Preventing Hospital Blunders
    By Enrico Uva | April 2nd 2012 12:30 AM | 26 comments | Print | E-mail | Track Comments
    About Enrico

    I majored in chemistry, worked briefly in the food industry and at Fisheries and Oceans. I then obtained a degree in education. Since then I have...

    View Enrico's Profile
    It took a recent and sensational headline about 10 preventable deaths in English Montreal hospitals in 2010-11 to draw attention to a nine-year old law that few non-hospital workers knew existed. Under Quebec's Bill 113, a patient has the right to be informed of any health institutional accident with potential consequences for the patient's health or welfare. For that to materialize, hospital workers are obligated by this law to report all errors, and management has to ensure transparency and implement means to reduce mistakes.

    In response to Bill 113, the Jewish General Hospital, commonly regarded as one of our best hospitals, has continued to devise preventive measures, and I'll spend the bulk of this article examining how it's dealing with one of the most common blunders by doctors and nurses.

    If we look at the 2010-2011 volume of activity at the Jewish General Hospital:

    Number of radiology exams
     185 751
     Number of prescriptions processed
     622 868
     Number of surgeries
     13 139

    the most common activity is by far the processing of prescriptions. Not surprisingly, most of the accidents involve medication, 1804, or 29.3 % of all reported accidents/incidents. In other Montreal English hospitals, this type of error accounts for an even greater share of the total.

    The medication error rate is miniscule (0.3%), but the volume of patients and prescriptions is so large that the number of accidents affects a great deal of lives. Awareness of the statistics, of course, makes the victims and their families feel even worse. It's similar to what goes on in the aviation industry, and a great deal of energy is invested in prevention to drive the number of mistakes even lower.

    Here are some strategies that the  hospital  has been using:

    • Wherever possible, medication is purchased in the final form in which it is to be administered—in other words, no mixing is required. This minimizes the possibility that the concentration of the drug is incorrect.
    • Similarly, a system has been adopted that requires the use of a single concentration of certain medications. This eliminates any doubt about the proper concentration of those drugs.
    • Drugs in high concentration have been removed from nursing units in non-critical areas.

    • Where appropriate, extra warnings have been place on intravenous medication bags.

    • Orders for certain high-risk medications are pre-printed to ensure clarity and accuracy, and the maximum dose limit for the pertinent medications.
    • Whenever JGH patients receive intravenous medication, they receive these drugs through "smart pumps". These digital pumps are programmed to check a database to confirm that patients are getting the right dose of the right medication at the proper rate. If a potential problem is detected, the pump emits a warning sound and does not allow the medication to be given. As an added safety feature, the smart pumps’ built-in drug library now contains information about minimum and maximum doses of high-risk medications.
    One observation that caught my attention was the following:
    When prescriptions or other notes for medication are written by hand, errors can occur because of unclear handwriting and because abbreviations for certain drugs are used by some people, but not by others.
    The ISMP (Institute for Safe Medical Practices) lists misleading abbreviations that should be avoided. These include omission of the zero before the decimal point, which could lead to the possibility that someone will overlook  the point and administer ten times the prescribed dose. One that shocked me was that some practitioners had developed the habit of abbreviating morphine sulfate as MSO4, which was then interpreted as MgSO4(magnesium sulfate). Latin abbreviations are also discouraged in ISMP guidelines. Based on Q.O.D. , short for quaque otram diem (every other day), some doctors wrote OD, intending to say "every day" or "daily", but it was occasionally being interpreted as oculus dexter, which means "right eye".

    A surprising number of clinics and hospitals still do not have computerized data bases for prescribed drugs. This creates problems when patients move from hospital to hospital or from one doctor to another, a very common practice, especially when the state picks up the bill, as it does here in Quebec.

    It will be interesting to see the impact of this precautionary approach on future accident rates. What's worrisome is the unreasonable crowding of patients that Montreal hospitals are expected to handle on a daily basis. If the volume is not alleviated, the errors may continue to occur with a similar frequency, despite the intelligent guidelines, additional paperwork and new committees.


    Gerhard Adam
    I find the casualness with which these people behave [and still consider themselves professionals] to be laughable.  Couple this with hand-written notes, I suppose one could conclude that it's an improvement from painting on cave walls, but not by much.

