Health IT and 'High Regulatory Standards': Criminal Negligence for Implementing Defective Systems That Put Data in the Wrong Charts?

Over at the HIStalk blog (a blog whose owner remains anonymous, and who uses an ISP that does not reveal information that could be used to identify him, apparently out of fear of retaliation for controversial stories he posts), the following appeared:

Monday Morning Update 7/12/10

From Holy Smoke: “Re: Cerner. Misidentification incidents have been reported with Cerner PowerChart and Millenium in hospitals in Indiana, Michigan, and others after a Cerner upgrade. Entries are placed in the wrong electronic chart and reviewed data is for the wrong patient.” Unverified. I saw nothing in the FDA’s Maude database, so if it’s happening, customers should file an experience report.

While the reports are "unverified", I can add that the FDA MAUDE database would not show any data if this problem were recent, as I believe MAUDE contributions are reviewed by FDA before posting.

(7/21/10 addendum: various sources confirm this occurred at a religious-denomination hospital chain headquartered in the Great Lakes region of the U.S.)

However, as I wrote in Oct. 2009 at "Our Policy Is To Always Have Unabashed Faith In The Computer ... Except When It Screws Up, And Then It's The Doctor's Fault", the MAUDE database does contain some error reports from this vendor (one of the very few HIT vendors who actually file such reports) such as:

http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfRES/res.cfm?id=64345
Cerner Millennium RadNet Auto Launch Study and Auto Launch Report software functionalities. Defects in the Auto Launch functionality make it possible for a mismatch of patient data.

http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfMAUDE/Detail.CFM?MDRFOI__ID=946706
Patient care delay. The issue involves functionality in cerner millennium powerchart office and powerchart core and affects users that utilize the powerchart inbox and message center inbox. In results to endorse or sign and review, if the user clicks ok and next multiple times in quick succession while attempting to sign a result or a document, the display could lag behind the system's processing of the action, and multiple results or documents could be signed without the user's review. In message center, when clicking ok and next or accept and next, or when deleting or completing messages and moving to the next task, a document could be signed or a message could be deleted without the user's review. Results could be endorsed or documents could be signed without physician review, which could impact patient care. Cerner received communication that a patient's follow-up care was delayed as a result of this issue.

http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfMAUDE/Detail.CFM?MDRFOI__ID=753029
Microbiology set up a program within the cerner computer system to automate the reporting system for hsv (herpes simplex virus)testing. The system was tested with the assistance of cerner and found to be working appropriately. The new system was operational for approximately 3 weeks when it was determined that the first word of the sentence, "no" was inappropriately dropping off of the following sentence: "no herpes simplex virus type 1 or herpes simplex virus type 2 detected by dna amplification. " as such, two of five patients were incorrectly informed that they had hsv before the error was detected. One had started an antiviral creme treatment. The other three did not have follow-up visits until after the correct results were determined. Cerner has looked at the program and has not provided an answer for the system issue. In the interim, the previous manual review and entry process is being used.

Assuming the current reports from anonymous whistleblower "Holy Smoke" are true, I note the following.

My observations apply to any vendor and/or healthcare organization that puts defective HIT into use in patient care--

At my April 2010 post "Healthcare IT Corporate Ethics 101: 'A Strategy for Cerner Corporation to Address the HIT Stimulus Plan'", I'd written:

A profoundly disappointing lesson in the ethics of the healthcare IT sector (and the B-schools as well) can be gleaned from the following, a paper written by a Cerner employee and two health industry colleagues for a Duke Fuqua School of Business course.

The course is "Health Economics & Strategy (HLTHMGMT 326), Distance Executive MBA" (syllabus here in PDF) ... The paper is entitled "A STRATEGY FOR CERNER CORPORATION TO ADDRESS THE HIT STIMULUS PLAN."

The paper was scrubbed from the Duke Fuqua School of Business Site on or around April 16, 2010 but a cached copy is available here. In that paper what I believe is a combination in restraint of trade was suggested:

This paper seeks to clarify these implications [of the the economic 'stimulus' package - ed.], understand the strengths and weaknesses of various players in the industry and recommend a strategy for Cerner Corporation to maximize its profit from the stimulus package and thereby secure a dominant position in the HIT industry.

... We recommend that Cerner collaborate with other incumbent vendors to establish high regulatory standards, effectively creating a barrier to new firm entry.

High standards? I have some suggestions regarding "high regulatory standards."

I agree that high, in fact, the highest regulatory standards should be upheld.

I think I can safely state that a common regulatory standard in healthcare is that those involved in patient care, even peripherally, act with sound judgment and with patient well being as a foremost concern. Those acting recklessly and dangerously might be found negligent in a civil sense, or if acting recklessly in a willful and knowing manner, might be found criminally negligent.

