Week 3 Investigation 2 – Patient Safety Concerns
Read the Executive Summary of the Institute of Medicine’s (2011) report entitled Health IT and Patient Privacy: Building Safer Systems for Better Care and answer the attached.
Present your findings in a short, well-organized, and edited essay (800- 1000 words). Please adhere to APA documentation guidelines.
Read the Executive Summary of the institute of Medicine’s (2011) report entitledHealth IT and Patient Privacy: Building Safer Systems for Better Careand answer the following:
How can patient safety concerns arise from Health IT designed to enhance or improve patient quality?
Do you agree that, when implementing a health care information system, patient safety is a partnership between the health care organization and health IT vendor? Why or Why not?
Explain the role of both the health care organization and the health IT vendor and explain your rationale.
Be sure to read Chapter 9 before you begin.
Instructions and Due Dates
Present your findings in a short, well-organized, and edited essay (800- 1000 words). Please adhere to APA documentation guidelines. Health IT and
Patient Safety
Building Safer Systems
for Better Care
PREPUBLICATION COPY: UNCORRECTED PROOFS
Health IT and Patient Safety: Building Safer
Systems for Better Care
Committee on Patient Safety and Health Information Technology
Board on Health Care Services
PREPUBLICATION COPY: UNCORRECTED PROOFS
THE NATIONAL ACADEMIES PRESS 500 Fifth Street, N.W. Washington, DC 20001
NOTICE: The project that is the subject of this report was approved by the Governing Board of the
National Research Council, whose members are drawn from the councils of the National Academy of
Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the
committee responsible for the report were chosen for their special competences and with regard for
appropriate balance.
This study was supported by Contract No. HHSP23337018T between the National Academy of Sciences
and the United States Department of Health and Human Services. Any opinions, findings, conclusions, or
recommendations expressed in this publication are those of the author(s) and do not necessarily reflect the
view of the organizations or agencies that provided support for this project.
International Standard Book Number 0-309-XXXXX-X (Book)
International Standard Book Number 0-309- XXXXX -X (PDF)
Library of Congress Control Number: 00 XXXXXX
Additional copies of this report are available from the National Academies Press, 500 Fifth Street, N.W.,
Lockbox 285, Washington, DC 20055; (800) 624-6242 or (202) 334-3313 (in the Washington
metropolitan area); Internet, http://www.nap.edu.
For more information about the Institute of Medicine, visit the IOM home page at: www.iom.edu.
Copyright 2012 by the National Academy of Sciences. All rights reserved.
Printed in the United States of America
The serpent has been a symbol of long life, healing, and knowledge among almost all cultures and
religions since the beginning of recorded history. The serpent adopted as a logotype by the Institute of
Medicine is a relief carving from ancient Greece, now held by the Staatliche Museen in Berlin.
Suggested citation: IOM (Institute of Medicine). 2012. Health IT and Patient Safety: Building Safer
Systems for Better Care. Washington, DC: The National Academies Press.
PREPUBLICATION COPY: UNCORRECTED PROOFS
PREPUBLICATION COPY: UNCORRECTED PROOFS
The National Academy of Sciences is a private, nonprofit, self-perpetuating society of distinguished scholars engaged in
scientific and engineering research, dedicated to the furtherance of science and technology and to their use for the general
welfare. Upon the authority of the charter granted to it by the Congress in 1863, the Academy has a mandate that requires it to
advise the federal government on scientific and technical matters. Dr. Ralph J. Cicerone is president of the National Academy of
Sciences.
The National Academy of Engineering was established in 1964, under the charter of the National Academy of Sciences, as a
parallel organization of outstanding engineers. It is autonomous in its administration and in the selection of its members, sharing
with the National Academy of Sciences the responsibility for advising the federal government. The National Academy of
Engineering also sponsors engineering programs aimed at meeting national needs, encourages education and research, and
recognizes the superior achievements of engineers. Dr. Charles M. Vest is president of the National Academy of Engineering.
