Grassley Asks HHS to Describe Steps to Ensure Patient Safety When Implementing Health Information Technologies

WASHINGTON – Senator Chuck Grassley has asked the Secretary of Health and Human Services what the department is doing to make sure the health information technology systems being implemented are also being reviewed and monitored for patient safety concerns, including what role the Food and Drug Administration plays in regulating health information technologies.

In a letter sent today, Grassley referred to a decade-old discussion of how such systems should be regulated, and said he looked forward to hearing about current strategies from the administration.

Grassley also asked the Healthcare Information and Management Systems Society for its perspective on oversight of new information technology initiatives in health care. Health information technology stakeholders, including administration officials, are scheduled to meet tomorrow to discuss patient safety issues related to the use of electronic health records.

The text of Grassley’s letters is below.

February 24, 2010

The Honorable Kathleen Sebelius
Secretary
U.S. Department of Health and Human Services
200 Independence Avenue, SW
Washington, DC 20201

Dear Secretary Sebelius:

As Ranking Member of the Senate Committee on Finance (Committee), which has jurisdiction over the Medicare and Medicaid programs, I have a special responsibility to protect the health of the programs’ more than 100 million beneficiaries as well as the congressionally authorized tax dollars used to fund these programs. This includes ensuring the effective and efficient use of taxpayer money by the health care industry in implementing Health Information Technology (HIT), such as Computerized Physician Order Entry systems and Electronic Health Records (EHR).

On February 12, 2010, you announced over $750 million in grant awards as part of a federal effort to help hospitals and physicians adopt electronic health records. American taxpayers and health care facilities are making substantial investments in the HIT industry, and it is important that their monies are appropriately spent on safe, effective and interoperable HIT systems.

As I stated in recent questions to you, I strongly agree that HIT has the potential to prevent medical errors and increase the efficiency and effectiveness of health care delivery, thereby improving the safety and quality of care. However, I have also been surprised by the lack of discussion about patient safety concerns when, for example, HIT products are not functioning properly or when they are being used incorrectly. Therefore, I was pleased to see the Department of Health and Human Services’ (Department) announcement that the HIT Policy Committee’s Adoption/Certification Workgroup is holding a workshop tomorrow to solicit comments on patient safety issues related to EHR use, including approaches for preventing harm and mitigating risks.

Over the last year, I have heard from many health care providers around the country regarding problems they experienced with implementation and use of certain HI products in their hospitals and clinics. In most cases, they tried raising their concerns to hospital administrators and/or to the HIT vendors, but they told me that their concerns were often ignored or dismissed. In October 2009, I wrote to ten major HIT companies in the U.S. regarding some of these issues and concerns. Last month, I also sent letters to 31 hospitals to obtain their perspective and experiences with HIT. Both letters are enclosed.

I am also enclosing for your consideration an article entitled, “Recommendation for Responsible Monitoring and Regulation of Clinical Software Systems.” That position paper was published in the Journal of the American Medical Informatics Association (JAMIA) in 1997. Interestingly, according to the article, the Food and Drug Administration (FDA) had called for discussions on the regulation of clinical software systems in 1996 and in response, a consortium of health information-related organizations drafted and published recommendations for the regulation of such systems.

At the time of publication, the authors noted, “Currently, there are no widely accepted, practical standards for the evaluation, use, and monitoring of clinical software systems. The FDA is only beginning to formulate a definitive policy with respect to such systems.” One of the recommendations addressed FDA’s regulatory role. Another recommendation called for the adoption of a code of good business practices by health care information system vendors and software producers.

It has been more than a dozen years since the publication of the JAMIA article, and I would appreciate the Department’s thoughts on it. In particular, I am requesting responses to the following questions. Please repeat the enumerated question and follow with the appropriate response and documentation.

1) What is the Department’s position on the proposals in the JAMIA article?

2) To what extent have the recommendations regarding FDA’s regulation of HIT products been adopted?

3) To what extent are additional efforts needed to respond to the evolving, complex health information technologies and the meaningful use requirements issued by the Centers for Medicare and Medicaid Services in December 2009?

4) Earlier this month, I submitted questions to you following the Committee’s hearing on “The President’s Fiscal Year 2011 Health Care Proposals.” I would like to reiterate some of those questions in this letter. In particular, I asked the following:

a. With over $20 billion in taxpayer money at stake and with increasing complexity in the technologies being used in our hospitals, do you believe it is time to revisit FDA’s responsibilities in regulating HIT products being used in clinical care?

b. If not, how is HHS making sure that the health information technologies being developed and implemented are safe and effective?

c. Who is or should be responsible for ensuring that the HIT vendors are meeting quality manufacturing processes?

5) In addition, does the FDA have sufficient authority to regulate HIT products, or is there a lack of clarity regarding the FDA’s role? If additional authorities are needed to ensure adequate oversight of HIT products, please specify what authorities may be needed. If clarification is required, please specify where additional clarification is needed.

