recommended reading

Reps rip VA over glitch in medical record system

The chairman of the House committee overseeing the Veterans Affairs Department sharply criticized the agency on Thursday for not publicly disclosing it found a software bug in a computer system in August that resulted in not discontinuing drug administration to nine patients.

Rep. Bob Filner, D-Calif., chairman of the House Veterans Affairs Committee, wrote that he was "disappointed to learn of troubling new revelations from the Department of Veterans Affairs regarding operating problems with the most recent upgrade to the electronic medical records system."

A glitch in a drug administration system for infusion pumps, which deliver intravenous drugs to patients, resulted in placing a doctor's order to discontinue a patient's intravenous drugs at the bottom of a list instead of at the top, where nurses typically look for it, said Gail Graham, deputy chief information management officer at VA.

The software bug affected intravenous medications given to nine patients, Graham said, and none were injured.

VA's electronic health record system, called the Health Information Systems and Technology Architecture, managed 1.6 billion transactions in 2008 in the 153 medical facilities the department operates and treated 5.6 million patients, Stephen Warren, the acting VA chief information officer said.

Until VA fixed the bug, nurses were instructed to manually check the drug administration system to make sure they had not overlooked an order to discontinue treatment. The glitch in the computer system was first reported last week by VA Watchdog blog.

Filner noted, "VA continues to discover problems and attempts to fix them quietly and internally, and then downplays them as inconsequential and nonthreatening. After numerous offers, VA bureaucrats still refuse to alert Congress to the issues and problems that affect our constituents -- our veterans -- in a timely and proactive way." Filner said he would continue to look into this incident.

Rep. Steve Buyer, R-Ind., ranking member of the committee, said he was "deeply concerned about the consequences on patient care that could have resulted from this 'software glitch,' and that mistakes were not disclosed to patients who were directly affected." Buyer said VA should conduct determine if any veterans were harmed by the glitch.

Paul Sullivan, executive director of the Veterans for Common Sense, said, "We remain alarmed at VA's cavalier approach to handling this latest computer malfunction. VA should be more transparent, and VA should have notified and apologized to our veteran patients."

VA advocates should consider the bug in the context of the overall success of its electronic drug administration system, which has reduced medication errors by 86 percent, said Stephen Warren, the department's acting chief information officer.

Electronic medical systems are powerful tools, but software systems are prone to errors, which means heath care organizations need systems that can automatically identify errors, said Ken Farbstein, a consultant who also runs the Patient Safety blog.

VA said in a statement that its internal processes and controls catch errors. The glitch with the drug software was "recognized at several VA sites across the country. The patient safety concerns were conveyed through established channels. National alerts were issued to make sure everyone knew about the problems, and the software was repaired. No patients were harmed. The episodes illustrate VA's capability to effectively learn from, and respond to, close calls, recognizing that any problems in its electronic health records system can imperil our patients."

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.