As federal officials encourage the rapid expansion of electronic medical records to help doctors improve care and cut costs, they lack a reliable and systematic method for tracking the safety of these products, agency data and audits show.
Instead, the Food and Drug Administration depends on a spotty warning system that can take a year to flag serious computer malfunctions and other software glitches. When it does learn about incidents that might cause harm, the FDA has failed to correct the problems, the data and audits show.
An examination by the Huffington Post Investigative Fund identified 237 “adverse events” reports linked to health information technology — including accounts of 6 deaths and 43 injuries — that have been filed with the FDA over the past two years. Most were reported by health professionals and manufacturers, but months later than required by FDA regulations.
In half the reports identified by the Investigative Fund, the FDA learned about an incident only after two months or more had passed. One in five reports described events nearly a year old. About one in ten cases had taken about two years before they were reported to the FDA, records show. FDA officials would not comment on the reports.
There’s little evidence that FDA officials took action after receiving the reports, despite criticism from the Department of Health and Human Services Inspector General, who in October of last year cited the agency for failing to catch problems with a wide range of medical devices.
The FDA’s difficulty in policing the growing industry underscores the enormity of the task officials face in tracking the reliability and safety of electronic medical devices as thousands of hospitals and doctors’ offices are being enticed with federal stimulus dollars to install them in the next five years.
“I’m not aware of any agreed-upon procedure for doing such monitoring,” said Dean Sittig, an informatics professor and specialist in patient safety at the University of Texas Health Science Center at Houston.
On Wednesday, a federal advisory committee is expected to make its final recommendations on whether to create a new national database for assessing digital medical errors and other safety hazards — including what role FDA might play in it.
“We’re going to be looking at all of the options for reporting,” said David Blumenthal, a physician and the top digital records official at HHS. “We’ll look at them closely and use them to inform our policy decision on how to go forward.”
Surgical Errors and Delays
The Investigative Fund review found that 29 software companies have reported incidents to the FDA since the start of 2008, mostly malfunctions. Most of the reports involve three companies. They are: GE Healthcare, Cerner Corp., a major maker of electronic health records and Philips Medical Systems, a British medical device company.
Though the FDA records reviewed by the Investigative Fund provide limited explanations for the root cause of errors, they provide a snapshot of what can go wrong. Some reports appear to illustrate how electronic records technology — which health experts commonly believe is far safer than paper-based records systems — can be associated with serious medical errors.
For example, many reports cite problems with a system known as computerized physician order entry, or CPOE, a critical piece of electronic medical records technology that officials are hoping to make widely available in hospitals and doctors’ offices (LINK).
Other reports show how high-tech medical devices that interact with an electronic record sometimes fail.
In one case, a doctor operated on the wrong side of a patient because images sent from one electronic system to another somehow reversed in transit. The manufacturer of the device involved, GE Healthcare, stated in the 2008 report that the problem occurred in the transmission but there’s no explanation of how the error occurred or what was done to fix it. There also are few details on the extent of the injuries other than that they required hospital care.
A second case filed by GE Healthcare in 2008 states that a man in an emergency room with an open head injury faced a 40-minute delay in treatment because doctors were unable to read the results of a medical exam through the computer’s viewing system. The report doesn’t explain why, and lists the outcome for the patient was “not known.”
Rules vary for reporting mishaps with computer health care technology. Makers of electronic medical records aren’t required to report these incidents, though some have done so voluntarily. But other computerized medical devices that connect with electronic health records are more heavily regulated and their makers must submit reports. As a result, most of the reports in the FDA system have been filed by companies whose products are regulated.
GE Healthcare is one of those companies. As a medical device manufacturer, it must report deaths, serious injuries and malfunctions within 30 days.
But in some cases, the company failed to meet that obligation, FDA records show.
Many of GE’s reports were sent to the FDA more than a year late and were filed after an April 2008 FDA inspection of GE Healthcare’s headquarters in Barrington, Ill. In that inspection, the FDA found that the company had failed to submit adverse event reports.
Several recall notices followed the inspection. One of those was for the GE Centricity PACS RA1000 Workstation, a device that stores X-ray images. Just after the inspection, GE Healthcare sent letters to its customers notifying them of problems. The company’s September 2008 recall notice stated that the device was posting incorrect dates for test results, which could in turn prompt a “potential patient misdiagnosis.”
GE Healthcare said in a statement that none of the issues cited in the inspection “impacted patient safety” and that when the FDA followed up in 2009, it found the company was in full compliance. “Over the past several years, GE Healthcare has made tremendous investments to strengthen its quality systems,” the company said in a statement. [Click for the full statement.]
The company added that most of its recalls since the FDA’s inspection stemmed from internal efforts to “to identify potential areas for improvement and make preemptive corrections prior to any issues occurring.”
Philips Medical Systems, a unit of Philips Healthcare, also has lagged in reporting. In February 2008, the company sent in 10 reports that an electronic system for collecting data from patient monitors, the Carevue Chart C.O., was mixing up information. The first of these had occurred the previous August, records show.
Company spokesperson Ian Race said that Philips hadn’t reported the incidents initially because the descriptions were too vague and came with limited details. But after concluding that a safety issue existed, the company filed the reports and fixed the problem, Race said. Despite the delay, the company is not aware that any patients were hurt, he added.
Cure for the FDA?
In October 2009, federal auditors criticized the FDA for failing to follow up on reports of adverse incidents or taking action against companies that didn’t filed them as required.
In that report, the HHS inspector general found the FDA’s in-house system of tracking events, known as MAUDE, had not been used “in a systematic manner to detect and address safety concerns about medical devices.”
The audit also found that some reports lacked basic details or appeared to be misclassified—all problems the inspector general report found “hinders analysts’ review.”
In response to written questions from the Investigative Fund, agency officials said they have made improvements since the audit. The FDA said it now “routinely uses adverse event reports to detect and address safety issues” and that it has “an enhanced method” of linking reports to “recalls, inspections and other compliance activities.”
The FDA has received a boost in funding in recent years. Yet the sheer volume of medical device reports suggests it more than has its hands full keeping up with the growing workload. The FDA has a staff of 17 full time and 14 part time individuals to review 200,000 reports annually for “device failure that may affect the public health.”
And earlier this month, FDA officials announced they had received more than 1,000 reports of problems with radiation devices in the past decade. But the FDA had only reviewed the reports and decided to tighten regulatory oversight after articles appeared in the New York Times,associating the devices with some deaths.
These lapses show that government regulators have a tough time monitoring “emerging technologies such as the electronic health record,” said Dale Nordenberg, a health and science consultant who has studied the issue. The only way to effectively evaluate systems is by reaching to outside experts and institutions to harness their knowledge of the technology, he said.
“No single institution has the expertise to regulate everything,” Nordenberg said.
One such group might be set up by the federal advisory panel, which is to report its findings to government health IT chief Blumenthal on Wednesday. The panel appears to be leaning toward a plan that would require doctors and hospitals to report these sorts of problems as a condition of receiving stimulus money to help them purchase electronic medical records systems.
The committee said in a draft report that it believed strongly in moving forward with the digital medical revolution. But the committee also wrote: “We detected, however, frustration that these systems are not reaching their full potential.” Officials also concede that their draft plan would take a minimum of three years to get started and concede that much work remains to devise a system that can effectively track these errors.
Still, Blumenthal, the government’s chief digital records coordinator, stressed that officials will take whatever steps are necessary to ensure that digital medical systems are “as safe as they possibly can be.”