Electronic Health Record Vendors Use Gag Clauses to Hide Lethal Bugs in the IT Systems They Sell

Lambert here: Despite its tone, this post is a happy dance, and a victory for critical thinking skills; author Silversteinhas been saying for years what Politico just got round to noticing. And has it ever occurred to anyone that one reason Obama’s stim pack had such a muted effect was that $30 billion of it went to lousy IT? And can’t we throw some EHR executives in jail under RICO or something?

By Scot Silverstein, MD, Medical doctor, and Medical Informatics professional via NIH-sponsored postdoctoral fellowship at Yale School of Medicine. Expertise in clinical IT design, implementation, refinement to meet clinician needs, and remediation of HIT projects in difficulty in both hospitals and the pharmaceutical industry. Independent expert witness on health IT-related medical malpractice and related issues. Former Director of Scientific Information Resources and The Merck Index (of chemicals, drugs, and biologicals) at Merck Research Labs. Faculty, Drexel University, College of Information Science and Technology, Philadelphia, PA. Architect of Drexel’s Graduate Certificate Program in Healthcare Informatics. Cross posted from the Health Care Renewal website

I have not blogged on EHR issues in some time, despite some interesting source material such as:

These can be read at the links above, and are self-explanatory.

A new Politico investigation and article, however, is worth writing about:

Doctors barred from discussing safety glitches in U.S.-funded software
Darius Tahir

President Barack Obama’s stimulus put taxpayers on the hook for $30 billion in electronic medical records, many of which have turned out to be technological disasters.

But don’t expect to hear about the problems from doctors or hospitals. Most of them are under gag orders not to discuss the specific failings of their systems — even though poor technology in hospitals can have lethal consequences.

[Change the “can” to “does”, e.g., ECRI Deep Dive, http://hcrenewal.blogspot.com/2013/02/peering-underneath-icebergs-water-level.html – ed.]

A POLITICO investigation found that some of the biggest firms marketing electronic record systems inserted “gag clauses” in their taxpayer-subsidized contracts, effectively forbidding health care providers from talking about glitches that slow their work and potentially jeopardize patients.

[E.g., see http://hcrenewal.blogspot.com/search/label/glitch – ed.]

POLITICO obtained 11 contracts through public record requests from hospitals and health systems in New York City, California, and Florida that use six of the biggest vendors of digital record systems. With one exception, each of the contracts contains a clause protecting potentially large swaths of information from public exposure. This is the first time the existence of the gag clauses has been conclusively documented.

I note this Politico article appears six years after the seminal JAMA article on hold harmless and defects nondisclosure clauses:

as well as:

In that 2009 JAMA Letter to the Editor I observed:

… In their Commentary, Dr Koppel and Mr Kreda made clear the problems associated with applying the customs and traditions of business software contracting and sales (where “hold harmless” and “keep defects secret” clauses are commonplace) to health care information technology (HIT) as if they are the same. I believe that ignoring their differences has likely created an epidemic of violations of hospital governing body responsibilities and Joint Commission standards for health care organization leadership.

In 2015 I stand by these assertions. Computer and business personnel – through arrogance, selfishness, narrow-mindedness and other issues – have made a mess assuming that business software practices apply to clinical medicine and healthcare IT. In the latter domain, however, increased clinical stress and hypervigilance due to bugs clinicians have to work around (that might have been fixed sooner), lessening their performance and increasing risk, and patient injury and death has been the result of a belief that clinical computing is just a niche area of business computing. (I’ve been making this point for at least 15 years, I might add.)

Such contractual practices endanger patients, and in 2015 are reckless, negligent and inexcusable.

http://injury.findlaw.com/accident-injury-law/recklessness.html Recklessness means the person knew (or should have known) that his or her action were likely to cause harm. Negligence means that the person acted in violation of a duty to someone else, with the breach of that duty causing harm to someone else.

More from the Politico article:

Vendors say such restrictions target only breaches of intellectual property and are invoked rarely.

