In the older days, computers could not perform many operations on unstructured text. To make it possible to count, sort, tabulate and compute data, it was necessary to encode it into fixed-length fields of carefully defined types. The legacy of this limitation of early data processing is the persistence of the many code sets now in place to capture the vast majority of clinical data. There is at least one (if not a dozen) coding system for symptoms, diagnoses, procedures, tests, results, drugs, devices, outcomes, fees, settings, and practically every type of healthcare information captured, stored or exchanged. Almost all of this data is expected to be encoded by users.

Programmer demand for well-structured data made a marriage with practitioner demand for efficient data entry. The result is now a plethora of interfaces that allow—and also may force—providers to record their findings as items picked from lists. This has created new ways to distort and corrupt data. Structured data is only reliable if fields are defined in standard ways and used with a degree of discipline that may not be achievable by clinicians. Furthermore, reliance on structured data sacrifices nuances of information that can only be captured in natural language. This trend has led to the general impoverishment of clinical records, as authors’ vocabularies are constrained to selections provided by programmers. In the contest between the sins of too verbose and too sparse, replacing dictation with “click-tation” is more likely to create a record missing essential facts. Furthermore, while slips of the tongue can (and do) produce false records, slips of the mouse may have a higher propensity, because of the precision they inflict on data entry.

In the eternal quest to protect practitioners from keyboarding, most EHRs provide menus that can be managed by pointing devices like mouse and touchscreen. These are susceptible to hand-eye coordination errors, such as “off-by-one” checklist errors, “drag-and-drop-in-the-wrong-location” errors, “double-click-instead-of-single-click” (and vice versa) errors, and similar.

The astonishing revolution in voice recognition, voice response and natural language processing (NLP) technologies has only begun to be felt in healthcare. It is hard to imagine a more disruptive technology in human history than the ability to speak to and be understood by machines. The sluggish, frustrating and often comic early efforts at machine transcription of voice input have made enormous progress due to increased processor power (and clever science). Voice recognition software is becoming effectively usable and widely used in medical settings.

While human dictation-transcription has been universally accepted for decades, and automated dictation-transcription now offers serious competition, both are subject to production errors. Entire books and websites are devoted to funny malapropisms, freudianisms and other slips attributable to either the speaker or the transcriber, human or otherwise. But, the serious side of transcription error is when actual patient harm devolves from reliance upon false records.

Both human and software transcriptionists are likely to hear correctly a word like “electroencephalogram,” even recorded by a person with a heavy accent in a noisy room. Whereas, both humans and machines are more likely to miss small words like “no,” “not,” and “doesn’t.” A radiologist dictated, “I don’t believe the lesion in the right upper lobe merely represents scarring from the prior procedure . . .” The final report read, “I believe the lesion in the right upper lobe merely represents scarring from the prior procedure . . .” Consequently, a lung cancer went without investigation for 18 months.

That error involved an automated system, but a human could have made the same mistake. However, human transcriptionists vigorously point out that they have a superior ability to question (as well as intelligently correct during transcription) obvious slips, and will highlight words they can’t interpret for later correction. Thus output errors can be intercepted during transcription, or can be appreciated and compensated for by later readers, who knowledgeably re-interpret obvious flubs. No harm, no foul. But, occasionally a discrepancy in output will mislead a clinician or patient, causing harm.

This brings up an unresolved legal conundrum for providers using any kind of transcription. There is an irreducible minimum error rate for any method of data entry, but explaining this to an injured party is problematical. There is no explicit norm for an accepted percent of “complications” caused by erroneous information. There is no comfortable cultural acceptance that sometimes records are wrong and sometimes this can cause harm. Patients (and juries) may have a general (but unachievable) expectation of zero defects. Some dictation systems append a disclaimer to their work product like, “Dictated but not read.” It isn’t clear that such a notice has any legal force. Furthermore, even if providers try (or are mandated) to proofread their documentation product, this would not result in perfect notes. Every editor knows the fallacy of authors proofreading their own writing. And, duplication of effort markedly reduces data entry efficiency. Knowing that perfect documentation is impossible sharpens our questions about how much we depend on medical record accuracy, for all purposes. One safety-minded approach to an inherently fallible process is to layer it inside another process with different failings. A defense against imperfect medical documentation is having many readers; another is taking every record with a bit of salt.

The difference between electrical and paper records is most apparent in a radically expanded definition of “information.” Most EHRs today have the ability to incorporate virtually any kind of data into the record, including photography, graphics, audio, video, digital images, device outputs, large documents and special effects reminiscent of Hollywood. Multimedia and diagnostic images attached to medical records can powerfully improve patient care. Their greatest hazard is becoming attached to the wrong records.

Few incidents in the patient safety literature create more consternation than “wrong patient” events, and EHRs play a part in generating them. The ease of moving information (creating, copying, importing, exporting, transmitting, etc.) also makes it easy to move it where it doesn’t belong. Paper charts become contaminated with pages that stick together, faxes that are mislabeled, sticky notes that wander across desktops, and reports on patients with similar names. EHRs can commingle records through mis-clicking, mis-dragging, mis-typing, etc., and also have a serious potential for mis-identifying patients because of their dependence upon imperfect lists.