The Institute of Medicine was established in 1970 by the National Academy of Sciences to secure the services of eminent
members of appropriate professions in the examination of policy matters pertaining to the health of the public. The Institute acts
under the responsibility given to the National Academy of Sciences by its congressional charter to be an adviser to the federal
government and, upon its own initiative, to identify issues of medical care, research, and education. Dr. Harvey V. Fineberg is
president of the Institute of Medicine.
The National Research Council was organized by the National Academy of Sciences in 1916 to associate the broad community
of science and technology with the Academys purposes of furthering knowledge and advising the federal government.
Functioning in accordance with general policies determined by the Academy, the Council has become the principal operating
agency of both the National Academy of Sciences and the National Academy of Engineering in providing services to the
government, the public, and the scientific and engineering communities. The Council is administered jointly by both Academies
and the Institute of Medicine. Dr. Ralph J. Cicerone and Dr. Charles M. Vest are chair and vice chair, respectively, of the
National Research Council.
www.national-academies.org
COMMITTEE ON PATIENT SAFETY AND HEALTH INFORMATION
TECHNOLOGY
GAIL L. WARDEN (Chair), President Emeritus, Henry Ford Health System, Detroit, MI
JAMES P. BAGIAN, Director, Center for Health Engineering and Patient Safety, Chief Patient Safety and
Systems Innovation Officer, Department of Industrial and Operations Engineering at the University of
Michigan, Ann Arbor, MI
RICHARD BARON,1 Professor and CEO, Greenhouse Internists, PC, Philadelphia, PA (resigned from
committee March 2011)
DAVID W. BATES, Chief, General Medicine Division, Brigham and Womens Hospital, Boston, MA
DEDRA CANTRELL, Chief Information Officer, Emory Healthcare, Inc, Atlanta, GA
DAVID C. CLASSEN, Associate Professor of Medicine, University of Utah, Senior Vice President and
Chief Medical Officer, CSC, Salt Lake City, UT
RICHARD I. COOK, Associate Professor of Anesthesia and Critical Care, University of Chicago, IL
DON E. DETMER, Medical Director, Division of Advocacy and Health Policy, American College of
Surgeons, Washington, DC, and Professor Emeritus and Professor of Medical Education, University
of Virginia School of Medicine, Charlottesville, VA
MEGHAN DIERKS, Assistant Professor at Harvard Medical School, Director, Clinical Systems
Analysis at Beth Israel Deaconess Medical Center, Brookline, MA
TERHILDA GARRIDO, Vice President, Health IT Transformation and Analytics, Kaiser Permanente,
Oakland, CA
ASHISH JHA, Associate Professor of Health Policy and Management, Department of Health Policy and
Management, Harvard School of Public Health, Boston, MA
MICHAEL LESK, Professor, Rutgers University, New Brunswick, NJ
ARTHUR A. LEVIN, Director, Center for Medical Consumers, New York, NY
JOHN R. LUMPKIN, Senior Vice President and Director, Health Care Group, Robert Wood Johnson
Foundation, Princeton, NJ
VIMLA L. PATEL, Senior Research Scientist, New York Academy of Medicine, and Adjunct Professor
of Biomedical Informatics, Columbia University, New York, NY
PHILIP SCHNEIDER, Clinical Professor and Associate Dean, University of Arizona College of
Pharmacy, Phoenix, AZ
CHRISTINE A. SINSKY, Physician, Department of Internal Medicine, Medical Associates Clinic and
Health Plans, Dubuque, IA
PAUL C. TANG,2 Vice President, Chief Innovation and Technology Officer, Palo Alto Medical
Foundation and Consulting Associate Professor of Medicine, Stanford University, Stanford, CA
