Perhaps you’ve noticed that your doctor no longer comes into the exam room holding a paper chart in a manila folder, but a laptop or iPad instead.
He or she may also send any prescriptions you need right through the device – no more handing out prescriptions, with that barely legible signature on the bottom.
Your doctor is compiling your personal electronic health record, or EHR. It’s a digital version of a patient’s paper chart — a real-time record that make information available instantly and securely to those who are authorized to use them.
But what happens when there is a problem with the software that manages your personal EHR record? What if a scan image is unclear or dosage misrecorded due to a glitch in the software?
What happens when there is a problem with the software? What if a scan image is unclear or dosage misrecorded due to a glitch in the software?
And what if doctors — your doctor — is unable to make problems with EHR programs public, due to a so-called “gag clause” written into the contract with the software company, which forbids sharing and publishing, in any form, of potentially dangerous flaws in the IT systems?
This is already happening.
“This involves money and power, basically,” David Hanauer, a researcher and doctor at the University of Michigan, told LifeZette. “People who use this technology daily don’t want to mess with these powerful IT companies and their lawyers, especially when the rules about what they can and can’t share publicly about potential software problems are fuzzy.”
It appears that social media and the Internet are the sticking point with gag clauses in the contracts.
“These companies do not want researchers or doctors posting any potential problems online where anyone can see them,” Hanauer said.
“Can you imagine if Apple or Microsoft acted that way — preventing screenshots of their products on social media? I don’t know of a case where that has happened. But with this — a legitimate patient safety issue — they lock down the sharing of potentially harmful flaws in their systems.”
A case in point: Thomas Eric Duncan, a Liberian man who died from Ebola in 2014, was sent home from Texas Presbyterian Hospital in Dallas in September 2014 when he first came in, presenting a fever of 103 degrees and severe pain. He returned to the hospital later, but succumbed to Ebola in early October. “The hospital placed some of the blame about why Mr. Duncan was sent home after his first visit on a problem with its electronic records system, but it later said the system had operated correctly,” according to the New York Times.
Had it operated correctly? Texas Presbyterian later settled with Duncan’s family for an undisclosed amount.
Information technology companies cite protection of “proprietary design” as the reason for the so-called gag clauses, claiming that design and technology advantages could be obtained by competitors through unfettered access. But when it comes to patient safety, should they be allowed to claim these more typically business-oriented design concerns?
In April, a report for Congress was prepared by the Office of the Coordinator for Health Information Technology, part of the Department of Health and Human Services. In it, the office states, “While the evidence is in some respects limited, there is little doubt that information blocking is occurring and that it is interfering with the exchange of electronic health information.”
The government itself is funding some of this EHR technology adoption by health care institutions.
“It is probably fair to say that the purpose of the health care stimulus funding was to help encourage physicians to ‘bite the bullet’ and invest in EHRs,” Hanauer said.
Another reason companies must be able to know what potential problems are occurring in software is a concept called “interoperability.”
“Interoperability generally refers to being able to share data (clinical notes and images, for example) between systems regardless of the company or vendor,” Hanauer said. “It’s an extremely challenging problem from a technical standpoint because of the way each system collects and stores information. People have been working on solving it for years.”
Elizabeth West of the EHRA, a trade association of electronic health record companies, told LifeZette in an email, “There’s a lot of conversation regarding interoperability and the degree to which ‘data blocking’ by a number of definitions (including ‘gag clauses’ in vendor contracts) is occurring. While as a trade association we are precluded from discussing vendor-specific policies, we do not believe this is occurring in a broad sense except as it relates to vendors protecting their proprietary information.”
Why would a hospital or provider sign a contract that prohibits it from disclosing problems?
“The people negotiating contracts on behalf of the health care entity are lawyers good at contracts, but have very little idea, medically speaking, of the repercussions of some of these clauses,” Hanauer said. “And you have contractors who don’t know exactly what the rules are, so they don’t want to divulge a problem and potentially cause a liability issue.”
This summer, during a committee meeting at which IT company representatives were present, Sen. Bill Cassidy, R-La., said in frustration that gag clauses allow no public disclosures of problems.
“Should we have legislation that says ‘My God, if you have a dog, you can say I heard it bark?’” he said.
Another contractual issue in IT contracts is a “hold harmless” clause. It shifts liability to doctors, nurses and hospitals in the event of a problem with their technology, even if the health care providers were using devices exactly according to vendor instructions.
In 2009, Ross Koppel and David Kreda concluded in their commentary regarding the dangers of “hold harmless clauses,” published in the Journal of American Medical Association, that “in many cases (health information technology) problems may be caused not by clinicians but by poor software. While it is proper that HIT vendors should be held harmless from others’ failures, being held responsible for their own errors will bring incentives into balance and enable learned intermediaries to focus on patient care, rather than on coping with product inadequacies or failures.”
“These are worlds colliding,” Bob Wachter, author of “Digital Doctor” and chairman of the Department of Medicine at University of California, told Politico about current legal restrictions on making information about potential software problems public. “You can understand why a technology business would put restrictions on screenshots. But we’re not making widgets here, we’re taking care of sick people. At some level, I’d say, how dare they?” he said.
EHRs present both opportunity and challenge. It is incumbent upon health care providers and IT providers to make full public disclosure of software problems a priority, for the sake of patients everywhere.