Showing posts with label healthcare IT liability. Show all posts
Showing posts with label healthcare IT liability. Show all posts

Home Posts filed under >healthcare IT liability

AMA News Article Offers Incomplete (and Thus Misleading) Advice on the Legal Risks of EHRs and other Clinical IT

An article was published in the AMA News by Alicia Gallegos, AMA Medical News staff, entitled "Legal risks of Going Paperless." While it is not clear if these are the official views of the AMA leadership, the article is interesting nonetheless.

It should perhaps have been entitled "Some of the Legal Risks of Going Paperless, excluding the ones that make the health IT industry look bad:"

Legal Risks of Going Paperless
AMA News
March 5, 2012

Electronic medical records are meant to save time and money, but they also can create liability issues for doctors.

By Alicia Gallegos, amednews staff.

Defense attorney Catherine J. Flynn knows how electronic medical records can overwhelm — and often change — the course of a medical liability lawsuit.

In one of her cases, a New Jersey doctor being sued for medical negligence has been accused by a plaintiff’s attorney of modifying a patient’s electronic history. A printing glitch caused the problem, Flynn said, but the accusation has meant extra time and defense costs. Computer screen shots were reviewed, more evidence was gathered and additional arguments were made.

“This has taken a life of its own, and we’ve done virtually no discovery on the medical aspects of the case,” she said. “The cost of the e-discovery alone is in excess of $50,000.”


This is a variation on the theme of plaintiff's lawyers being the cause of EHR problems as I wrote at "Plaintiff's Trial Lawyers Are to Blame for EHRs That 'Tattle' on Doctors - And Harm Patients."

System breaches. Modification allegations. E-discovery demands. These issues are becoming common courtroom themes as physicians transition from paper to EMRs, legal experts say. Not only are EMRs becoming part of medical negligence lawsuits, they are creating additional liability.

Missing is the problem that is most important of all: health IT system defects, poor user interfaces, unreliability, data loss, etc. causing or contributing to medical malpractice that results in patient harm or death. (An example that I personally observed and reported to the FDA MAUDE database is here; there are numerous others in this blog.)

Data breaches are among the most common reasons that electronically stored information lands doctors in court, said Lisa Gallagher, senior director for privacy and security at the Health Information and Management Systems Society, which advocates health information technology

Most common perhaps (a big problem unto itself), but not the most clinically significant problem. Yet the AMA article goes on about this issue for many paragraphs; it's the prime focus of the article.

A 2011 ruling in New York highlights how e-discovery creates a burden for doctors.

During a lawsuit against St. Luke’s Hospital Roosevelt Center, a debate arose about whether the plaintiff should be allowed access to screen shots from a doctor’s computer. Joan Bowman, who sued the hospital for wrongful death on behalf of her husband, wanted to see a computer template used to aid physicians in diagnoses. The hospital said the request was overly broad and oppressive.

But the Supreme Court of the State of New York ordered the release of the screen shots.

“Defendant doctors testified that they utilized these materials in coming to their diagnosis,” Judge Alice Schlesinger wrote. “It is not a stretch to allow counsel to see and understand these materials.”

At this article’s deadline, the hospital’s attorney had not returned messages seeking comment.

The case sets a precedent, said Susan Dennehy, Bowman’s attorney.

“If others want to see screen shots from records, I think they’ll rely on this case,” she said. “It was important to see where the template led you if you put in an inaccurate chief complaint.”


Note the "spin" about the "burden for doctors" of eDiscovery. To the pundits and voluntary adopters: you have gotten what you asked for. To the non-pundit clinicians forced to use health IT: I hate to say this, but you've gotten screwed.

The article then offers a laundry list of how to avoid EHR-related liability:

... As the number of electronic medical records increases, so do certain legal risks, medical liability experts say. Common mistakes doctors make with EMRs and how attorneys recommend that physicians reduce their liability risks:

Mistake: EMRs allow users to move quickly through patient records, but cutting and pasting information makes it easy to paste incorrect information.
Recommendation: Refrain from copying and pasting EMR data, and be cautious when moving from one patient’s record to the next.

Mistake: Computer programs can help doctors make a differential diagnosis, but the templates don’t often include every possible symptom and corresponding medical condition.
Recommendation: Doctors should not become overly dependent on electronic diagnosis aids. Electronic systems are no substitute for hands-on diagnosis.

Mistake: Because EMRs allow physicians to move through patient charts much more quickly than paper charts, attorneys are noticing that some doctors are not being thorough when writing notes electronically.
Recommendation: Physicians should keep meticulous electronic notes on each patient and take time to document each chart.