IP breaches? While I understand the business issues at hand, in reality this is farcical. There is little unique and valuable IP in these systems…as if one EHR vendor would really copy off another EHR vendor’s screens. I’ve seen many EHRs and their instruction manuals and in my opinion there’s little worth stealing from any of these look-alike systems.

But doctors, researchers and members of Congress contend they stifle important discussions, including disclosures that problems exist. In some cases, they say, the software’s faults can have lethal results, misleading doctors and nurses who rely upon it for critical information in life-or-death situations.

Change the “can” to “do.” See ECRI link above, posts such as at http://hcrenewal.blogspot.com/2011/09/sweet-death-that-wasnt-very-sweet-how_24.html, and as readers here know, I have one less living relative thanks to EHR faults. (I know of others that I cannot discuss.)

Critics say the clauses — which POLITICO documented in contracts with Epic Systems, Cerner, Siemens (now part of Cerner), Allscripts, eClinicalWorks and Meditech — have kept researchers from understanding the scope of the failures.

I actually refute that. I believe many researchers (in the field of Medical Informatics, at least) were blinded by their own wishful thinking about health IT and their own misplaced overconfidence in computing. My writings for a decade and that of many other “iconoclasts”, based on experience and insight from other fields in which we worked, clearly raising huge red flags, were derided or summarily ignored. For instance, see my post “The Dangers of Critical Thinking in A Politicized, Irrational Culture” from almost exactly five years ago at http://hcrenewal.blogspot.com/2010/09/dangers-of-critical-thinking-in.html. There was enough data to ascertain that major problems were extant.

Even the ECRI Deep Dive EHR safety study referenced above, now at least three years old, finding 171 IT mishaps in 9 weeks in just 36 hospitals voluntarily reported, causing 8 significant harms and 3 possible deaths, is rarely cited by the “researchers.” See http://hcrenewal.blogspot.com/2013/02/peering-underneath-icebergs-water-level.html.

… Sheldon Whitehouse (D-RI) asked a panel of witnesses [during a HELP committee hearing earlier this summer], including Allscripts CEO Paul Black: “Can anyone on this panel see a single reason why these contracts should have gag clauses in them?” No one ventured a reason.

Perhaps, I ask, because it would be hard to say something like “Senator, our computers have more rights than patients, and we don’t give a damn about patient harm as long as the $$$ keep rolling in, and payouts for screw-ups that do make it to court are manageable“, Ford Pinto-style, in such a setting?

After POLITICO disclosed its findings, an aide to HELP Chairman Lamar Alexander (R-Tenn.) said the committee would look at the issue, “exploring potentially harmful effects of these clauses — including how they could inhibit interoperability.”

The interoperability issue is a diversion if not a non-sequitur. Dreamers still believe billions will be magically saved, and lives saved, via “interoperability”, ironically at a time when basic operability is poorly achieved.

Let me state this clearly: health IT will always be a major cost center and will never result in the mass cost savings attributed by the pundits to it. From experience, I state that is a pipe dream, a fantasy, a risible statement consistent with a mania over the technology. The issues in medicine that cost dear money are complex, and are not amenable to solution via cybernetic miracles.

See http://hcrenewal.blogspot.com/2012/09/wsj-koppel-and-soumerai-major-glitch.html for more on this issue:

… a comprehensive evaluation of the scientific literature has confirmed what many researchers suspected: The savings claimed by government agencies and vendors of health IT are little more than hype.

To conduct the study, faculty at McMaster University in Hamilton, Ontario, and its programs for assessment of technology in health — and other research centers, including in the U.S. — sifted through almost 36,000 studies of health IT. The studies included information about highly valued computerized alerts — when drugs are prescribed, for instance — to prevent drug interactions and dosage errors. From among those studies the researchers identified 31 that specifically examined the outcomes in light of the technology’s cost-savings claims.

With a few isolated exceptions, the preponderance of evidence shows that the systems had not improved health or saved money.

