HHS panel wants database for health IT safety

Providers, patients and vendors would report hazards and unsafe conditions

The Health and Human Services Department should establish a patient safety database and oversight system to collect and analyze data about hazards related to health information technology, an HHS advisory panel has recommended.

Under the proposal, doctors, hospitals, patients, vendors and other health organizations would confidentially report incidents and unsafe conditions that happen with electronic health record (EHR) systems. The information would be analyzed and findings reported to the public.

The recommendations were made at HHS' Health IT Policy Committee’s April 21 meeting by its Workgroup on Certification and Accreditation. They are intended to fix glitches and misuses of the EHRs that may affect patient safety. The unsafe conditions generally start from technical problems, complex interactions of people and technology, training shortcomings and gaps in interoperability, workgroup members said.

“We learned that most unsafe conditions are not the result of a single software error,” the workgroup's proposal states. “Instead, multiple factors are involved, including challenges with usability, processes, and interoperability. Health care organizations and clinicians represent a primary source of information about unsafe conditions.”

The workgroup recommended forming a national, transparent oversight process and information system similar to a patient safety organization that would have confidential reporting with whistle-blower protections, the ability to investigate serious events, providing standard data formats that help collection and analysis and the ability to cover usability, processes and training.

The system would be created as part of Phase II of HHS' incentive payments for the purchase and "meaningful use" of EHRs under the economic stimulus law that will start in 2013.

Patients should be encouraged to report errors and safety concerns, possibly with a feedback button in a personal health record system, the workgroup said.

The group also recommended that HHS develop and disseminate information about best practices for selecting, installing and maintaining health IT systems, and consider requiring audit trails for all transactions at system interfaces.

Although the group heard testimony about the feasibility of involving the Food and Drug Administration in regulating digital health record systems, it did not recommend that the FDA take on that responsibility. Instead, it suggested that HHS consult with FDA.

“A number of concerns were expressed about the potential for increased FDA regulation of EHR systems,” the group wrote. For example, the FDA focuses on problems caused by individual devices, while many health IT safety concerns arise due to the interaction of systems, work processes and technology. Also, FDA’s reporting focuses on serious injuries, but does not cover unsafe conditions that have not resulted in injuries.

Also, “the increased costs of FDA class II regulation could become a barrier to entry for small vendors,” the group said.


About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.