The SAFER Guides: Empowering Organizations to Improve the Safety and Effectiveness of Electronic Health Records

Published Online: May 21, 2014
Dean F. Sittig, PhD; Joan S. Ash, PhD, MLS, MBA; and Hardeep Singh, MD, MPH
Electronic health records (EHRs) have potential to improve quality and safety of healthcare. However, EHR users have experienced safety concerns from EHR design and usability features that are not optimally adapted for the complex work flow of real-world practice. Few strategies exist to address unintended consequences from implementation of EHRs and other health information technologies. We propose that organizations equipped with EHRs should consider the strategy of “proactive risk assessment” of their EHR-enabled healthcare system to identify and address EHR-related safety concerns. In this paper, we describe the conceptual underpinning of an EHR-related self-assessment strategy to provide institutions a foundation upon which they could build their safety efforts. With support from the Office of the National Coordinator for Health Information Technology (ONC), we used a rigorous, iterative process to develop a set of 9 self-assessment tools to optimize the safety and safe use of EHRs. These tools, referred to as the Safety Assurance Factors for EHR Resilience (SAFER) guides, could be used to self-assess safety and effectiveness of EHR implementations, identify specific areas of vulnerability, and create solutions and culture change to mitigate risks. A variety of audiences could conduct these assessments, including frontline clinicians or care teams in different practices, or clinical, quality, or administrative leaders within larger institutions. The guides use a multifaceted systems-based approach to assess risk and empower organizations to work with internal or external stakeholders (eg, EHR developers) on optimizing EHR functionality and using EHRs to drive improvements in the quality and safety of healthcare.

Am J Manag Care. 2014;20(5):418-423
Electronic health records (EHRs) have the potential to improve the quality and safety of healthcare.1 Since the enactment of the Health Information Technology for Economic and Clinical Health Act (HITECH), 2 organizations have been adopting EHRs at an unprecedented rate.3 While the challenges of rapid EHR implementation can be numerous and disruptive, EHRs have clear potential to improve quality and safety with better access to information,4,5 clinical decision support,6 and more reliable provider-to-provider communication.7 Nevertheless, in the early stages of an EHR-enabled healthcare system, benefits thus far have been difficult to achieve and unintended consequences have emerged.8 Clinicians have experienced safety concerns from EHR design and usability features that are not optimal for complex work flows in real- world practice settings.9-11 To respond to these challenges, the Office of the National Coordinator for Health Information Technology (ONC) commissioned the 2012 Institute of Medicine Report, “Health IT and Patient Safety: Building Safer Systems for Better Care”12 and recently released the Health Information Technology Patient Safety Action and Surveillance Plan that lays out their response to these issues.13

National initiatives to improve the safety of EHRs must be accompanied by practical and helpful strategies for those on the front lines of EHR-enabled care delivery. Strategies to address unintended consequences borne from EHR implementation are nonetheless scarce, and frontline clinicians and healthcare organizations (HCOs) are often unaware of best practices for safe EHR implementation and use. For example, they often have minimal guidance to handle problems such as too many alerts,14,15 a slow EHR, or an EHR that requires an excessive number of “clicks” to complete tasks. These are not skills routinely expected of healthcare providers in the past.16 Clinicians are also not privy to safety concerns embedded in flawed interfaces between various components of EHRs and in the way EHRs are configured. Solutions to these problems are often multifaceted, requiring analysis and redesign of work flows and organizational processes and procedures that cannot be addressed through improvements in technology alone.

Addressing EHR-related safety concerns is inherently complex and requires a comprehensive and multifaceted systems-based approach. We propose that HCOs equipped with EHRs should consider the strategy of “proactive risk assessment” of their EHR-enabled healthcare to identify and address EHR-related safety concerns.17 Herein, we describe the conceptual underpinnings of an EHR-related self-assessment strategy to provide clinicians and HCOs a foundation upon which they could build their safety efforts.


With support from the ONC, we used rigorous, iterative methodologies to develop 9 self-assessment tools to optimize the safety and safe use of EHRs (Table 1).18 These tools, the Safety Assurance Factors for EHR Resilience (SAFER) guides, are designed to help clinicians and HCOs self-assess the safety and effectiveness of their EHR implementations, identify specific areas of vulnerability, and create solutions and culture change to mitigate risks.