Rather than saving money, the industry is sucking in some of that $17 or so trillion the United States just doesn’t have (http://www.usdebtclock.org/). See for instance “The Machinery Behind Health-Care Reform: How an Industry Lobby Scored a Swift, Unexpected Victory by Channeling Billions to Electronic Records“, Washington Post, by Robert O’Harrow Jr., May 16, 2009.

Back to Politico:

… Take Cerner’s agreement with LA County’s Department of Health Services, signed in November 2012 and worth up to $370 million. It defines the vendor’s confidential information as “source code, prices, trade secrets, mask works, databases, designs and techniques, models, displays and manuals.” Such information can only be revealed with “prior written consent.” The protections cover the provider company, and its employees.

Such agreements, which are typical of the contracts examined by POLITICO, “contain broad protections for intellectual property and related confidentiality and non-disclosure language which can inhibit or discourage reporting of EHR adverse events,” said Elisabeth Belmont, corporate counsel at MaineHealth.

Belmont said she had also seen non-disparagement wordings that prohibit providers from disseminating negative information about the vendor or its software. POLITICO found no direct evidence of such clauses.

“Non-disparagement wording?”

How about good old-fashioned Orwellian thought control? See my Oct,. 2013 post ‘Words that Work: Singing Only Positive – And Often Unsubstantiated – EHR Praise As “Advised” At The University Of Arizona Health Network’ at http://hcrenewal.blogspot.com/2013/10/words-that-work-singing-only-positive.html.

… The executive branch — the Office of the National Coordinator for Health IT (ONC) and the Centers for Medicare and Medicaid Services are responsible for the subsidy program — has done little about the clauses, though providers and researchers have been grumbling about them since the 2011 Institute of Medicine report warning that “[t]hese types of contractual restrictions limit transparency, which significantly contributes to the gaps in knowledge of health IT–related patient safety risks.”

…Agency officials say they deplore the clauses but lack the capacity to directly address the problem. “We strongly oppose ‘gag clauses’ and other practices that prevent providers and other health IT customers and users from freely discussing problems and other aspects of their health IT,” an ONC spokesman said.

But, he continued, ONC cannot police them. The clauses take a variety of forms, and the extent to which vendors invoke them varies, making enforcement difficult — particularly for a small agency that doesn’t have investigative or police powers.

A small agency that doesn’t have investigative or police powers? Really? Yet – ONC is a promoter of the non-regulatory “Safety Center” concept as a solution to health IT safety risks. See for instance http://hcrenewal.blogspot.com/2014/04/fda-on-health-it-risk-reckless-or.html. Their response above to Politico seems disingenuous.

What follows in the Politico article is vendor excuses and soothing reassurances, like this one:

… Epic executives said they encourage open discussion. “With permission,
we very frequently allow folks to share information around the
software,” said Epic’s vice president for client success, Eric Helsher.

I’ll surmise I would not be able to easily get detailed information on the ten thousand EPIC “issues” I highlighted at my Nov. 2013 post “We’ve resolved 6,036 issues and have 3,517 open issues”: extolling EPIC EHR Virtues at University of Arizona Health System”, http://hcrenewal.blogspot.com/2013/11/weve-resolved-6036-issues-and-have-3517.html, for publication on this blog.

… a lot of problems may go under-reported. That offends [Dr. Bob] Wachter, who says the patient safety world “takes it as religion” that information be shared as widely as possible.

“These are worlds colliding. You can understand why a technology business would put restrictions on screenshots. But we’re not making widgets here, we’re taking care of sick people,” he said.

“At some level, I’d say, ‘How dare they?'”

“At some level?” What level, exactly?

How about the life-and-death level?

Worlds colliding, indeed; the aforementioned business-IT world and the clinical world. I would drop the “at some level” phrase, though, and also go back to my 2009 JAMA letter observation that I repeat once again:

… In their Commentary, Dr Koppel and Mr Kreda made clear the problems associated with applying the customs and traditions of business software contracting and sales (where “hold harmless” and “keep defects secret” clauses are commonplace) to health care information technology (HIT) as if they are the same. I believe that ignoring their differences has likely created an epidemic of violations of hospital governing body responsibilities and Joint Commission standards for health care organization leadership.

