Health Information Technology Hazard Manager

There is growing recognition that the use of health information technology (IT) carries risks that can compromise patient safety and lead to harm. Any characteristic of a health IT application that compromises patient care processes or causes harm is referred to as a 'hazard.' These hazards typically are analyzed retrospectively, after harm has been identified, but ideally should be identified before harm has occurred. The health IT hazard manager (Hazard Manager), developed by researchers at Geisinger Health System, is a tool designed to support the characterization of hazards and communicate their potential and actual causality in adverse effects. This project extensively tested a beta version of the Hazard Manager, revised the tool, and evaluated the final tool.

The specific aims of this project were to:

• Design, build, and test the Hazard Manager software.
• Beta test the Hazard Manager software in six to eight study sites.
• Refine the ontology based on findings from the Beta test.
• Deliver a fully-tested and refined version of the Hazard Manager Software and final report.

The ECRI Patient Safety Institute worked with the project team to program and operate a Web-based beta version of the Hazard Manager. Seven study sites—hospitals and health systems—participated in the beta test, as did five health IT vendors, and representatives from the Agency for Healthcare Research and Quality (AHRQ), the Food and Drug Administration, and the Office of the National Coordinator for Health IT. The beta test included analysis of the 495 hazards entered by study site participants; qualitative data collection concerning usefulness and usability of the tool; inter-rater reliability testing of participants' interpretations of standardized hazard scenarios; and a project summary meeting at AHRQ headquarters. Following evaluation, the features of the tool deemed to be the most important included: a clear focus on how hazards are discovered; a thorough explanation of the many causes that alone or in combination lead to health IT hazards; information about the impact of the hazards; and detailed information about the urgency of hazard correction and the steps taken to correct or mitigate a hazard.

In contemplating the possible deployment of the Hazard Manager as part of a National infrastructure for monitoring and improving health IT safety, the team outlined the need for the following aspects: 1) data aggregation at multiple levels; 2) version control; 3) confidentiality; and 4) access to detailed information. In addition, options to implement such a program were outlined, including the expansion of the Health IT Common Formats to include proactive health IT hazard identification with aggregation and reporting through the National Patient Safety Database.