We describe the conceptual underpinnings of an EHR-related selfassessment strategy to provide institutions a foundation upon which they can build their safety efforts.
Electronic health records (EHRs) have potential to improve quality and safety of healthcare. However, EHR users have experienced safety concerns from EHR design and usability features that are not optimally adapted for the complex work flow of real-world practice. Few strategies exist to address unintended consequences from implementation of EHRs and other health information technologies. We propose that organizations equipped with EHRs should consider the strategy of “proactive risk assessment” of their EHR-enabled healthcare system to identify and address EHR-related safety concerns. In this paper, we describe the conceptual underpinning of an EHR-related self-assessment strategy to provide institutions a foundation upon which they could build their safety efforts. With support from the Office of the National Coordinator for Health Information Technology (ONC), we used a rigorous, iterative process to develop a set of 9 self-assessment tools to optimize the safety and safe use of EHRs. These tools, referred to as the Safety Assurance Factors for EHR Resilience (SAFER) guides, could be used to self-assess safety and effectiveness of EHR implementations, identify specific areas of vulnerability, and create solutions and culture change to mitigate risks. A variety of audiences could conduct these assessments, including frontline clinicians or care teams in different practices, or clinical, quality, or administrative leaders within larger institutions. The guides use a multifaceted systems-based approach to assess risk and empower organizations to work with internal or external stakeholders (eg, EHR developers) on optimizing EHR functionality and using EHRs to drive improvements in the quality and safety of healthcare.
Am J Manag Care. 2014;20(5):418-423
The Safety Assurance Factors for EHR Resilience (SAFER) guides can be used to selfassess the safety and effectiveness of electronic health record (EHR) implementation and use, identify specific areas of vulnerability, and create solutions and culture change to mitigate risks.
Electronic health records (EHRs) have the potential to improve the quality and safety of healthcare.1 Since the enactment of the Health Information Technology for Economic and Clinical Health Act (HITECH), 2 organizations have been adopting EHRs at an unprecedented rate.3 While the challenges of rapid EHR implementation can be numerous and disruptive, EHRs have clear potential to improve quality and safety with better access to information,4,5 clinical decision support,6 and more reliable provider-to-provider communication.7 Nevertheless, in the early stages of an EHR-enabled healthcare system, benefits thus far have been difficult to achieve and unintended consequences have emerged.8 Clinicians have experienced safety concerns from EHR design and usability features that are not optimal for complex work flows in real- world practice settings.9-11 To respond to these challenges, the Office of the National Coordinator for Health Information Technology (ONC) commissioned the 2012 Institute of Medicine Report, “Health IT and Patient Safety: Building Safer Systems for Better Care”12 and recently released the Health Information Technology Patient Safety Action and Surveillance Plan that lays out their response to these issues.13
National initiatives to improve the safety of EHRs must be accompanied by practical and helpful strategies for those on the front lines of EHR-enabled care delivery. Strategies to address unintended consequences borne from EHR implementation are nonetheless scarce, and frontline clinicians and healthcare organizations (HCOs) are often unaware of best practices for safe EHR implementation and use. For example, they often have minimal guidance to handle problems such as too many alerts,14,15 a slow EHR, or an EHR that requires an excessive number of “clicks” to complete tasks. These are not skills routinely expected of healthcare providers in the past.16 Clinicians are also not privy to safety concerns embedded in flawed interfaces between various components of EHRs and in the way EHRs are configured. Solutions to these problems are often multifaceted, requiring analysis and redesign of work flows and organizational processes and procedures that cannot be addressed through improvements in technology alone.
Addressing EHR-related safety concerns is inherently complex and requires a comprehensive and multifaceted systems-based approach. We propose that HCOs equipped with EHRs should consider the strategy of “proactive risk assessment” of their EHR-enabled healthcare to identify and address EHR-related safety concerns.17 Herein, we describe the conceptual underpinnings of an EHR-related self-assessment strategy to provide clinicians and HCOs a foundation upon which they could build their safety efforts.
CONCEPTUAL FOUNDATION OF SELF-ASSESSMENT
With support from the ONC, we used rigorous, iterative methodologies to develop 9 self-assessment tools to optimize the safety and safe use of EHRs ().18 These tools, the Safety Assurance Factors for EHR Resilience (SAFER) guides, are designed to help clinicians and HCOs self-assess the safety and effectiveness of their EHR implementations, identify specific areas of vulnerability, and create solutions and culture change to mitigate risks.