IOM Study Staff
SAMANTHA M. CHAO, Study Director
PAMELA CIPRIANO, Distinguished Nurse Scholar- in-Residence
HERBERT S. LIN, Chief Scientist, Computer Sciences and Telecommunications Board
JENSEN N. JOSE, Research Associate
JOI D. WASHINGTON, Research Assistant
ROGER C. HERDMAN, Director, Board on Health Care Services
1 Resigned from committee in March 2011
2 Committee member since August 2011 and special advisor to the committee prior to that.
PREPUBLICATION COPY: UNCORRECTED PROOFS
vii
PREPUBLICATION COPY: UNCORRECTED PROOFS
Reviewers
This report has been reviewed in draft form by individuals chosen for their diverse perspectives and
technical expertise, in accordance with procedures approved by the National Research Councils Report
Review Committee. The purpose of this independent review is to provide candid and critical comments
that will assist the institution in making its published report as sound as possible and to ensure that the
report meets institutional standards for objectivity, evidence, and responsiveness to the study charge. The
review comments and draft manuscript remain confidential to protect the integrity of the deliberative
process. We wish to thank the following individuals for their review of this report:
JOHN R. CLARKE, Drexel University
JANET M. CORRIGAN, National Quality Forum
KURTIS ELWARD, University of Virginia
JOHN GLASER, Siemens Medical Solutions USA, Inc.
PETER BARTON HUTT, Covington & Burling, LLP
ROSS KOPPEL, University of Sociology
GILAD KUPERMAN, New YorkPresbyterian Hospital
NAJMEDIN MEHSKATI, University of Southern California
MARTYN THOMAS, Martyn Thomas Associates
Although the reviewers listed above have provided many constructive comments and suggestions,
they were not asked to endorse the conclusions or recommendations nor did they see the final draft of the
report before its release. The review of this report was overseen by ALFRED O. BERG, University of
Washington School of Medicine, and BRADFORD H. GRAY, Urban Institute. Appointed by the
National Research Council and Institute of Medicine, they were responsible for making certain that an
independent examination of this report was carried out in accordance with institutional procedures and
that all review comments were carefully considered. Responsibility for the final content of this report
rests entirely with the authoring committee and the institution.
PREPUBLICATION COPY: UNCORRECTED PROOFS
ix
PREPUBLICATION COPY: UNCORRECTED PROOFS
Preface
Perfection is not attainable, but if we chase perfection we can reach excellence.
-Vince Lombardi
We are at a unique time in health care. Technologywhich has the potential to improve quality and
safety of care as well as reduce costsis rapidly evolving, changing the way we deliver health care. At
the same time, health care reform is reshaping the health care landscape. As Sir Cyril Chantler of the
Kings Fund said, Medicine used to be simple, ineffective, and relatively safe. Now it is complex,
effective, and potentially dangerous. More and more cognitive overload requires a symbiotic relationship
between human cognition and computer support. It is this very difficult transition we are facing in
ensuring safety in health care.
Caught in the middle are the patientsthe ultimate recipients of care. Stories of patient injuries and
deaths associated with health information technologies (health IT) frequently appear in the news,
juxtaposed with stories of how health professionals are being provided monetary incentives to adopt the
very products that may be causing harm. These stories are frightening, but they shed light on a very
important problem and a realization that, as a nation, we must do better to keep patients safe.
The committee was asked to review the evidence about the impact of health IT on patient safety and
to recommend actions to be taken by both the private and public sectors. As always, Institute of Medicine
(IOM) reports are to be based on the evidence. We examined the peer-reviewed literature in depth and
solicited examples of harm from the public. We also specifically sought and received input from the
vendor community on numerous occasions. We found that specific types of health IT can improve patient
safety under the right conditions, but those conditions cannot be replicated easily and require continual
effort to achieve. We tried to balance the findings in the literature with anecdotes from the field but came
to the realization that the information needed for an objective analysis and assessment of the safety of
health IT and its use was not available. This realization was eye-opening and drove the committee to
consider ways to make information about the magnitude of the harm discoverable.
The committee offers a vision for how the discipline of safety science can be better integrated into a
health ITenabled world. Early on we concluded that safety is the product of the larger sociotechnical
system and emerges from the interaction between different parts of this larger system. This finding is not
new. It is apparent in many other industries and has been introduced in health care before, but needs to be
underscored.
Building on the concept of a sociotechnical system, the committee concluded that safer systems
require efforts to be made by all stakeholders. A coordinated effort will be needed from the private sector.
However, the public sector must also be part of a solution to protect patient safety for two reasons: (1)
patient safety is a public good and (2) with the governments large investment in this area, it has a
fiduciary responsibility to ensure the value of its investment.
Definitive evidence was not available in many areas, such as determining what the roles of specific
private- and public-sector actors should be and how regulation would impact innovation in this area.
