Organizational Responsibilities

Download Guide

Download the PDF guide to access the checklist of recommended practices for self assessment and a supporting worksheet to identify action steps to achieve those recommended practices.

The Organizational Responsibilities SAFER Guide identifies individual and organizational responsibilities (activities, processes, and tasks) intended to optimize the safety and safe use of EHRs. A safe EHR implementation is critically dependent on the people involved. This guide, compared to all of the others, focuses chiefly on human behavior and relationships, and it is organized differently than the other guides—in particular, it is not organized under the same Phases and Principles used for the other guides but is instead organized around principles that apply to the people who have responsibility for patient safety in EHR-enabled healthcare organizations.

Safe EHR implementations require attention to social as well as technical matters. This guide is designed to help safely manage the individual and organizational responsibilities in a complex "sociotechnical" healthcare organization. Responsibilities can be shifted, forgotten, or newly created when EHRs are implemented. Careful attention to the details of those responsibilities is a critical factor in system safety and in realizing the potential benefits of EHRs.

Completing the self-assessment in the Organizational Responsibilities SAFER Guide requires the engagement of a wide variety of people within the organization. Because this guide is designed to help organizations prioritize EHR-related safety concerns, clinician leadership in the organization should be engaged in assessing whether and how any particular recommended practice affects the organization’s ability to deliver safe, high quality care. The collaboration between clinicians and staff members in completing the self-assessment in this guide will enable an accurate snapshot of the organization’s EHR responsibility status (in terms of safety), and even more importantly, should lead to a consensus about the organization’s future path to optimize EHR-related safety and quality: setting priorities among the recommended practices not yet addressed, ensuring a plan is in place to maintain recommended practices already in place, dedicating the required resources to make necessary improvements, and working together to mitigate the highest priority responsibility-related safety risks introduced by the EHR.

1

The highest-level decision makers (e.g., boards of directors or owners of physician practices) are committed to promoting a culture of safety that incorporates the safety and safe use of EHRs.

More About This Practice

Rationale:

  • Leadership can provide motivation for all staff to pay attention to EHR safety.
  • Those in authority can provide resources for ensuring EHR safety.
  • Without leadership involvement, EHR safety efforts will likely fail.

Responsibility:

Large organization:
Board of Directors, parent organization, CEO

Small organization:
Owners

Examples:

  • Highest-level decision makers recognize that EHR safety is integral to patient safety. They ensure that EHR safety is integrated into organizational policies and procedures and risk management practices.25
  • Highest-level decision makers ensure that adequate staffing and resources exist so that safety issues associated with adoption and use of EHRs can be addressed.
  • Highest-level decision makers review the results of assessments of EHR safety, such as those from SAFER Guide use.
  • Highest-level decision makers identify EHR-related patient safety goals, assess whether those goals are being reached, and address any shortcomings.

Suggested Sources of Input:

Leadership team, Multi-professional team

2

An effective decision-making structure exists for managing and optimizing the safety and safe use of the EHR.

More About This Practice

Rationale:

  • Clarifies responsibility.
  • Maximizes involvement of disciplines.
  • Ensures that important EHR safety issues are addressed.

Responsibility:

Large organization:
Board of directors

Small organization:
Owners

Examples:

  • For larger organizations, all of the following are represented in decision making about EHR safety: clinicians, administrators, patients, Health IT/informatics, board of directors and CEOs, and quality and legal staff.
  • For smaller ambulatory practices and small hospitals, both clinical and administrative staff members are represented in decision making about EHR safety, with assistance from outside experts.
  • An EHR safety officer or someone assigned that responsibility part time in a small organization plays a key role in assuring safety.
  • EHR safety is appropriately included in job performance appraisals.
  • For a larger organization, an EHR safety oversight committee is in place 1, 2 or these functions are assumed by an EHR or Safety and Quality oversight committee.

Suggested Sources of Input:

Leadership team, Multi-professional team

3

Staff members are assigned responsibility for the management of clinical decision support (CDS) content.

More About This Practice

Rationale:

  • Facilitates decision making about clinical decision support and other content.
  • Provides accountability for decisions.
  • Avoids hazardous, wrong, or outdated content in EHR.

Responsibility:

Large organization:
Informatics-type department

Small organization:
Providers

Examples:

  • A decision-making structure exists for making decisions about clinical content.3-6
  • Responsibility for management of content, from selection to maintenance, is clear.
  • Committees or other collaboration mechanisms are in place to approve order sets and documentation templates.
  • There is clear responsibility for the review of a new decision support that becomes available from developers and other sources (e.g., professional organizations).
  • Developers provide clear documentation of decision support content and the evidence-base to support that content.
  • Developers routinely review and update decision support content they provide.
  • Personnel are available either internally or externally to ensure that decision support is tailored to the workflows of professional roles and specialties.7-11

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, EHR developer, Pharmacy, Multi-professional team, Health informatics team

4

Practicing clinicians are involved in all levels of EHR safety-related decision making that impact clinical use.