The goal of SAFER guide-based proactive risk assessment is to eliminate or minimize EHR-related safety hazards to build system resilience, defined as “degree to which a system continuously prevents, detects, mitigates, or ameliorates hazards or incidents so that an organization can bounce back to its original ability to provide care.”19

Each SAFER guide consists of between 10 and 25 “recommended practices,” which can be assessed as fully implemented, partially implemented, or not implemented. Recommended practices help the clinic or organization know ‘what’ to do to optimize the safety and safe use of the EHR. The recommended practices address principles (Table 2) that represent ‘why’ the recommended practices are needed, although any given recommended practice may support several principles that support health IT safety.

The methods used to identify risk areas and associated practices have been described elsewhere, but are briefly summarized here.18 To develop the content of the guides, we consulted subject matter experts in informatics, patient safety, quality improvement, risk management, and human factors engineering and usability. To ensure generalizability, we conducted site visits at both small and large practices and hospitals. We also reviewed literature to identify existing EHR-related assessment items, which we validated and refined during site visits. To ensure that the guides would be useful to our intended audiences (eg, clinicians, EHR developers, IT professionals, and quality improvement leaders), we engaged with a broad range of stakeholders, such as professional organizations representing diverse groups of intended users. We undertook multiple revisions of items in the guides to increase their applicability and interpretability by individuals with differing degrees of expertise. We also considered the perspectives of those working within organizations at different points in their EHR adoption journey. Thus, we ensured that the SAFER guides are based on best evidence and expertise currently available, as well as on field research and iterative testing.20 To facilitate wide implementation and use, the SAFER guides have been made available free of charge from ONC’s website (http://www.healthit.gov/safer/).

Content of the SAFER guides is organized around 2 conceptual frameworks that account for the complex sociotechnical system in which EHRs are implemented and the risks specific to various phases of implementation, respectively (Figure). The first model describes the 8 contextual dimensions of EHR-enabled healthcare systems: (1) hardware and software; (2) clinical content; (3) human-computer interface; (4) people; (5) work flow and communication; (6) internal organization policies, procedures, physical environment, and culture; (7) external rules, regulations, and pressures; and (8) system measurement and monitoring.21 Along with this sociotechnical framework, we used a 3-phase framework of EHR safety that describes risks along different points of the EHR implementation life cycle.22 The overall goal,as described by Blumenthal and Tavenner, is for healthcare organizations to move from a paper-based medical record system “up the escalator” to become fully EHRenabled healthcare systems.23 Within each phase of the 3-phase framework, all 8 dimensions of the sociotechnical model come into play. Phases remind organizations ‘which’ aspect of safety is being addressed as they adopt EHRs and build safety programs.

The first step on the “escalator” framework (safe health IT) accounts for safety events unique and specific to EHRs and often emerge early in implementation (eg, safety problems owing to unavailable or malfunctioning hardware/software). The second step (using health IT safely) addresses unsafe or inappropriate technology use, including unsafe changes in work flows that emerge due to technology use. The third step (monitoring safety) addresses use of technology to monitor healthcare processes and patient outcomes and to identify potential safety concerns before harm occurs. Together, the sociotechnical framework and 3-phase implementation framework form the conceptual foundation of the self-assessment process.


Organizations should consider using the “high priority practices SAFER guide” to identify their most pressing needs and decide which of the more specific SAFER guide(s) to use for a more in-depth self-assessment. In pilot testing at smaller practices (ie, 1-5 physicians with 1-10 clinical and administrative support staff) with experienced EHR users, it took approximately 30 minutes to work through the high priority guide practices. It may take longer for the other SAFER guides.

The SAFER guides include planning worksheets to help organizations set goals and track progress. The worksheets offer a rationale that explains ‘why’ each recommended practice is important. For example, 1 recommended practice within the “Test Results Reporting and Follow-up SAFER guide” is to create “back-up procedures (including use of surrogates) and fail-safe escalation systems” to communicate test results to responsible providers.24 The rationale is based on known risks introduced at handoffs between providers, especially those involving trainees and part-time providers.25 Finally, to help operationalize each recommended practice, the worksheets include examples that illustrate ‘how’ recommended practices can be implemented. For example, one way to implement the recommendation above is to have unacknowledged test result notifications forwarded to alternate providers or escalated to supervisors after a certain number of days.

PDF is available on the last page.

Issue: May 2014
More on AJMC.COM