidence of severe harm and death, and that they are encountered across the continuum of healthcare settings and all 15 of the sociotechnical contributing factors that were used to characterize these cases.

In regard to harm, this data paints a different picture of the risk of injury from EHR-related problems than data obtained through patient safety reporting programs. A recent analysis of reported safety events related to health IT in England identified 850 events reported from 2005 to 2011. Only 3% of these cases involved patient harm, although harm was noted to be 4 times more likely if the underlying causes involved human factors than if the causative factors were more technical.22 Another study of reported health-IT related safety events also found a very low rate of harm, with just 1 death noted in over 3000 reported events.23 Cases identified through a malpractice claims database are pre-selected for harm, as this is one of the cardinal elements of a malpractice claim. Nonetheless, the findings of this study confirm that severe harm occurs at non-negligible rates. The actual incidence of harm cannot be reliably estimated from this data; nonetheless, it is generally agreed that safety events represented in malpractice claims are the “tip of the iceberg,” insofar as the vast majority of cases, even cases that involve harm, do not result in suits.

The severity of harm was less in the ambulatory care setting. We hypothesize that this may reflect the fact that most ambulatory patients have medical problems of lower acuity, making them less susceptible to harm, or that errors in this setting are more easily detected and rectified or mitigated.

Harm was appreciable in the great majority of cases, and thus in each of the different categories of EHR-related contributing factors. We interpret this to indicate that the specific category of EHR-related factors is less important than the clinical circumstances in which it is encountered. As an example, a delay in obtaining a medication in the outpatient setting may be just an inconvenience, but the same type of delay, for example obtaining blood to transfuse a patient who is hemorrhaging, can be lethal. Similar observations have been in regard to the harm deriving from errors in the clinical laboratory; the patient's clinical circumstances outweigh the particular phase of laboratory testing (pre-analytical, analytical, or post-analytical) in determining whether harm will be produced.24 This is an important conclusion that should be validated in subsequent studies, because it implies that it will be impossible to prioritize which specific type of EHR-related error predisposition needs to be addressed first—they are all important and each carries the risk of harm.

Factors Related to EHR-Related Error

Cases were encountered across each of the major service lines. In each of these services, ambulatory errors predominated, except for nursing-related cases. The dominance of the ambulatory care setting over inpatient and emergency care settings (59% ambulatory) parallels the distribution of diagnostic errors claims in this database (57% ambulatory),25 and probably reflects the total volume of patient encounters and care in each of these settings. It is not possible from this data to determine whether EHR-related cases are more common or likely in any particular care setting or specialty service, although this information would be valuable to know, and will require study protocols that specifically address these questions.

The distribution of EHR-related contributing factors was not appreciably different between ambulatory and inpatient care settings, but errors encountered in emergency care appeared to more commonly involve incorrect information in the EHR and training issues, compared to the other 2 settings. Although our study did not directly address the factors that accounted for this observation, it is possible that the disproportionate frequency of training-related errors may relate to staff turnover in this setting, and the difficulty of training staff working night and evening tours.

The relative frequency of errors in medication management is not surprising, given the complexity of the process and the volume of orders being processed. The 2 steps that seem most error-prone are those that involve the physician, test ordering and medication management. Similar observations have been made in regard to laboratory-related error, also highly dependent on technology, where the most error-prone steps are those involving the physician, and not the laboratory per se.26

An important observation from this study is that EHR-related issues accounted for less than 1% of the safety events coded during the same period. Thus, in relation to the many other patient safety issues that lead to harm, EHR-related cases comprise just a small minority, albeit an important one.

Problems and Trends Identified

The data from this study suggests that interventions to reduce harm should parallel the sites most at risk (ambulatory care in particular) and the processes that account for the most errors (for example, medication usage, diagnosis) rather than prioritizing specific problems involving the technology per se, the users, or the interface between the 2. These sociotechnical factors were all associated with appreciable harm in this study, as noted above.

Both venders and the user community are already actively engaged in efforts to address the types of unintended consequences identified in this report. Indeed, the EHR offers the potential to address many different patient-safety problems that lead to adverse events.27 The SAFER guides recently issued by the Office of the National Coordinator for Health Informatics provide specific consensus recommendations in this regard, focusing on both the safe use of health informatics tools, as well as the application of these tools to improve the safety of healthcare.28

Each of the cases in this study indicates a specific vulnerability that providers should be aware of and monitor to ensure that a similar problem doesn't recur during the care of their own patients. Looking across cases, several themes were apparent that represent productive areas where providers and their organizations could begin improving the safety of using EHRs:

