Top health technology hazards (and how to address them)

According to the World Health Organization, one in 300 people will be harmed while receiving healthcare, making patient harm one of the leading causes of mortality worldwide. 

While there is obvious room for improvement in patient safety, many hospitals are challenged with making significant headway in preventable medical errors. Since there are so many factors that affect patient safety, it can be overwhelming to look at the myriad challenges and determine where your team should focus to make the biggest impact. 

Since 1971, the ECRI Institute, a nonprofit organization with over 5,000 hospital members dedicated to improving patient care, has issued hazard reports to help healthcare organizations with this dilemma. These annual top 10 lists identify potential sources of danger in the industry that deserve the greatest attention for the coming year. While the 2022 Top 10 Health Technology Risks report is not exhaustive, it provides expert evaluations of which risks should receive priority now. 

We’d like to complement ECRI’s analysis with our recommendations on how to address these hazards using clinical communication technology. Intelligent tools like clinical alerting and secure end-to-end messaging can play a big role in minimizing risk and improving patient safety. 

Risk #1

Cybersecurity: attacks can disrupt healthcare delivery, impacting patient safety 

All healthcare organizations are subject to cybersecurity incidents. As connected hospital systems and bedside devices have proliferated, the risk for network infiltration and cybersecurity attacks has grown in tandem. Healthcare experiences twice the number of cyberattacks as other industries according to cybersecurity firm Fortinet, largely due to the rise of connected systems and the number of vendors (more access points), the rich volume and value of patient data, and an early state of cybersecurity maturity. 

ECRI notes that security attacks can “render devices or systems inoperative, degrade their performance, or expose or compromise the data they hold, all of which can severely hinder the delivery of patient care and put patients at risk.” In summary, an attack could essentially pause typical operations at your hospital. 


Actionable business continuity plan and HIPAA-compliant communications 

ECRI recommends identifying, protecting, and monitoring all remote access points and adhering to recommended cybersecurity practices to prevent hackers from accessing protected health information (PHI) or otherwise compromising the systems your staff relies on for patient care. 

In addition to this, we recommend creating an actionable business continuity plan that is supported by redundant systems and is a truly comprehensive approach that enables you to deliver critical services without interruption. A great place to start is our Healthcare IT Recovery: 4 Business Continuity Myths Debunked resource to ensure you understand the real risks and begin preparations for when an attack occurs (and as we all know, it is when rather than if). 

Another step to take is to ensure that your staff knows why protecting patient data is necessary and are equipped with the tools to do so. For example, you can provide a secure texting application or an encrypted pager to a clinician, but you’re still creating vulnerabilities if you don’t roll it out properly. Education, technology, and ongoing training are all key to successfully rolling out secure messaging and safeguarding PHI. 

Risk #2 

Wi-Fi dropouts and dead zones can lead to patient care delays, injuries, and deaths 

Wi-Fi has become an essential tool in hospitals and has improved care delivery in many ways: more medical devices than ever are beginning to rely on wireless Wi-Fi networks to deliver care. While this is certainly positive, there are risks to consider with ERCI noting that, “reliable Wi-Fi connectivity now needs to be viewed as a patient care consideration.” 

This is because a loss of connectivity can create new avenues for harm, particularly if wirelessly connected devices lose communications at a critical moment. ERCI goes on to say that “Wireless communication failures or unreliable connections can lead to workarounds that circumvent a system’s safety features. They can also interrupt workflow, delaying patient care. They can even cause serious injury or death—for example, if critical alerts are not received.” 

In the end, while it’s important to leverage Wi-Fi, it’s just as important to have a backup system in place if and when the network fails and you still need to deliver quality and immediate care. 


Paging as a critical communication method 

ERCI recommends that risks can be reduced by actively maintaining Wi-Fi systems, thoughtfully allocating bandwidth (e.g., to prioritize medical and communications devices), and monitoring the network on an ongoing basis. 

At Spok, we know firsthand that there’s great risk relying too heavily on systems that require consistent, unfailing connectivity. Reliable solutions ensuring optimal patient health, closed loop communication of critical alerts, and consistent communications are necessary to deliver quality care. 

That’s why we recommend adding solutions that don’t rely on Wi-Fi. Paging provides an excellent communication method in emergency situations when cellular and Wi-Fi communications can fail. Ultimately, a broad and flexible device-neutral communications infrastructure supports not only swift, effective care coordination, but also better outcomes.  

Spok offers both wide-area and onsite paging options, including many models for pagers. We’ve designed our paging network to limit any single point of failure. It includes two satellite uplink facilities, each operating with a separate satellite. This allows us to deploy our transmitters so that adjacent sites connect with an alternate uplink facility and satellite. 

In addition, we use AWS services distributed across geographic locations to protect the Spok Go service from loss of connectivity, power, and service-specific failures. This “self-healing” architecture allows for business continuity when location-specific failures occur. 

While technology isn’t the sole solution—as I hope the above makes clear, policies, procedures, and training are also important components—a clinical communication platform can provide the alarm prioritization, automation, and encryption that can significantly advance patient safety