Health

Glitch prompts VA to shut e-health data exchange with Defense

The Veterans Affairs Department closed off access to the Defense Department's huge electronic health record system on Monday because it found errors in some patients' medical data clinicians downloaded from the Defense network, according to a departmental patient safety alert, which Nextgov obtained.

Although no patient was injured, the errors shed light on how software glitches could affect the accuracy of electronic medical records and a planned national system that has been backed by the Bush and Obama administrations.

VA first discovered the problem in late February, when one of its doctors accessed the Defense health records system, called AHLTA, to review the prescription information of a female patient. The data showed a Defense physician had prescribed her an erectile dysfunction drug. The VA doctor suspected the system displayed erroneous information and a check with the Defense medical facility that supposedly prescribed the drug informed VA that the data was wrong and the VA query had returned information for another patient.

The glitch did not cause harm to any patient, but "the potential exists for decisions regarding patient care to be made using incorrect or incomplete data," said Jean Scott, director of the Veterans Health Administration's Information Technology Patient Safety Office, in the alert issued on Wednesday.

When doctors queried the Defense system for patient information, they received no data, a portion of the data, incorrect information, or the complete, correct data for the patient, according to the alert.

"The VA clinician may see the patient's data during one session, but another session may not display the data previously seen," the alert noted. "This problem occurs intermittently and has been reported when querying DoD laboratory, pharmacy and radiology reports."

Until those systems are reactivated, VA doctors will have to obtain a patients' health information from their paper medical files, faxes or PDF attachments that are e-mailed to the physicians, Scott said.

The errors occurred in the Bidirectional Health Information Exchange, a project started in 2004 that allows clinicians in VA and Defense to view health information in patient files. Older code in the system became stressed at peak periods when clinicians were making the most number of queries, said Roger Baker, chief information officer at VA. At these times, the system did not clear out a memory cache, resulting in memory leaks "so that information from one patient is presented as it is from another," he explained.

VA has fixed the bug and plans to bring the BHIE back online on March 9. Baker emphasized the bug's effect on the medical records of patients that VA and Defense clinicians share was sporadic and occurred in one out of 100 queries. The glitch caused errors only in the records that VA clinicians accessed. Defense doctors still have access to records Veterans Affairs stores.

Baker said the department's response to the glitch showed VA's overall health system worked "because there is always a doctor in the loop" who checks the accuracy of a patient's health data in combination with a well established patient safety organization that quickly alerts clinicians to any errors.

Robert Charette, a risk management consultant and president of the ITABHI Corp. in Fredericksburg, Va., which consults with Defense, said VA was lucky it discovered an error as obvious as prescribing an erectile dysfunction drug for a female patient. He wondered if VA would have detected the error if it were for drugs with similar names, adding that despite the low error rate, "it's the one out of 100 that can bite you."

Dr. Jeffrey Shuren, director of the Center for Devices and Radiological Health at the Food and Drug Administration, said the potential threat to patient safety from medical systems calls for federal oversight. He told the adoption/certification workgroup of the Health IT Policy Committee, which advises the Health and Human Services Department, on Feb. 25 that during the past two years system vendors reported 260 system malfunctions that caused 44 injuries and six deaths.

Health IT systems similar to the BHIE are not, unlike separate medical devices, regulated by FDA. These systems are "interconnected with one another into networks of varying degrees of complexity" and often include multiple software products interfacing with one another as a part of a comprehensive system, according to Shuren.

Baker said the complexity of medical records systems like BHIE would make regulating such networks a daunting task.

Dave deBronkart, a patient advocate in Nashua, N.H., who spoke at last week's Health IT Policy Committee meeting, said in an interview with Nextgov that the glitch paralleled the problems he encountered last year when he tried to transfer information from his hospital medical record to Google Health, an online electronic health record database the search giant launched in 2008.

If the United States wants to develop a national health electronic record system, it needs to make sure heath information exchanges work correctly, said deBronkart, who added VA should be commended for reacting quickly to the software problem and issuing the patient safety alert.

Threatwatch Alert

Credential-stealing malware

None of 20,000 patients affected were ever notified of 911 computer breach

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
// 3:17 PM ET