Improving the safety of health information technology requires shared responsibility

Over the past 10 years, many countries have enacted policies calling for health systems to implement an enormously complex set of interconnected, often externally developed, software applications that together create an electronic health record (EHR).

The use of EHRs involves a wide variety of stakeholders often with conflicting priorities and requirements. These conflicts are exemplified by the following scenario. Most physicians would ideally like to dictate, write or type a concise, highly technical description of the patient's problem(s) and their treatment plans for their progress note and orders and then have someone else responsible for entering the information into the coded fields required for real-time clinical decision support, quality reporting, and billing

Patients want an easy to understand explanation of their underlying medical problems and a clear explanation of what they should do

The finance department wants a concise, structured note that can generate a defensible bill

Why share responsibility for EHR safety?

Poor safety of an EHR being used in a specific health care delivery system (health system) might depend on several factors including: (1) poor design, development, and configuration of the EHR leading to errors in its software; (2) incorrect or incomplete use of EHR technology within the health system; and (3) lack of processes to monitor and improve the EHR and associated health outcomes within the health system.33 Assigning responsibility to address safety concerns to only the developer responsible for some but not all issues, or only to the health system that has no control over how the system was designed and built, will not be successful because overall safety is based on their combined actions.34 In this case, shared responsibility requires that the party most in control over the concern being discussed are in the best position to address poor performance.35 This does not imply that responsibility or actions have to be shared equally for every situation. For example, a poorly designed EHR screen needs to be brought to the attention of those responsible for its development (the EHR developer), who then needs to address the issue. Conversely, an inappropriate drug-drug interaction alert nearly always needs to be brought to the attention of the health system, which should then address it.36 Finally, the health system needs to thoroughly test and then implement the updated version of the software.37 Thus, all parties “share” responsibility to take actions required to make the EHR safer to use. In the sections below, we use three challenges currently faced by EHR-enabled health systems as examples that impede safe patient care: interoperability, usability, and security and discuss what it means to share the responsibility to address these challenges