• Print

Policymaking, Regulation, & Strategy

Health IT and Safety

Health IT makes new improvements in health care quality and safety possible, compared to paper records. Yet, if not designed and used correctly, it can also introduce new risks of harm. The Office of the National Coordinator (ONC) is taking actions on health IT and patient safety as described in our Health IT Patient Safety Action and Surveillance Plan by Improving the safe use of health IT, Learning more about the impact of health IT on patient safety, and Leading to create a culture of shared responsibility among all users of health IT.

Over the past year, ONC has learned more about electronic health records’ (EHRs) positive impact on the quality and safety of patient care. This information is shared in the Health IT Safety Report [PDF - 307 KB]. The report explains that we now have a better understanding of the types of safety events related to health IT and, more importantly, the interventions available to prevent unintended consequences of the use of health IT tools. Information can also be found in an ONC Buzz Blog post.

Slides from the NHIT Week Safety Webinar [PDF - 4.1 MB] (September 19, 2014) are now available. This webinar provided insight on significant work in health IT safety this past year including how EHRs are making a positive impact on the quality and safety of patient care.


IMPROVE: ONC is creating resources to improve health IT safety and patient safety

  • SAFER Guides: The SAFER Guides are designed to help healthcare organizations conduct self-assessments to optimize the safety and safe use of electronic health records (EHRs). The SAFER Guides were developed based on the best evidence available including a literature review, expert opinion, and field testing at a wide range of healthcare organizations, from small ambulatory practices to large health systems.. Each of the nine SAFER Guides begins with a checklist of “recommended practices.”

    safety image

    Safer Recommendations

    Clinician Communication
    • Clinicians are able to electronically access current patient and clinician contact information (e.g., email address, telephone and fax numbers, etc.) and identify clinicians currently involved in a patient’s care.
    • Both EHR design and organizational policy facilitate clear identification of clinicians who are responsible for action or follow-up in response to a message.
    Contingency Planning
    • Staff are trained and tested on downtime and recovery procedures.
    • Patient data and software application configurations critical to the organization’s operations are backed up.
    CPOE and CDS
    • Evidence-based order sets are available in the EHR for common tasks/conditions and are updated regularly.
    • Corollary (or consequent) orders are automatically suggested when appropriate and the orders are linked together, so that changes are reflected when the original order is rescheduled, renewed, or discontinued.
    High Priority
    • Information required to accurately identify the patient is clearly displayed on screens and printouts.
    • Clinicians are able to override computer-generated clinical interventions when they deem necessary.
    Organizational Responsibility
    • Communication mechanisms ensure that EHR users learn of EHR changes promptly, and users are able to give feedback on related safety concerns.
    • The highest-level decision makers (e.g., boards of directors or owners of physician practices) are committed to promoting a culture of safety that incorporates the safety and safe use of EHRs.
    Patient Identification
    • Users are warned when they attempt to create a new record for a patient (or look up a patient) whose first and last name are the same as another patient.
    • The organization has a process to assign a “temporary” unique patient ID (which is later merged into a permanent ID) in the event that either the patient registration system is unavailable or the patient
    System Configuration
    • The EHR is configured to ensure EHR users work in the “live” production version, and do not confuse it with training, test, and read-only backup versions.
    • The organization has processes and methods in place to monitor the effects of key configuration settings to ensure they are working as intended.
    System Interfaces
    • At the time of any major system change or upgrade that affects an interface, the organization implements procedures to evaluate whether users on both sides of the interface correctly understand and use information that moves over the interface.
    • Security procedures, including role-based access, are established for managing and monitoring key designated aspects of interfaces and data exchange.
    Test Result Review and Followup
    • Written policies specify unambiguous responsibility for test result follow-up with a shared understanding of that responsibility among all involved in providing follow-up care.
    • The EHR has the capability for the clinician to set reminders for future tasks to facilitate test result follow-up.
  • How to Identify and Address Unsafe Conditions Associated with Health IT [PDF - 1.4 MB]
  • The Role of Health IT Developers in Improving Patient Safety in High Reliability Organizations [PDF - 729 KB]
  • Workflow Assessment for Health IT Toolkit: This online toolkit helps small and medium-sized outpatient practices better assess their workflows and determine when and how health IT may be used.
  • Implementation Tools for E-Prescribing: This is a guide for preparing for and launching an e-prescribing system
  • Guide to Reducing Unintended Consequences of EHRs: This online resource is designed to help health care organizations anticipate, avoid, and troubleshoot problems that can occur when implementing and using EHRs.

LEARN: ONC’s new health IT safety analyses

  • Promoting Patient Safety Through Effective Health Information Technology Risk Management (RAND): a prototype approach for engaging hospitals and ambulatory practices in health IT safety risk identification and mitigation projects.
  • {Coming Soon} ECRI
  • {Coming Soon} Joint Commission
  • {Coming Soon} Analysis of Health IT Patient Safety Events: Clinical and Technology Characteristics (UHC): A report detailing the types of patient safety events that have health IT involvement and the role of health IT.

LEAD: Promote a culture of safety related to health IT