Malpractice Claims Analysis Confirms Risks in EHRs

By Debra Bradley Ruder

Malpractice Claims Analysis Confirms Risks in EHRsA prescription for a short-acting drug is entered into the computer as the long-acting version. The order is refilled six times based on the erroneous information.

When converting to electronic records, a doctor’s office omits a patient’s aneurysm history from the active problem list. During a medical procedure several years later, the aneurysm bursts. The specialist has been unaware of the patient’s risk.

Nursing notes for an entire shift vanish after a computer crash, compromising care.

Distressing situations like those described above are happening around the country as healthcare organizations adopt electronic health records (EHRs) in growing numbers. Although these systems promise to reduce costs and improve quality and safety, they’ve also ushered in unintended consequences as a result of human error, design flaws, and technology glitches.  

Recognizing these emerging risks, CRICO—the patient safety and medical malpractice insurer for the Harvard medical community—is taking action. The Massachusetts-based company has expanded its proprietary coding system to capture EHR-related problems that have contributed to patient harm, and to guide the hospitals, physicians, and other providers it serves toward addressing vulnerabilities in their systems.

This new set of codes is part of a complex taxonomy that CRICO has developed over the past 30 years to analyze malpractice claims. CRICO uses this methodology to pinpoint clinical elements that can lead to medical error, to recognize historical and current trends, and to drive successful risk management efforts.

“We need to identify specific vulnerabilities so we can design systems and processes that protect us and our patients from these errors,” says Dana Siegal, RN, CPHRM, director of Patient Safety Services for CRICO Strategies, a division of CRICO that serves a national community of clients.

CRICO identified 147 cases (asserted over a five-year period) in which the EHR was identified as a contributing factor. Computer systems that don’t “talk” to each other, test results that aren’t routed properly, and mistakes caused by faulty data entry or copying and pasting were among the EHR-related problems found in the claims, which represented $61 million in direct payments and legal expenses.

Electronic records are on the rise nationally, thanks partly to the federal HITECH Act of 2009, which authorizes incentive payments to encourage their adoption and “meaningful use.” But the extent of their use varies from provider to provider and state to state.  

In 2012, some 44% of U.S. hospitals had at least a basic EHR system (up from 12% in 2009), while 72% of office-based physicians used either an EMR or EHR system (up from 48% in 2009), with considerable variations across the states, according to government sources (see sidebar below and Figure 1 on page 21).

Comparing Adoption of EHR Systems by State Against the National AverageFigure 1. Comparing Adoption of EHR Systems by State Against the National Average

A state-by-state comparison of non-federal acute care hospitals with adoption of at least a basic EHR system in 2012. Twelve states had significantly higher adoption rates than the national average of 44.4%, while 11 were significantly lower. A basic system includes such required functions as lab reports, computerized order entry for medications, and discharge summaries.

Office of the National Coordinator for Health Information Technology/American Hospital Association

CRICO’s findings, though preliminary, send a clear message: Caregivers need accurate information to make life-saving decisions, and there’s room for improvement in EHR design and implementation, such as adding alerts or expanding user training. As EHR adoption spreads, new vulnerabilities are bound to arise, predicts CRICO chief medical officer and senior vice president Luke Sato, MD. “This analysis is the tip of the iceberg,” he says. “We’re going to find things down the road that we weren’t even thinking of. There’s a lot of work to do.”  

Data-Driven Approach

CRICO, a medical professional liability captive insurer, provides claims management, litigation, and educational services to its member owners—including more than 12,000 physicians, 22 hospitals, and 100,000-plus nurses, technicians, and other employees of Harvard-affiliated organizations. Its data-driven strategy involves using evidence to promote patient safety and minimize lawsuits.

A centerpiece of that strategy is a large comparative database that CRICO has developed with claims information collected from Harvard affiliates and CRICO Strategies partners around the country. This Comparative Benchmarking System (CBS) features 275,000 open and closed cases from more than 500 hospitals and 125,000 physicians, and it’s a potent tool for analyzing, trending, and targeting remedies. Participating organizations can, for example, use this clinically coded information to evaluate their patient safety performance against other academic and community healthcare systems in the U.S.




  Electronic health records (EHRs) are real-time, computerized
patient “charts” designed to bring together information
from all the providers involved in a patient’s care. The data
moves securely with the patient to specialists, laboratories,
the hospital, etc., allowing for coordinated care. Electronic
health records are more comprehensive than electronic
medical records (EMRs), which contain only the medical and
treatment history of patients in one provider’s office. The
information in EMRs is not easily shared beyond the practice
(Garrett & Seidman, 2011).

“CBS provides us with a significant pool of data for analysis and enables us to stay ahead of the curve and be prepared to collect information when new vulnerabilities or errors begin to emerge,” notes Heather Riah, assistant vice president of operations for CRICO Strategies. Adds Siegal, “This is exactly why we started focusing on EHR issues. Recognizing that our members and clients were raising more and more concerns, we did some initial research and launched a pilot project.”  

The team asked its CRICO and Strategies members, “What vulnerabilities are you seeing? What are your risk managers worried about? What are your doctors complaining about?” It used that feedback to draft a set of EHR-specific codes and then tested them in three datasets: CRICO (Harvard users) and two of Strategies’ larger clients, The Doctors Company and Princeton Insurance. Based on those results, CRICO revised and approved 15 new EHR codes that went “live” in January 2013.