    In short, the undercurrent of attitudes here seems to be that most of the medical professional is unfamiliar with Copernicus.  By that I mean, that they may eventually realize that THEY are not the center of the universe, and perhaps they should consider who else may have to follow their notes and instructions.  It reeks of medical arrogance.
    Mundus vult decipi
    It seems 'defensive medicine' is a problem in Canada as well.  We don't need health care reform, we need legal reform so hospitals and doctors do not have to cover the bases by sending someone home with pills lest they be worried if they don't.
    Gerhard Adam
    I'm much more concerned about legal reform than medical reform.  Since hospitals and doctors tend to "close ranks" on any problem, legal action is often the only vehicle available to determine what's gone wrong.

    Certainly the legal community needs to be more self-policing regarding the legitimacy of claims, I wouldn't want to afford even more protections to the medical community that are unwarranted.  People spend thousands of dollars a year on insurance and then are charged outrageous amounts of money for the most trivial medical treatment.  So, I'm not inclined to show much sympathy for hospitals or doctors that screw up.
    Mundus vult decipi
    You may also wish to check out the Joint Commision on Accreditation of Healthcare Organizations' ("JCAHO") standards for prevention of errors. These emphasize eliminating communication errors through formal "handoff" procedures, "read back and verify," and utilizing typed "order entry" medication request forms (or computerized physician order entry).

    A number of my Dr's are now using handhelds where they automate prescription selections and processing to eliminate hand scrawled prescriptions.

    I like the idea of the smart pumps, but I wonder how many mistakes will be made by someone who thinks it's malfunctioning because it won't start, and they override it.......
    Never is a long time.
    A surprising number of clinics and hospitals still do not have computerized data bases for prescribed drugs. This creates problems when patients move from hospital to hospital or from one doctor to another, a very common practice, especially when the state picks up the bill, as it does here in Quebec.
    There's been a big push to update US Dr's and Hospitals, so things like scans can be referenced by any Dr who needs it, as opposed to just ordering a new scan.
    One of my Dr's said we could easily save 30-40% on Medicare just by eliminating redundant testing.
    Never is a long time.
    Gerhard Adam
    Probably true, but they'll delay and procrastinate until it becomes mandated by law and then they'll complain.

    Here's a perfect opportunity for the medical profession to improve on costs, and they don't bother to fix it.  They just continue, business as usual. 
    Mundus vult decipi
    And I think it's a requirement in the affordable care act.

    To some extent it's a huge cost to them (apparently the data security and backup requirements are long and expensive), and it doesn't save (or make) them anything.
    It does reduces health care costs, but the Dr's aren't paying that, Medicare and Ins Co's are.

    Now if they'd get a discount on malpractice ins because they've automated (and make fewer mistakes), it might help, but I'd be surprised if the Malpractice Ins companies are reducing fees just yet.
    Never is a long time.
    Gerhard Adam
    So, you're effectively saying that both sides are simply being held hostage to insurance companies.  There's no incentive to improve anything, because the medical profession doesn't care since someone else is paying the bill.
    To some extent it's a huge cost to them (apparently the data security and backup requirements are long and expensive), and it doesn't save (or make) them anything.
    That's a pretty poor and feeble excuse. 
    Mundus vult decipi
    There is no requirement to implement Electronic Patient Records (EPR) in the US. What the previous reader may be referring to is money available to organizations that implement EPR, as an incentive grant under a variety of health care legislation. It cannot be mandated by government, as that would interfere with clinicians' rights to practice medicine/nursing/pharmacy under professional standards. There are plenty of examples of failures, successes, and challenges related to EPR projects available in professional journals and online (i.e. just Google it). It is not a panacea, though; costs are only one of several considerations.

    Other important considerations include the added burden of time to document care with EPR (it takes a long time to write notes with a multitude of drop-down menus, tabs, and "forms" designed by geeks without consideration of who will use the system), capturing care provided for billing purposes, technical problems, and user interface issues. Using EPR also has significant security and privacy issues.

    The use of EPR also has a significant downside for patients. A few recent studies have shown that in organizations where EPR has been implemented, patients get more costly and unnecessary procedures and tests. The likely reasons include clinician frustration with locating results in EPR systems, forcing them to "just order the test again" (which takes very little time to click and press Enter). Another likely reason for increased costs to patients is that it's easier for bureaucrats in healthcare organizations to audit EPR charts for "billable" procedures and tests, increasing pressure on clinicians to improve the "bottom line."

