- An unplanned EHR outage has occurred in 59% of surveyed U.S. hospitals, according to a recent report from HHS' Office of the Inspector General.
- Hardware malfunctioning was the main cause of EHR outages, followed by internet connectivity problems, power failures, and natural disasters. Hacking only accounted for 1%.
- About 25% of hospitals that experienced an EHR disruption delayed patient care.
The industry's push for EHR adoption has been met with strides and hurdles. The ONC recently reported 96% of all non-federal acute care hospitals were using a certified EHR in 2015. However, an AmericanEHR Partners' 2014 survey found over half of respondents (53%) found their EHR difficult or very difficult to use.
OIG surveyed 400 hospitals receiving Medicare incentive payments for using a certified EHR system as of September 2014.
"Persistent and evolving threats to electronic health information reinforce the need for EHR contingency plans," the OIG report stated. "This review and cyberattacks that have occurred since 2014 underscore our previous recommendation that OCR fully implement a permanent audit program for compliance with HIPAA."
Other notable findings include: 15% of reponding hospitals had dysfunctional EHRs adversely impact patient care; and 20% of outages lasted more than eight hours.
Yet, 95% of the respondents said they have EHR contingency plans. The OIG reviewed four HIPAA requirements: "Having a data backup plan, having a disaster recovery plan, having an emergency-mode operations plan, and having testing and revision procedures." Approximately two-thirds reportedly addressing the four HIPAA requirements.