However, what was largely left out was the issue of safety.
I've written this letter to the congresspeople who've written to HHS secretary Sebelius (PDF available at this link):
October 24, 2012
To:
Sens. Coburn, Burr,Roberts and ThuneReps. Ellmers, Camp,Herger, Uptonand PittsUnited States CongressWashington, DC
Re: HITECH and healthcare information technology
Dear Senators andRepresentatives,
I applaud your recentinquiries to HHS regarding critical issues related to healthcare informationtechnology (EHRs, physician order entry, decision supporting systems,etc.) Issues such as the possible role of these systems in upcoding andMedicare overbilling, test overutilization, abuse of incentives, etc. must beaddressed.
However, you did notaddress an issue probably more important to the public, indeed to us all aspatients – that of health information technology safety.
Congress must be madeaware that health IT exists in two forms: good health IT and badhealth IT. Bad healthIT reduces safety, creates close calls, injures, kills, raises costs, andsacrifices information privacy and confidentiality, among other illeffects.
Congress must also bemade aware that unfortunately due to systemic impediments to free flow ofinformation about health IT systems and lack of FDA or other independentindustry regulation, bad health IT is rarely removed from the marketplace or fixed.
FDA and its directorof the Center for Devices and Radiological Health (CDRH), Jeffrey Shuren MD JD,testified to HHS in Feb. 2010 that “under the Federal, Food, Drug, and CosmeticAct, health information technology software is a medical device”, but that FDAhas “largely refrained from enforcing our regulatory requirements with respectto HIT devices.”
To clarify about thetwo types of health IT:
Good Health IT provides a good user experience,enhances cognitive function, puts essential information as effortlessly aspossible into the physician’s hands, keeps eHealth information secure, protectspatient privacy and facilitates better practice of medicine and betteroutcomes.
Bad Health IT is ill-suited to purpose, hard touse, unreliable, loses data or provides incorrect data, causes cognitiveoverload, slows rather than facilitates users, lacks appropriate alerts,creates the need for hypervigilance (i.e., towards avoiding IT-related mishaps)that increases stress, is lacking in security, compromises patient privacy orotherwise demonstrates suboptimal design and/or implementation.
The Agency forHealthcare Research and Quality (AHRQ) recently reported that the highestprevalence of medical technology safety issues was related to EHR systems. Even worse, there is a lack of reportingtransparency. Harms are known of, but the magnitude admittedly unknown due tosystematic impediments to reporting transparency, collection and analysis, asnoted by FDA in a 2010 internal memo and IOM itself in its 2012 report onhealth IT safety. This is unprecedented in modern medicine, violatespatient’s rights, and under no circumstances should be considered acceptable.
I personally know ofadverse patient outcomes including death related to bad health IT that areunreported (even in a state that mandates reporting of medical incidents andserious events), as do numerous colleagues.
The Institute of Medicinehas just released a Discussion Paper written by experts in health informationtechnology entitled “Comparative User Experiences of Health IT Products: HowUser Experiences Would Be Reported and Used" (http://www.iom.edu/Global/Perspectives/2012/~/media/Files/Perspectives-Files/2012/Discussion-Papers/comparative-user-experiences.pdf).The recommendations in this paper need to be put into place, and Congressionalawareness of the issues and official inquiry as to when this will happen isessential.
This paper’srecommendations will not happen without the oversight of Congress. Asstated in the paper itself, “Some medical and IT leaders have invested theirreputations, and their organization’s time and money, in the software [implementation]program; complaints that expose large problems may not be appreciated orcarried forward.”
Some claim safeguardsare already in place in the form of HHS certification of health IT.
Unfortunately, the HHShealth IT certification guidelines do not have sufficient depth nor the correctfocus to distinguish between bad health IT and good healthIT. Certification for MU does not look at real-world testingfor safety, reliability and usability, for instance, under real loads, inactual clinical settings, and is not very thorough.
On the otherhand, NASA, the pharmaceutical industry (via FDA's regulation ofpharmaceutical research and manufacturing IT) and others dependent onmission-critical software have rigorous validation procedures to check forsuch factors, e.g., NASA’s "Certification Processes for Safety-Critical andMission-Critical Aerospace Software" that includes rigorous testing todistinguish bad IT from good IT, and remediate or abandon the former.
p. 6-7: In order to meet mostregulatory guidelines, developers mustbuild a safety case as a means of documenting the safety justificationof a system. The safety case is a recordof all safety activities associated with a system throughout its life.Items contained in a safety case include the following:
• Description of the system/software
• Evidence of competence of personnelinvolved in development of safety-critical software and any safety activity
• Specification of safety requirements
• Results of hazard and risk analysis
• Details of risk reductiontechniques employed
• Results of design analysis showing that the system design meets allrequired safety targets
• Verification and validation strategy
• Results of all verification andvalidation activities
• Records of safety reviews
• Records of any incidents which occurthroughout the life of the system
• Records of all changes to the system and justification of its continued safety
These processes needto be put in place regarding healthcare IT as well, but will take much time andregulatory push on the industry to occur. In the absence of trulyrigorous testing, though, transparency is essential.
The aforementionedIOM Discussion Paper outlines the creation of a nationwide post-marketingsurveillance process and transparency on health IT usability problems, safetyissues, billing fraud promotion, etc. is essential. It recommends:
¨ “Flightsimulator”-like, thorough laboratory evaluation of test scenarios;¨ Point-of-usereporting by doctors and nurses on their experiences;¨ Thirdparty–administered doctor and nurse surveys about their experiences with EHRsystems;¨ Directclinician-to-public reporting; and¨ Aformalized system of hazards reporting from EHR systems.
These measures areessential if the technology is to achieve the benefits of which it istheoretically capable, but not presently achieving despite the hundreds ofbillions of dollars being spent.
In conclusion, I askyou to add to your inquiries the subject of health information technologysafety. That includes the need for HHS to develop a robust, transparentnational reporting system for safety problems created by the technology, and asystem to ensure that bad health IT is either fixed in a timely manner orremoved from the marketplace.
Sincerely,
Scot Silverstein, MD
-----------------------------------------------------------------Scot M. Silverstein,MDAdjunct faculty inHealthcare Informatics and IT (Sept. 2007-present)Assistant Professor ofHealthcare Informatics and IT, and Director, Institute for HealthcareInformatics (2005-7)
Drexel UniversityCollege of Information Science and Technology3141 Chestnut St., Philadelphia, PA 19104-2875
Email: sms88 AT drexel DOT edu Bio: http://www.ischool.drexel.edu/faculty/ssilverstein/biography.htm
I hope this letter has some beneficial effect.
-- SS
Hiç yorum yok:
Yorum Gönder