That means CRICO’s cadre of nurse coders can now identify EHR as a contributing factor to a malpractice claim, instead of using one of the less specific factors available in the past. And they can flag whether the problem involved user issues, system/technology issues, or both. “In some cases,” Sato points out, “the system design sets up humans to make errors.”

Vexing Vulnerabilities

Which EHR vulnerabilities are most troubling? CRICO’s early analysis reveals that incorrect information in the EHR was a factor in 20% (30) of the 147 medical error cases reviewed (Figure 2). This might include:

  • Faulty data entry: A patient’s height is 60 inches but is recorded as 60 centimeters, which distorts her body mass index (BMI).
  • Unexpected conversion: The data is entered correctly, but the computer auto-converts it without the user noticing. For example, 2.5 changes to 25, which becomes a medication error when a clinician acts on the higher number.
  • Wrong file or field: A user accidentally opens up the wrong patient file and orders medication or records vital signs for someone else. As Sato explains, “Because of the way EHRs are designed, you can get lost easily and enter information in an incorrect field or for an incorrect patient without realizing it.”
  • Repeated errors: Mistakes in a patient record persist for years without being caught.

“With data entry, whether we’re putting it on paper or into a computer, we are vulnerable to human error,” says Siegal.

Comparing Adoption of EHR Systems by State Against the National Average

Hybrid health record/EHR conversion issues, another vexing vulnerability related to users, were a contributing factor in 16% (24) of the CRICO cases. This happens when paper and electronic records are inconsistent, often during the transition to EHR. A patient’s status can wind up being misinterpreted. For example, a 4-year-old develops a penicillin allergy. It is noted in the paper record at the pediatrician’s office, which is transitioning to an electronic system. A relative who doesn’t know about the allergy takes the child for an urgent care visit in the same healthcare system. The EHR doesn’t yet reflect the new allergy, and a caregiver prescribes penicillin, triggering an allergic reaction.

Technology problems also contribute to medical errors, according to CRICO’s analysis. These include routing failures (test results aren’t sent to the hospital unit where the patient is now located, for instance); computers that go down or help desks that aren’t available; and systems that are incompatible, even within the same facility.

The EHR coding study also found that:

  • Medicine and nursing were the services most frequently identified. This isn’t surprising, since many of the claims involved the electronic medication record, long in use by these services. OB/GYN and surgery were close behind medicine and nursing.
  • Most of the cases involved either medication (both ordering and administering) or diagnosis (when the EHR lacks information needed to make a diagnosis—or a doctor misses it).
  • More than half (56%) of the malpractice claims emerged from ambulatory care settings, compared to 31% for inpatient and 13% for emergency departments. Within ambulatory, hospital clinics and physician offices accounted for the vast majority.
  • Half of the 147 cases resulted in severe injury.

“Ultimately, this is about supporting critical decision making,” says Siegal. “In the ambulatory and hospital worlds, we depend on the electronic medical record to give us (the correct) information to make important decisions, such as whether or not to prescribe a drug, which drug, or how best to treat the results of a test.”  

CRICO has long appreciated the value of effective EHR systems in advancing the patient safety agenda, Siegal adds. “We believe the EHR will provide a vehicle that protects us from our humanness and promotes improved communication and information exchange among providers.”  

Focus on the Future

CRICO leaders plan to collect more data to support the ongoing development of recommendations around EHRs and patient safety, according to Arvind P. Kumar, CRICO’s senior vice president for technology and alliances. Kumar, who teaches the benefits and pitfalls of electronic records at the Harvard School of Public Health, stresses the need to partner with industry, including EHR vendors, to improve all health information technology. Chair of the Technology Council for the Alliance for Quality Improvement and Patient Safety, Kumar encourages a more standardized approach to system development that reflects the experience of end users: providers. “The idea,” he says, “is to bring together creators and users to guide the process.”  

Looking ahead, Sato envisions a day when electronic records are fully integrated into clinical workflow. In 2012, he led production of a provocative video, Better, Safer Care: Imagining a Medical Record of the Future, which shows a doctor using a tablet that “speaks” during a patient visit. It interacts with both patient and physician, providing essential support such as documenting the encounter, retrieving historical information, and scheduling follow-up appointments and reminders. You can watch the video on CRICO’s website or through YouTube (Sato & Augello, 2012).

Sato advises remembering the why behind the work: “Healthcare organizations are so busy implementing their EHR/EMR systems that they sometimes lose sight of the big picture: that we’re doing this to make healthcare accessible, higher quality, and safer—to help clinicians deliver better care to patients.”

Jonathan Einbinder, MD, assistant vice president for advanced data analytics and coding for CRICO, agrees. “These new EHR codes will help us build a better system by providing a view into how technology may contribute to patient harm. It doesn’t mean that having technology is worse than not having it,” says Einbinder, who practices medicine at Brigham and Women’s Hospital in Boston. “Effective use of well-designed computer systems will absolutely improve care. I’ve worked with paper records, and I wouldn’t want to go back to doing it that way.”

Debra Bradley Ruder is a Boston-based freelance writer specializing in healthcare and education. Her clients have included Harvard University, Boston College, Brigham and Women’s Hospital, and Dana-Farber Cancer Institute. She can be reached at

Dana Siegal can be reached at


Sato, L., & Augello, T. A. (2012, November 5). CRICO challenges EMR complacency. CRICO. Available at

Garrett, P., & Seidman, J. (2011, January 4). EMR vs EHR—What is the difference? Health ITBuzz. Available at