Top Health Technology Hazards (And How to Address Them)
October 23, 2018
There is a one in a million chance of a person being harmed while traveling by plane. In contrast, there is a one in 300 chance of a person being harmed while receiving care, according to the World Health Organization.
While there is obvious room for improvement in patient safety, many hospitals are challenged with making significant headway in preventable medical errors. There are so many factors that affect patient safety, it can be overwhelming to look at the myriad challenges and determine where your team should focus to make the biggest impact.
Since 1971, the ECRI Institute, a nonprofit organization with 5,000 hospital members dedicated to improving patient care, has issued hazard reports to help healthcare organizations with this dilemma. These annual top 10 lists identify potential sources of danger in the industry that deserve the greatest attention for the coming year. While the 2019 Top 10 Health Technology Risks report is not exhaustive, it provides expert evaluations of which risks should receive priority now.
We’d like to complement ECRI’s analysis with our recommendations on how to address these hazards with clinical communication technology. Intelligent tools like clinical alerting and secure end-to-end messaging can play a big role in minimizing risk and improving patient safety.
RISK: Cybersecurity: Hackers Can Exploit Remote Access to Systems, Disrupting Healthcare Operations
As connected hospital systems and bedside devices have proliferated, the risk for network infiltration and cybersecurity attacks has grown in tandem. Healthcare experiences twice the number of cyberattacks as other industries according to cybersecurity firm Fortinet, largely due to the rise of connected systems and many vendors (more access points), the rich volume and value of patient data, and an early state of cybersecurity maturity.
ECRI notes that security attacks can “render devices or systems inoperative, degrade their performance, or expose or compromise the data they hold, all of which can severely hinder the delivery of patient care and put patients at risk.” In summary, an attack could essentially pause typical operations at your hospital.
SOLUTIONS: Actionable Business Continuity Plan and HIPAA-Compliant Communications
ECRI recommends identifying, protecting, and monitoring all remote access points and adhering to recommended cybersecurity practices to prevent hackers from accessing protected health information (PHI) or otherwise compromising the systems your staff relies on for patient care.
In addition to this, we recommend creating an actionable business continuity plan that is supported by redundant systems and is a truly comprehensive approach that enables you to deliver critical services without interruption. Our Business Continuity and Disaster Recovery resource is a good primer to ensure you’re ready when attack occurs (and as we all know, it is when rather than if).
Another step to take is to ensure that your staff knows why protecting patient data is necessary and are equipped with the tools to do so. For example, you can provide a secure texting application or an encrypted pager to a clinician, but you’re still creating vulnerabilities if you don’t roll it out properly. Education, technology, and ongoing training are all key to successfully rolling out secure messaging and safeguarding PHI.
RISK: Ventilator Alarm Management: Improperly Set Ventilator Alarms Put Patients at Risk for Hypoxic Brain Injury or Death
Ventilators assist people in breathing when they are unable to do so themselves. Deprived of oxygen, a patient can experience a hypoxic brain injury or even death in just minutes. That’s why when people talk about someone being on life support they’re often referring to ventilators. Ventilator alarm management can be a challenge for hospitals because ventilators have many components, so there is great potential for things to go wrong. Loose connections, manufacturing defects, and other problems can prevent adequate ventilation.
SOLUTION: Clinical Alarm Surveillance
ECRI advises that alarms can prevent undesirable outcomes like brain injury or death, yet many times the alarms don’t activate when not set appropriately. Real-time clinical alarm surveillance can integrate comprehensive, continuous patient data to enable advanced smart alarms while filtering out those that are not clinically actionable. Let’s look at two examples:
1. A ventilator triggers a peak airway pressure alarm when the patient coughs, but the device continues to operate normally and the patient requires no clinical intervention.
Based on the hospital’s defined prioritizations, Spok can combine configurations with third-party partner systems to drive alarm surveillance that filters out non-actionable alarms for smarter event notifications that won’t interrupt the nurse unless a true need for response is present.
2. A patient’s monitor measures decreased heartbeat and respiration rates – each change not enough to activate the monitor’s individual alarms, but together clinically significant – triggering a combination smart alarm.
Spok routes the alert to the nurse’s mobile device. The nurse makes an informed decision to visit that patient for appropriate follow-up. This not only improves patient safety and satisfaction, but it also increases nurses’ trust in the alerting system and advances staff adoption.
RISK: Patient Care Devices: Improper Customization of Physiologic Monitor Alarm Settings May Result in Missed Alarms
The number of patient monitoring systems found at the patient's bedside hasn't grown substantially over the years. We're just the most recent generation to be connected to blood pressure, cardiac, and pulse oximetry monitors. However, the quality of these monitoring systems has vastly improved. With greater sophistication and sensitivity came an unintended consequence: Physiologic monitor alarms break thresholds more frequently without proper customization. ECRI warns that improper customization of physiologic alarms can prevent staff from learning of significant changes in patient status or problems with the medical device or system. Intelligent alarm management can help fine-tune these systems to reduce alarm fatigue and ensure response when patient deterioration is detected.
SOLUTION: Alarm Management
The goal is to strike the right balance between activating too many alarms, which contributes to alarm fatigue and creates a “cry wolf” effect, and too few alarms, which can lead to staff missing critical events. Alarm customization allows hospitals to determine values, thresholds, and settings based on the particular unit or patient condition. Alarm management for patient monitoring systems like telemetry, infusion, and ventilators can deliver clinically-actionable alarms directly to the right clinician’s (typically a nurse) mobile device. By including full clinical context, the receiving clinician can make an informed decision wherever they are. If they are busy with another patient and unable to respond to a critical alert, hospitals can build in escalations to route that alarm to another provider.
While technology isn’t the sole solution—as I hope the above makes clear, policies, procedures, and training are also important components—a clinical communication platform can provide the alarm prioritization, automation, and encryption that can significantly advance patient safety.
By Rob Wilder, Sr. Product Manager, Interoperability
Rob Wilder is the senior product manager and strategist for interoperability initiatives at Spok. He is a planning committee co-chair for the IHE Patient Care Devices domain and working group co-lead for the Alert Communications Management profiles. He also leads the Spok HIMSS Interoperability Showcase and IHE participation. He has more than 15 years’ experience in healthcare software with specialties in product management, feature planning, product launch processes, and integration program management.