Every master patient index contains duplicates, misspelled names, former names, married names, nicknames, aliases, homonyms, middle initials, middle names and names from cultures that don’t fit the pattern of “last, first, middle.” An office may receive a prostate biopsy report on James Jones. The medical assistant might have to make a judgment whether to attach it to the record of “Jones J.,” “Jones Jim,” “Jones James T.,” “Jones James [looks like a T might be an F]” or some other incarnation. Data incoherence, co-mingling, splitting, detachment and similar defects form a kind of electronic rubbish in information systems. This sort of corruption proliferates when data are exchanged automatically among systems.

Since the invention of EHRs, there has been contention between forces promoting a national system of unique patient identifiers, and forces concerned about the threat to privacy this could represent. The de facto standard of Social Security numbers has long been known to be hopelessly flawed, but in the U.S. no politically palatable alternative seemed possible to find. However, the need for authentication (and widespread use) of identities for various online activities may finally give birth to a solution, in the form of the National Strategy for Trusted Identities in Cyberspace (NSTIC) [25]. This is a 2011 White House initiative assigned to the National Institute of Standards and Technologies (NIST) that envisions, “Individuals and organizations [will] utilize secure, efficient, easy-to-use, and interoperable identity solutions to access online services in a manner that promotes confidence, privacy, choice, and innovation.”

Its guiding principles are:

There is reason to think this effort will succeed in creating a trusted, national, user-centered “identity ecosystem” that will be of considerable value in reducing both misunderstandings and crimes related to patient mis-identification.

When we catch a mistake in a medical record, there are accepted practices for correcting it. In paper charts, the custom is to cross out the error without making it unreadable, and enter the right information with a notation of the date and the identity of the person who made the edit. There is no implication of deception, and subsequent readers can recognize and rely on the corrected information in its context.

In contrast, in some EHRs corrections are much more difficult to make, and can induce errors. In the infancy of EHRs, legal consultants were concerned about fraud, impersonation, and unattributed entries. A fetish evolved for electronically signing, stamping and sometimes even locking notes so they couldn’t be edited after saving. This satisfied a perceived legal need for strong assurance about record authorship and provenance. Except in very ancient systems, these practices are now redundant to the database technology that routinely captures meta–data about transactions like “create,” “save,” “view,” “print,” “edit,” “delete,” and so on; which are typically linked (with timestamps) to the login credentials of the user who performed them. Meta-data logs may also include details like the port number of the network connection used for access, the location of the terminal, and other arcane facts of interest to technicians.

An incidental effect of EHR meta–data is to add wrinkles to the process of legal discovery involving electronic information of all types.

From the standpoint of user-experience, meta-data renders obsolete the older-than-Egypt need for signatures on official documents, and merely adds an annoying, unnecessary step in requiring users to “sign” notes. But, record-locking becomes a safety issue when corrections need to be made. In some EHRs, it is frankly impossible to edit a saved note, no matter what errors it contains. (It is far from uncommon to insert a long, complex note into entirely the wrong chart. Being unable to delete a note on the wrong patient creates both a safety hazard and a privacy violation.) The more rigid systems only allow the user to write an “addendum” to the original, erroneous note, and in the worst examples, the addendum may be separated in some way from the original. In some systems, it is hard to tell looking at the erroneous note that an addendum needs to be hunted down; and it may not be evident what exactly is wrong. For example, if the note on June 12th incorrectly lists “warfarin” as a current medication, and this is corrected with a supplement on June 19th, a reader of the June 12th note in some EHRs might have no way of knowing where to look for the correction. At very least, keeping bad data alongside the good requires extra steps by users, creating yet another potential error pathway.

The task and challenges of clinical documentation have traditionally fallen to practitioners, with the patient record always being tethered to the provider’s practice or facility. EHRs for the first time open the possibility of making patient records portable across sites, which is not shocking to providers, or even putting them in the custody of patients themselves, which is quite shocking indeed. The term “Personal Health Record” is not well defined, but refers to clinical information in the custody and control of patients, usually organized in a kind of summary format.

One profoundly underused safety mechanism that becomes possible with PHRs is to expose the record to the patient’s review. It is essentially unheard of to find a medical record that does not contain serious errors, many of which are immediately apparent to the patient. Including the patient in the quality improvement process is an obvious, yet radical innovation that may have significant benefits for organizations that take advantage of it. Ironically, the traditional, oral patient history is the primary source of information in most medical records. However, importing files of patient-created information into EHRs (whether structured data from devices or unstructured data from templates) introduces yet another in-box problem for providers, and another potential source of variance (if not contradictions) that need to be reconciled in the provider’s record.

At the time of this writing, Personal Health Records (PHRs) come in three basic flavors, each of which has serious safety concerns (Box 19.9). (The PHRs discussed here do not include raw provider work product that patients may be able to view through electronic portals into provider-controlled EHRs.)

All the factors that can make provider-tethered records unreliable similarly apply to patient-controlled records, with added complications.

While portable, patient-controlled, untethered, professionally created and properly reconciled, authoritative personal health information would have tremendous value to a system with millions of mobile patients interacting with multiple providers, resources and caregivers, this vision is not yet within reach.

In summary, with respect to documentation functions, EHRs:

The documentation process—although it can be enhanced by technology—is not fundamentally different in the paper and electrical worlds. The case is far different for order entry, result reporting and messaging. These are the most powerful ways in which EHRs have altered provider workflow, and are the sources for the most dangerous errors that directly impact patients.

Automating the activities of entering and executing provider orders and receiving and responding to test results have drastically changed the human roles in both in-patient and out-patient environments. And, electronic communication and digital media (e-mail, voicemail, texting, social media, Internet, Wi-Fi, etc.) have wrought the same changes upon healthcare as upon civilization as a whole.