Two descriptions of criminal negligence:

Criminal negligence - (law) recklessly acting without reasonable caution and putting another person at risk of injury or death (or failing to do something with the same consequences).

Criminal negligence is conduct which is such a departure from what would be that of an ordinary prudent or careful person in the same circumstance as to be incompatible with a proper regard for human life or an indifference to consequences. Criminal negligence is negligence that is aggravated, culpable or gross.(PDF).

It is damn well clear that electronic medical records systems must function without unpredictable data errors that put data into the wrong persons' charts, thus producing two errors and two possibilities for patient harm: an erroneous absence of appropriate data in one patient's chart, and an erroneous presence of inappropriate data in another's.

This is not a theoretical argument open to debate, and this is not a drill.

A recent IT-related data error involving one single medication nearly killed my relative.

In addition, the "learned intermediary" excuse used to punt liability onto physicians and other clinicians for patient harm due to IT errors does not apply here, and this is also not open to debate. Physicians, even the most learned, are not clairvoyant; they should not be expected to know which chambers are empty and which chambers are loaded in a game of cybernetic Russian Roulette with the data on their patients.

Having an EMR maintain fundamental relational integrity, i.e., not place clinical data entered in good faith by trusting clinicians in another patients' chart, is not rocket science.

Those who design, those who implement, and those who put into production (i.e., for use by physicians, nurses and other clinicians in the care of patients) any health IT "upgrade" without the extensive testing, testing and more testing necessary to prove proper operation on such a fundamental point as maintenance of relational integrity (i.e., correct patient identity in data storage and retrieval) knew, should have known, or should have made it their business to know that doing so puts patients at risk of injury or death.

Putting an "upgraded" software application with such fundamental defects into actual use in real, live patients care environments - for whatever reason, e.g., finances, vendor marketing pressures, meeting planned objectives and numbers, obtaining a bonus, etc. - reflects in my view:

"... a departure from what would be that of an ordinary prudent or careful person in the same circumstance as to be incompatible with a proper regard for human life or an indifference to consequences."

Thus:

In upholding the highest regulatory standards, if patients are harmed or die as a result of this type of HIT snafu, criminal charges against the responsible IT, clinical and administrative personnel would be an appropriate remedy to this type of negligence.

As I wrote at "$4 Billion Military EMR "AHLTA" to be Put Out of Its Misery?", in my view as of 2010 legal actions are the only way that the domain of healthcare IT can be returned to a field "of, by and for" clinicians, instead of "of, by and for" those who live off the hard work of clinicians and their patients.

-- SS

More on Perversity in the Healthcare IT World: Is Meditech Employing Sockpuppets?

(Note to readers: also see my Jan. 7, 2010 followup post "Socky the Meditech Sockpuppet on Vacation?")

At "Are Dissmissive Industry and Government Reactions to Physician Concerns about EHR's and other Clinical IT Simply Perverse?" I observed that cavalier dismissals of physician reports on HIT unusability and difficulties fit quite well the definition of "perverse:"

Merriam-Webster dictionary:

Perverse (adj).
Etymology: Middle English, from Anglo-French purvers, pervers, from Latin perversus, from past participle of pervertere
Date: 14th century

1 a : turned away from what is right or good : corrupt b : improper, incorrect c : contrary to the evidence or the direction of the judge on a point of law
2 a : obstinate in opposing what is right, reasonable, or accepted : wrongheaded b : arising from or indicative of stubbornness or obstinacy
3 : marked by peevishness or petulance : cranky
4 : marked by perversion : perverted

In a later post, "An Honest Physician Survey on EHR's" I reported on the comments submitted by hundreds of physician members of the American Association of Physicians and Surgeons (an organization mainly of physicians in private practice who strongly support physician independence and other conservative views, founded in 1943) in a 2008 survey about HIT:

AAPS - PHYSICIAN ATTITUDES & ADOPTION OF HEALTH INFORMATION TECHNOLOGY (PDF)

The common theme in their feedback was how HIT in its present form disrupted private practice physicians, distracted them from the physician-patient relationship and impaired their ability to properly care for patients. See the above-linked post and AAPS survey report.

An anonymous, usually lively and even combative reader "IT Guy," who claims to be an IT professional at an HIT vendor, on occasion leaves comments to my HIT posts.

These are typically in the form of unsubstantiated refutations of the material in the posts, and ad hominem attacks in the unmitigated defense of HIT, e.g., referring to this writer as "a teaching professor at a major university who has virtually no understanding of statistical analysis" or as a "grandstanding self-promoter" (See, for example, here at January 5, 2010 8:53:00 AM EST. Read the entire thread.)

