Does Health IT Safety Need New Regulatory Body?

Recent Department of Health and Human Services proposal says no; new think tank report agrees with HHS stance.
 7 Portals Powering Patient Engagement
7 Portals Powering Patient Engagement
(click image for larger view and for slideshow)
The Bipartisan Policy Center (BPC), a Washington think tank, has proposed an oversight framework to improve health IT-related patient safety. The BPC report, which grew out of discussions among a wide variety of healthcare stakeholders, lends support to a recent Department of Health and Human Services (HHS) proposal that would avoid creating a new regulatory body to oversee health IT safety.

The BPC report focuses on ways to protect patient safety while promoting continued innovation in health IT. An oversight framework, the organization said, should recognize the role that health IT plays in improving the quality, safety and cost-effectiveness of care; assure that patient safety is a responsibility shared by the entire healthcare system; be risk-based, flexible and not stifle innovation; emphasize the use of existing safety and quality-related processes, systems and standards; and involve the reporting of patient safety events related to health IT in a non-punitive environment.

The report comes in the wake of a proposal last December from the Office of the National Coordinator of Health IT (ONC), a unit of HHS, that has drawn mostly positive reviews from organizations representing hospitals and CIOs. The Food and Drug Administration Safety and Innovation Act of 2012 requires HHS to develop by January 2014 a proposed strategy and recommendations for a regulatory framework for health IT. Both that provision and the ONC proposal were prompted by a 2011 Institute of Medicine report that recommended the creation of a new watchdog agency to monitor health IT-related safety incidents.

[ Want to know how analytics are changing healthcare? See 7 Big Data Solutions Try To Reshape Healthcare. ]

ONC said that no new oversight body was needed and that existing patient safety efforts by the government and the private sector should be used as the foundation for improving health IT safety. It recommended making it easier for clinicians to report adverse events related to health IT and enabling aggregation and analysis of this data using the patient safety organizations (PSOs) authorized by the federal government.

BPC agreed with these points in its framework. It also called for "developer, implementer and user participation in safety activities," leveraging the capabilities of PSOs. In addition, its framework would require "development of and adherence to standards and guidelines" for health-related patient safety.

At a press conference, representatives of the diverse group that formulated the BPC report made clear that government agencies were not needed to regulate health IT safety. Instead, the same kind of public-private partnership and accreditation processes that have worked well in health IT so far should be applied to the safety area, too, said Janet Marchibroda, director of the BPC Health Innovation Initiative.

In addition, she noted, the PSOs "are already receiving patient safety reports. You don't always know it's a health IT issue until after you do the investigation. So we're calling for leveraging the processes and authorities that are in place, not creating new silos that require new authority, new legislative action and new funding."

The report said that health IT safety policies should be "aligned with and integrated into well-established patient safety and quality programs, including those that involve accreditation, certification and reporting." Participants at the press conference said that the existing Meaningful Use EHR incentive program could play an important role here.

"Let's not create something new that becomes burdensome and costly and can negatively affect patient care. Let's use what's already out there," said Russell Branzell, CEO of the Colorado Health Medical Group of University of Colorado Health. Branzell, who has just been named president and CEO of the College of Health Information Management Executives (CHIME), also said that there was a "narrow window" to include patient safety in the EHR certification criteria for Meaningful Use stage 3.

John Glaser, CEO of Siemens Health Services, endorsed the idea of using some kind of certification to assure that health IT systems can be used safely. But in contrast to the ONC-supervised EHR certification program, which focuses on product features, he said that safety certification should be "more process centric." He added that vendors should not compete on safety, but should cooperate to develop the safest possible systems -- a sentiment that was heartily endorsed by other participants.

Doug Henley, MD, executive VP and CEO of the American Academy of Family Physicians (AAFP), broadened the discussion of patient safety to the ability of clinical information systems to help physicians provide high-quality care and make the best possible medical decisions.

"As we move toward accountable care, family physicians need to have the right information on the right patient at the right time and in the right place," he said. "So enhanced interoperability is critical going forward -- that's important to patient safety. And safety should not be a competitive issue but an expected outcome of all IT products."

Federal Meaningful Use Stage 2 requirements will make your medical organization more competitive -- if they don't drive you off the deep end. Also in the new, all-digital Meaningful Mania Part 2 issue of InformationWeek Healthcare: As a nation, we're falling short of the goal of boosting efficiency and saving money with health IT. (Free with registration.)