Malpractice claims for errors caused, all or in part, by electronic health records have risen significantly, according to a report from The Doctors Company, a physician-owned malpractice insurer. The study offers some useful tips to help providers protect against that risk.

There were just two claims for which EHRs were either the cause or (more likely) a contributing factor between 2007 and 2010, according to report. From from 2011 through the end of 2016, however, there were 161.

The new study examined more than five dozen of those claims and found a wide array of factors – some related to technology and system design (drop-down menus, templates, alerts) and some having to do with human error (lack of training, inappropriate use of copy-and-paste) – contributing to the alleged medical errors.

[Also: Amid surge in malpractice lawsuits, EHRs often targeted in litigation, attorney says]

"Our approach to studying EHR–related malpractice claims began by reviewing plaintiffs'/ patients' allegations, giving us insights into the perspectives and motivations for filing claims and lawsuits," wrote David Troxel, MD, medical director at The Doctors Company and the study's author.

"We then looked at patients' injuries to understand the full scope of harm. Physician experts for both the plaintiffs/ patients and the defendants/physicians reviewed claims and conducted medical record reviews. Our clinical analysts drew from these sources to gain an accurate and unbiased understanding of actual patient injuries. We identified factors that led to patients' injuries, and physician reviewers evaluated each claim to determine whether the standard of care was met."


The report found that system factors in the EHR itself – poor integration, suboptimal design and UX, failures of alerts and alarms – were up 8 percent since the last time The Doctors Company did a similar report in 2015.

Encouragingly, however, factors that might be attributable to user error – such as data entry errors, alert fatigue and misuse of copy-and-paste – decreased 6 percent.

To help maintain that trend, the study outlined a series of risk mitigation strategies that physicians and clinicians can employ to help avoid malpractice claims, reduce the chance of errors and improve patient safety.

Here are a few of things it suggests providers keep in mind.

Be aware that physicians are the ones responsible for the data to which they have access. "Review all available data and information prior to treating a patient," Troxel wrote. "The healthcare setting, accessibility of data, and acuity of the patient's situation and condition will dictate what will be considered reasonable by a court."

Be careful with e-prescribing, which is useful but offers many opportunities for error. "Make sure you adhere to any alerts within the e-prescribing module of the EHR and document any actions taken," he wrote.

Alert fatigue is a problem, but physicians could be liable if they don't follow an alert that could have prevented an adverse event. "Do not disable or override any alerts in the EHR. Discuss alert fatigue issues with your organization's IT department or your EHR vendor," according to the report.

Be careful with copy-and-paste. "Avoid copying and pasting except when describing the patient's past medical history," wrote Troxel. "As with handwritten records, make sure your documentation is relevant, objective, and current."

Stay aware of history & physical and procedure notes, which often autopopulate from older notes or templates. "Contact your organization's IT department or your vendor if you notice that the autopopulation feature causes erroneous data to be recorded," he wrote. "If the autopopulated information is incorrect, note it in the record and document the correct information."

Metadata is often as important as the notes logged in the EHR. "It is important to remember that all physician interactions with the EHR are time-tracked and discoverable," according to the study. "As with paper medical records, notes written after a patient interaction should include the time of the interaction to avoid any suggestion of inaccurate or false information."

Be careful with entry errors related to drop-down menus or other automatic features. "Erroneous information, once entered into the EHR, is easily perpetuated and disseminated. Review your entry after you make a choice from a drop-down menu."

Point-and-click lists, autofill, templates and other canned text can often be overlooked by consulting physicians. "Utilize your EHR's tracking function to ensure that consults and tests are completed, returned to you, and communicated to the patient," wrote Troxel. "When possible, enlist specific staff in your practice to monitor tracking."

Don't share passwords, and stay vigilant about cybersecurity. "Staff should not be allowed to use the physician's password to review, update, or sign off on lab and imaging results. Allowing this type of activity could result in a report being filed without the physician seeing it."

Even if an error can be traced to bad EHR design, vendor contracts often have "hold harmless" clauses that try to put liability onto physicians. "Keep in mind that some insurance policies may exclude coverage for product liability and indemnification of third parties. In addition, vendors and users typically settle disputes out of court with 'nondisclosure' clauses that prevent open discussion of the patient safety issues involved," wrote Troxel.

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com