Electronic Health Records

Who is liable for EHR, clinical decision support mistakes?

Right now, there is a lot of talk about big data, healthcare analytics, evidence-based medicine, and clinical decision support (CDS) — all aimed at best practices in healthcare delivery. While still permitting individual judgment to play a role, the goal is to lower the cost of routinely (or not so routinely) encountered conditions by ensuring that the best of current medical knowledge is available at the point of care.

This gets me to thinking about where liability for misdiagnosis, or mistreatment, currently lies, and where it may lie in the future. Up to now, EHR technology has been used primarily as an aid to documenting a patient encounter, serving as a “dumb” repository of clinical decisions, recommendations, and outcomes.

I am told by those with knowledge of Federal Drug Administration (FDA) regulatory history, there was a concept known as “competent human intervention” that appeared in guidelines circa 1987. It essentially meant that as long as there was a professional between the medical device (in this case software) and the patient, the device could not be held liable for any errors.

With a shift to the trends above, is there a future where liability does not rest on the shoulders of the physician? The argument goes something like this . . .

Medical knowledge doubles approximately every eight years, so a physician’s knowledge base is outdated very quickly after graduation from medical school. Keeping up with current knowledge by reading journal articles is impractical due to the volume of material and lack of time for reading it.

Computerization of the knowledge (and implementation into EHRs of recommended clinical guidelines) means the physician only has to enter a suspected diagnosis or result, click “accept” or “ignore” on a recommended guideline — and in many cases, not thinking they know more than the software, having not had time to keep up with the current knowledge, may click on “accept” just to complete the transaction and move on.

But if the recommendation turns out to be incorrect, precedent says, the physician should still be held responsible. After all, they used their professional judgment to evaluate the recommendation before accepting, n’est-ce pas? Maybe yes, maybe no.

I am also hearing that the FDA is considering regulating CDS software for precisely the reason that it can be argued that it meets the definition of a Class 2 medical device — that is, it is intended to diagnose, treat, or monitor disease. Is it unreasonable to hold the physician responsible for the error? After all, the physician did not claim or possess expert knowledge of the particular condition, understood that the software was updated with the most current expert knowledge, and time did not permit validation of the recommendation; ergo, the medical device is liable, not the physician.

Then there is the question about the guidelines themselves, in the software: If merely “licensed” and embedded, is the software vendor or the content provider to blame?

I think this line will blur substantially as we build more and more “intelligence” into applications, implying that less and less of it will be needed by the physician to make a competent decision, thereby possibly facilitating a “mental laziness” in physicians who will find it all too seductive and easy to accept a supposedly well-informed recommendation without question, allowing them to get ahead in their busy day and keep up with their patient load. After all, we are all so used to clicking “accept” to dialog boxes in our online lives just to get to the next screen, why should we be surprised when physicians also do so?

The consequences could be dire, unintended, and set up all sorts of interesting legal scenarios.


Blair Butterfield is President, North America, of VitalHealth Software, which was founded as a collaboration between Mayo Clinic and the Noaber Foundation to combine the best practice clinical knowledge with deep IT knowledge and entrepreneurial experience.