The goal of SAFER guide-based proactive risk assessment is to eliminate or minimize EHR-related safety hazards to build system resilience, defined as “degree to which a system continuously prevents, detects, mitigates, or ameliorates hazards or incidents so that an organization can bounce back to its original ability to provide care.”19
Each SAFER guide consists of between 10 and 25 “recommended practices,” which can be assessed as fully implemented, partially implemented, or not implemented. Recommended practices help the clinic or organization know ‘what’ to do to optimize the safety and safe use of the EHR. The recommended practices address principles () that represent ‘why’ the recommended practices are needed, although any given recommended practice may support several principles that support health IT safety.
The methods used to identify risk areas and associated practices have been described elsewhere, but are briefly summarized here.18 To develop the content of the guides, we consulted subject matter experts in informatics, patient safety, quality improvement, risk management, and human factors engineering and usability. To ensure generalizability, we conducted site visits at both small and large practices and hospitals. We also reviewed literature to identify existing EHR-related assessment items, which we validated and refined during site visits. To ensure that the guides would be useful to our intended audiences (eg, clinicians, EHR developers, IT professionals, and quality improvement leaders), we engaged with a broad range of stakeholders, such as professional organizations representing diverse groups of intended users. We undertook multiple revisions of items in the guides to increase their applicability and interpretability by individuals with differing degrees of expertise. We also considered the perspectives of those working within organizations at different points in their EHR adoption journey. Thus, we ensured that the SAFER guides are based on best evidence and expertise currently available, as well as on field research and iterative testing.20 To facilitate wide implementation and use, the SAFER guides have been made available free of charge from ONC’s website (http://www.healthit.gov/safer/).
Content of the SAFER guides is organized around 2 conceptual frameworks that account for the complex sociotechnical system in which EHRs are implemented and the risks specific to various phases of implementation, respectively (). The first model describes the 8 contextual dimensions of EHR-enabled healthcare systems: (1) hardware and software; (2) clinical content; (3) human-computer interface; (4) people; (5) work flow and communication; (6) internal organization policies, procedures, physical environment, and culture; (7) external rules, regulations, and pressures; and (8) system measurement and monitoring.21 Along with this sociotechnical framework, we used a 3-phase framework of EHR safety that describes risks along different points of the EHR implementation life cycle.22 The overall goal,as described by Blumenthal and Tavenner, is for healthcare organizations to move from a paper-based medical record system “up the escalator” to become fully EHRenabled healthcare systems.23 Within each phase of the 3-phase framework, all 8 dimensions of the sociotechnical model come into play. Phases remind organizations ‘which’ aspect of safety is being addressed as they adopt EHRs and build safety programs.
The first step on the “escalator” framework (safe health IT) accounts for safety events unique and specific to EHRs and often emerge early in implementation (eg, safety problems owing to unavailable or malfunctioning hardware/software). The second step (using health IT safely) addresses unsafe or inappropriate technology use, including unsafe changes in work flows that emerge due to technology use. The third step (monitoring safety) addresses use of technology to monitor healthcare processes and patient outcomes and to identify potential safety concerns before harm occurs. Together, the sociotechnical framework and 3-phase implementation framework form the conceptual foundation of the self-assessment process.
OPERATIONALIZING SAFER GUIDES
Organizations should consider using the “high priority practices SAFER guide” to identify their most pressing needs and decide which of the more specific SAFER guide(s) to use for a more in-depth self-assessment. In pilot testing at smaller practices (ie, 1-5 physicians with 1-10 clinical and administrative support staff) with experienced EHR users, it took approximately 30 minutes to work through the high priority guide practices. It may take longer for the other SAFER guides.
The SAFER guides include planning worksheets to help organizations set goals and track progress. The worksheets offer a rationale that explains ‘why’ each recommended practice is important. For example, 1 recommended practice within the “Test Results Reporting and Follow-up SAFER guide” is to create “back-up procedures (including use of surrogates) and fail-safe escalation systems” to communicate test results to responsible providers.24 The rationale is based on known risks introduced at handoffs between providers, especially those involving trainees and part-time providers.25 Finally, to help operationalize each recommended practice, the worksheets include examples that illustrate ‘how’ recommended practices can be implemented. For example, one way to implement the recommendation above is to have unacknowledged test result notifications forwarded to alternate providers or escalated to supervisors after a certain number of days.