In the latest case, "IT Guy" commented on my report of the AAPS HIT survey responses as follows:

IT Guy said...
It's the March of the Ludites.

Thanks for a very funny post.

January 4, 2010 12:28:00 PM EST

I failed to see the humor in dozens of adverse comments about HIT from private practice physicians, and replied with a link to my initial post about HIT industry perversity mentioned above, which elicited the even more perverse response:

IT Guy said...
No one is dissmissive of legitimate concerns. Luddites are a different story. Most of the "concerns" in that diatribe are of the Luddite variety.

January 4, 2010 1:33:00 PM EST

In other words, a survey of physician concerns is a "diatribe" and it is up to the "IT guys" to determine which physician concerns are "legitimate" and which are of the "Luddite" variety.

"IT Guy" remains anonymous and has been so since he first started posting comments here, despite prodding to reveal his identity to better facilitate an understanding of where his/her viewpoints arose. He/she has neglected to do so.

Even the blogger profile is blank, click to enlarge:




Now, I welcome anonymous comments and have a thick skin - to a point. When the comments go ad hominem or perverse, I do consider deleting them.

However, when such comments are potentially revelatory of major issues, I promote and amplify them - as now. Read on.

This person also apparently uses the anonymous moniker "Programmer" at the HIStalk blog where he similarly attacks my comments made under my actual name S Silverstein or under MedInformaticsMD. The HIStalk site owner actually edited out defamatory comments made about me in Oct. 2009 at HIStalk comment #28 at this HIStalk comment thread and apologized for this entry on his blog:

#28 Programmer [at HIStalk blog - ed.]October 20th, 2009 at 11:57 am

Yes, it’s that simple. If you select for pre-IT and post-IT data and use a large enough sample size the other factors with equal out. If the sample size is large enough you should have a relatively small margin of error.

[i.e., "Programmer" -- who I soon show is also "IT Guy" -- opines that in comparing clinical adverse event rates pre- and post healthcare IT installation, all you need is a large enough sample size, which then nullifies or cancels out, for example, changes occurring over time that are not related to the intervention, and other potential confounders in a pre-post comparison. If only evaluation studies in healthcare informatics were that simple ... it is concerning that IT vendor personnel might have such beliefs - ed.]And the fact that a teaching professor at a major university has virtually no understanding of statistical analysis makes me say “at least I don’t have to worry about losing my job to one of his students."

[Latter sentence was removed by HIStalk owner - ed.]

Now, back at HC Renewal see this combative comment thread where "IT Guy" a.k.a. "Programmer" refers to that removal, and repeats the above statistical faux pas and ad hominem ("just to make sure I read the whole thing"), and adds another ad hominem for good measure. I let them remain. (Comment dated October 20, 2009 1:35:00 PM EDT.) HIStalk's "Programmer" and HC Renewal's "IT guy" are apparently one and the same.

Getting to the core of this posting, I repeat, when such comments are potentially revelatory of major issues in HIT, I promote them - as here.

The raison d'être for this posting is an interesting pattern:

Before "IT Guy" posts comments at HC Renewal, "hits" appear from a major health IT vendor's IP in our publicly-accessible Sitemeter log, with outclicks to the comment sections of posts where "IT Guy's" comments then appear.

For example:

Domain Name (Unknown)
IP Address 12.11.157.# (Medical Information Technology) [Meditech - ed.]
ISP AT&T WorldNet Services
Location
Continent : North America
Country : United States (Facts)
State : Massachusetts
City : Milford
Lat/Long : 42.1544, -71.521 (Map)
Language English (U.S.)
en-us
Operating System Microsoft WinXP
Browser Internet Explorer 6.0
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648)
Javascript version 1.3
Monitor
Resolution : 1024 x 768
Color Depth : 32 bits
Time of Visit Jan 4 2010 11:49:49 am
Last Page View Jan 4 2010 12:55:12 pm
Visit Length 1 hour 5 minutes 23 seconds
Page Views 12
Referring URL
Visit Entry Page http://hcrenewal.blogspot.com/
Visit Exit Page http://hcrenewal.blogspot.com/
Out Click 0 comments
https://www.blogger.com/comment.g?blogID=9551150&postID=4799128165855153590&isPopup=true
Time Zone UTC-5:00
Visitor's Time Jan 4 2010 11:49:49 am
Visit Number 643,748

At the time of the outclick, there were "0 comments" to that post, as shown in the log above. Shortly after, IT Guy's aforementioned "Funny March of the Luddites" comment appeared ... as comment #1.

