Health Information Technology Hazard Manager - 2012

Summary: This project focused on developing and testing a software tool called the Health Information Technology Hazard Manager. The goal of the software is to enable providers to classify and communicate hazards related to the use of electronic health records (EHRs) and other health information technology (IT) so that problems can be fixed or controlled before they cause patient harm. An example of a hazard would be entering an order for the wrong patient, which could be caused by user interface or the absence of an automated patient-identity confirmation.

Rather than looking retrospectively at accidents or near-misses, the Hazard Manager was designed to collect structured information about hazards associated with specific health IT products. The tool collects information about four main components of hazards: discovery, causation, impact, and corrective action. The system collects information on the nature of the hazard, its cause, and how it was corrected. The Hazard Manager can help health care providers assemble consistent and organized information about the potential hazards identified in their IT products, as reported by other users of the same products. When deployed regionally or nationally, health care organizations will benefit from a mechanism to categorize, manage, and resolve hazards consistently, and to anticipate hazards that others have encountered in the next upgrade of their IT products. The tool will also allow health IT vendors to view hazards their customers have identified and prioritize fixes for future upgrades. The Hazard Manager contains three levels of security: 1) participating health care organizations can enter and see information about its own hazards and those reported by unidentified others who use the same products; 2) vendors can view hazards reported by their unidentified customers; and 3) health care organizations, vendors, policymakers, and researchers can view aggregated, unidentified reports of all hazards.

A Beta test was conducted under the auspices of a patient-safety organization (PSO). Beta test participants entered several hazards per week for 6 months. They also entered hazard scenarios (vignettes) to test interrater differences. The software was evaluated on usability and usefulness and refined accordingly, based on group and individual discussion with participating health care organizations, their software vendors, and federal policymakers.

Project Objectives:

• Design, build, and test the Hazard Manager software. (Achieved)
• Beta test the Hazard Manager software in six to eight study sites. (Achieved)
• Refine the ontology based on findings from the Beta test. (Achieved)
• Deliver a fully tested and refined version of the Hazard Manager software and final report. (Achieved)

2012 Activities: The project was originally scheduled to be completed in February 2012, but due to delays in obtaining signatures on the PSO agreements and receiving the institutional review board waiver, the contract was extended by 3 months and the project was completed in May 2012. The focus of activity during the year was on refining the ontology based on findings from the Beta test and developing the final report, (PDF, 991 KB).

Impact and Findings: Several discoveries resulted from the Beta testing of the Hazard Manager, such as finding that an individual’s role determines the types of hazards that come to their awareness. For example, the IT implementation teams learn about potential hazards during testing, while patient-safety teams may learn about care process compromises during their review of patient care. Hospitals have separate IT and patient incident reporting systems that, while not explicitly designed for hazard identification, can help teams identify hazards.

The tool specifies whether software design flaws are related to usability, data quality, or software specifications. In terms of impact on patients, the software captures the severity, duration, and type of harm—focusing not only on physical but also raising awareness about psychological, financial, and reputational harm. The most important features of the Hazard Manager include:

• A clear focus on how hazards are discovered, including the point in the health IT lifecycle in which a hazard is identified, how it is discovered, and how information about a hazard is shared
  within and beyond a care delivery organization.
• Explication of the many causes that alone or in combination lead to health IT hazards, including distinct software design flaws and the absence of effective IT protections to help users avoid
  errors.
• Information about the impact of hazards as well as the type, severity, and duration of patient harm. For hazards that have not yet caused harm, the Hazard Manager supports estimation of
  potential for harm, including the number of patients who could be affected and the likelihood that an alert user would notice the hazard before a patient was harmed.
• Detailed information about the urgency of hazard correction and the steps taken to correct or mitigate a hazard. The departments that need to approve a hazard control plan, and the
  departments responsible for carrying out that plan, can also be recorded.

Target Population: General

Strategic Goal: Develop and disseminate health IT evidence and evidence-based tools to support patient-centered care, the coordination of care across transitions in care settings, and the use of electronic exchange of health information to improve quality of care.

Business Goal: Knowledge Creation