(click image for larger view)

Slideshow: 17 Leading EHR Vendors

EHRs may reduce the medical liability for certain errors, but it appears they "both create new forms of medical liability and expose existing liability issues in the healthcare environment that might otherwise remain unknown," says a white paper published by the AC Group, a Montgomery, Texas, health IT research and consulting firm.

The paper calls on federal officials to slow the pace of the federal Meaningful Use incentive program to get medical practices and hospitals to use EHRs. Co-authors Mark Anderson, CEO of the AC Group, and veteran clinical informatics professional Dr. Larry Ozeran say the "artificially short deadlines" for implementation could raise malpractice risks by spurring vendors to cut corners on developing products and rushing users through training.

[ there are other concerns about EHRs. Read GE Admits Inaccuracies With EHR Reporting. ]

Anderson and Ozeran reviewed 65 ambulatory EHRs that were certified to meet federal 2011 Meaningful Use standards and found that more than 90% didn't offer "adequate medico-legal training" and that 95% raised specific legal issues.

"Either could increase the potential risk of a liability claim and would hamper its defense," they wrote. "As is often the case, technology is advancing more rapidly than our ability to identify and address the medico-legal issues. The result of this uneven progression is that physicians and other stakeholders may be unknowingly exposed to medical liability risk."

Shortfalls in EHR functionality also could contribute to increased liability risk, since the Office of the National Coordinator for Health Information Technology's (ONC) certification criteria doesn't require EHRs to check drug orders against laboratory results or take into account social and family medical history in creating alerts.

"Everyone thinks ONC covers everything," Anderson told InformationWeek Healthcare at the annual Medical Group Management Association conference, now underway in Las Vegas. But most commercial EHRs that have ONC certification don't, for example, create alerts for more frequent mammograms if a female patient has indicated that her mother has had breast cancer, he explained.

Also, clinical notes provide too many "normal" indicators, according to Anderson and Ozeran. EHRs often are too focused on recording billing codes and don't do a good job of documenting what doctors are really thinking.

AC Group further investigated the specific functionality of 42 ambulatory EHRs and found that nearly 90% couldn't provide drug-lab alerts. More than 80% didn't run interaction checking during the prescription refill process, and about 60% didn't automatically update clinical decision support to reflect changes in recommended treatments. In many cases, Anderson added, drugs ordered by other physicians don't always show up in medication lists, so the EHR could miss critical safety alerts.

"It creates a gigantic risk," Anderson said. He said his review actually found two deaths that could be traced to EHRs missing alerts for medications patients shouldn't have been given.

In addition, poorly designed and implemented EHRs could make it far easier for malpractice attorneys to press their cases by mining the metadata embedded in patient records. "During the discovery process of a malpractice claim, the printed record shows the current information but not the information that was available to the provider at the time the care was rendered," the report says. "Time synchronization between different electronic charting systems is lacking--for example, one time sequence might indicate that a child was born before the C-section was performed."

Anderson and Ozeran recommended that EHR vendors "strongly consider" external reviews of their products for potential medical malpractice concerns their customers could face. Vendors so far have resisted, since their software offerings do meet federal standards, Anderson says. But vendors and providers should act to head off potential problems, he adds.

Anderson says he's talking separately with five malpractice insurance carriers on developing policies to mitigate EHR-related risk, which could include higher premiums for using certain products. "Carriers may want to clarify their coverage with their clients, both the circumstances and the limits of liability protection, if different from their standard liability policy," the report says.

A spokesman for the Physician Insurers Association of America (PIAA), the trade group for medical malpractice insurers, said he wasn't aware of any discussions between malpractice insurers and EHR vendors. The HIMSS EHR Association, an affiliate of the Healthcare Information and Management Systems Society, also didn't comment for this story.

The new InformationWeek Healthcare supplement explains how the most astute healthcare providers are putting those billions of dollars in federal stimulus funds to productive use. Download the supplement now. (Free registration required.)