In this presentation, Dr Dean Sittig illustrates how an organization can institute an internal EHR inspection program including learning: 1) Where to look for potential problems? 2) Who to ask questions of? 3) What questions to ask? And 4) How to identify potential Red Flags?
Following this presentation, participants will be able to identify the 8 dimensions of safe and effective EHR use and specific red flags that often appear in each area. Finally, they will learn what they should do to remedy these situations before tragedy strikes.
Many organizations are in the midst of implementing Electronic Health Records (EHRs). Research and experience gained over the past 20 years has shown that implementing EHRs is difficult, time-consuming, and expensive. In addition, recent reports indicate that many organizations continue to experience various types of unintended adverse consequences. The goal of this presentation is to describe how to conduct an internal audit of your facility’s clinical information systems.
In medicine, "Red Flags" are taught as signs or symptoms that must never be overlooked. For example, a finding of “swollen lymph nodes” during a routine physical examination of the patient’s neck should be investigated to rule out potentially serious systemic infections.
Likewise, there are similar signs and symptoms related to potentially dangerous situations involving implementation and use of EHRs. For example in the area of hardware and software, if during a discussion with the person in-charge of making sure that the EHR was appropriately backed-up, one learns that the backup tapes have “never been tested”, one should raise a red flag. Similarly, if one were to learn that an organization is not up-to-date with the latest software patches from their EHR vendor or with the operating system, one should take notice. Likewise in the area of clinical content, a finding that the order sets have not been reviewed in the last two years should raise a red flag. When examining the human-computer interface, if one notices that patient identifying information is missing on any screen, that should raise a red flag. Or in the area of workflow, if there is not a computer-based method of notifying nurses that a new order has been entered into the EHR, that is a problem. Similarly if an organization has not implemented a role-based access system and simply allows all users to see all patients and access any specific applications, that presents a huge potential for patient privacy violations.