Where evidence was not available, the committeebroad in its expertise and beliefsrelied on its expert
opinion. While the entire committee believes the current state of safety of health IT must not be permitted
to continue, individual approaches differed on how to best move forward and the speed for doing so. Over
the course of many conversations, the committee designed recommendations that balance these
approaches and strike common ground, outlining a privatepublic framework for improving patient safety
without constraining innovation.
x PREFACE
PREPUBLICATION COPY: UNCORRECTED PROOFS
Unfortunately, we were unable to resolve the issues raised by one committee member. In his
statement of dissent in Appendix E, he calls for health IT to be regulated as a Class III device under the
Food and Drug Administrations (FDAs) medical device classification scheme. The dissent makes no
mention of the very serious implications that regulation of health IT by FDA as a Class III device could
have on innovation. We deliberated about these issues over the course of the entire study and tried at
length to understand each others perspectives toward reaching consensus on the issues. In Chapter 6, the
committee states that we believe the impact of regulation on innovation needs to be carefully weighed.
We also discuss that if regulation is necessary, FDA should consider a new, more flexible approach
outside of the traditional medical device classification scheme. The committee determined that it was not
within its purview to discuss details of what this approach would be. The determination of classes should
be the responsibility of the FDA and not of this committee.
As chair, I would like to personally thank each member of the committee for their time, effort, and
willingness to engage in these discussions. I also want to thank the IOM staff for their work in guiding the
committee through this process.
The committee hopes actions that follow the release of this report will in a few years give us a better
sense of both risks and remedies for application of health IT in the field. As the nation continues to move
forward in adopting health IT, we must act with urgency to protect the safety of patients.
Gail L. Warden, Chair
Committee on Patient Safety and Health
Information Technology
August 2011
xi
PREPUBLICATION COPY: UNCORRECTED PROOFS
Acknowledgments
The committee and staff would like to thank those who presented statements and presentations at the
public workshops held on December 14, 2011, in Washington, DC, and on February 24, 2011, in Irvine,
California:
Cameron Anderson, Family Healthcare Network
Karen Bell, Certification Commission for Health Information Technology
Kenneth Chrisman, Wells Fargo Bank, NA
Darren Dworkin, Cedars-Sinai
Floyd Eisenberg, National Quality Forum
Scott Finley, Westat
Ellen Harper, Cerner
Rainu Kaushal, Cornell University
Nancy Leveson, Massachusetts Institute of Technology
William Munier, Agency for Healthcare Research and Quality
Mary Beth Navarra-Sirio, McKesson
Don Norman, Nielsen Norman Group
Judy Ozbolt, Westat
Steven Palmer, Family Healthcare Network
Peter Pronovost, Johns Hopkins University
Sumit Rana, Epic
Madhu Reddy, Pennsylvania State University
Ben Shneiderman, University of Maryland
Lawrence Shulman, Dana-Farber Cancer Institute
Jeff Shuren, Food and Drug Administration
Dean Sittig, University of Texas Health Science Center at Houston
Randy Spratt, McKesson
James Walker, Geisinger Health System
David Woods, Ohio State University
We would also like to acknowledge and thank those who provided the committee and staff with
their insights during the report process:
Elisabeth Belmont, MaineHealth
Pamela Brewer, HIMSS
Mary Ann Chaffee, Surescripts
Sarah Corley, NextGen Healthcare Information Systems, Inc.
