Money doesn't stop technology crashes

The U.S. government's insurance exchange program is not the only one to experience technological woes. Healthcare IT News and the California Nurses Association recently reported that Sutter Health, a health system in Northern California, experienced some technological woes as well, when its $1 billion dollar EPIC electronic health record (EHR) system crashed, causing patient records to be unavailable at several of its facilities.

The crash happened on August 26, 2013 at approximately 8 a.m. and lasted for a full day. During the crash, doctors and nurses could not access patient records, including medication lists and medical history. According to the California Nurses Association (CNA), the pharmacy backup system also failed.

Several of Sutter Health's facilities were impacted including Alta Bates Summit Medical Center facilities in Berkeley and Oakland, Eden Medical Center facilities in Castro Valley, Mills Peninsula in Burlingame, Sutter Delta in Antioch, and Sutter Tracy and Sutter Modesto, as well as Sutter affiliated doctors' offices and clinics.

According to the CNA, the EPIC system was down for about 8 hours on August 23 for planned maintenance, "during which nurses and other users could read medication orders and patient histories, but not enter new data." The new information "was kept on paper records then re-entered into the computers later."

In its press release, the CNA noted that "[r]eports from RNs throughout Sutter found little or no backup planning by hospital management, inadequate training, and little support during the emergency. . . . All that prevented greater chaos, said [Alta Bates Summit RN Mike] Hill, was the expertise of the RNs who 'knew what to do from experience, not from any direction from management as management was running around not knowing what to do according to the nurses. There was no training for this kind of downtime as it was unplanned. Nurses followed previous downtime training but this was different because there was no ability to see any info on the patient.'"

Sutter Health's spokesperson Bill Gleeson explained to Healthcare IT News that, the system "experienced an issue with the software that manages user access to the EHR . . . This caused intermittent access challenges in some locations. Our team applied a software patch Monday night to resolve the issue and restore access. We regret any inconvenience this may have caused patients[.]"

According to the CNA, the issues with Sutter's EPIC implementation are not new. In a press release issued July 2013, the CNA reported that, RN's at Alta Bates Summit Medical Center facilities in Berkeley and Oakland submitted over 100 reports, where "nurses cited a variety of serious problems with" the EPIC implementation efforts. These problems included:
  • A patient who had to be transferred to the intensive care unit due to delays in care caused by the computer.
  • A nurse who was not able to obtain needed blood for an emergent medical emergency.
  • Insulin orders set erroneously by the software.
  • Missed orders for lab tests for newborn babies and an inability for RNs to spend time teaching new mothers how to properly breast feed babies before patient discharge.
  • Lab tests not done in a timely manner.
  • Frequent short staffing caused by time RNs have to spend with the computers.
  • Orders incorrectly entered by physicians requiring the RNs to track down the physician before tests can be done or medication ordered.
  • Discrepancies between the Epic computers and the computers that dispense medications causing errors with medication labels and delays in administering medications.
  • Patient information, including vital signs, missing in the computer software.
  • An inability to accurately chart specific patient needs or conditions because of pre-determined responses by the computer software.
  • Multiple problems with RN fatigue because of time required by the computers and an inability to take rest breaks as a result.
  • Inadequate RN training and orientation.
  • Stakeholder buy-in - This dispute between Sutter and its nurses is a great reminder of the importance of getting user buy-in when implementing new technology. When users desires are not carefully considered and addressed, the on-boarding process becomes significantly more complicated and leads to animosity and hurt feelings on both sides.
  • Disaster Training - No technology is fool-proof. Technology is not perfect and crashes should be expected, whether they are due to a software error, natural disaster, or some other reason. Employees must be adequately trained and knowledgeable about the steps that need to be taken in the event of an EHR or other critical software system malfunction. Otherwise, hospital systems and doctors leave themselves open to greater liability in the event of an adverse patient outcome. A Disaster Recovery Plan is required under HIPAA and employee training should be considered in any Disaster Recovery and Business Continuity plan.
  • Adequate Backup - Critical systems must have adequate backup. Yes, this can be costly, but "critical" indicates that the information technology resources are essential to the function of the particular business. In the case of an EHR system, it is critical in the sense that lives are literally on the line. As such, backup services in these circumstances should be looked at as the cost of doing business and accounted for in annual cost allocations. A Data Backup Plan is a requirement element of HIPAA.

Resources and Supporting Documents

November 2016

Blog Home  

Newest Blog Entries
7/23/15 Hospital Settles with OCR for $ 218,400 Over Cloud-Based File Sharing

6/8/15 Two California Privacy Bills to Watch in 2015

3/28/15 When Looking at Security, Consider Every Device

3/9/15 Alabama Board of Optometry Makes Final a Rule on Telemedicine

1/25/15 Indiana Court of Appeals Upholds $1.44 Million Jury Verdict Against Walgreen Co. in a Privacy Breach Case; Denies Rehearing

12/9/14 Malware Leads to a $150,000 OCR Settlement with a Behavioral Health Provider

11/30/14 Can a Board of Medicine Use the State’s Prescription Drug Database in Investigating Physician Actions?

11/29/14 Under the Florida Telemedicine Rule, Can a Physical be Conducted by Telemedicine?

11/19/14 Wearables and the Challenge for Consumer Device Makers

10/28/14 A Few Telemedicine Resources

10/27/14 FCC: The Newest Regulator to Throw its Hat into the Data Privacy and Security Ring

Blog Archives
April 2014 (6)
February 2014 (4)
May 2014 (6)
November 2014 (3)
July 2014 (1)
June 2015 (1)
November 2013 (3)
September 2014 (1)
December 2014 (1)
January 2015 (1)
June 2014 (3)
December 2013 (5)
March 2015 (2)
October 2013 (9)
July 2015 (1)
October 2014 (2)
March 2014 (3)
August 2014 (4)
January 2014 (4)

Blog Labels
Dental (1)
FCC (1)
Financial Services (1)
Mobile Apps (2)
Medical Marijuana (1)
Employment (1)
FAQ (6)
Meaningful Use (4)
EHR (2)
Privacy Litigation (3)
Identity Theft (1)
Security (1)
Healthcare Fraud (1)
Marketing (1)
BYOD (2)
Social Media (2)
Mobile Apps FDA (2)
Data Breach (10)
Big Data (3)
Healthcare Competition (1)
Privacy (4)
Telemedicine (7)