    I found this page talking about this:

    Driving this undercurrent of rising demand is The American Recovery and Reinvestment Act (ARRA). This act includes a health IT program that has been allocated more than $17 billion. This subsidy money is being provided to healthcare organizations in the form of grants or reimbursements for implementing Electronic Medical Record (EMR) packages. Some of the popular EMR systems are Epic, McKesson, Cerner and MediTech.

    In addition to the subsidy dollars, there is a very aggressive implementation timeline requirement. Originally planned with a 2014 deadline, the timeline will likely be extended to 2017 or beyond. This translates into a demand for talent for a minimum of 6 years, but the demand will likely not decline precipitously after that. It's creating an industry-specific Y2K-type bottleneck.

    There is such high demand because healthcare organizations are rushing to be compliant. The Patient Protection and Affordable Care Act is forcing hospitals to become compliant with "meaningful use" of the EMR system. This means many things, but the focus is on automating records and allowing all providers to share the same patient record amongst each other.

    Other factors already in place are the HIPPA and changing ICD-9 payer codes – the code providers use to get reimbursed by insurance – to ICD-10, essentially adding digits. These transitions are very expensive and most US providers have not yet upgraded to the ICD-10 system, which is already in use in most other developed countries.

    Never is a long time.
    Gerhard Adam
    This translates into a demand for talent for a minimum of 6 years, but the demand will likely not decline precipitously after that. It's creating an industry-specific Y2K-type bottleneck.
    There's plenty of talent available; just not at minimum wage.
    Mundus vult decipi
    Gerhard Adam takes a long time to write notes with a multitude of drop-down menus, tabs, and "forms" designed by geeks without consideration of who will use the system...
    No doubt that's true.  However, it's equally true that nothing better will ever be developed if it isn't going to be used.  It just seems like a feeble excuse for people that have no problem engaging in all manner of technologies [whether it be telephone apps or their personal computers] suddenly can't see their way to using the technology where it matters.
    Mundus vult decipi
    First let me say, I think this is long over due.

    But, you know that the high cost of compliance it going to force many Dr's to close, raise their office visit fees, and/or stop taking Medicare Patients?
    Never is a long time.
    Gerhard Adam
    Well, perhaps it's just me being cynical, but I suspect that all of these doctors and hospitals have computerized billing systems.  Just shows where the priorities are.
    Mundus vult decipi
    Probably, But it's more than priorities, there are some very strict security requirements for medical record storage, something that's not required for billing info.
    Far stricter than what a normal Dr's office can provide, so they (at least the few I've talked to) lease servers from their hospitals secure servers, and it was a lot of money iirc (many thousands/month).
    Never is a long time.
    Gerhard Adam
    Again, that's just hospitals ripping off the doctors then.  Security becomes a convenient excuse when, in reality, there's little that needs to be done for a doctor's office unless their server is also connected to the internet.

    Most of these "costs" exist because people can get away with it.  It's like the bank charging for ATM usage.  It's a complete rip-off where they charge several dollars for a transaction that literally costs a fractional part of a penny to perform. 

    In short, it amounts to little more than the security requirements that would accompany paper documents.  There are literally thousands of organizations that have strict security requirements, so this isn't any pioneering effort.  My own experience has been that many doctors simply don't like the systems and have [in the past] refused to use them.  It had little or nothing to do with cost and everything to do with how they choose to work.
    Mundus vult decipi
    it amounts to little more than the security requirements that would accompany paper documents.

    I don't believe this is correct. Here's the rules for Hipaa medical records. And part of the ability to share records would require some sort of access over the internet (even if it's over a vpn).
    Never is a long time.
    Gerhard Adam
    Specifically, covered entities must:
    1. Ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit;
    2. Identify and protect against reasonably anticipated threats to the security or integrity of the information;
    3. Protect against reasonably anticipated, impermissible uses or disclosures; and
    4. Ensure compliance by their workforce.4

    HHS recognizes that covered entities range from the smallest provider to the largest, multi-state health plan. Therefore the Security Rule is flexible and scalable to allow covered entities to analyze their own needs and implement solutions appropriate for their specific environments.
    Again, I don't see anything particularly onerous or costly here.  It's certainly nothing I wouldn't already expect from anyone holding credit card or payment information.
    Mundus vult decipi