Carl Dvorak, Epic
Edward Fotsch, PDR Network
John Glaser, Siemens Healthcare
Ellen Harper, Cerner Corporation
Gay Johannes, Cerner Corporation
Bruce Leshine, LeClairRyan
Svetlana Lowry, NIST
Matt Quinn, NIST
Bakul Patel, Food and Drug Administration
Russell Roberson, GE
Mark Segal, GE
xii ACKNOWLEDGEMENTS
PREPUBLICATION COPY: UNCORRECTED PROOFS
Matthew Wynia, AMA
David Yakimischak, Surescripts
The committee would also like thank the following commissioned paper authors:
Joan Ash, Oregon Health and Sciences University
Daniel Castro, Information Technology and Innovation Foundation
William Hersh, Oregon Health and Sciences University
Charles Kilo, Oregon Health and Sciences University
Hank Levine, Levine, Blaszak, Block & Boothby, LLP
Carmit McMullen, Oregon Health and Sciences University
Beth Rosenberg
Michael Shapiro, Oregon Health and Science University
Luke Stewart, Information Technology and Innovation Foundation
Joseph Wasserman, Oregon Health and Science University
In addition, there were many Institute of Medicine staff members who helped throughout the study
process. The staff would like to thank Patrick Burke, Cassandra Cacace, Marton Cavani, Seth Glickman,
Linda Kilroy, William McLeod, and Erin Wilhelm for their time and support to further the committees
efforts during the study process.
Finally, we would like to thank and recognize Jodi Daniel and Kathy Kenyon from the Office of the
National Coordinator for Health IT for their support and the U.S. Department of Health and Human Services
for sponsoring this study.
xiii
PREPUBLICATION COPY: UNCORRECTED PROOFS
Contents
SUMMARY S-1
1 INTRODUCTION 1-1
Patient Safety, 1-2
Health IT, 1-3
Intersection of Patient Safety and Health IT, 1-6
IOM Committee, 1-7
Recommendations from Previous IOM/NAS Reports
Regarding Health IT, 1-9
Report Structure, 1-11
References, 1-11
2 EVALUATING THE CURRENT STATE OF PATIENT SAFETY AND
HEALTH IT 2-1
Complexity of Health IT and Patient Safety, 2-2
Limitations of Current Literature to Determine Health ITs Impact on Patient
Safety, 2-3
Barriers to Knowing the Magnitude of the Harm, 2-5
Impact of Health IT Components on Patient Safety, 2-6
Leveraging EHR Data to Improve Safety of Populations, 2-13
Lessons from the International Community: International Comparisons, 2-13
Conclusion, 2-15
References, 2-15
3 EXAMINATION OF THE CURRENT STATE OF THE ART IN SYSTEM SAFETY
AND ITS RELATIONSHIP TO THE SAFETY OF HEALTH ITASSISTED CARE 3-1
Safety in Complex Systems, 3-1
The Notion of a Sociotechnical System, 3-2
Safety as a System Property, 3-4
The Need for an Explicit Evidence-Based Case for Safety in Software, 3-8
The (Mis)Match Between the Assumptions of Software Designers and the
Actual Work Environment, 3-10
Safety Reporting and Improvement, 3-12
Conclusion, 3-13
References, 3-13
4 OPPORTUNITIES TO BUILD A SAFER SYSTEM FOR HEALTH IT 4-1
Features of Safe Health IT, 4-1
Opportunities to Improve the Design and Development of Technologies, 4-13
Opportunities to Improve Safety in the Use of Health IT, 4-19
Minimizing Risks of Health IT to Promote Safer Care, 4-28
Conclusion, 4-29
References, 4-29
xiv CONTENTS
PREPUBLICATION COPY: UNCORRECTED PROOFS
5 PATIENTS AND FAMILIES USE OF HEALTH IT: CONCERNS ABOUT SAFETY 5-1
Patient-Centered Care and the Role of Health IT, 5-1
Growth of Consumer Health IT, 5-2
Personal Health Records, 5-3
Mitigating Safety Risks of Patient Engagement Tools: Rules of Engagement, 5-4
Population Health Management, 5-6
Conclusion, 5-6
References, 5-6
6 A SHARED RESPONSIBILITY FOR IMPROVING HEALTH IT SAFETY 6-1
The Role of the Private Sector: Promoting Shared Learning Environments, 6-1
The Role of the Public Sector: Strategic Guidance and Oversight, 6-11
Next Steps, 6-30
Conclusion, 6-31
References, 6-32
7 FUTURE RESEARCH FOR CARE TRANSFORMATION 7-1
Design and Development of Technologies, 7-1
Implementation and Use of Technologies, 7-2
Considerations for Researchers, 7-3
Policy Issues, 7-4
Supporting Future Research, 7-5
References, 7-7
APPENDIXES
A GLOSSARY A-1
B LITERATURE REVIEW METHODS B-1
C ABSTRACT OF ROADMAP FOR PROVISION OF SAFER HEALTHCARE
INFORMATION SYSTEMS: PREVENTING E-IATROGENEISIS C-1
D ABSTRACT OF THE IMPACT OF REGULATION ON INNOVATION IN THE
UNITED STATES: A CROSS-INDUSTRY LITERATURE REVIEW D-1
