Vendor misconduct associated with widespread use of non-secure electronic health record systems

Researchers at MedStar Health, Brigham and Women's Hospital, and the University of Utah found electronic health record (EHR) vendor misconduct may have led to widespread use of suboptimal products for more than 70,000 clinicians across the country, as published today in JAMA Health Forum. Six EHR vendors were involved in settlements with U.S. Department of Health and Human Services Office of Inspector General and the U.S. Department of Justice alleging kickbacks and misrepresentation of product capabilities.

In addition to creating incentives for health care organizations to adopt the use of EHRs, the 2009 Health Information Technology for Economic and Clinical Health Act deemed that EHR products were subject to being certified as meeting the capability, functionality, and security requirements adopted by HHS. Violation of this rule can result in complaints and in turn settlements with DOJ but unfortunately, oversight is limited.

After reviewing each publicly available settlement related to EHR certification violations, MedStar Health researchers found that six EHR vendors reached settlement agreements totaling more than $379.8 million dollars, with four of the six vendors involved in settlements related to misrepresenting product functionality to secure certification. Based on data from Centers for Medicare & Medicaid, it is estimated that more than 76,831 unique clinicians used these six vendors during the period of the complaints.

"The expanded use of EHRs has helped providers and healthcare organizations better manage care for their patients. But what happens if providers can't trust that the EHR platform they are using is safe, secure, and can be used effectively?" says Raj Ratwani, Ph.D., vice president of scientific affairs for MedStar Health Research Institute, director for the MedStar Health National Center for Human Factors in Healthcare and senior author on this paper. "These data show that even a handful of examples of bad behavior by EHR vendors can have far-reaching impact on patient safety and how providers use these platforms."

Insights on making EHRs safer

Today's publication builds on the MedStar Health human factors team's exploration of the role EHR systems may play as a contributing factor to overall patient safety, including a 2018 study that found that EHR usability challenges may have contributed to harm events in some health care facilities.

In addition to examining EHR design, MedStar Health investigators have sought to develop actionable solutions to help make EHRs safer through two main initiatives:

1. Developing resources for health care facilities to proactively monitor and identify opportunities to optimize the functionality of their EHR platform. This most recently includes building an assessment tool that can be used to evaluate alerting, data entry and automation processes, and visual display.
2. Offering recommendations for more rigorous safety standards across the EHR marketplace. Examples of this work include advocating for HHS to develop a national database for usability and safety reporting and encouraging The Joint Commission to adopt accreditation requirements that would incentivize hospitals to implement EHR safety best practices.

"The importance of our work in this area is that we can improve EHRs as a critical tool for health care facilities and patient safety at the same time," said Dr. Ratwani. "While we have made incremental progress, success is dependent on greater transparency across the industry, as well as a shared commitment from governing bodies, health system customers, and vendors to work together to prioritize safety."