Mistake: Some practices can fail to safeguard electronic patient data.
Recommendation: Practices should encrypt all information on computer devices and have policy that discourages employees from taking portable devices out of the office.

Mistake: A system may not clearly indicate changes to records.
Recommendation: Physicians should install systems that show transparency when modifications are made and/or have a program lockout period where no more modifications can be made to a record.

Mistake: Doctors may fail to follow notification requirements in the event of a data breach.
Recommendation: Be clear on what your state law requires when a data breach occurs, and make sure employees follow the rules immediately.

Mistake: Doctors may destroy or delete electronic records when a lawsuit is possible.
Recommendation: If doctors suspect they are being sued, they must preserve all electronic data related to the patient in question, including emails, phone messages and computer records.


Missing is this, as is well-covered by almost 8 years of posts on this blog, and elsewhere:

Big mistake: Doctors and hospitals buy and implement experimental technology approved by nobody, of uncertain quality to the point of losing or corrupting data, often with glass-tube black-and-white TV user interface modernity. Such technology is "errorgenic", i.e., it promotes "use error", can mislead, and can promote medical errors.
Recommendation: Hold off until the industry has gotten its act together.

Also missing from the AMA News article is the fact that physicians and hospitals use health IT at their own risk, even if the IT is "certified."

This article is clearly pregnant with omissions and spin that reveal a pro-health IT bias.

-- SS

Is ONC Stonewalling on the issue of HIT Certification, Safety and Liability?

At my Feb. 16, 2012 post "Hospitals and Doctors Use Health IT at Their Own Risk - Even if Certified" I wrote that an ONC-ATCB (Authorized Testing and Certification Body) replied to my email inquiry about health IT certification, safety and liability indemnification by stating that:

What was suggested in the email below (freedom from liability for users of the system, etc.) would be out of scope for ONC-ATCB testing based on the given criteria.

[That is, the criteria used in testing here - ed.]

What I did not include in that post was the fact that some months ago, I had emailed ONC directly with the same questions, and then called them on the phone with those questions at about the same time as I inquired of the ATCB.

ONC itself never responded.

There are several possibilities:

  • They don't know the answer.
  • They don't want to respond.
  • They don't care to respond.


Dismissing possibility #1, these civil servants appear to be stonewalling on the issue.

It would be nice to hear ONC itself admit the term "certification" is a gossamer guarantee of health IT safety, efficacy and indemnification of purchasers, implementers and users from potential EHR-related liability.

I am not holding my breath.

-- SS

Addendum:

An ONC representative did get back to me on Feb. 27, but I told them my question had already been answered by ONC ATCB's.

Hospitals and Doctors Use Health IT at Their Own Risk - Even if "Certified"

Due to my observations of confusion about health IT certification [1], and due to vague or incomplete seller language that could be misinterpreted by buyers (perhaps by design), I recently asked several ONC-ATCBs (HHS's Office of the National Coordinator for Health IT-Authorized Testing and Certification Bodies) the following.

I sent this question via email to their "questions" email addresses:

"Is EHR certification by an ATCB a certification of EHR safety, effectiveness, and a legal indemnification, i.e., certifying freedom from liability for EHR use of clinical users or organizations? Or does it signify less than that?"

One ONC-ATCB provided the following in response to my request for information.


From: Trivedi, Amit V (ICSA Labs)
Sent: Thursday, February 16, 2012 11:22 AM
To: Scot Silverstein
Subject: RE: Form submission from: Contact Us

Hello Scot,

Thanks for your email. Certification by an ATCB signifies that the product or system tested has the capabilities to meet specific criteria published by NIST and approved by the Office of the National Coordinator. In this case the criteria are designed to support providers and hospitals achieve "Meaningful Use." A subset of the criteria deal with the security and patient privacy capabilities of the system.

Here is a list of the specific criteria involved in our testing:
http://healthcare.nist.gov/use_testing/effective_requirements.html

In a nutshell, ONC-ATCB Certification deals with testing the capabilities of a system, some of them relate to patient safety, privacy and security functions (audit logging, encryption, emergency access, etc.).

What was suggested in the email below (freedom from liability for users of the system, etc.) would be out of scope for ONC-ATCB testing based on the given criteria. [I.e., certification criteria - ed.] I hope that helps to answer your question.

