JAMA’s latest study: EHR still poses significant security risks in many hospitals

In hospitals, drug safety is one of the important causes of health damage. Although CPOE (electronic prescription system) and EHR (electronic health records) can help protect patients from adverse effects, a new study has found that there are still many EHR security issues.

JAMA's latest study: EHR still poses significant security risks in many hospitals

A study by researchers at the University of Utah and Brigham and Women’s Hospital was published in the Journal of the American Medical Association (JAMA). The study used cPOE assessment tools to assess eHR performance in more than 2,000 hospitals over 10 years.

“Despite the widespread use and continuous optimization of EHR in hospitals, the safety performance of many EHR systems remains very different among the large number of hospitals and EHR providers surveyed,” the researchers wrote. “

The researchers are understood to have used “system command test scenarios that have caused a patient’s death or injury” to measure the extent to which hospital EHRs can identify potentially harmful errors.

“To take this high-fidelity test, hospital representatives download and enter a detailed set of profiles (including diagnostics, laboratory test results, and other information) to test the patient’s EHR. The researchers explained.

The clinician then enters an order for these “hypothetical” patients to test the drug and records the EHR’s response – “including an alert, message, guidance, emergency stop, or other form of information cdS (medical decision assistance) prompt, and whether the order is frozen or allowed to be entered in the EHR system.”

The biggest improvement over the past decade has been through CDS that can prevent potential adverse events such as drug allergies.

And those that require more advanced CDS alerts are less successful in issuing warnings, warnings, or soft-hard blocking.

Although the average rating of eHR systems by hospitals has increased over the past decade, eHR performance varies widely from institution to provider.

The researchers also point out that eHR systems with the largest market share are not necessarily the safest in terms of the institutions studied, while the second most popular EHR systems tend to have the lowest safety scores.

The study also noted that at least one of the nine suppliers received a perfect safety score in hospitals.

Security groups say alarm fatigue (which means that health care providers may ignore or close alarms because of long-term exposure to a large number of instrument alarms may reduce the sensitivity of instrument alarms) is the most important technical health issue in 2020, and the influx of CDS alerts has left important messages blurred or left unnoticed.

The Healthcare Research and Quality Agency (AEA) noted in 2015 that clinicians often ignore the vast majority of warnings of electronic prescription systems and even ignore key warnings about potential lytoses.

AHRQ continued: “Alert fatigue increases as alerts and electronic prescription systems become heavily used. This finding is intuitive, but it also brings important implications that if the system is not redesigned, the security risk consequences of alert fatigue will become more serious over time. ” 。

EHR improves patient safety. But, as the JAMA study points out, several hospitals have scored in a decade. However, they must be effectively optimized through accurate information input.

“Hospitals, EHR providers and policy makers can find ways to improve safety performance in a number of ways,” the researchers suggest. “

“First, hospitals should consider conducting some type of CPOE safety assessment at least annually or after the upgrade, and strive to address identified shortcomings,” they wrote. Continuous evaluation is also critical to identifying unexpected issues that may arise when system updates and customizations occur. “

They continued: “They should also share these results with EHR suppliers to help them make safer products, because safety is a shared responsibility between suppliers and hospitals.” “

They concluded: “Policymakers may wish to incorporate the CPOE Safety Assessment Score into a series of process quality measures in their public reports.” “

JAMA's latest study: EHR still poses significant security risks in many hospitals