Health IT companies are simply not team players in medicine. Their heavy-handedness and narrow thinking has harmed and killed patients. How many in total?

Last year I spoke to a half dozen US House members and a dozen or so aides of House members who could not attend. I was accompanied by two Plaintiff’s lawyers (yes, Plaintiff’s lawyers) who told their own tales of EHR-mediated catastrophes whose survivors they had represented. They were there for that purpose, to inform the US Reps that health IT was killing people.

Extrapolating the ECRI Deep Dive study figures and adding in other known cases, the true level of harms is anything but pretty.

It would be a very useful exercise to measure it explicitly rather than using the Ostrich approach (see for instance my post “FDA on health IT risk: “We don’t know the magnitude of the risk, and what we do know is the tip of the iceberg, but health IT is of ‘sufficiently low risk’ that we don’t need to regulate it” (http://hcrenewal.blogspot.com/2014/04/fda-on-health-it-risk-reckless-or.html).

However, obtaining the data in a robust matter could result in those reporting the data violating EHR gag and non-disparagement clauses.

We must respect the rights of the computers…

— SS

Addendum: the Politico article, unfortunately, while a major piece, did not cite Koppel/Kreda or their pioneering 2009 JAMA article. I surmise this was an oversight.

Print Friendly, PDF & Email
This entry was posted in Guest Post, Health care on by .

About Lambert Strether

Readers, I have had a correspondent characterize my views as realistic cynical. Let me briefly explain them. I believe in universal programs that provide concrete material benefits, especially to the working class. Medicare for All is the prime example, but tuition-free college and a Post Office Bank also fall under this heading. So do a Jobs Guarantee and a Debt Jubilee. Clearly, neither liberal Democrats nor conservative Republicans can deliver on such programs, because the two are different flavors of neoliberalism (“Because markets”). I don’t much care about the “ism” that delivers the benefits, although whichever one does have to put common humanity first, as opposed to markets. Could be a second FDR saving capitalism, democratic socialism leashing and collaring it, or communism razing it. I don’t much care, as long as the benefits are delivered. To me, the key issue — and this is why Medicare for All is always first with me — is the tens of thousands of excess “deaths from despair,” as described by the Case-Deaton study, and other recent studies. That enormous body count makes Medicare for All, at the very least, a moral and strategic imperative. And that level of suffering and organic damage makes the concerns of identity politics — even the worthy fight to help the refugees Bush, Obama, and Clinton’s wars created — bright shiny objects by comparison. Hence my frustration with the news flow — currently in my view the swirling intersection of two, separate Shock Doctrine campaigns, one by the Administration, and the other by out-of-power liberals and their allies in the State and in the press — a news flow that constantly forces me to focus on matters that I regard as of secondary importance to the excess deaths. What kind of political economy is it that halts or even reverses the increases in life expectancy that civilized societies have achieved? I am also very hopeful that the continuing destruction of both party establishments will open the space for voices supporting programs similar to those I have listed; let’s call such voices “the left.” Volatility creates opportunity, especially if the Democrat establishment, which puts markets first and opposes all such programs, isn’t allowed to get back into the saddle. Eyes on the prize! I love the tactical level, and secretly love even the horse race, since I’ve been blogging about it daily for fourteen years, but everything I write has this perspective at the back of it.


  1. allan

    On the flip side, the EHR revolution has produced a new class of very special people:

    VERONA, Wis. — At the end of a long driveway that winds through sprawling meadows and cornfields, a sculpture of a smiling Humpty Dumpty, perched on a wall, beckons visitors into the front door of the health care technology company Epic Systems Corp.

    It is the first of many unconventional pieces of art here at Epic’s headquarters, where office buildings are designed to mimic Midwestern farms, city subways, tropical forests, and magical castles.

