Despite their best efforts, many hospitals adopting healthcare IT have found some unexpected curves in the road over the last few years. Here are some of the biggest blunders:

No. 5: EMR is DOA

In fall 2002, Cedars-Sinai went live with a hospital-wide electronic medical record that it
had developed in-house at great expense. Almost immediately, the medical staff rebelled.

By January 2003, the doctors had killed the project. The post-mortem revealed several causes for the EMR's demise: cumbersome processes, rigid systems that could not accommodate many orders that were accepted in clinical practice, and a trigger-happy alert system.

The lesson? Involve physicians early and often in the design of your system, or your expensive new technology will be dead on arrival.

No. 4: L.A. Confidential - Not

The UCLA Medical Center got some unwelcome publicity this year when reporters learned that not only Britney Spears and Farah Fawcett, but also the wife of California's Governor had been victims of snooping employees and doctors.

Ongoing privacy training for employees and physicians, periodic audits, and effective sanctions against violators are needed to drive home the point that protecting patient privacy is an essential part of the job for every health care provider.

No. 3: Lock down that laptop

In February 2007, an external hard drive containing personal information of almost two
million veterans went missing from the VA Medical Center in Birmingham, Alabama. While the number of records lost may have set a record, this incident is part of a virtual epidemic of security breaches due to lost drives, laptops and other devices.

Lessons learned include the need for greater physical controls of portable media, and systematic use of encryption on devices that have to travel.