Vendor misconduct associated with widespread use of non-secure electronic health record systems

electronic health records
Credit: CC0 Public Domain

Researchers at MedStar Health, Brigham and Women's Hospital, and the University of Utah found electronic health record (EHR) vendor misconduct may have led to widespread use of suboptimal products for more than 70,000 clinicians across the country, as published today in JAMA Health Forum. Six EHR vendors were involved in settlements with U.S. Department of Health and Human Services Office of Inspector General and the U.S. Department of Justice alleging kickbacks and misrepresentation of product capabilities.

In addition to creating incentives for health care organizations to adopt the use of EHRs, the 2009 Health Information Technology for Economic and Clinical Health Act deemed that EHR products were subject to being certified as meeting the capability, functionality, and security requirements adopted by HHS. Violation of this rule can result in complaints and in turn settlements with DOJ but unfortunately, oversight is limited.

After reviewing each publicly available settlement related to EHR certification violations, MedStar Health researchers found that six EHR vendors reached settlement agreements totaling more than $379.8 million dollars, with four of the six vendors involved in settlements related to misrepresenting product functionality to secure certification. Based on data from Centers for Medicare & Medicaid, it is estimated that more than 76,831 unique clinicians used these six vendors during the period of the complaints.

"The expanded use of EHRs has helped providers and healthcare organizations better manage care for their patients. But what happens if providers can't trust that the EHR platform they are using is safe, secure, and can be used effectively?" says Raj Ratwani, Ph.D., vice president of scientific affairs for MedStar Health Research Institute, director for the MedStar Health National Center for Human Factors in Healthcare and senior author on this paper. "These data show that even a handful of examples of bad behavior by EHR vendors can have far-reaching impact on and how providers use these platforms."

Insights on making EHRs safer

Today's publication builds on the MedStar Health human factors team's exploration of the role EHR systems may play as a contributing factor to overall patient safety, including a 2018 study that found that EHR usability challenges may have contributed to harm events in some health care facilities.

In addition to examining EHR design, MedStar Health investigators have sought to develop actionable solutions to help make EHRs safer through two main initiatives:

  1. Developing resources for health care facilities to proactively monitor and identify opportunities to optimize the functionality of their EHR platform. This most recently includes building an assessment tool that can be used to evaluate alerting, data entry and automation processes, and visual display.
  2. Offering recommendations for more rigorous safety standards across the EHR marketplace. Examples of this work include advocating for HHS to develop a for usability and safety reporting and encouraging The Joint Commission to adopt accreditation requirements that would incentivize hospitals to implement EHR safety best practices.

"The importance of our work in this area is that we can improve EHRs as a critical tool for health care facilities and patient safety at the same time," said Dr. Ratwani. "While we have made incremental progress, success is dependent on across the industry, as well as a shared commitment from governing bodies, health system customers, and vendors to work together to prioritize safety."

More information: Nate C. Apathy et al, Electronic Health Record Legal Settlements in the US Since the 2009 Health Information Technology for Economic and Clinical Health Act, JAMA Health Forum (2022). DOI: 10.1001/jamahealthforum.2022.3872

Journal information: JAMA Health Forum
Provided by MedStar Health
Citation: Vendor misconduct associated with widespread use of non-secure electronic health record systems (2022, November 14) retrieved 14 April 2024 from
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Experts propose policies for safer electronic health records


Feedback to editors