Wednesday, July 25, 2012
This Is A Really Worrying Piece Of News From The ACT. Data Manipulation Of Health Information On A Grand Scale!
The following appeared a few days ago It is an amazing saga of health information deception and abuse:
Date July 19, 2012
The privacy of hundreds of thousands of patient records at the Canberra Hospital was vulnerable to compromise because of the poor quality of data management in the Emergency Department, according to the Auditor General.
Auditor-General Maxine Cooper told an Assembly Committee this morning that the poor quality of the department's systems had implications that went beyond the "data doctoring" scandal.
Dr Cooper was giving evidence to the Assembly's Public Accounts Committee about her report into the manipulation of patient records in the Canberra Hospital.
Dr Cooper told the multi-party committee that her audit had been confined to the data manipulation and that she had not inquired into whether there had been any breaches of privacy laws caused by the lack of control over information systems in the hospital.
Senior Hospital Executive Kate Jackson has admitted to tampering with thousands of patient records between 2009 and 2012 in an effort to make the department's performance on waiting times look better.
The committee heard today that Ms Jackson, who has been stood down from her $200,000-a-year job, used four different generic log-ins to access the data system and make changes.
Full article is here:
The media release around this is really quite alarming:
It can be found here:
This extract from the Exec Summary says a fair bit to say, to say the least.
“Hospital records at the Canberra Hospital have been deliberately manipulated to improve overall performance information and reporting of the Canberra Hospital’s Emergency
Department. The very poor controls over the relevant information system means that it is not possible to use information in the system to identify with certainty the person or persons who have made the changes to the hospital records. Under affirmation, an executive at the Canberra Hospital has admitted to making improper changes to hospital records. While this is the case, Audit considers that it is probable that improper changes to records have been made by other persons.
There is evidence to indicate that hospital records relating to Emergency Department performance were manipulated between 2009 and early 2012. It is likely that up to 11,700 records relating to Emergency Department presentations were manipulated during this period. The records that were manipulated mean that publicly reported information relating to the timeliness of access to the Emergency Department and overall length of stay in the Emergency Department have been inaccurately reported over this period.
The executive has admitted to manipulating hospital records initially in 2010 and on a much larger scale throughout 2011 into early 2012. The executive’s admission of manipulating records does not account for all of the changes that were made to hospital records, where timeliness information was improved. The executive did not admit to making changes to records in 2009. Furthermore, changes to hospital records made throughout 2010 and early 2012 are not all accounted for by the executive’s admission.
The executive’s rationale for manipulating records was that they felt under significant pressure to improve the publicly reported performance information of the Emergency Department. In this respect, Audit notes that there is a significant and ongoing focus on the timeliness performance of the two Canberra hospitals more broadly, and their emergency departments more specifically. Audit also notes that the recent National Partnership Agreement between the states and territories and the Commonwealth has placed an additional focus on hospital waiting times, targeting $3.4 billion in investment over the eight years to 2016‐17 on hospital improvement. Of this Commonwealth funding, a comparatively small proportion ($200 million nationally and $3.2 million for the ACT) is directly dependent on improvements to Emergency Department timeliness performance. There is a considerable lack of attention on qualitative indicators, which may provide a more appropriate and rounded assessment of Emergency Department performance.
Managerial pressure was placed on the executive to improve the performance of the Emergency Department. This managerial pressure reflects the significant and ongoing focus on the timeliness performance of the Canberra Hospital and the requirements of the National Partnership Agreement. An organisational change management agenda was also underway at the Canberra Hospital since the restructure of the Health Directorate in early 2011. The organisational change process underway at the Canberra Hospital sought to achieve improved performance and accountability for performance.
Organisational change can be challenging and confronting for staff. In relation to the organisational change that was underway at the Canberra Hospital throughout 2011, one stakeholder commented to Audit:
The hospital is very resistant to outsiders coming in, very resistant. In a way, it’s a very protected community and it has developed from a small regional hospital, you know, the Woden Valley Hospital, to the major tertiary referral centre for the region. And one of the challenges...is whether the change has happened as it’s needed to for staff to move into that much more professional high‐pressure dynamic organisation.
Although managerial pressure was placed on the executive to improve the performance of the Emergency Department, this was not manifested in direct or indirect instruction or guidance to deliberately manipulate hospital records. Furthermore, there was no direct or indirect instruction by any other person, including the Minister for Health.
Very poor systems and practices
The very poor systems and practices in place in the Canberra Hospital and the Health Directorate for preparing and publicly reporting performance information created the opportunity for persons to manipulate the hospital records. The Emergency Department’s management information system, which is used to prepare the performance information, has very poor system access and user controls. There is a lack of governance and administrative accountability for this system, which means that there is no identifiable system owner with responsibility for ensuring the integrity of the system and the appropriateness of its access and user controls.
The very poor system access and user controls over the Canberra Hospital’s Emergency Department management information system has wider implications beyond the inaccurate reporting of timeliness performance. There are risks to the privacy and confidentiality of patient information. The very poor systems and practices also mean that there is a risk that the Health Directorate does not meet the requirements of Principle 4.1 of the Health Records (Privacy and Access) Act 1997 relating to the safekeeping of personal health information.
Audit notes that the same management information system, albeit a newer version, is used at the Calvary Public Hospital. There are more effective system access and user controls over the newer system at the Calvary Public Hospital. Nevertheless, some features of the newer system and its implementation at the Calvary Public Hospital may also give rise to risks relating to the privacy and confidentiality of patient information and the potential manipulation of hospital records to improve timeliness performance reporting. There is also a risk, albeit to a lesser extent, that Calvary Public Hospital does not meet the requirements of Principle 4.1 of the Health Records (Privacy and Access) Act 1997 relating to the safekeeping of personal health information.
There was also a lack of monitoring, review and assurance of the integrity and accuracy of the Health Directorate’s publicly reported Emergency Department performance information. Various data validation processes are in place within the Health Directorate, but these processes have not been designed to provide assurance over the integrity and accuracy of publicly reported Emergency Department performance information. Audit notes that the current monitoring, review and assurance processes over the publicly reported Emergency Department performance information are not consistent with the apparent importance of the performance information, as demonstrated by the significant Health Directorate management and stakeholder interest.
A comparatively small amount of Commonwealth funding under the recent National Partnership Agreement ($3.2 million over the four years to December 2015) is contingent upon the ACT meeting relevant timeliness targets. $0.8 million is contingent upon the ACT’s timeliness performance in 2012. This funding may be at risk, as it appears that the ACT is not meeting its timeliness performance targets. However, it should be noted that this reward funding may be rolled over and provided in future years up to 2015.’
---- End Extract.
Audit’s ten recommendations all seem pretty sensible to me - but they really do need to get to an individual user sign-on sooner rather than later - despite user objections.
There are a good few lessons here that need to be carefully considered. Given the financial pressures I wonder of other States or Territories are the victims of similar activities?
Posted by Dr David G More MB PhD at Wednesday, July 25, 2012