6) The JAMIA article discussed the evaluation of complex, interconnected systems, noting that “A software product may work well in isolation but fail when integrated with other software products or with unsupported network interfaces.” The authors also stated that “Because each clinical site combines different software products in different combinations, a universal evaluation of whether or not a given product will function safely when embedded in a clinical environment is impractical,” and suggested the establishment of local and regional Software Oversight Committees.

a. Has HHS considered establishing local or regional oversight committees for HIT products?

b. To what extent should the Regional Extension Centers and/or Beacon Community Programs play a role in the reviewing and/or monitoring of complex HIT systems?

c. What other suggestions do you have for establishing a system for this type of review?

Thank you for your attention to this important matter. I would appreciate responses to the questions set forth in this letter by no later than March 10, 2010.

Sincerely,

Charles E. Grassley
Ranking Member

cc: The Honorable Margaret A. Hamburg
Commissioner
U.S. Food and Drug Administration
10903 New Hampshire Ave.
Silver Spring, MD 20993

Enclosures

February 24, 2010

H. Stephen Lieber
President and Chief Executive Officer
Healthcare Information and Management Systems Society
230 East Ohio Street, Suite 500
Chicago, IL 60611-3270

Dear Mr. Lieber:

As Ranking Member of the Senate Committee on Finance (Committee), which has jurisdiction over the Medicare and Medicaid programs, I have a special responsibility to protect the health of the programs’ more than 100 million beneficiaries as well as the congressionally authorized tax dollars used to fund these programs. This includes ensuring the effective and efficient use of taxpayer money by the health care industry in implementing Health Information Technology (HIT), such as Computerized Physician Order Entry systems and Electronic Health Records.

As you may be aware, in 1997 several organizations published a position paper on the regulation of clinical software systems in the Journal of the American Medical Informatics Association (JAMIA) entitled, “Recommendation for Responsible Monitoring and Regulation of Clinical Software Systems.” The article is enclosed for your consideration. At the time of publication, the authors noted, “Currently, there are no widely accepted, practical standards for the evaluation, use, and monitoring of clinical software systems. The FDA is only beginning to formulate a definitive policy with respect to such systems.”

The Healthcare Information and Management Systems Society (HIMSS) is a healthcare stakeholder membership organization with the stated mission of “advancing the best use of information and management systems for the betterment of health care.” In addition, according to the article, the Center for Healthcare Information Management (CHIM) contributed to the writing of the position paper and was supportive of the consortium’s position. It is my  understanding that since the publication of the JAMIA article, CHIM and HIMSS have been combined into one entity. Accordingly, I would appreciate HIMSS’s input and comments on the article specifically and on HIT regulation generally. In addition, I am requesting responses to the following questions and requests for information. Please repeat the enumerated question and follow with the appropriate response and documentation.

1) What is HIMSS’s position on the issues and recommendations set forth in the JAMIA article?

a. One of the recommendations addressed FDA’s regulatory role. What is HIMSS’s position on FDA’s current role in the regulation of HIT products? Would you support providing FDA with more authority in this area? Is there another agency that should be given authority to regulate
the safety of HIT products?

b. Another recommendation called for the adoption of a code of good business practices by health care information system vendors and software producers. According to the JAMIA article, “the health care information system industry, through the Center for Healthcare Information
Management (CHIM), is in the process of refining its code of good business practices.” It has been over a dozen years since the publication of the JAMIA article.

i. What is the status of those codes? Please describe how they were developed and when they were adopted, including any updates and modifications.

ii. Are the codes publicly available on HIMSS’s website? If so, please provide the web address. If not, please provide the Committee with a copy and explain why the codes are not public.

2) The JAMIA article discussed the evaluation of complex, interconnected systems, noting that “A software product may work well in isolation but fail when integrated with other software products or with unsupported network interfaces.” The authors also stated that “Because each clinical site combines different software products in different combinations, a universal evaluation of whether or not a given product will function safely when embedded in a clinical environment is impractical,” and suggested the establishment of local and regional Software Oversight Committees (SOC).

a. How many SOCs or comparable oversight entities have been established since the publication of this article?

b. Who selects the members?

c. Who funds them?

d. Has there been an evaluation of the effectiveness of SOCs or comparable oversight entities in reviewing and monitoring complex HIT systems and their subsequent versions?

e. Do the SOCs or comparable oversight entities evaluate the health information technologies being developed and implemented to ensure that they are safe and effective for use? If not, why not and what entity(ies)should be carrying out that function?

3) What is HIMSS’s position on requiring manufacturers of EHR and other HIT products in clinical use to report safety issues related to the use of those products to a regulatory entity?

4) What is HIMSS’s position on requiring manufacturers of electronic health records and other HIT products in clinical use to notify other health care clients or potential health care clients of the safety problems that were reported to them?

Thank you for your assistance on this important matter. I would appreciate responses to the questions set forth in this letter by no later than March 10, 2010.

Sincerely,

Charles E. Grassley
Ranking Member

Enclosure

• Print
• Email
• Tweet