Reaction to ONC’s Recently Released Health IT Safety Plan Mostly Positive

by Bonnie Darves, iHealthBeat Contributing Reporter, iHealthBeat

Given the broad reach and potential implementation complexity of the Office of the National Coordinator for Health IT’s new health IT safety plan, and the health care sector’s typical response to anything that calls for or even hints at more regulation ahead, one might expect a fair bit of grousing to ensue. After all, the plan calls for significantly stepped-up surveillance in health IT, a requirement for transparency in provider/user reporting of health IT-associated safety hazards and adverse events, and public posting of results of summative testing of health IT, particularly electronic health records’ usability and error rates.

In the six weeks since the ONC issued the plan, however, it’s been mostly quiet on the reaction front, according to Jacob Reider, ONC’s chief medical officer. “Honestly, I have not seen any substantive negative feedback. There’s been the occasional blog or Twitter post suggesting that we’re doing too much or too little, but, for the most part, response on both the provider and vendor side has been fairly positive.

“But this [plan] is just threading the needle,” Reider said. “If we make this too complex and too much of a burden, providers will be inconvenienced. And inconvenienced providers are unsafe providers.”

Provider Reporting Role — Clarification Sought

One burden Reider referenced is the plan’s push to increase health IT users’ (particularly clinicians’) reports of adverse events, near misses and safety hazards presumed to be related to product design or usability factors. At present, no simple mechanism exists for ambulatory care clinicians to report such issues outside vendor channels, and voluntary reporting activity has been minimal. Common Formats — like those the Agency for Healthcare Research and Quality created for inpatient-setting incident reporting to patient safety organizations — are in development.

The hope, Reider said, is that the AHRQ formats, in conjunction with post-market live testing of certified EHR technology the plan calls for, will spur reporting and improve collection of aggregate health IT performance information to help identify problem areas.

“The [reporting] spigot has not started to flow at the volume we will need” to leverage reporting data to increase safety, Reider said.  “We need to do this with standards so that … no additional action is needed on the part of delivery organizations or providers to make this information available.”

That’s an ambitious objective, many industry observers concur, but it’s the appropriate one at this juncture. The challenge lies in how that envisioned “seamless” health IT safety information collection unfolds and how resulting incident analysis and data are ultimately used, cautioned Russ Branzell, president and CEO of the College of Healthcare Information Executives.

“The plan moves us in the right direction, but the concern is that if we force the responsibility for data collection to the individual provider level, that could take patient care out of physicians’ hands and create an unsustainable environment,” Branzell said. “And what we don’t want to see is where [health IT] is managed like the FDA [-approved] devices. The burden would be unworkable in the complex environment of software.”

Reporting Protection — a Perennial Issue?

On a less global level, the ONC plan has sparked some concern about what some see as pitfalls in the realm of incident reporting and its outcomes. Some vendors say that while the ONC plan affords needed protection — malpractice in particular — to providers who report health IT-related incidents to patient safety organizations, there’s no comparable product liability protection for vendors whose products are involved or whose personnel participate in incident analysis.

“Those protections don’t extend to vendors,” Sarah Corley — chair of the EHR Association and CMO of NextGen Healthcare, an EHR vendor — contended. “What vendors would like to see is that their work with PSOs [in incident evaluation will] be protected as well.” Some industry analysts have suggested that such protection is implicit if vendors establish the closer working relationships with the PSOs that ONC has recommended, but Corley said that the industry is seeking definitive guidance in this regard.

“We are confident that partnering with the PSOs in aggregating and sharing the collected [report] will offer a lot of learning opportunities, but we have concerns about [the possibility] of making unfounded information public,” said Leigh Burchell, vice president of health policy and government for health IT vendor Allscripts. De-identifying data collected and aggregated across multiple vendors “might be enough,” she said, and likely wouldn’t stymie learning.

Another potentially problematic area, as the ONC plan rolls out, is ensuring that the 78 national PSOs charged with collecting and analyzing the report data are equipped to perform those duties in a manner that produces reliable and useful information.

Because of PSOs’ broad mandate, it’s unrealistic to presume that all have the requisite expertise to dissect complex product-and-user interactions to uncover the root cause of an health IT-associated adverse event, according to Glen Hill, senior director of quality and regulatory compliance for Seimens Healthcare. “We know that 14 of the PSOs are very knowledgeable in [health] IT, but others aren’t as knowledgeable. What we need is a smaller network of PSOs that understands [health] IT,” he said.

Joint Commission Role ‘a Good Start’

One aspect of the ONC plan that most health care industry professionals agree is likely to put health IT safety improvement on a faster track moving forward is the involvement of the Joint Commission. Under a new grant through ONC, the Joint Commission is expanding its quality and safety investigative capacity and Sentinel Event reporting function to focus squarely on the role of health IT in reported adverse events and unsafe conditions, and perform additional analysis.

Ronald Wyatt — medical director of the Joint Commission’s division of health care improvement — said, “In root-cause analysis, the role of [health] IT is not always clear. We hope to learn how and when these events are occurring, and identify where the problem areas are,” adding, “What we hope for ultimately is a Hawthorne effect.”

Wyatt said that the Joint Commission plans to wrap up its analysis — which is already underway — within a year and plans to publish the findings in a peer-reviewed journal. “We want to do this as soon as possible because this is an important area of learning for the whole sector,” he said.

Some industry observers have questioned whether the Joint Commission — whose investigative work has been rooted historically in the hospital sector — will be able to perform at the same level of competence and deliver comparable value in investigating events in the independent physician practice sector, where its involvement is relatively limited and recent in the context of its longtime experience with other types of ambulatory care organizations. Reider counters that such arguments are somewhat academic, given the state of the state and the dire need for more information about what’s occurring as providers interface with health IT.

The Joint Commission “already [has] feet on the ground in doing surveys of care delivery organizations, and one recurring theme here is that we need to leverage work that’s already happening,” Reider said. “There is no question that the Joint Commission work will help us get a better picture of the scale of the problem and start creating a taxonomy — and a set of buckets to put these events into.” He explained that such analysis could achieve an objective the vendor community has long pointed to: Discovering whether the root cause of an adverse event associated with health IT is, for example, absence of standards, product design, user error or faulty implementation.

Despite their cited concerns, health IT vendors ostensibly concur with Reider on one key philosophical point: Shared-learning opportunities and the Holy Grail of all of this effort — identifying where health IT safety risks, whether inherent in products or arising out of inadvisable or incorrect use of those products, or faulty implementation reside, and devising associated remedies and best practices — is where collective sights should be set.

“I think we’re all glad that this important issue of [health] IT safety is being addressed on a national level to make the care environment safer,” Branzell said. “But we need to do this right, or we won’t get the [improvement] benefits we need.”

Source: iHealthBeat, Thursday, August 22, 2013