    Physical Safeguards

    • Facility Access and Control. A covered entity must limit physical access to its facilities while ensuring that authorized access is allowed.21 

      Workstation and Device Security. A covered entity must implement policies and procedures to specify proper use of and access to workstations and electronic media.22 A covered entity also must have in place policies and procedures regarding the transfer, removal, disposal, and re-use of electronic media, to ensure appropriate protection of electronic protected health information (e-PHI).23 

    Technical Safeguards

    • Access Control. A covered entity must implement technical policies and procedures that allow only authorized persons to access electronic protected health information (e-PHI).24 

      Audit Controls. A covered entity must implement hardware, software, and/or procedural mechanisms to record and examine access and other activity in information systems that contain or use e-PHI.25 

      Integrity Controls. A covered entity must implement policies and procedures to ensure that e-PHI is not improperly altered or destroyed. Electronic measures must be put in place to confirm that e-PHI has not been improperly altered or destroyed.26

      Transmission Security. A covered entity must implement technical security measures that guard against unauthorized access to e-PHI that is being transmitted over an electronic network.27

    The audit controls require something like a pass card system so access is logged.

    and then the penalties:
    Civil Money Penalties. HHS may impose civil money penalties on a covered entity
    of $100 per failure to comply with a Privacy Rule requirement.88 That penalty may
    not exceed $25,000 per year for multiple violations of the identical Privacy Rule
    requirement in a calendar year. HHS may not impose a civil money penalty under
    specific circumstances, such as when a violation is due to reasonable cause and did
    not involve willful neglect and the covered entity corrected the violation within 30
    days of when it knew or should have known of the violation.

    Criminal Penalties. A person who knowingly obtains or discloses individually
    identifiable health information in violation of HIPAA faces a fine of $50,000 and up
    to one-year imprisonment.89 The criminal penalties increase to $100,000 and up to
    five years imprisonment if the wrongful conduct involves false pretenses, and to
    $250,000 and up to ten years imprisonment if the wrongful conduct involves the
    intent to sell, transfer, or use individually identifiable health information for
    commercial advantage, personal gain, or malicious harm. Criminal sanctions will be
    enforced by the Department of Justice.

    Are a bit more than dealing with credit card info.
    Never is a long time.
    Gerhard Adam
    I think you're reading more into it than what's stated.  There's nothing even suggestive of a pass-card system.  However, I would certainly hope that such basic security precautions are in place even for paper systems.

    It seems that the only thing being added are the normal controls that accompany the use of electronic media.  Namely that it can't be simply hacked.  That unauthorized people don't have access to it from their computers, and that controls are in place so that somebody can't arbitrarily change something.  Again, nothing particularly onerous.
    Mundus vult decipi
    Maybe, I see Auditing Hardware access as key cards.

    But let's ignore that, this is still a rather complicated computer set up, much more complex that a scheduling and billing system, and it's not being set up by a "company" with an IT dept, it's being run by a Dr's office by usually over worked office staff with little computer background.
    The required hardware and software isn't cheap, nor will the technical support that'll be required.

    While well intended, there are going to be unintended consequences, which will be some dr's deciding it's not worth the hassle and closing (or turning away Medicare patience's, which is how the gov can force these kinds of changes on private businesses anonymous), or raising office visit fees.
    Never is a long time.
    Gerhard Adam
    I agree that they don't have IT departments, but invariably they all have contracts with some computer company to provide basic support. 
    Mundus vult decipi
    Most hospital systems in the US are heavily invested in IT and the EMR (Electronic medical record) simply because there will be large penalties for not being HIPPA compliant and the $ incentives offered by the govenrment. Even so, there are very thoughtful policies in place to deal with errors. I suppose those of us who are educators (as the authorof this article claims to be) might consider errors part of the process of improving care. Calling them "Blunders" certainly implies a number of a priori assumptions of facts not in evidence. It is clear the rhetoric is pretty polarized given the limited detailed knowledge base.
    george fueredi
    It is clear the rhetoric is pretty polarized given the limited detailed knowledge base.

    I did make a sincere effort not to paint the issue black and white, and unfortunately, some of the errors are clear blunders. But the main point is that I did not want the reader to focus on just the accidental deaths that the Canadian media pounced on. I revealed that there are good efforts at remedying the situation.