Thanks,

Amit

Amit Trivedi
Program Manager - Healthcare
ICSA Labs, an Independent Division of Verizon Business


My question was certainly answered. ONC certification is not a safety validation, such as in a document from NASA on aerospace software safety certification, "Certification Processes for Safety-Critical and Mission-Critical Aerospace Software" (PDF) which specifies at pg. 6-7:

In order to meet most regulatory guidelines, developers must build a safety case as a means of documenting the safety justification of a system. The safety case is a record of all safety activities associated with a system throughout its life. Items contained in a safety case include the following:

• Description of the system/software
• Evidence of competence of personnel involved in development of safety-critical software and any
safety activity
• Specification of safety requirements
• Results of hazard and risk analysis
• Details of risk reduction techniques employed
• Results of design analysis showing that the system design meets all required safety targets
Verification and validation strategy
• Results of all verification and validation activities
• Records of safety reviews
• Records of any incidents which occur throughout the life of the system
• Records of all changes to the system and justification of its continued safety

Health IT testing conspicuously lacks attention to most of the aerospace software safety points above. I note that there appears to be no reasonable excuse for such omissions.

IOM has recently studied the issue of HIT safety. IOM states in a Nov. 2011 report that HIT safety and safety testing is unsatisfactory, and has recommended HHS study it as well. IOM recommends HHS annually re-evaluate whether regulation is needed to improve safety, although IOM favors industry self-policing [2].

Thus, buyers and users of even "ONC certified" health IT are not indemnified from liability due to medical errors or problems caused by the health IT.

Sellers who exaggerate the value of certification or imply its meaning is akin to FDA device approval, likewise, could be faulted for making false representations about their products.

It would appear the sellers could potentially be sued for doing so by purchasers/users who themselves get into legal hot water due to EHR defects or other problems.

-- SS

Note:

[1] I believe confusion about EHR "certification" is in part due to the term itself. I raised objections to this term when it was first proposed based on my experience in pharma, suggesting what I felt was the more accurate expression "features qualification" instead.

[2] "Health IT and Patient Safety: Building Safer Systems for Better Care", Institute of Medicine of the National Academies, Nov. 2011, http://www.iom.edu/Reports/2011/Health-IT-and-Patient-Safety-Building-Safer-Systems-for-Better-Care.aspx

-----------------

Addendum March 6, 2012:

I received a response from another ONC-ATCB, the Drummond Group:

From: Joani Hughes (Drummond Group)
Sent: Monday, March 05, 2012 1:06 PM
To: Scot Silverstein
Subject: RE: EHR certification question

Per our testing team:

It is less than that. It does not address indemnification although a certification could be used as a conditional part of some other form of indemnification function, such as a waiver or TOA, but that is ultimately out of the scope of the certification itself. Certification in this sense is an assurance that the EHR functions in way that could enable an eligible provider or eligible hospital to meet the CMS requirements of Meaningful Use Stage 1. Or to restate it more directly, CMS is expecting eligible providers or eligible hospitals to use their EHR in “meaningful way” quantified by various quantitative measure metrics and eligible providers or eligible hospitals can only be assured they can do this if they obtain a certified EHR technology.

Please let me know if you have any questions.

Thank you,
Joani.

Joani Hughes
Client Services Coordinator
Drummond Group Inc.

These are direct and clear statements.

-- SS

Those Goddamn Plaintiff's Trial Lawyers Are to Blame for EHRs That 'Tattle' on Doctors - And Harm Patients

It seems the EHR technophiles are starting to notice one of the side effects of EHR technology: the liabilities EHRs impose on users.

Interestingly, those liabilities are presented below as the fault not of a cavalier industry receiving extraordinary governmental and regulatory accommodation compared to other healthcare sectors that, among other issues, have allowed it to (see hyperlinks for more information):


Instead, the liabilities are presented as the fault of plaintiff trial lawyers, who need to be disempowered through yet another special accommodation for health IT.

My comments are interspersed in [red italics]:

Feb. 8, 2012
The Wall Street Journal
MarketWatch
Healthcare IT Expert Exposes Hidden Risks of Lawsuits Due to Electronic Health Record

Spokesperson Says Electronic Health Records May Give Crippling Access to Physician's Actions and Increase the Need for Defensive Medicine

[Crippling access to physician's actions? That is an odd combination of terms - ed.]