The SAFER guides will need to be integrated within each HCO or clinic’s current patient safety programs. However, the existing patient safety structures and processes will likely need to be modified as well to incorporate the unique skill mix needed. For example, larger HCOs need informaticians or clinicians trained in the newly created sub-specialty of clinical informatics26,27 in addition to a multidisciplinary oversight committee to help identify risks, prioritize interventions, and review EHR-related solutions. A thorough review of the literature combined with our field research and survey suggest that currently most HCOs do not have the tools and expertise to optimize the safety and safe use of EHRs and have not built EHR safety into their patient safety programs.28,29
The SAFER guides are intended to be used by stakeholders from several administrative and clinical departments within a large hospital. For example, in larger organizations where major departments have differences in implementation and use of EHRs, it might be beneficial for each of these departments to conduct the assessment. Additionally, departments external to organizations such as EHR vendors, clinical knowledge suppliers, or information technology infrastructure providers might also need to take part in such assessments. These include chief information officers, chief medical informatics officers, risk managers, pharmacists, diagnostic services such as laboratory and radiology services, practice managers, patient safety and quality personnel, key clinical stakeholders, and—very importantly—EHR developers. In smaller practices that rely on remotely hosted EHRs and external IT consultants, representatives of external organizations will be key participants in implementing best practices from the SAFER guides.
Self-assessment should be integrated with ongoing patient safety, quality improvement, and risk management programs both in smaller ambulatory practices and in the different departments within larger hospital-based settings. Any of these parties could leverage the SAFER guides to start a meaningful conversation on optimizing safety and safe use of EHRs. In most settings, SAFER guides could be completed by multidisciplinary teams. Similar to studies of checklists in other high-risk environments such as the operating room,29 achieving a shared understanding of safe practices would facilitate better teamwork and collaboration and perhaps stimulate implementation of solutions. However, when too many stakeholders are involved, there is a risk that certain team members may lack role clarity or assume that others are primarily responsible for addressing key tasks.31 We suggest that frontline users must engage in multidisciplinary teams to conduct self-assessments because they interact with all aspects of the EHR-enabled healthcare delivery system. To lead, they must have authority and resources from organizational leadership committed to the safety and safe use of EHRs. Organizational leaders should then work with individuals or organizations (sometimes external ones, such as EHR developers) and assign responsibility for the work to implement recommended practices based on the assessment.
Although a self-assessment is generally intended to stimulate and sustain recommended practices, it can also establish a baseline for measuring effects of interventions designed to improve safety over time. If used for this purpose, the SAFER guides could be used to reassess safety at periodic intervals (eg, annually) or when changes are made to the EHR.
We found in our preliminary field research that the recommended practices in each SAFER guide apply to all types and sizes of EHR-enabled practice settings. Implementation of the recommended practices will vary by type of practice and type of EHR (eg, remotely hosted vs local server). The number and type of people involved in conducting SAFER guide assessments will also vary by practice setting. To address these variations, the SAFER guides have accompanying worksheets with specific examples of different methods to implement the recommended practices.
We also expect variation in the importance or urgency of implementing some of the recommended practices based upon the type of practice setting. Some recommended practices, such as contingency planning to avoid EHR downtimes, may be critical for tertiary care hospitals and less urgent for outpatient clinics that do not perform complex surgical procedures or provide overnight care.32 In addition, it is important for assessment results to be discussed with EHR vendors and open the dialogue about solutions and patches that might have been created for other clients. For example, EHR vendors may have developed a solution to the specific problem identified but not yet released this fix to all their customers. Furthermore, it is important for parties conducting these assessments to carefully weigh the risks that apply to their settings as well as the difficulty in implementing the required changes in hardware, software, or clinical work flow.33 The SAFER guides are designed to help all types and sizes of EHRenabled practice settings target areas of concern specific to their unique circumstances and resources.
