Issue link: https://beckershealthcare.uberflip.com/i/351959
46 Health Information Technology 4 EHR Issues That Can Compromise Patient Safety By Helen Gregg 10 Key Findings From HHS' Data Breach Report to Congress By Akanksha Jayanthi A recent RAND report discussing various innovations within the healthcare indus- try points out that while electronic health records have been shown to improve patient care, they are also a new source of medical errors. Delving further into a subset of these EHR-relat- ed patient safety incidents, a study in the Journal of the American Medical Informatics Society has found a majority result not from user error but from the EHR itself. Researchers analyzed a set of 100 unique patient safety incidents at Department of Veterans Affairs hospitals that were voluntarily reported to the VA between August 2009 and May 2014. Of these, 25 involved an unsafe use of technology, one in- volved a failure to use available technology and 74 primarily involved what the researchers called "unsafe technology." The researchers noted many of the incidents were the result of a combination of workflow issues and human error combined with the shortcom- ings of the EHR. However, researchers identified four issues within the EHR that precipitated the patient safety incidents: Unmet display needs: In 36 of the patient safety events, researchers found the information pre- sented on the EHR screen did not adequately ad- dress the needs of the clinician end user. Intended and unintended consequences of software modifications: Improperly configured software or upgrades and out-of-date software were involved in 24 of the patient safety incidents. Data exchange failures: Poor patient-matching during data exchange or an inability to get neces- sary information from another hospital's system during an emergency was the primary factor in 17 of the patient safety cases. Hidden dependencies within the EHR: Re- searchers found 17 incidents where the safe ex- ecution of one task within the EHR conflicted with another. For example, some of the medica- tion information for an inpatient who was tem- porarily transferred to an outpatient setting was automatically deleted when the patient returned to the inpatient facility. n H HS released its latest data breach report to Congress this summer, summarizing breaches of unsecured protected health information for 2011 and 2012. Here are 10 key findings from HHS' report. 1. Between 2011 and 2012, HHS received 458 reports of data breaches affect- ing 500 or more individuals. In total, approximately 14.69 million individuals were affected by breaches during those two years. 2. The number of data breaches affecting more than 500 people in 2011 and 2012 accounts for 64.5 percent of all data breaches affecting more than 500 people since the required reporting began in September 2009. 3. Theft was the most common cause of reported data breaches, accounting for 53 percent of all breaches, followed by unauthorized access or disclosure at 18 percent. 4. The largest number of individuals affected by data breaches was also con- nected with breaches due to theft, at 36 percent of all affected. 5. In 2012, 68 percent of breaches affecting 500 individuals or more occurred at healthcare providers. Twenty-five percent occurred at healthcare business associates and 7 percent occurred at health plans. 6. The majority of compromised protected health information was stored on laptop computers (27 percent). Twenty-three percent was on paper, 13 percent was on a network server, 12 percent was on a desktop computer and 9 percent was on a portable electronic device. 7. In 2012, there were 21,194 reported breaches affecting fewer than 500 indi- viduals. Such data breaches affected a total of 165,135 individuals. 8. Of data breaches affecting fewer than 500 individuals in 2012, 83 percent took place at a healthcare provider and 17 percent took place at a health plan. 9. Breaches involving 500 or more individuals in 2011 and 2012 contributed to 0.97 percent of reports, but accounted for 97.89 percent of affected individuals. 10. The Office of Civil Rights opened investigations into all of the 458 reported breaches affecting 500 individuals or more. At time of publication of the report, HHS has entered agreements totaling more than $8 million in settlements. n SUBSCRIBE TODAY! Becker's Hospital Review CEO Report E-Weekly Guidance, analysis and best practice information on hospital leadership, operations and management issues for top hospital and health system executives Each E-Weekly, sent every Tuesday, contains the most popular feature articles covering business and legal issues, CEO profiles and benchmarking and statistical data to immediately inform your decision-making To subscribe to the FREE E-Weekly, visit www.BeckersHospitalReview.com and click on the "E-Weekly" tab or call (800) 417-2035