More About This Practice

Rationale:

  • Facilitates wise decision making about clinically relevant issues.
  • Assures focus on patient care.
  • Increases acceptance of decisions.

Responsibility:

Large organization:
Administration

Small organization:
Providers

Examples:

  • Clinicians (including physicians, nurses, pharmacists, and others) are included on the EHR safety oversight committee of a large organization.
  • Clinicians are involved in decision making about all proposed changes to the EHR.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, Multi-professional team

5

Clear clinician oversight is maintained when clinicians delegate aspects of order entry, medication reconciliation, or documentation tasks.

More About This Practice

Rationale:

  • Assures that the safety risks of assigning these tasks to medical assistants or scribes are carefully weighed.
  • Assures that responsible providers take the time to review delegated work.

Responsibility:

Large organization:
Hospital departments

Small organization:
Providers

Examples:

  • For teaching hospitals and clinics, attending physicians are diligent about reviewing the work of trainees.12,13
  • In community non-teaching settings, responsible providers oversee and are diligent about reviewing the delegated work.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, Multi-professional team

6

Staff members are assigned to regularly monitor EHR hardware, software, and network/Internet service provider (ISP) performance and safety.

More About This Practice

Rationale:

  • Problems can be caught before harm is done.
  • Providers and others can learn from their mistakes.
  • The impact of changes to the EHR or clinical decision support (CDS) is transparent.

Responsibility:

Large organization:
Safety officer, informatics-type department, Health IT

Small organization:
Office management, Health IT staff/contractor, providers

Examples:

  • A plan outlining responsibility for EHR safety monitoring is in place.14-16
  • Errors involving system-to-system interfaces are routinely monitored.
  • Providers and others (including leadership in large organizations) are encouraged to use tools to monitor EHR safety and care quality.
  • A plan exists for learning from incidents to improve EHR safety.
  • The review and communication of lab results are monitored.
  • The test results reporting loop is closed.
  • Selected post-implementation care outcomes are monitored.
  • Alert and reminder responses are monitored.
  • Alert and reminder specificity and sensitivity are appropriately managed.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, Health IT support staff, Leadership team, Multi-professional team, Health informatics team

7

Staff members are assigned to regularly test for and promptly correct problems with EHR hardware, software, and network/ISP performance and safety.

More About This Practice

Rationale:

  • Customization of either the EHR or content must be skillfully done or upgrades to the EHR can produce unique hazards.
  • Inadequate or unprepared staff members are more likely to permit problems to remain unaddressed.

Responsibility:

Large organization:
Safety officer, informatics-type department, Health IT

Small organization:
Office management, Health IT staff/contractor, providers

Examples:

  • The organization has adequate numbers of trained staff members available either on-site or elsewhere to modify software.
  • Adequate technical staff members are available to fix hardware problems during operating hours.
  • Staff members are available to catch and promptly correct errors in areas such as registration, order entry, or test results communication.
  • When errors occur, a multidisciplinary review and discussion takes place.
  • The organization has a rigorous process in place for testing new software.17
  • The organization has a rigorous process in place for testing new hardware.
  • Workflow analysis that shows the way work is actually done is conducted prior to any system upgrade.
  • Risk assessments are conducted prior to go-live.
  • The potential impact of any EHR upgrade is carefully assessed.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, EHR developer, Health IT support staff, Leadership team, Health informatics team

8

Staff members are assigned responsibility for selecting, testing, monitoring, and maintaining CDS performance and safety.

More About This Practice

Rationale:

  • Untested CDS can lead to patient care errors.
  • Lessons from testing can prevent implementation of error-prone CDS.

Responsibility:

Large organization:
Safety officer, informatics-type department, Health IT

Small organization:
Office management, Health IT staff/contractor, providers

Examples:

  • The organization has a rigorous process in place for testing new CDS.17
  • Risk assessments are conducted prior to go-live with new CDS.
  • Clinical content is developed or modified by a multidisciplinary group including clinical specialists when appropriate.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, EHR developer, Health IT support staff, Leadership team, Health informatics team

9

EHR training and support are sufficient for the needs of EHR users and readily available.

More About This Practice

Rationale:

  • If the EHR is not used or is poorly used, patient harm can result.
  • Training and support staff must be well trained to maximize effectiveness.