To fulfill the promise of EHRs, the SAFER guides can empower organizations, and practitioners that work within them, to address their EHR-related problems along front lines of care. Furthermore, they could help front-line users and other stakeholders have meaningful conversations on how to optimize EHR functionality and how to use EHRs to drive substantial improvements in the quality and safety of healthcare. These conversations, though likely a first step in a long process for most organizations, could go a long way toward helping leverage the potential of EHRs to improve health and healthcare. Author Affiliations: University of Texas Health Science Center at Houston’s School of Biomedical Informatics and the UT-Memorial Hermann Center for Healthcare Quality & Safety, Houston, TX (DFS); Department of Medical Informatics and Clinical Epidemiology, School of Medicine, Oregon Health & Science University, Portland, OR (JSA); Houston Veterans Administration Health Services Research & Development Center for Innovations in Quality, Effectiveness and Safety, the Michael E. DeBakey Veterans Affairs Medical Center and the Section of Health Services Research, Department of Medicine, Baylor College of Medicine, Houston, TX (HS).
Source of Funding: The SAFER project is supported through a subcontract from Westat (HHSP-23320095655WC0095655; Anticipating the Unintended Consequences of Health IT) funded by the Office of the National Coordinator for Health Information Technology (ONC) (HHSP23337003T; to Drs Sittig, Ash, and Singh). Dr Singh was supported in part by the Department of Veterans Affairs, Veterans Health Administration, Office of Research and Development and the Center for Innovations in Quality, Effectiveness and Safety (CIN 13-413).
Author Disclosures: The authors report no relationship or financial interest with any entity that would pose a conflict of interest with the subject matter of this article. The views expressed in this article are those of the authors and do not necessarily represent the views of the Department of Veterans Affairs or the ONC. The funders had no role in the design and conduct of the study; collection, management, analysis, and interpretation of the data; preparation, review, or approval of the manuscript; or decision to submit the manuscript for publication.
Authorship Information: Concept and design (DFS, JSA, HS); acquisition of data (DFS, JSA, HS); analysis and interpretation of data (DFS, JSA, HS); drafting of the manuscript (DFS, JSA, HS); critical revision of the manuscript for important intellectual content (DFS, JSA, HS); obtaining funding (DFS, JSA, HS); administrative, technical, or logistic support (HS).
Address correspondence to: Dean F. Sittig, PhD, UT-Memorial Hermann Center for Healthcare Quality & Safety, 6410 Fannin St, UTPB 1100.43, Houston, TX 77030. E-mail: firstname.lastname@example.org. Blumenthal D, Glaser JP. Information technology comes to medicine. N Engl J Med. 2007;356(24):2527-2534.
2. Blumenthal D. Launching HITECH. N Engl J Med. 2010;362(5): 382-385.
3. Wright A, Henkin S, Feblowitz J, McCoy AB, Bates DW, Sittig DF. Early results of the meaningful use program for electronic health records. N Engl J Med. 2013;368(8):779-780.
4. Propp DA. Successful introduction of an emergency department electronic health record. West J Emerg Med. 2012;13(4):358-361.
5. Powsner SM, Wyatt JC, Wright P. Opportunities for and challenges of computerisation. Lancet. 1998;352(9140):1617-1622.
6. Bates DW, Leape LL, Cullen DJ, et al. Effect of computerized physician order entry and a team intervention on prevention of serious medication errors. JAMA. 1998;280(15):1311-1316.
7. Sittig DF, Singh H. Improving test result follow-up through electronic health records requires more than just an alert. J Gen Intern Med. 2012; 27(10):1235-1237.
8. Campbell EM, Sittig DF, Ash JS, Guappone KP, Dykstra RH. Types of unintended consequences related to computerized provider order entry. J Am Med Inform Assoc. 2006;13(5):547-556.
9. Myers RB, Jones SL, Sittig DF. Review of Reported Clinical Information System Adverse Events in US Food and Drug Administration Databases. Appl Clin Inform. 2011;2(1):63-74.
10. ECRI Institute PSO Deep Dive: Health Information Technology. ECRI Institute website. https://www.ecri.org/EmailResources/PSRQ/ECRI_ Institute_PSO_Deep%20Dive_HIT_TOC.pdf. Published December 2012.
11. Farley HL, Baumlin KM, Hamedani AG, et al. Quality and safety implications of emergency department information systems. Ann Emerg Med. 2013;62(4):399-407.
