A new op-ed published in the Journal of the American Medical Association offers some suggestions for a "shared responsibility" for electronic health record safety.

WHY IT MATTERS
This past month, the Centers for Medicare and Medicaid Services updated its Medicare Promoting Interoperability Program – adding a new measure requiring eligible hospitals, starting in 2022, to attest to having completed an annual self-assessment of their EHRs using the SAFER Guides sponsored by the Office of the National Coordinator for Health IT.

While that's a big deal for patient safety policy, however, "additional steps are required to strengthen the effects of these rules," write patient safety researchers Dean F. Sittig of University of Texas Health Science Center and Dr. Hardeep Singh of Baylor College of Medicine, in JAMA.

Going forward, as hospitals work to comply with the new CMS rules, they'll need to have help from their EHR vendors, they write, since many SAFER recommendations depend on EHR features that must be provided by developers.

"For example, one recommendation states, 'Information required to accurately identify the patient is clearly displayed on all portions of the EHR user interface, wristbands, and printouts,'" they point out. "The hospital cannot comply with that recommendation if the developer has not implemented the feature(s)."

Toward a goal of "share responsibility," then, Sittig and Singh because many additional strategies are needed to complement CMS’s new rules.

• EHR developers should self-assess their IT products each year for safety.

• ONC should perform yearly reviews of SAFER recommendations.

• Vendors should offer clear guidance on how they address safety practices.

CMS should add annual SAFER assessment by EHR developers to Promoting Interoperability program criteria, they argue – helping ensure that they've evaluated their product against SAFER recommendations and shown how the systems can be configured to meet them. 

"In addition, EHR developers should make product default settings conform to SAFER recommendations," they write, with the ONC authorized certification body responsible for overseeing each EHR developer also responsible for assessing compliance.

"The annual EHR developer assessment process should be transparent and carried out by teams consisting of EHR designers, developers, implementers and trainers," write Sittig and Singh. 

"For each SAFER recommendation, the developer should indicate whether it requires specific technical features and if so, note whether their product is capable of meeting requirements," they explain. "For additional transparency, EHR developers should document a rationale for recommendations their product cannot support, post it on their website, and send copies to their customers and the ONC-ACB.

"The rationale should explain developers’ decision-making and consider safety implications from this nonconformity. These findings should also be reported to and reviewed by the ONC-ACBs as part of the EHR developers’ certification process."

As for ONC itself, it should convene expert panels each year – clinical end-users, researchers and developers – to review the findings from developer nonconformity reports, they said, and make revisions to the SAFER Guides accordingly. Panelists should review each recommendation annually – modifying or eliminating measures as appropriate to "keep up with changes in EHR design, development, configuration or use."

Meanwhile, "EHR developers are in a perfect position to be a conduit for collecting, implementing, and diffusing safety practices," given their work with healthcare organizations of different shapes and sizes, said Sittig and Singh. For that reason, they should develop configuration guides for their own EHRs, and share them with providers to help ensure the SAFER guidelines.

THE LARGER TREND
CMS new rules around the SAFER Guides – it stands for Safety Assurance Factors for EHR Resilience – come amid an array of updates to the Promoting Interoperability Program, formerly known as meaningful use.

As Sittig and Singh explain, the new rule will help hospitals more "proactively assess" their EHRs for patient safety and help "minimize EHR-related safety risks and hazards and to increase EHR resilience."

The SAFER Guides were first published in 2014 and have been updated in the years since. Their recommended sets of best practices are valuable tools to help hospitals optimize EHRs and clinical workflows for patient safety.

But so far, "adoption of the SAFER Guides so far has been sporadic and minimal," the authors write.

This is despite the fact that "over the past decade, emerging evidence has suggested that unsafe EHRs and unsafe use of EHRs has continued and could lead to harm or potential harm that potentially affects large numbers of patients."

They note one study, for instance, that showed "275 of 697 (39.5%) EHR-related products surveilled had 'nonconformities' with existing EHR certification regulations that were associated with possible patient harm. Many nonconformities could have been identified by the developer prior to product release."

ON THE RECORD
"EHR developers must create or modify their products to ensure that hospitals can configure their EHR to meet SAFER Guide recommendations," write Sittig and Singh in JAMA.

"The new CMS policy requiring hospitals to perform annual self-assessment using the SAFER Guides creates a solid foundation for a much-needed focus on EHR-related patient safety. However, the responsibility for safety must be shared with EHR developers, who should also self-assess their products on an annual basis."

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com
Healthcare IT News is a HIMSS publication.