1. The danger inherent in hybrid systems and EHR conversions: We identified repeated examples of injurious problems during periods when organizations are transitioning their record systems. Moreover, these conversions will continue to be common in the near term as organizations try to optimize user satisfaction and functionality by changing vendors or record systems, embarking on an upgrade, or adopting new functionality. These transitions require a well-defined action plan and appropriate resources to ensure complete and accurate data is available as rapidly as possible. Providers need to be informed of progress, any delays, and the specific functionalities impacted by the conversion. Providers need constant reminders that these transition periods create greatly increased risk that the data needed for safe patient care may be missing or incorrect.
2. The dangers of delayed, missing, or incorrect data, services, or actions: Many malpractice claims originated from limitations created by the EHR in providing the correct data, information or services needed for safe patient care. These problems were compounded by the expectation on the part of providers that the medical record system was working as they expected it should, when in fact it was not. Examples included delays in returning critical laboratory values, important pathology results that were lost or misdirected, pasted information that was incorrect, and blood products needed for urgent transfusion that was misrouted. Providers need to appreciate these vulnerabilities so that they can take appropriate steps to validate data, to ensure timely follow up on tests that are ordered, or to inquire directly about services or products that appear delayed. If key data is missing in the EHR, providers need to find it.
3. The danger of over-reliance on the EHR: As just noted, providers would be well served to be wary of situations where information is incomplete or possibly inaccurate. The electronic record is an ideal tool to support clinical judgment, but cannot not replace it. Just as quality in clinical care involves constant monitoring and questioning to ensure that diagnosis and treatment are correct, there should be a comparable level of vigilance and appreciative inquiry in regard to using the EHR. Data and information that raises an eyebrow should be verified or rechecked.
4. The inherent risks using copy\paste functionality, over-riding alerts, and employing “workarounds.” These are all well-known vulnerabilities.

In addition to these lessons for providers that would increase safety in using the EHR, we identified 3 major vulnerabilities that EHR vendors and management teams could address to improve safety:

1. Routing problems: We encountered repeated examples of laboratory results going to the wrong provider, documentation not being available to the providers who needed it, and assorted other problems of getting the right data to the right provider. Given the complexity of today's health care systems, special care and attention is needed to ensure the correct routing of data and services. It is imperative to understand how and why this data is being mis-routed and develop specific solutions that address both system and user contributions.
2. Pre-population: Although implemented as a time-saver, pre-population by its nature creates the opportunity for data that is outdated or frankly incorrect to be repeated or misinterpreted. A patient's vital signs might indicate deterioration, but pre-populating a note with yesterday's results could mask this. It seems imperative that we explore the timesaving value of this program choice, with the vulnerabilities it produces. Is there a way for the “user” to be alerted to the “auto-populated / repetitive” nature of the data they are trusting—and if so, will the “alarm-weary” clinician actually take note?
3. Intrinsic cross-checking: An intelligent medical record system should be able to detect a decimal point error in ordering a medication, as this would fall outside of the acceptable dosing range. It would detect that an order for potassium in a patient already hyperkalemic is probably inappropriate. Predictive analytics could potentially prevent a substantial fraction of EHR-related safety concerns. Intelligent analytics of this type can be particularly effective in detecting patients at risk for diagnostic error.29

Relationship of these results to other studies. Cases represented in databases of patient claims are a rich source of information about adverse events of all types involving patient safety. As an example, Bishop et al analyzed over 10,000 cases in the National Practitioner Data Bank.30 As in our study, the predominant cause for a claim in ambulatory settings related to diagnosis. Similarly, diagnosis-related claims were the most common type in a recent systematic review of claims analyses in primary care, followed by medication errors.31

The specific role of health-IT in adverse patient safety events has been examined predominantly by analysis of reports submitted to patient safety organizations (PSOs) and other organizations. A study of 2 large PSO databases recently identified over 20,000 safety events involving health IT, 4.7% of all the safety events reported. The most common category of identified errors were medication related.14 As in our study, problems were encountered across the sociotechnical spectrum.

Sentinel event reports submitted to The Joint Commission comprise another source of harm-related events. A recent report identified 80 cases (2.4%) involving the EHR out of 3375 sentinel events reported between January of 2010 and June of 2013.17 Over half of these cases involved a patient's death, and another 11% involved permanent injury. This report shares two common findings with the findings in our analysis: 1) cases involving the EHR made up just a small fraction of all safety-related reports, and 2) the harm involved was substantial A major difference is that not a single case of diagnostic error was included in the sentinel event reports, reflecting the fact that events reportable to The Joint Commission are focused almost exclusively on treatment-related problems.

