Nov 14
2013
Risk Management Concerns Arising Out of HITECH and the Hospital Re-admission Penalties Program
Guest post by James Hofert, Roy Bossen, Linnea Schramm and Michael Dowell, all partners with Hinshaw & Culbertson.
New federal healthcare legislation and implementing regulations, seek to exert control over multiple aspects of patient care. The Health Information Technology for Economic and Clinical Health Act (“HITECH”)[i] with staged implementation through 2016, seeks to not only promote implementation of electronic health record systems (“EHR”), but also regulate electronic communications of health information by and between the patient, physician, hospitals and other healthcare institutions so as to enhance care quality, care coordination and reduce costs.
HITECH further envisions implementation of clinical decision support algorithms for the diagnosis and treatment of disease both during admission and after discharge. The Hospital Readmission Reduction Program[ii], effective October 1, 2012, consistent with the objectives of HITECH seeks to financially penalize hospitals for higher than standardized readmission rates for heart failure, acute MI and pneumonia. The Center of Medicine and Medicaid Service (“CMS”) intends to expand application of the program to readmission for COPD, elective total hip arthroplasty and elective total knee arthroplasty in 2015[iii]. Consistent with preventative care goals so as to mitigate further health care problems as found in HITECH, CMS has refused to adjust the re-admission penalty program to account for readmissions unrelated to the patient’s initial hospitalization even though the readmission could be considered to be outside the hospital’s or physician’s control[iv].
Various organizations that have studied these regulatory requirements have concluded that properly designed EHR systems are key to successful compliance with CMS goals. The emphasis on the adoption of information technology in the healthcare field generates potential regulatory, legal and risk management concerns. As the requirements for acceptable EHR systems evolve, so do relevant common law standards of care. The rapidity with which healthcare institutions must develop and implement EHR systems to meet “meaningful use” criteria under Stage II of HITECH and insure compliance with the requirements of the Readmission Reduction Program, among others, presents significant risk for institution of regulatory penalties and claims of malpractice. The Office of the National Coordinator (“ONC”), in encouraging the creation of a comprehensive electronic record program, intended to create a strategic methodology to integrate inpatient and outpatient care, as well as provide a continuum of coordinated services across healthcare systems. Comprehensive EHR systems seeking to comply with HITECH Stage II requirements (effective in 2014) will seek to manage and coordinate care through checklists, alerts, clinical decisions support algorithms, electronic prescription and order texting, and the development of data fields to foster quality assurance and compliance.
Development of post-discharge care plans, to reduce the risk of readmission, requires that healthcare providers institute advanced analytics to evaluate the likelihood of readmission of a given patient and need for early intervention. Risk stratification must take into account medical complexities of the individual patient as well as social and economic factors affecting patient support on discharge. Post-discharge electronic communication, including email, texting, telecommunication, and other technologies between the patient, hospital, primary care physician (“PCP”) and relevant consultants is absolutely necessary in providing coordinated quality care at an affordable cost so as to minimize risk of readmission.
Interoperability of software systems is absolutely necessary to achieve the successful communication of patient care summaries and treatment plans to other providers in order to promote coordinated care and reduce the risk of readmission.
Original research by various respected scientific organizations, such as the Commonwealth Fund, raise concerns about the usability and interoperability of various EHR systems[v]. Many stakeholders bought software systems which do not allow for transmission of patient summaries and care plans between providers. Difficulties in using technology has led to suboptimal communication of patient status, wrong order/wrong patient errors, poor and/or confusing data transfers and alert fatigue. Poor human/computer interaction can result in diagnosis and treatment delays, dosing errors and/or loss of data. EHR errors initially attributed to user experience levels and/or training is often due to poor product design.
Thus far, great concern has been expressed by healthcare organizations such as the American Hospital Association (“AHA”), the American Medical Association (“AMA”) and the College of Healthcare Information Management Executives (“CHIME”), among others, as to the industry’s ability to comply with the aforementioned regulatory schemes in a timely manner. Several industry associations have suggested delay in the implementation of Stages II and III of HITECH as well as changes in the manner in which the “mean” hospital re-admission rate is calculated, particularly as it relates to safety net hospitals and tertiary care centers which treat sicker and more complicated patient populations.
Initial attempts to adopt information technology systems have in many cases resulted in a multitude of problems potentially affecting patient care. The initial transition from paper to electronic record system creates the opportunity for implementation errors (software issues), inadequate training, incorrect and/or inconsistent use as well as individual mistakes in the creation of the electronic record. The use of both paper and electronic records may create documentation gaps leading to misdiagnosis and/or inappropriate treatment. Consistent standardized use to developing electronic record systems is imperative in providing quality care and treatment.
There is concern that overreliance on electronic communication between a healthcare provider and the patient, will increase the risk of erroneous diagnosis and/or treatment. A failure to respond to emails or other electronic communication, encouraged by the need for an integrated care system, can create potential tort liability.
In cases where a hospital seeks to develop clinical guidelines relating to the care and treatment of a given condition, inadequacies in those guidelines may create institutional malpractice liability. A requirement that physicians use hospital treatment guidelines may eliminate an institution’s ability to rely on the suggestion that physicians are independent contractors.
The failure to oversee the use of clinical guidelines once in place creates potential institution liability. A physician’s refusal to recognize a hard stop and/or a soft stop secondary to physician alert may create institutional responsibility to oversee clinical judgment of its physicians.
The ability to access historic inpatient/outpatient records creates a duty to review same. A failure to adopt a properly designed integrated EHR system allowing for interoperability among disparate and distinct hospital systems may itself constitute a breach of the standard of care in the near future. Creation of EHR systems allowing for communication of patient records to outside agencies post-discharge creates potential HIPAA risks.
Risk management challenges associated with the adoption of information technology systems applicable to healthcare, require consultation with litigation and healthcare counsel. Participants in the development of information technology systems should include hospital administration, IT, risk management, general counsel and the clinicians participating in direct patient care and treatment. Healthcare providers should work closely with software providers to ensure usability and interoperability. Contracts with software providers should clearly specify the respective responsibility of each party such that healthcare institutions retain the ability to delegate financial responsibility to the software provider where a software problem leads to an adverse health outcome resulting in a claim for malpractice or regulatory penalty.
Recent federal legislation does have laudable goals. The implementation of standards, procedures and systems to comply with that legislative scheme, however, requires management of financial and liability risks which arise secondary to regulatory compliance.
[i] HITECH, 42USCA §300jj
[ii] Public Law 111-148, 124 stat. 119.
[iii] Ibid.
[iv] DHHS Interim Rule 2009
[v] Commonwealth Fund Website http//www.commonwealthfund.org/accessed 5/20/13