Responsibility:

Large organization:
Informatics-type department, Health IT, developer

Small organization:
Office management, developer

Examples:

  • All users are trained prior to their using the system, supported while they are first using the system, and trained again before each change to the system.14
  • Different modalities for training are offered to accommodate user schedules and learning styles.
  • EHR safety is covered in EHR training.
  • Users are trained on how to proceed during system unavailability (downtimes).
  • Providers must demonstrate competency in using the system before using order entry.
  • In larger organizations, Health IT and informatics staff receive training from the developer and are certified as appropriate.
  • A process is in place so that users can get help immediately whenever and wherever they need it.8

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, EHR developer, Health IT support staff, Leadership team, Health informatics team

10

EHR training and support are high quality, provided by qualified trainers, and appropriately tailored to specific types of users’ needs.

More About This Practice

Rationale:

  • Suboptimal training and support lead to wasted time for users.
  • Lack of diligence can cause EHR safety hazards.

Responsibility:

Large organization:
Informatics-type department, Health IT, developer

Small organization:
Office management, developer

Examples:

  • Whether done by dedicated internal trainers or those hired from outside, pre-implementation training prepares users for go-live.
  • Training and support are provided by individuals who can fill the gap between the clinical and Health IT languages and understand clinical workflow.7
  • Support is available on-site at least during the first week after EHR go-live.
  • A protocol exists so that all users know how to get technical, software, and connectivity support.
  • Initial training includes running through scenarios that simulate the tasks users will need to accomplish.
  • Training stresses the need to be diligent about entering accurate data.14,18-21
  • User skills are monitored and upgraded when needed.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, EHR developer, Health IT support staff, Leadership team, Health informatics team

11

EHR training and support are assessed regularly to optimize complete and safe use of the EHR.

More About This Practice

Rationale:

  • Since training and support are ongoing and expensive, continuous improvement is important.

Responsibility:

Large organization:
Informatics-type department, Health IT, developer

Small organization:
Office management, developer

Examples:

  • A training plan outlines regular ongoing training opportunities so that users can optimize their use of the EHR.
  • Training and support must be tailored to the needs of EHR users.
  • A plan exists for ongoing assessment of training and support.
  • Feedback about training and support is responded to effectively.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, EHR developer, Health IT support staff, Leadership team, Health informatics team

12

Workflow analysis to map how work is actually done is conducted regularly.

More About This Practice

Rationale:

  • Inattention to how the EHR fits workflow can result in wasted time and money.
  • Workarounds that result from workflow-related problems can lead to errors that affect patients.

Responsibility:

Large organization:
Informatics-type department, Health IT, developer

Small organization:
Office management, and developer or consultant

Examples:

  • Workflow analysis is conducted prior to implementation of the EHR.22
  • Workflow analysis is conducted prior to any major change to the EHR system.
  • An effective change management approach guides any needed workflow changes based on the workflow analysis.

Suggested Sources of Input:

EHR developer, Leadership team, Multi-professional team, Health informatics team

13

Clinical staff is assigned responsibility for ensuring that CDS content, such as alerts and protocols, supports effective clinical workflow in all practice settings.

More About This Practice

Rationale:

  • Without customization, generic CDS that is not useful to the recipient’s role or specialty may create hazards.

Responsibility:

Large organization:
Informatics-type department

Small organization:
Providers

Examples:

  • A process exists for the review and modification of any locally developed, commercial, or freely available CDS so that it is appropriate for a particular setting.23
  • A clinical rules committee has a defined process for evaluating and overseeing the testing and monitoring of the CDS.
  • The unique needs of the pediatric population are taken into account when reviewing and modifying CDS.24

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, Health IT support staff, Pharmacy, Multi-professional team

14

Organizational policy facilitates reporting of EHR-related hazards and errors and ensures that reports are promptly investigated and addressed.

More About This Practice

Rationale:

  • A culture of safety relies upon reporting and follow up. If hazards exist but remain unreported they could cause harm.

Responsibility:

Large organization:
Safety officer and all those involved in safety initiatives, informatics-type department responsibility

Small organization:
Office management, providers

Examples:

  • The mechanism for reporting EHR-related safety hazards internally is clear to all users.
  • Those who manage EHR and patient safety initiatives for the organization have a clear protocol for addressing reported problems and for reporting problems externally to the developer and/or a patient safety organization when appropriate.17,20

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, Leadership team, Health informatics team

15

Records of reported and addressed EHR-related hazards and errors are maintained.

More About This Practice

Rationale:

  • If records of these hazards are not maintained, the same problems might arise at a future time without access to prior solutions and mitigation strategies.
  • There could be liability risks if the history is undocumented.
  • If users cannot learn the disposition of their reports, they may not bother submitting future reports.