DELRAY BEACH, Fla., Feb 8, 2012 (GlobeNewswire via COMTEX) -- Since the American Recovery and Reinvestment Act (ARRA) passed in February 2009 and caused a digital tsunami in the healthcare industry, physicians have been scrambling to comply with the requirement to switch to electronic health record systems. (EHRs) While many in the healthcare industry laud the use of EHRs to improve quality of care and analyzing patient outcomes, Dr. Sam Bierstock, founder of Champions In Healthcare, points out significant concerns regarding increased vulnerability to medical legal claims that may result from the use of EHRs without major tort reform that would relieve physicians of an onslaught of malpractice suits.

"EHRs unquestionably have the potential to improve patient safety and the quality of care delivered, but what few people realize is that using an EHR exposes physicians to an Orwellian level of analysis of every single act while doing their job," said Bierstock, who has advocated and pioneered the use and benefits of EHRs for more than 30 years." EHRs, however, can also be audited to examine how long it took them to act after an abnormal lab result came in, if the doctor checked on on-line references before making a clinical decision, what was said in every email and how long the doctor took to respond, and even how long the doctor looked at a screen or scrolled down to read an entire document.

[Why, exactly, this is a bad thing, I do not understand; it seems hypocritical. After all, any data collected that can help improve healthcare has been deemed golden - up to now - ed.]

Physicians are exposing themselves to an unacceptable level of scrutiny and analysis of their use of computers that may serve to encourage malpractice suits.

["Unacceptable level of scrutiny" is largely a code phrase for audit trails and other 'metadata', i.e., automatically generated computer data that shows who accessed or modified a document or other data, when, from where, etc. I ask - access to this data is unacceptable to whom? Injured patients? - ed.]

Meaningful tort reform is essential to getting the maximal benefit from these wonderful systems.

[Wonderful systems, when even the IOM admits we don't know the level of harm they cause, the NIST indicates they are poorly usable, and so forth as here? - ed.]

According to Bierstock, the problem runs even deeper because during his career as an industry consultant with Champions in Healthcare, and as a speaker at healthcare events he has noticed that the vast majority of physicians are still not aware of the complex requirements imposed upon them by the Health Information Technology for Economic and Clinical Health (HITECH) Act even though it has been a law for more than two years.

[I agree with the statement "imposed upon them", but this imposition was largely at the hands of the HIT pundits, the 'Ddulites' (technophiles who ignore technology's downsides, the opposite of 'Luddites', link), and various species of non-medical profiteers - ed.]

"I talk to many physicians who have no idea they can suffer financial, civil and even criminal penalties (i.e. jail) for non-compliance.," said Bierstock. "I have been asked to speak about this topic many times, but beyond HITECH, it's my opinion that similarly, doctors and hospitals don't yet fully realize their medical legal vulnerability associated with the use of EHRs.

[They will learn, fast, with Medical Informatics specialists such as myself on patients' side instead of on the side of the health IT industry - ed.]

This will be the case until there is major tort reform, which has unfortunately been thwarted by the influence of American Trial Attorneys and their associations."

[You see, it's all the fault of the evil Plaintiff's Bar - ed.]

Bierstock noted that in an effort to stimulate physicians and hospitals to install and use EHRs, The American Reinvestment and Recovery Act of 2009 also authorized the Centers for Medicare and Medicaid Services (CMS) to issue guidelines which define what is "Meaningful Use" of an EHR - guidelines which must be met in order for hospitals and doctors to receive financial incentive payments for using EHRs, or be penalized by having Medicare or Medicaid payments reduced for failure to meet the guidelines.

[Unfortunately, they did not formulate guidelines for safety. Thus, as Sharona Hoffman, JD notes in MEANINGFUL USE AND CERTIFICATION OF HEALTH INFORMATION TECHNOLOGY: WHAT ABOUT SAFETY?, "General system safety is a property that is attainable only through rigorous processes for development and evaluation. However, the regulations do not address certification of EHR vendors’ software development processes or even require vendors to analyze and mitigate potential safety hazards. Furthermore, ATCBs will use testing requirements developed by the National Institute of Standards and Technology (NIST) that are apparently intended only to determine whether systems include certain features. Passing such tests is not sufficient to ensure that those features function properly in the long term and under varied operating conditions." - ed.]

Bierstock believes that if physicians are expected to embrace EHRS, they should be allowed to do so in a manner that maximizes the benefits of these systems to the delivery of care and to the benefit of their patients without worrying about giving unlimited ammunition to trial lawyers.

[Perhaps the EHR pundits should have foreseen this eventuality before pushing the current administration to mandate national EHR rollout. It didn't take a rocket scientist to do so - ed.]

