Workgroup recommends national database of safety incidents.
Safety concerns took center stage at the Health IT Policy Committee meeting yesterday in Washington, D.C.
The country needs a national database or information system to house all patient safety incident reports, said software entrepreneur Paul Egerman and Intermountain Healthcare CIO Marc Probst, who co-chair the committee's certification and adoption workgroup.
The technology architecture of the database was barely discussed, as the committee focused on privacy and liability. Those two areas must be addressed first to ensure that healthcare providers and others are able to report incidents without fear of reprisals.
The workgroup's report refined an earlier presentation that Egerman and Probst gave after receiving testimony in February on HIT-related patient safety incidents.
The HIT Policy Committee was created as part of the HITECH Act, a component of the massive American Reinvestment and Recovery Act of 2009. It provides recommendations to the Office of the National Coordinator for Health IT. National coordinator Dr. David Blumenthal, also chairs the policy committee.
The workgroup endorsed having a feedback button built into the user interface of HIT applications, so people wouldn't have to search for the agency to contact with their concerns. Also the workgroup recommended the creation of an environment that encourages the reporting of "near misses"--where an error could have caused major harm, but didn't.
The committee debated what roles various organizations could play in the project, including patient safety organizations and the Food and Drug Administration.
However Egerman and Probst said their workgroup recommends outcomes, not the specific agencies that should construct programs. "We decided to just define what was needed, not how it must be implemented," Egerman said. "We indicate we want a national information system with oversight, without specifying who and how."
They said components of the system should include:
Confidential reporting with liability protection (e.g., whistle-blower protection);
The ability to investigate serious incidents;
Provision of standardized data reporting formats that facilitate analysis and evaluation;
Receipt of reports from patients, clinicians, vendors, and healthcare organizations;
Receipt of reports about all health information technology systems;
Receipt of reports from all software sources--vendors, self-developed, and open source;
The ability to disseminate information about reported hazards.
The workgroup also recommended that Office of the National Coordinator commission a study "to thoroughly evaluate HIT patient safety concerns and to recommend additional actions and strategies to address those concerns."
In a related discussion, the workgroup recommended that the industry be notified of Stage 2 and 3 Meaningful Use criteria at last 18 months before the eligibility period for those phases of the program begin. The director of the Centers for Medicare and Medicaid's Office of e-Health Standards and Services, Tony Trenkle, responded that backing up the finalization of Stage 2 by that much time would leave little opportunity to hear about issues with Stage 1.
"Although this sounds good on paper," he said, there won't be much time to get feedback on 2011 responses and concerns. "That would be my major issue," Trenkle said.
Healthcare providers will have to "implement on the back end if we don't get the requirements out," Probst said.
When asked if the Policy Committee could change the staging dates of the Meaningful Use program, Trenkle said that since the staging was a creation of the committee and not in the HITECH statue, it's free to alter it.
Dr. Paul Tang, chief medical information officer at the Palo Alto Medical Foundation, said short of final guidance for Stages 2 and 3, the committee should continue signaling to the industry about its direction.
One way or the other, Probst said the industry needs ample time to implement HIT-related technologies, lest patient safety be compromised by the very program created to improve it. "The sooner we get the requirements out there, the sooner they can be reacted to," he said.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.