Tuesday, May 29, 2012

NEHTA Are Up To Their Old Tricks Again - Releasing Controversial Reports on Fridays. Finally A Clinical Safety Document.

The following lurched into view on Friday.

Clinical Safety Case Report PCEHR Release 1A

Here is the direct link:
Here are the document details from the title page:

 Clinical Safety Case Report
Project Name: PCEHR Release 1A
Version 1.1
Status: Issued
The heading box of the Executive Summary is really amazing.
“NEHTA has made an assessment that there are no clinical hazards identified in relation to PCEHR Release 1a that are classified as a High Clinical Risk which leaves a Tolerable Residual Risk Classification as per Appendix C, Table 4.
NEHTA therefore considers that there are no Unacceptable Residual Risks present in PCEHR Release 1a (R1a).”
When you read something like this you instantly want to know what “Tolerable” means.
So reading on we find the following.
If a clinical risk is “Medium” it is said to be “Tolerable”
This is described as needing the action as  follows:
“Customer to be notified of the Clinical Hazard as soon as practicable and appropriate mitigating action agreed where possible. Where agreed mitigation leads to Changes in relation to additional functional or non-functional parts of the Customer’s Requirements. These will be identified in the Clinical Safety Case Report and evidence for their achievement provided.”
I read this to say the issues need to be fixed pronto.
There are 4 issues that fall into this category.
Page 29 (of 39) on provides the details:

8 Results of Clinical Safety Assessment

8.1 Medium Clinical Risks

The following generic clinical hazards that are deemed to have a Medium Residual Risk rating are described below, along with some examples of associated causes and controls. These generic clinical risks include:
8.1.1 Reference data is absent or incorrect or inconsistent between different clinical systems (H020)
8.1.2 Clinical information is presented inappropriately or in a manner that its context is misleading or cannot be ascertained (H110)
8.1.3 Patient identification data or contact information may be missing, incorrect, incomplete, out of date or corrupt (H020)
8.1.4 Misleading or absent information in a patient’s clinical record (H050)
Generic clinical risks that are rated Low and Very Low are documented in the Hazard Register and are not specifically discussed in the body of this report.
---- End Extract.
Each of these is then expanded on in some detail you can read in the pages following.
I would have to say all of these need to be fixed and really quickly. They are clearly clinically dangerous. They also don’t look all that easy to fix in the short term.
Here is, however, the most amazing comment (Page 32):

9.3 Management of Clinical Safety Issues

During the development of this Release Clinical Safety issues have been identified and managed to reduce Clinical Risk within the constraints as noted in section 6.3.
Clinical Safety issues were managed by the Clinical Safety Unit as follows:
·         Provided feedback on requirements, functional and technical design documents to PCEHR project teams.
·         Raised a number of prominent risks in separate workshops (hazard assessment workshops) with the PCEHR team, Clinical Leads and other appropriate staff.
The feedback to date on clinical safety recommendations has not described to what degree they have been accepted in the design and if they will be included in future specifications.
----- End Extract.
So this work is all essentially being treated as needing just an optional response.
A couple of things need to be recognised here.
First this report is on the planned test version (1A) rather than the production version (1B) but it would have been useful to have the production version assessment available well before July 1 when ‘go-live’ is planned.
Second as I read the four medium risks described it is not clear just how easily they might be addressed in a few weeks. Some of these look to need a lot of work to fix.
With the E-Health Session of Senate Estimates on Wednesday 30 May, 2012 at 7:30pm one wonders if this was just not released in a rush to show there was at least one ‘Clinical Safety’ document in existence. I wonder where all the documents describing the methodology and the risk register are hiding?
So much for NEHTA’s embedded Clinical Safety Culture!


B said...


Three quick comments.

1. The document is dated 11 April. That's very late for the CSU to be making recommendations for some seemingly major changes to the fundamental nature of the system, especially in terms of access control.

2. And talking of access control, there are some amazing risks in section However there is this gem:

It is anticipated the current PCEHR solution includes controls to address this risk [of hidden data]. These include:

1. Clinicians are trained not to rely solely on the PCEHR to make clinical decisions

In other words - clinicians are told "don't trust the PCEHR".

So what are clinicians to make of that little statement? Run extra tests? Only use the PCEHR as a guide not a source of truth?

It would seem to rather devalue the usefulness of the system.

3. further down in is this:

Consumers are not able to hide information they consider private from all healthcare providers other than completely removing the information from PCEHR. This results in this specific piece of information never being uploaded in the PCEHR, even if it is urgently needed e.g. in an emergency situation where individual consent settings are overridden or when, at a future date, the individual considers that piece of information ready to be shared.

So much for "personally controlled". They seem to be saying that the only way a patient can fully control access to information is to not put into the system in the first place.

I don't think they have, even yet, fully thought this thing through.

Anonymous said...

Clinicians are trained not to rely solely on the Patient to make clinical decisions - in other words, clinicians are told, don't trust the patient.

I would seem to undervalue talking to the patient. In fact, why bother?

Can we please have sensible comment about this? Surely no one thinks that the pcehr is going to be without any risk?