12. Institute of Medicine. Health IT and Patient Safety: Building Safer Systems for Better Care. Washington DC: The National Academies Press; 2012.
13. Health Information Technology Patient Safety Action & Surveillance Plan. Office of the National Coordinator for Health Information Technology website. http://www.healthit.gov/sites/default/files/safety_plan_ master.pdf. Published July 2, 2013.
14. Weingart SN, Seger AC, Feola N, Heffernan J, Schiff G, Isaac T. Electronic drug interaction alerts in ambulatory care: the value and acceptance of high-value alerts in US medical practices as assessed by an expert clinical panel. Drug Saf. 2011;34(7):587-593.
15. Carspecken CW, Sharek PJ, Longhurst C, Pageler NM. A clinical case of electronic health record drug alert fatigue: consequences for patient outcome. Pediatrics. 2013;131(6):e1970-e1973.
16. Shortliffe EH. Biomedical informatics in the education of physicians. JAMA. 2010;304(11):1227-1228.
17. Marx DA, Slonim AD. Assessing patient safety risk before the injury occurs: an introduction to sociotechnical probabilistic risk modelling in healthcare. Qual Saf Healthcare. 2003;12(suppl 2):ii33-ii38.
18. Singh H, Ash JS, Sittig DF. Safety Assurance Factors for Electronic Health Record Resilience (SAFER): study protocol. BMC Med Inform Decis Mak. 2013;13:46.
19. Sherman H, Castro G, Fletcher M, Hatlie M, Hibbert P, Jakob R. Towards an International Classification for Patient Safety: the conceptual framework. Int J Qual Healthcare. 2009;21:2-8.
20. Vartian CV, Singh H, Sittig DF. Development and field testing of a self-assessment guide for computer-based provider order entry. J Healthc Manag. In press.
21. Sittig DF, Singh H. A new sociotechnical model for studying health information technology in complex adaptive healthcare systems. Qual Saf Healthcare. 2010;19(suppl 3):i68-i74.
22. Sittig DF, Singh H. Electronic health records and national patientsafety goals. N Engl J Med. 2012;367(19):1854-1860.
23. Blumenthal D, Tavenner M. The “meaningful use” regulation for electronic health records. N Engl J Med. 2010;363(6):501-504.
24. Sittig DF, Singh H. Improving test result follow-up through electronic health records requires more than just an alert. J Gen Intern Med. 2012; 27(10):1235-1237.
25. Singh H, Spitzmueller C, Petersen NJ, Sawhney MK, Sittig DF. Information overload and missed test results in electronic health recordbased settings. JAMA Intern Med. 2013;173(8):702-704.
26. Gardner RM, Overhage JM, Steen EB, et al. Core content for the subspecialty of clinical informatics. J Am Med Inform Assoc. 2009;16(2):153-157.
27. Safran C, Shabot MM, Munger BS, et al. Program requirements for fellowship education in the subspecialty of clinical informatics. J Am Med Inform Assoc. 2009;16(2):158-166 [published correction appears in J Am Med Inform Assoc. 2009;16(4):605].
28. Walker JM, Carayon P, Leveson N, et al. EHR safety: the way forward to safe and effective systems. J Am Med Inform Assoc. 2008;15(3):272-277.
29. Menon S, Singh H, Meyer AN, Belmont E, Sittig DF. Electronic health record-related safety concerns: a cross-sectional survey. J Healthc Risk Manag. In press.
30. de Vries EN, Prins HA, Crolla RM, et al. Effect of a comprehensive surgical safety system on patient outcomes. N Engl J Med. 2010;363(20):1928-1937.
31. Singh H, Thomas EJ, Mani S, et al. Timely follow-up of abnormal diagnostic imaging test results in an outpatient setting: are electronic medical records achieving their potential? Arch Intern Med. 2009; 169(17):1578-1586.
32. Sittig DF, Gonzalez D, Singh H. Contingency planning for electronic health record-based care continuity: a survey of recommended practices. UT-Memorial Hermann Center for Healthcare Quality & Safety; Technical Report 2014:1.
33. Campbell EM1, Guappone KP, Sittig DF, Dykstra RH, Ash JS. Computerized provider order entry adoption: implications for clinical work flow. J Gen Intern Med. 2009;24(1):21-26.