    Amid these whimsical trappings, in thousands of private offices with doors closed and blinds drawn, youthful programmers in T-shirts and sandals write code for the software that holds medical data for millions of Americans.

    Think of it as South of Market with -30 F lows in the winter.
    And the EPIC boom helps hide the economic wreckage of Scott Walker’s policies.
    So what if the Hippocratic Oath needs to be aligned with the market?

    1. Beans

      We use EPIC at my hospital system, and I can tell you those programmers are busy, busy, busy!!!! The EHR has expanded with every update and is now a triple screen of patient information. As I am encouraged to see more patients, fill out reimbursable meaningful use metrics and also push for higher patient satisfaction scores, the triple screen is one more time suck that keeps my back to my patients.
      Add to that the privacy problem that has been made worse with the triple screen. Although a patient’s sexual orientation, sexual history and choice of partners has zero bearing on the type of care I deliver (dentist), I cannot avoid seeing things that my patients might not wish to disclose to me. I also cannot avoid viewing all of my female patient’s reproductive history – including how many (if any) abortions have been obtained as well as when they occurred.
      It is an unreported outrage that now keeps me and other employees from seeking care by other providers within our own employer’s hospital system, unless they are ones we are ok with knowing these kinds of personal details.

      1. jrs

        What about psychiatric history, can you see if say someone was seeing a psychologist for say anxiety (or for something else – definitely more controversial diagnoses than that)?

        1. dsf

          Yes, they can. In fact, such information is used to preclude employment in military and security/police services, among others. Never have your child diagnosed with fuzzy diseases, like ADHD or depression, as it will be used against them the rest of their lives. There is no more wait out the seven statute of limitations for the paper records to be discarded…

          I also blame over graduation of psychologists for the over diagnosing…

    2. J-Ho

      Good God, you don’t know the half of it.

      The Epic campus is massive, gaudy and full of expensive buildings and amenities. Probably my favorite moments of cognitive dissonance in my life were when dragged to the Epic campus for system-wide management huddles where our administration repeatedly told us “there’s no money in healthcare anymore” while we’re surrounded by millions and millions of dollars worth of building projects (both completed and in development). Obviously, someone is making a shitload of money off of healthcare…

      The campus itself has transformed the city of Verona from a small city on the Western outskirts of Madison to a booming exurb. The citizens were completely unprepared for the population influx and didn’t plan for development at all, got the shit-heinous political leadership they deserved, and rendered the area a developer’s free-for-all. It’s a poorly planned, hellish place to live (in spite of south central WI having many great small towns with legitimate downtowns and local identities). The young people who work at Epic all commute there, making traffic throughout the Madison metro a disaster (Madison, located on an isthmus, is poorly equipped to handle many commuters as it is).

      They hire college grads with high GPAs fresh out of UW-Madison, pay them a lot, then over-work them to the point of burnout. Your students with the highest GPAs, after all, are the ones most likely to be the ones I characterize as “pointless strivers.” The ones who can chase “success” relentlessly without ever wondering the point or even what it is. Within 2-3 years all of them end up retreating back into the confines of grad school or moving to start bohemian existences in the major urban centers with hipster enclaves (e.g. Portland, Nashville, Austin, etc.). Or, worse, they become consultants…

  2. Tim Barden

    Over the years, the literature on percentage of large failed IT projects has been voluminous.(http://www.informationweek.com/strategic-cio/executive-insights-and-innovation/why-do-big-it-projects-fail-so-often/d/d-id/1112087)

    After a pretty diverse private sector career in IT for 25 years, I moved to the public sector. As IT Director I directly interfaced with administrations and elected officials daily and quickly discovered that the issues leading to IT project failure were significantly elevated when political ideology and the desire to “appear” successful trumps reality. Eventually, after several cycles of 1) telling politicians their scheme wouldn’t work 2) having them push it through anyway 3) Being made responsible for the success of a project I knew was going to fail 4) telling them it was failing 5) Being expected to help hide the failures… I left the profession.