E DISSENTING STATEMENT E-1
F COMMITTEE MEMBER AND STAFF BIOGRAPHIES F-1
xv
PREPUBLICATION COPY: UNCORRECTED PROOFS
Abbreviations and Acronyms
ADEs adverse drug events
AHRQ Agency for Healthcare Research and Quality
AMIA American Medical Informatics Association
ASRS Aviation Safety Reporting System
CCP Critical Control Point
CDS clinical decision support
CIO Chief Information Officer
CMS Centers for Medicare & Medicaid Services
CPOE computerized provider order entry
EHRs electronic health records
EU European Union
FAA Federal Aviation Administration
FDA Food and Drug Administration
HACCP Hazard Analysis Critical Control Point
HFMEA Healthcare Failure Modes-and-Effects Analysis
HHS U.S. Department of Health and Human Services
HIMSS Healthcare Information and Management Systems Society
HITECH Health Information Technology for Economic and Clinical Health
ICUs intensive care units
IOM Institute of Medicine
ISO International Organization for Standardization
IT Information Technology
NCCD National Center for Cognitive Informatics and Decision Making in Healthcare
NCQA National Committee for Quality Assurance
NIST National Institute of Standards and Technology
NLM National Library of Medicine
NRC National Research Council
NTSB National Transportation Safety Board
ONC Office of the National Coordinator for Health Information Technology
ONC-ATCBs ONC-authorized testing and certification bodies
PCP primary care physician
PHRs personal health records
PROMIS problem-oriented medical information system
PSIP Patient Safety through Intelligent Procedures in Medication
PSO Patient Safety Organization
QSR Quality System Regulation
SAFROS Safety for Robotic Surgery
SNOMED Systematized Nomenclature for Medicine
TURF task, user, representation, and function
VA U.S. Department of Veterans Affairs
WHO World Health Organization
S-1
PREPUBLICATION COPY: UNCORRECTED PROOFS
Summary
The Institute of Medicine (IOM) report To Err Is Human estimated that 44,000-98,000 lives
are lost every year due to medical errors in hospitals and led to the widespread recognition that
health care is not safe enough, catalyzing a revolution to improve the quality of care.1 Despite
considerable effort, patient safety has not yet improved to the degree hoped for in the IOM report
Crossing the Quality Chasm. One strategy the nation has turned to for safer, more effective care
is the widespread use of health information technologies (health IT).2 The U.S. government is
investing billions of dollars toward meaningful use of effective health IT so all Americans can
benefit from the use of electronic health records (EHRs) by 2014.
Health IT is playing an ever-larger role in the care of patients, and some components of
health IT have significantly improved the quality of health care and reduced medical errors. Con-
tinuing to use paper records can place patients at unnecessary risk for harm and substantially
constrain the countrys ability to reform health care. However, concerns about harm from the use
of health IT have emerged. To protect Americas health, health IT must be designed and used in
ways that maximize patient safety while minimizing harm. Information technology can better
help patients if it becomes more usable, more interoperable, and easier to implement and main-
tain. This report explains the potential benefits and risks of health IT and asks for greater trans-
parency, accountability, and reporting.
In this report, health IT includes a broad range of products, including EHRs,3 patient en-
gagement tools (e.g., personal health records [PHRs] and secure patient portals), and health in-
formation exchanges; excluded is software for medical devices. Clinicians expect health IT to
support delivery of high-quality care in several ways, including storing comprehensive health
data, providing clinical decision support, facilitating communication, and reducing medical er-
rors. Health IT is not a single product; it encompasses a technical system of computers and soft-
ware that operates in the context of a larger sociotechnical systema collection of hardware and
1 The IOM identified six aims of quality improvement, stating that health care should be safe, effective, patient-centered, timely, efficient,
and equitable.