"Quite simply, physicians may be in a situation that leaves them vulnerable to litigation and threatens loss of their professional standing and personal assets -- all because an external evaluator [e.g., a trial lawyer, judge or jury -ed.] may not think the physician lived up to arguable standards in the digital age," said Bierstock. "Overall, EHRs are the litigator's proverbial golden goose. They are to malpractice attorneys what the electron microscope is to microbiology."

[In other words, EHRs deserve yet another special accommodation, this time regarding legal Discovery, in addition to the many other special accommodations this industry has received. In fact, EHRs make available only that which they are designed to, and discoverability of that information is a Federal matter under the Federal Rules of Civil Procedure (FRCP) governing e-discovery - "On December 1, 2006 the Federal Rules of Civil Procedure were revised to address numerous e-discovery issues. Rules 16,26,33,34,37 and 45 require attorneys to pay specific attention to electronic discovery issues. E-Discovery practices and strategies need to be reviewed and aligned with the updated rules to ensure compliance." - ed.]

I find requests for additional special accommodations for EHR's over other medical devices and IT in other industries (e.g., airplane black boxes and cockpit recorders that monitor the every move of pilots) to be illustrative of the concept "be careful, you may get what you wish for."

That plaintiff trial lawyers are blamed for quite properly using the Federal Rules of Civil Procedure to assure justice for victims of medical malpractice, including EHR-related medical malpractice, is outrageous.

It seems the pundits might be starting to panic, after realizing the "data utopia" that is going to "revolutionize medicine" has a downside.

-- S. Silverstein, MD

Feb. 14, 2012 Addendum:

It seems the clinical data itself generated by today's health IT - garnered while putting patients at risk and costing many billions of dollars - might not be anywhere near as trustworthy as advertised by the technophiles.

See "It Seems We Are Not The Only Ones Bumping Up Against EHR Data Quality Issues. PCEHR Implications Are Worth Considering" at the Australian Health Information Technology blog by Dr. David More, MB PhD FACHI, and the JAMIA articles he references.

Dr. More observes:

... If ever there was an example of “garbage in, garbage out” in operation this has to be it. There has to be a great deal of care taken as we move from the most simplest data sharing to more complex efforts.

-- SS

Making a Stat Less Significant: Common Sense on "Side Effects" Lacking in Healthcare IT Sector

At my Mar. 27, 2011 post "Those Who Dismiss Healthcare (and Healthcare IT) Adverse Events Reports as Mere "Anecdotes" Have Lost - Supreme Court-Style" I wrote that the SCOTUS decided in MATRIXX INITIATIVES, INC., ET AL. v. SIRACUSANO ET AL. (link to PDF) that:

... We conclude that the materiality of adverse event reports cannot be reduced to a bright-line rule ... Because adverse reports can take many forms, assessing their materiality is a fact-specific inquiry, requiring consideration of their source, content, and context.

Wall Street Journal author and "Numbers Guy" Carl Bialik adds to that point in an article today "Making a Stat Less Significant" where he writes:

To determine whether a medical side effect is significant in an experiment requires knowing that every incidence of that side effect is being reported. Researchers can feel confident that is happening in a controlled clinical trial of a drug, but they can't be sure when a drug is being sold to the general public, as was the case with Zicam.

In other words, when one is not sure that every incident of a side effect is being reported, one should not cavalierly dismiss "anecdotal" reports of side effects, especially from reliable reporters.

The practictioners of Medical Informatics, along with the HIT Industry and its customers, appear to have failed in that regard with respect to clinical IT (electronic medical records, CPOE etc.) For years they have argued that these medical devices should not be regulated because that would "stifle innovation" and that reports of device adverse events were "anecdotal." Many in the field still make these arguments.

This view extends all the way up to the Director of the Office of the National Coordinator for Health IT, who glibly stated per the Aug. 2010 Huffington Post Investigative Fund article FDA, Obama Digital Medical Records Team at Odds over Safety Oversight that FDA's own reports of health IT related injuries and deaths were “anecdotal":

ONC director Blumenthal, the point man for the administration, has called the FDA’s injury findings “anecdotal and fragmentary.” He told the Investigative Fund that he believed nothing in the report indicated a need for regulation.

Those "injury findings" appear in an FDA Internal Memo made available by the aforementioned Huffington Post Investigative Fund and archived at the following link:

Internal FDA memorandum on HIT risks (PDF) to Jeffrey Shuren MD JD (Director, Center for Devices and Radiological Health). Health Information Technology (H-IT) Safety Issues. "This is an Internal Document Not Intended for Public Use." Feb. 23, 2010.

