Does Health IT Safety Need New Regulatory Body? - InformationWeek
Healthcare // Analytics
02:24 PM
[Dark Reading Crash Course] Finding & Fixing Application Security Vulnerabilitie
Sep 14, 2017
Hear from a top applications security expert as he discusses key practices for scanning and securi ...Read More>>

Does Health IT Safety Need New Regulatory Body?

Recent Department of Health and Human Services proposal says no; new think tank report agrees with HHS stance.

 7 Portals Powering Patient Engagement
7 Portals Powering Patient Engagement
(click image for larger view and for slideshow)
The Bipartisan Policy Center (BPC), a Washington think tank, has proposed an oversight framework to improve health IT-related patient safety. The BPC report, which grew out of discussions among a wide variety of healthcare stakeholders, lends support to a recent Department of Health and Human Services (HHS) proposal that would avoid creating a new regulatory body to oversee health IT safety.

The BPC report focuses on ways to protect patient safety while promoting continued innovation in health IT. An oversight framework, the organization said, should recognize the role that health IT plays in improving the quality, safety and cost-effectiveness of care; assure that patient safety is a responsibility shared by the entire healthcare system; be risk-based, flexible and not stifle innovation; emphasize the use of existing safety and quality-related processes, systems and standards; and involve the reporting of patient safety events related to health IT in a non-punitive environment.

The report comes in the wake of a proposal last December from the Office of the National Coordinator of Health IT (ONC), a unit of HHS, that has drawn mostly positive reviews from organizations representing hospitals and CIOs. The Food and Drug Administration Safety and Innovation Act of 2012 requires HHS to develop by January 2014 a proposed strategy and recommendations for a regulatory framework for health IT. Both that provision and the ONC proposal were prompted by a 2011 Institute of Medicine report that recommended the creation of a new watchdog agency to monitor health IT-related safety incidents.

[ Want to know how analytics are changing healthcare? See 7 Big Data Solutions Try To Reshape Healthcare. ]

ONC said that no new oversight body was needed and that existing patient safety efforts by the government and the private sector should be used as the foundation for improving health IT safety. It recommended making it easier for clinicians to report adverse events related to health IT and enabling aggregation and analysis of this data using the patient safety organizations (PSOs) authorized by the federal government.

BPC agreed with these points in its framework. It also called for "developer, implementer and user participation in safety activities," leveraging the capabilities of PSOs. In addition, its framework would require "development of and adherence to standards and guidelines" for health-related patient safety.

At a press conference, representatives of the diverse group that formulated the BPC report made clear that government agencies were not needed to regulate health IT safety. Instead, the same kind of public-private partnership and accreditation processes that have worked well in health IT so far should be applied to the safety area, too, said Janet Marchibroda, director of the BPC Health Innovation Initiative.

In addition, she noted, the PSOs "are already receiving patient safety reports. You don't always know it's a health IT issue until after you do the investigation. So we're calling for leveraging the processes and authorities that are in place, not creating new silos that require new authority, new legislative action and new funding."

The report said that health IT safety policies should be "aligned with and integrated into well-established patient safety and quality programs, including those that involve accreditation, certification and reporting." Participants at the press conference said that the existing Meaningful Use EHR incentive program could play an important role here.

"Let's not create something new that becomes burdensome and costly and can negatively affect patient care. Let's use what's already out there," said Russell Branzell, CEO of the Colorado Health Medical Group of University of Colorado Health. Branzell, who has just been named president and CEO of the College of Health Information Management Executives (CHIME), also said that there was a "narrow window" to include patient safety in the EHR certification criteria for Meaningful Use stage 3.

John Glaser, CEO of Siemens Health Services, endorsed the idea of using some kind of certification to assure that health IT systems can be used safely. But in contrast to the ONC-supervised EHR certification program, which focuses on product features, he said that safety certification should be "more process centric." He added that vendors should not compete on safety, but should cooperate to develop the safest possible systems -- a sentiment that was heartily endorsed by other participants.

Doug Henley, MD, executive VP and CEO of the American Academy of Family Physicians (AAFP), broadened the discussion of patient safety to the ability of clinical information systems to help physicians provide high-quality care and make the best possible medical decisions.

"As we move toward accountable care, family physicians need to have the right information on the right patient at the right time and in the right place," he said. "So enhanced interoperability is critical going forward -- that's important to patient safety. And safety should not be a competitive issue but an expected outcome of all IT products."

Federal Meaningful Use Stage 2 requirements will make your medical organization more competitive -- if they don't drive you off the deep end. Also in the new, all-digital Meaningful Mania Part 2 issue of InformationWeek Healthcare: As a nation, we're falling short of the goal of boosting efficiency and saving money with health IT. (Free with registration.)

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
2/18/2013 | 6:19:00 PM
re: Does Health IT Safety Need New Regulatory Body?
Here we see another instance where the lack of interoperability between systems hurts health IT. We have the foundation to enhance patient safety but we need vendors to work together to develop better safety measures across all systems. We canG«÷t let competition hamper patient safety. Health IT systems should use the same standards for patient safety and strive to develop more interoperability so correct patient information is readily available.

Jay Simmons
Information Week Contributor
J. Nicholas Hoover
J. Nicholas Hoover,
User Rank: Apprentice
2/14/2013 | 4:34:13 PM
re: Does Health IT Safety Need New Regulatory Body?
The volume of patient data is set to explode in the coming years as Internet-connected EMRs become common or ubiquitous and heretofore prohibitively expensive genetics and proteomics tests become cheap enough to become a regular occurrence. Already, some of the largest data sets held globally are in the field of biomedical informatics. As these volumes grow, the threat of medical identity theft and medical data theft more generally may well grow with it. While HIPAA and the HITECH Act create the regulatory framework that defines how those who use and hold medical data must secure that data, I wonder why HHS should not take on more of a role of policeman, including tactics like random audits.
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll