How an EHR failure could happen to you
Two recent outages suggest system failures are more common than expected.
The news of two separate EHR failures at California hospitals in February brings an issue to light that is likely underreported, experts say.
The outages occurred at Antelope Valley Hospital in Lancaster, CA and at Rideout Health, a two-hospital system in Marysville, CA. The topic made the news as a result of allegations by the California Nurses Association that Antelope Valley's EHR failure shut down the hospital’s ED, which the hospital disputes.
That raises the question of how often EHR failures might be happening and getting resolved quietly.
Are they common? Experts weigh in
"Hospital EHR failures happen more than you would expect—they just happen silently and behind closed doors," says Hank Hikspoors, CTO for T-System Inc., who directs ongoing product development efforts for the company's emergency department information system.
"We don't always hear about them because there's a lot of risk associated with unscheduled system downtime," he tells Healthcare Dive. Hikspoors suggests that when an EHR system fails, hospitals want to mitigate any noise around the issue to avoid criticism in the media or any potential legal issues.
Gerard Nussbaum, health IT strategist at Kurt Salmon, suggests that a complete EHR failure is fairly rare because most hospitals should have technical redundancies in place to prevent a total EHR failure. "Having said that, though, total outages do occur," he says.
Guy Baroan of Baroan Technologies, a managed IT service provider, agrees that EHR issues occur more often than they make the news and suggests there are two factors at play: HHS not doing enough auditing of providers to make sure they have all their IT systems in order, and the healthcare industry not taking their IT risks seriously enough because they are unlikely to be penalized.
"The first thing everyone needs to do is a self-assessment, and a lot of people haven't even done that," he says.
Likely causes for EHR failure
Hikspoors eyes the risks of hospital-wide or enterprise EHR systems, which allow organizations to streamline everything into a single system and tweak it to their needs. While this sounds simple, he says there's a lot more to it than that.
"An enterprise system tends to come with standard IT configurations, leaving each individual hospital to customize this large and complicated system on their own, and also leaving a huge margin for error," Hikspoors says. "In my opinion, this is the source of a lot of EHR failures."
He suggests that while it's important for systems to be configurable to some degree, EHRs should come with IT, clinical and operational best practices from the vendor in order to ensure the most stable environment possible.
Nussbaum lists numerous additional issues that could result in total EHR failure:
- Loss of a primary data center where the hospital has not implemented redundant/backup facilities (e.g, electrical, fire, storm damage)
- A vendor failure in which the vendor lacks adequate backup facilities or the root cause takes out multiple facilities
- A failure in connectivity for offsite data or remotely-hosted vendor solutions (physical damage, such as a backhoe taking out the lines, or network failure) that also causes the failure of the backup connectivity, or where there is an absence of adequate backup connectivity
- Human error that causes the system to go down, which could occur in the core EHR or in the network
- Malicious action that disables the EHR system, network, or other components
What contingency plans should hospitals have in place to avoid and manage EHR failures?
The experts who spoke to Healthcare Dive stressed the need for redundant equipment and connectivity; disaster recovery plans and downtime procedures; appropriate system security; appropriate system monitoring to detect failures or misuse; and backup solutions such as standalone computers and paper documentation.
Hikspoors' top recommendations also include research on the hospital's EHR vendor to understand their support and limitations.
He emphasizes the need for an effective, scalable backup documentation strategy that can be implemented with a moment's notice, and recommends selecting an EHR vendor that has a solution for disaster recovery that is independent of their software solution.
Nussbaum recommends implementing downtime response teams that have clear procedures and are regularly drilled, as well as rigorous change control processes to minimize inadvertent human error in EHRs.
Baroan suggests utilizing cloud-based services as an option to move everything off site, along with redundant forms of internet service.
"It's a matter of looking at all the things that can go wrong and then planning for them," Baroan says, noting that HIPPA already has the necessary recommendations for doing so.
"The HIPPA requirements that are out there address all of these items," he says. "They address disaster recovery, they address auditing, they address remote access, the passwords, how to respond to a critical issue when it happens."
"Really, it's following all the recommendations from HIPPA that everybody should do and it's just not being done," Baroan said.