Responsibility:

Large organization:
Safety officer, informatics-type department

Small organization:
Office management, providers

Examples:

  • Larger organizations often use help desk software to keep track of internal reports and disposition. The user who reported the issue is notified of the outcome when appropriate.
  • Smaller organizations develop databases of reports and assign responsibility for maintenance of the database, usually to a Health IT person.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, Leadership team, Health informatics team

16

Staff members are assigned responsibility for the maintenance of the EHR-related hardware, software, CDS, and network/ISP performance.

More About This Practice

Rationale:

  • Without maintenance, components of the EHR may impede use.
  • Inadequate maintenance could cause the EHR to be unavailable, creating safety risks.

Responsibility:

Large organization:
Health IT HI (for CDS)

Small organization:
Health IT contractor or internal Health IT-oriented person

Examples:

  • Regular maintenance of hardware, software, CDS, and the network/ISP is organized and funded.

Suggested Sources of Input:

Health IT support staff

17

Staff members regularly monitor maintenance of the EHR-related hardware, software, CDS, and network/ISP performance and safety. 

More About This Practice

Rationale:

  • Inadequate maintenance may result in increased and unplanned downtime.
  • Inadequate maintenance may cause the EHR to be unavailable, causing safety risks.

Responsibility:

Large organization:
Health IT, informatics-type department

Small organization:
Office management

Examples:

  • When maintenance for these components is provided from outside the organization, oversight is conducted by an internal staff member to assure the competence and performance of the contractors.
  • When maintenance is provided internally, regular schedules exist for it.
  • Assessments are conducted regularly to ensure adequate maintenance.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, Health IT support staff, Leadership team, Health informatics team

18

Organizational procedures ensure that EHR users are able to get timely help when there are EHR-related hardware, software, CDS, or network/ISP problems.

More About This Practice

Rationale:

  • Without knowing how to get help, users will develop workarounds, which can be dangerous.
  • Time can be wasted when users and staff members have difficulty finding help.

Responsibility:

Large organization:
Health IT, informatics-type department

Small organization:
Office management

Examples:

  • In small practices, guidelines exist for determining when to seek help outside the organization.
  • In larger organizations, guidelines exist for users to know how to get help, and for Health IT staff members to know when and how to get outside assistance.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, Health IT support staff, Leadership team, Health informatics team

19

Communication mechanisms ensure that EHR users learn of EHR changes promptly, and users are able to give feedback on related safety concerns.

More About This Practice

Rationale:

  • If observed errors are not reported, they will generally not be fixed.
  • If the developer does not receive feedback, he or she will generally not address the issues.
  • Patient harm can result if hazards are not addressed.

Responsibility:

Large organization:
Health IT, informatics-type department, developer

Small organization:
Office management

Examples:

  • Responsibility is clear for reporting EHR safety errors and getting feedback.
  • Someone is responsible for serving as the liaison to the developer for reporting problems and getting feedback.
  • Communication channels are in place for including health information management staff in patient registration error correction and feedback.
  • Software errors or desired changes for safety reasons are routinely reported to the developer.
  • Reports about EHR safety reach the highest level in the organization routinely and feedback is given.
  • Users know how to report EHR safety problems, and to whom they should be reported.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, EHR developer, Health IT support staff, Leadership team, Health informatics team

20

Staff members with job responsibilities for EHR safety are encouraged to participate in relevant professional activities and communicate with others in similar positions.

More About This Practice

Rationale:

  • If key internal people do not network with outsiders, up-to-date knowledge may not reach them.

Responsibility:

Large organization:
Health IT, informatics-type department, developer

Small organization:
Office management

Examples:

  • Organizations support professional development of staff assigned responsibility for any aspect of EHR safety, by budgeting for and encouraging training.
  • Staff members with responsibility for EHR safety establish routine mechanisms for discussing problems they encounter as they optimize the safety and safe use of EHRs. This may include participation in specific EHR computer user groups or in professional association activity.
  • Professional organizations, including those for clinicians and office administration, often provide information about issues that might affect EHR safety.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, EHR developer, Health IT support staff, Leadership team, Health informatics team

21

Self-assessments, including use of the SAFER Guides, are conducted routinely by a team, and the risks of foregoing or delaying any recommended practices are assessed.

More About This Practice

Rationale:

  • Without learning through use of available self-assessment tools, organizations risk overlooking critical hazards.

Responsibility:

Large organization:
Safety officer and those involved in safety initiatives, informatics-type department

Small organization:
Office management, providers

Examples:

  • Self-assessments related to EHRs and patient safety are done routinely.
  • The self-assessment process includes setting targets for addressing items the organizational team identifies.

Suggested Sources of Input:

Clinicians, support staff, and/or clinical administration, EHR developer, Health IT support staff, Leadership team, Health informatics team

{@Wednesday, February 26, 2014@}
{@Tuesday, February 25, 2014@}