2 Health IT has also been called health information systems and health information and communications technology, among others. This re-
port employs the term health IT but recognizes that these other, broader terms are also used.
3 Electronic health records is used as the desired term because it is more inclusive of the way electronic records are being used currently.
EHRs include clinical decision support tools, computerized provider order entry systems, and e-prescribing systems.
S-2 HEALTH IT AND PATIENT SAFETY
PREPUBLICATION COPY: UNCORRECTED PROOFS
software working in concert within an organization that includes people, processes, and technol-
ogy.
It is widely believed that health IT, when designed, implemented, and used appropriately, can
be a positive enabler to transform the way care is delivered. Designed and applied inappropriate-
ly, health IT can add an additional layer of complexity to the already complex delivery of health
care, which can lead to unintended adverse consequences, for example dosing errors, failing to
detect fatal illnesses, and delaying treatment due to poor humancomputer interactions or loss of
data.
In recognition of the rapid adoption of health IT, the Office of the National Coordinator for
Health Information Technology (ONC) asked the IOM to establish a committee to explore how
private and public actors can maximize the safety of health ITassisted care. The committee in-
terpreted its charge as making health ITassisted care safer so the nation is in a better position to
realize the potential benefits of health IT.
EVALUATING THE CURRENT STATE OF PATIENT SAFETY AND
HEALTH IT
The expectations for safer care may be higher in a health ITenabled environment as com-
pared to a paper-based environment because the opportunity to improve patient care is much
greater. The evidence in the literature about the impact of health IT on patient safety, as opposed
to quality, is mixed but shows that the challenges facing safer health care and safer use of health
IT involve the people and clinical implementation as much as the technology. The literature de-
scribes significant improvements in some aspects of care in health care institutions with mature
health IT. For example, the use of computerized prescribing and bar-coding systems has been
shown to improve medication safety. But the generalizability of the literature across the health
care system may be limited. While some studies suggest improvements in patient safety can be
made, others have found no effect. Instances of health ITassociated harm have been reported.
However, little published evidence could be found quantifying the magnitude of the risk.
Several reasons health ITrelated safety data are lacking include the absence of measures and
a central repository (or linkages among decentralized repositories) to collect, analyze, and act on
information related to safety of this technology. Another impediment to gathering safety data is
contractual barriers (e.g., nondisclosure, confidentiality clauses) that can prevent users from
sharing information about health ITrelated adverse events. These barriers limit users abilities
to share knowledge of risk-prone user interfaces, for instance through screenshots and descrip-
tions of potentially unsafe processes. In addition, some vendors include language in their sales
contracts and escape responsibility for errors or defects in their software (i.e., hold harmless
clauses). The committee believes these types of contractual restrictions limit transparency,
which significantly contributes to the gaps in knowledge of health ITrelated patient safety
risks. These barriers to generating evidence pose unacceptable risks to safety.
EXAMINING THE CURRENT STATE OF THE ART IN SYSTEM
SAFETY
Software-related safety issues are often ascribed to software coding errors or human errors in
using the software. It is rarely that simple. Many problems with health IT relate to usability, im-
plementation, and how software fits with clinical workflow. Focusing on coding or human errors
SUMMARY S-3
PREPUBLICATION COPY: UNCORRECTED PROOFS
often leads to neglect of other factors (e.g., usability, workflow, interoperability) that may in-
crease the likelihood a patient safety event will occur. Furthermore, softwaresuch as an EHR
is neither safe nor unsafe because safety of health IT cannot exist in isolation from its context of
use. Safety is an emergent property of a larger system that takes into account not just the
software but also how it is used by clinicians.
The larger systemoften called a sociotechnical systemincludes technology (e.g., soft-
ware, hardware), people (e.g., clinicians, patients), processes (e.g., workflow), organization
(e.g., capacity, decisions about how health IT is applied, incentives), and the external environ-
ment (e.g., regulations, public opinion). Adopting a sociotechnical perspective acknowledges
that safety emerges from the interaction among various factors. Comprehensive safety analyses
consider these factors taken as a whole and how they affect each other in an attempt to reduce the
likeliho