Likewise today, several "hits" appeared from IP 12.11.157.# with outlinks to the comment thread, for instance as seen below when only 23 comments were present, mostly from "IT Guy", Dr. Poses and myself:

Domain Name (Unknown)
IP Address 12.11.157.# (Medical Information Technology)
ISP AT&T WorldNet Services
Location
Continent : North America
Country : United States (Facts)
State : Massachusetts
City : Milford
Lat/Long : 42.1544, -71.521 (Map)
Language English (U.S.)
en-us
Operating System Microsoft WinXP
Browser Internet Explorer 6.0
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648)
Javascript version 1.3
Monitor
Resolution : 1024 x 768
Color Depth : 32 bits
Time of Visit Jan 5 2010 9:38:07 am
Last Page View Jan 5 2010 9:57:40 am
Visit Length 19 minutes 33 seconds
Page Views 3
Referring URL
Visit Entry Page http://hcrenewal.blogspot.com/
Visit Exit Page http://hcrenewal.blogspot.com/
Out Click 23 comments
https://www.blogger.com/comment.g?blogID=9551150&postID=4799128165855153590&isPopup=true
Time Zone UTC-5:00
Visitor's Time Jan 5 2010 9:38:07 am
Visit Number 644,308

After that, more comments from "IT Guy" appeared starting with ... #24.

The pattern has remained consistent.

Now, the evidence is circumstantial but it does not take a Sherlock Holmes to realize it is quite likely this commenter is an employee of a healthcare IT vendor named in the above links, Medical Information Technology, Inc., a.k.a. Meditech.

I am concerned that a possible employee of an HIT company - any HIT company -- might find physician concerns about HIT as serious as those expressed in the AAPS survey "funny" and "of the Luddite variety." I also am concerned that an employee might think that in situ pre-post evaluations of the technology need not take into account possible confounders.

If this person is an HIT vendor employee and IT professional at this HIT company or any other -- I think it likely he/she holds such a position at some HIT company and such attitudes -- then a number of questions are raised:

• How common is this attitude among HIT vendor employees? Is this a systemic problem?

• How do such attitudes translate into satisfying customer requests for remediation of HIT defects and problems?

• Should HIT vendors be doing better due diligence in their hiring practices to assure they hire IT personnel with a service mentality and who understand that clinicians are the enablers of medicine, they the facilitators? (A point my graduate healthcare informatics students are taught and grasp readily.)

At the very least, perhaps employees of HIT companies (such as the one in the logs above at Meditech, whoever they may be) should pay more attention to improving HIT, rather than spending 1 hour 5 minutes 23 seconds reading 12 posts here during business hours.

"IT Guy" is welcome to continue submitting anonymous comments, but if they contain ad hominem they will be deleted.

-- SS

Addendum 1/5/10:

A HC Renewal reader with an MBA non-anonymously relates the following (emphases mine):

In reading this thread of comments I have to believe IT Guy is a salesperson. My only question is: Were you assigned this blog or did you choose it? We had this problem a number of years ago where a salesperson was assigned a number of blogs with the intent of using up valuable time in trying to discredit the postings.

In my very first sales class we learned to focus on irrelevant points, constantly shift the discussion, and generally try to distract criticism. I would say that HCR is creating heat for IT Guy’s employer and the industry in general.

I find it sad that a company would allow an employee to attack anyone in an open forum. IT Guy needs to check with his superiors to find out if they approve of this use of his time, and I hope he is not using a company computer, unless once again this attack is company sanctioned.

Steve Lucas

I think that is an interesting possibility - someone paid to disrupt. It fits, and again invoking Sherlock Holmes, there is the means, the motive and the opportunity. Time for another definition:

Sock puppeting: "the act of creating a fake online identity to praise, defend or create the illusion of support for one’s self, allies or company." (NY Times)

If true (unfortunately for the salesperson), I make this observation:

To most of the readers of Healthcare Renewal, who find a focus on irrelevancy and irrationality to be signs of foolishness and hysteria (we clinicians have seen it all, by the way), this salesperson has nothing to sell.

Another perversity also comes to mind. If what Mr. Lucas suggests is indeed occurring, a company behind such actions would be exhibiting self destructive behavior in trying to disrupt and discredit those who could actually help them to make better products and be more competitive. I remind that patients are the true "customer."

It also follows that, if this analysis is true, the defamatory attacks left at HIStalk and here at HC Renewal would have been made with foreknowledge of their falsity and with malice.  I have informed the company's General Counsel of this information and hope that will be sufficient to cause the harassment from their company to cease.

Defamation, I also add, is certainly not a particularly wise HIT vendor strategy with the HIT industry under investigation by US Senator Grassley (see Oct. 2009 PDF letter to a number of vendors and management consultant firms here).

Having worked in pharma, however, another self-destructive industry due to its internal pathologies, I've seen worse done to critics. Incidentally, another probable blog troll/sockpuppet comment from that industry is in the comments section at this Jan. 2008 post.

-- SS