Implications for Understanding Safety Concerns Using Electronic Medical Records

The various etiologies of error identified in this study are representative of the error etiologies in many other studies, and spanned the sociotechnical dimensions.32,33 Errors were found in all three of the major sociotechnical elements: involving the technology itself, the users of the technology, and the work environment where care is provided at the interface between the two. These included problems with clumsy design features, breakdowns in information flow, copy\paste issues, missing or incorrect information, and problems relating to the transition from paper to electronic records, or from one EHR to a new one. The relative frequency of problems involving transitions to a new EHR may reflect the fact that this study was conducted over a time span when many practices and organizations were just adopting new EHR systems, or advancing to a different one. At the same time, it is likely that conversions and upgrades will continue to be common events given that health IT is rapidly advancing, and both competition and innovation are abundant. In this case, the risks of EHR conversions, transitions, and hybrid systems will be with us for some time to come.

Advantages and Limitations of Studying Medical Malpractice Claims Data

From a research perspective, the use of claims databases to evaluate unintended consequences of EHR adoption has both positive and negative qualities. There are 4 major advantages:

1. Claims data derives from across the continuum of health care, including both inpatient and outpatient care, including private practices, in both academic and non-academic settings. In contrast, data submitted through patient safety organizations derives almost entirely from inpatient or hospital-associated data, and generally excludes events arising in private practice.
2. Claims data provides extensive text-based information and analysis from both medical and legal documentation in each case, facilitating the qualitative analysis of any given breakdown, and its contributing factors.
3. A related strength is that the detailed information on each case increases both the sensitivity and specificity of coding. Although we did not measure sensitivity in this study we did assess specificity. The double verification of each case ensured that each case did in fact reflect EHR-related harm. Thus, almost 90% of the cases identified as being health IT–related in this study specifically involved the EHR. In contrast, a recent follow-up study of safety events submitted to a large patient safety organization found that almost a third of the events submitted as health-IT related were not, and over a quarter of the events which did involve health-IT were not coded as such.14
4. Claims data uniquely identifies cases known to have caused harm. Although harm data can be extracted from reports of safety incidents to PSOs, these cases generally identify cases with the potential for harm; harm is not a requirement for these reports to be filed, and as we have noted, cases involving severe harm may be frankly unusual in PSO-derived reports.

The limitations of this study, and other studies using claims data, are also numerous and important:

1. The major limitation of studying claims data is the relatively small number of cases available for analysis. As an example, just 248 cases were identified in the three year coding period of this study, whereas a recent study of health IT–related events reported through a patient safety organization found 191 instances in just 9 weeks,15 and several thousand such events over an 8 year look back.23 Similarly,1100 health-IT related events were reported to an FDA safety database over a period of 2 and a half years,34 and over 63,000 health-IT related problems were identified in reports to another national database of medication errors.35 The small sample size in our study prevents us from addressing many key questions, such as whether the safe use of EHRs, or health IT in general is increasing over time.
2. Because cases are reported from across the country, there is uncontrolled variability in regard to the EHR's used and the many institution-specific qualities that are relevant to health IT safety, such as resources, safety culture, and local health IT expertise and champions.
3. Only a very small percentage of adverse safety events result in malpractice claims or suits. For this reason, data obtained from claims and suits cannot be used to estimate the actual incidence of error types, although it does provide insight into the relative frequencies.
4. Finally, the cases in malpractice claims databases often reflect events that happened years ago. It is impossible to know if the etiologic problems identified in a given case still persist at that institution or whether they have been addressed in the meantime. The static nature of claims data makes it particularly unsuitable to evaluate the remarkably dynamic nature of health IT adoption and evolution. It is fair to note, however, that issues that might be “old” at one organization may still be “new” at another organization that is at an earlier stage of EHR adoption; sharing key risk information may therefore still have considerable value.

In summary, limitations in current EHR systems, and how these are used to provide clinical care by healthcare professionals, can lead to harm and death in some relatively small, but important fraction of cases. It is likely that EHR-related harm can be encountered in any healthcare setting and in any clinical service.

On balance, we believe that the data presented in this report supports the value of conducting analyses of claims data to validate the importance of the problem, but conclude that a comprehensive appreciation of EHR-related safety will require input from a range of different approaches and sources of information. This parallels the conclusion reached in other studies of patient safety events regarding the value of triangulating data from a variety of sources and perspectives.36–38 In particular, research approaches are needed that can provide additional quantitative data to address the question of whether the safety of using EHRs is improving over time, and whether there are particular situations, technologies, or user behaviors that need to be prioritized. In the meantime, the types of errors revealed in this study provide a wide range of safety problems that demand attention. Healthcare professionals, their organizations, and health IT vendors can decrease the risk of harm related to using electronic medical records by appreciating and addressing the lessons that these cases provide.

What can cause errors in EHR?

What are 3 disadvantages of EHR?

What are the risks of implementing an EHR system?

How has the EHR impacted patient safety?