(My description/summary of the memorandum is at my Aug. 2010 post "Internal FDA memorandum of Feb. 23, 2010 to Jeffrey Shuren on HIT risks. Smoking gun?")

That memorandum itself emphasizes how FDA's own knowledge of these events is partial due to reporting impediments and lack of knowledge of resources such as FDA's MAUDE database.

The known reports were likely "the tip of the iceberg" according to the Director of FDA’s Center for Devices and Radiological Health (CDRH) Jeffrey Shuren, MD, who also happens to be a lawyer.

As at the aforementioned "tip of the iceberg" link, at an HHS meeting of the HIT Policy Committee's Adoption/Certification Workgroup on February 25, 2010, Shuren testified:

... In the past two years, we have received 260 reports of HIT-related malfunctions with the potential for patient harm – including 44 reported injuries and 6 reported deaths. Because these reports are purely voluntary, they may represent only the tip of the iceberg in terms of the HIT-related problems that exist.

Even within this limited sample, several serious safety concerns have come to light. The reported adverse events have largely fallen into four major categories: (1) errors of commission, such as accessing the wrong patient’s record or overwriting one patient’s information with another’s; (2) errors of omission or transmission, such as the loss or corruption of vital patient data; (3) errors in data analysis, including medication dosing errors of several orders of magnitude; and (4) incompatibility between multi-vendor software applications and systems, which can lead to any of the above.


The problem with ignoring testimony and reports of health IT-related difficulties and dismissing them as "anecdotal" goes back to the issue of "knowing that every incidence of that side effect is being reported."

While FDA itself admits significant doubt about completeness of reporting in its memo, what's worse is that Koppel and Kreda at University of Pennsylvania wrote a paper from which one might conclude that the healthcare and health IT industries are themselves aligned to conceal health IT adverse events reports.

In their remarkable article Health Care Information Technology Vendors' "Hold Harmless" Clause - Implications for Patients and Clinicians, Journal of the American Medical Association, 2009;301(12):1276-1278, we learn that there is little motivation for device safety in the health IT industry:

Healthcare information technology (HIT) vendors enjoy a contractual and legal structure that renders them virtually liability-free—“held harmless” is the term-of-art—even when their proprietary products may be implicated in adverse events involving patients. This contractual and legal device shifts liability and remedial burdens to physicians, nurses, hospitals, and clinics, even when these HIT users are strictly following vendor instructions...HIT vendors are not responsible for errors their systems introduce in patient treatment because physicians, nurses, pharmacists, and healthcare technicians should be able to identify—and correct—any errors generated by software faults. [In other words, they are expected to be clairvoyant when presented with erroneous or missing data - ed.]

We additionally learn that:

The significant disparity between buyers and sellers in knowledge and resources [about healthcare IT problems] is profound and consequential. Vendors retain company confidential knowledge about designs, faults, software-operations, and glitches. Their counsel have crafted contractual terms that absolve them of liability and other punitive strictures while compelling users’ non-disclosure of their systems’ problematic, or even disastrous, software faults.

In other words, health IT customers and users have a gag order imposed on them regarding software faults and defects.

I think any reasonable person would conclude there is great doubt as to whether "every incidence of [HIT side effects] is being reported."

I also pointed out in JAMA (link) and on my Drexel website (link) how agreeing to these terms caused hospital executives to violate both their fiduciary duties to their organization's workers as well as Joint Commission safety standards obligations.

(I've personally reported health IT defects I'd observed in hospitals where my relatives were patients to FDA's MAUDE database, discovering that the institution itself, whose officials I alerted to the problems, did not. An example is here.)

The above is all common sense.

Thus, the dismissal of reports of health IT-related patient injury, deaths, and "near misses" represents a failure of common sense, as well as a massive abrogation of fiduciary responsibilities and legal and ethical obligations among the Medical Informatics, health IT vendor, healthcare delivery, and healthcare regulatory sectors.

One end result is that it permits software like this to be mandated by state governments on hundreds of hospitals. One can only imagine the public, press and legal reactions if mission-critical software issues of this magnitude were brought forth after an aviation or nuclear power plant disaster.

The cavalier dismissals of HIT mishap reports clearly fall into the "knew, or should have known" category of negligence.

Plaintiff attorneys for patients injured or killed via HIT-related mishaps should take note.

-- SS

Note: my WSJ comment on this issue appears here.