Services Blog Pathologists About Leadership Client Benefits Contact Login

The Medical Malpractice Risk Of Your EMR

breach risk emr malpractice risk management risk management tools riskmanagement riskmanagementtools whitecoatrisk Jul 30, 2019

Worried about your mistakes resulting in a medical malpractice case?

Well, you should also consider this.  That EMR in your office may also be contributing to your medical malpractice risk.  

EMR Generated Errors

In this recent article in Medical Economics, they outline sources of errors that are in your EMR.  In fact, the number of medical malpractice cases due to errors generated by an EMR tripled from 2013 to 2017.

There have been errors that have resulted in incorrect surgeries and other medical issues, but perhaps the most common problem is in electronic prescriptions.  

The articles recommendation?  You should test your EMR to make sure it's accurate. 

Yes, you heard this correctly. YOU should be checking the system periodically to make sure it's accurate.  As if you, as a physician, didn't already have a significant efficiency handicap because of poorly designed EMRs with poor interfaces.  Now you have to become an I.T. expert.  

One "hidden" risk of EMR errors is likely in the contract you signed with the EMR supplier and manufacturer.  It's called a "hold harmless" clause.  Basically, that clause states (depending on how it's written) that the EMR supplier is not responsible for errors and problems with their software.  Essentially they have put YOU on the hook for their software errors.

Click on the image to be taken to the article....

So What Can You Do To Protect Your Practice From EMR Errors?

I think the answer is as much as you can possibly do to help prevent errors.  I know that sounds vague, but it's the truth.  After all, we are all about taking care of patients, and causing harm is not what you are intending to do.

Here are some thoughts and suggestions.  They are some starting ideas to get you moving toward a less risky relationship with your EMR. (Remember...as with all recommendations in these articles, you should fully investigate these ideas and YOU decide if they should be applied to your specific situation.)

1. Consider turning off any flags, notification or other annoyances and distractions in the system that do not have anything to do with your practice.  Obviously, you should keep active those which do impact your practice.  Eliminating repetitive flags that don't apply your practice can help reduce the "brain numbing" effect of useless and distracting notices that only make the use of the EMR annoying...

2. When implementing an EMR, don't let the vendor off the hook for ensuring that it's working properly.  While it's likely they will push back on such expectations, you should have them document proper transmission of data in and out of the system, such as prescriptions, lab orders and other out-going data, as well as confirming the accuracy of the incoming data, such as laboratory data.  Have them confirm the accuracy, in writing, with a report of their testing scope and findings as part of their installation and delivery of the EMR package.  You may also look to have them reconfirm this accuracy after any major software upgrade, interface update or on an annual basis. At a minimum, if you agree to this responsibility, have them provide specific instructions on how to perform these tests, so you don't have to become an I.T. expert yourself or spend a lot of money for an I.T. consultant to do the work that your vendor should be performing.

3. Avoid customizations of the EMR software, outside of the normal configurations that are part of an implementation.  The greater your deviation of implementation from their "stock" program, the greater the chance of the EMR not functioning properly.  Moreover, it's likely that the EMR company will be less likely to identify potential software function errors in that customization in the future when they perform their periodic upgrades, leaving you vulnerable to unrecognized problems.

4. Consider using an EMR that is provided by your health system or hospital. While there are drawbacks (such as having to use a system that they have selected and creating a long term relationship with that particular healthcare system or hospital), benefits may include lower cost and a full hospital provided I.T. team to help with the implementation and maintenance of that system.

5. When you provide patients with prescriptions and/or orders, print out a summary sheet and review it for accuracy.  Give that to the patient with instructions to check their prescriptions and/or orders with your printed summary when they receive their prescriptions or services outside of your office.  In fact, you may have an instruction/disclaimer on that summary sheet that states the patient should confirm the accuracy of the fulfilled service or prescription at the time of delivery. 

6. Slow down when entering data into your EMR and proofread it at the time of entry. There is no better time to ensure the accuracy of entry than at the time of that entry. 

7. Don't forget about hackers and other outside threats, which you are also responsible for protecting against.  This is an increasingly difficult threat to protect against, but one that is very serious. Their activities can result in the destruction of your data, breach of PHI (personal health information) and ransom of your system. Those are just some of the risks.  And don't forget about the risks that can occur from within your practice, both accidental as well as intentional.   Fortunately, some of these threats can be insured against using Cybersecurity Insurance, which can help with the financial impact of a serious I.T. intrusion event.  

Your EMR Responsibilities

Unfortunately, EMRs are here to stay, in most cases.  Yes, it's likely that you will be held responsible for errors that occur in (or because of) the EMR, especially if you don't take the necessary implementation and maintenance steps with proper documentation.  This may represent a medical malpractice case, but may also be fines, penalties, and judgments based on the unauthorized release of PHI.  

Let the buyer...beware (and prepared).

Here is a link to the article:

https://www.medicaleconomics.com/news/risks-ehrs

WhiteCoat Risk Management provides these articles to help improve general risk awareness in all aspects of your life.  It is not responsible for any actions you take or fail to take regarding any aspect of your financial planning or risk management.  This article is provided for information purposes and is not intended to provide individualized advice. You alone are responsible for your decisions.  

Visit or contact WhiteCoat Risk Management at www.WhiteCoatRiskManagement.com or join us on Facebook at https://www.facebook.com/WhiteCoatRisk/ 

Be sure to sign up HERE to receive a notification when new blog posts are published.  

Sign up and be notified of posts when they are published.

Join Us!

Recent Posts

8 Things To Know When Picking A Medicare Plan
Medicare Open Enrollment - October 15 - December 7
Essential Guide to Disability Insurance For Doctors
Close

50% Complete

Just one more thing to do...

Thanks for your interest.  Once you enter your first name and email, be sure to check your email and complete your opt-in.  While you are at it, be sure to "white list" emails from WhiteCoatRiskManagement.com  

Thanks!

Why do we do a double opt-in?  Because we want to provide you with that extra degree of security.