    If you keep your mouth shut and play the game you can retire with a nice pension. If you tell the truth you will make many enemies and be marginalized.

    Politicians do not want to hear that their ideologically driven IT project won’t do what they want. More importantly, they’re either not willing or capable of doing the political, organizational and operational work needed to correct the bureaucratic disconnects, silos, and inefficiencies that will serve to sabotage any well intended project. Adding more technology to bad process just makes everything worse.

    I’m not arguing that IT organizations are without fault. But the root cause of project failure doesn’t usually lie there, especially when politics gets thrown into the mix.

  3. gardener1

    I have no reply to this article in aggregate, I can only respond with my own personal experience –

    I refuse to go to the doctor in this country anymore.

    The few times I have dealt with these charlatans they seemed to have no idea what they were doing, and had no clue who I even was or what I was on about. The few times I’ve sought their services they were laughably incompetent in their diagnoses (turned out that my problem was a bad tooth; swelling diagnosed by advanced medial professionals as ‘a mump’. Seriously, you can’t make this shit up.)

    Unfortunately I am now well past 60 and refuse to deal with these incompetent government compliant nincompoops. This refusal may well be my undoing some day.

    что делать? I feel that the Russian/soviet translation fits my sentiment well. “What to do?”

  4. greg kaiser

    The original communications breakdown is described by the story of the Tower of Babel. Expanded intellectual property rights have not only stifled innovation and progress but, as this article points out, have created active threats to life itself.

    1. JTMcPhee

      So glad you flagged the Babel mythology. Get all the humans together to build a structure big and tall enough to go challenge G_D right up in heaven. Pyramids and ziggurats, they only get you so high. Musk and others want to emulate the aliens in “Independence Day,” eating worlds for lunch. Why?

  5. Chauncey Gardiner

    Not an attorney or physician, but don’t federal and state law trump clauses in private contracts? So it would be useful to know if these EHR companies and their fellow travelers have quietly succeeded in getting protection of their gag clauses specifically written into federal law, and if so whether they conflict with other legal requirements that pertain to public health and safety, which should be the paramount consideration of sound government.

  6. Eileen Appelbaum

    Ross Koppel, sociologist and good friend of mine, has been writing about these issues for years. Two of his papers cited in this article are especially worth reading by anyone interested in health IT. Ross is not anti-technology, but he has grave concerns about the way in which HIT has been developed and is used. Koppel and Kreda, JAMA 2009;301(12):1276-1278),

  7. RepubAnon

    The real problem is that the software companies have gotten used to putting really outrageous clauses in their contracts, and refuse to negotiate. Eventually, the business pressure gets to the point where the customers just sign whatever is put in front of them.

  8. flora

    Great post. Thanks.

    re: your intro comment that this post is “a victory for critical thinking skills;….” Yes. Too much public “debate” has devolved from critical thought into hope/belief. Or, to paraphrase Charlie Pierce’s satirical observation, gullibility is the new civic duty. Glad NC remains a forum for critical thought.

    1. flora

      Doctors and malpractice attorneys are long-time foes. But it may be that doctors will have to support malpractice attorneys who name EHR software vendors as defendants in malpractice cases. That may be the only way doctors are freed from this egregious EHR situation that is harming patients.

  9. Malcolm MacLeod, MD

    I was very happy after my stint in the Army overseas, to have a pleasant and fulfilling career with
    Northern Kaiser Permanent as a general pediatrician for thirty years, long before computers took
    over the exam room and my practice. I cannot imagine practicing under the present day concept.
    I’m not certain that I would go into medicine today, and if so, not in the USA.

  10. LAS

    This is like the pot calling the kettle black … as if surgeons and hospitals didn’t foist “hold harmless” contracts and forms on patients before every procedure, not to mention settlements with gag clauses after procedures go wrong. Patient needs are a verbal tool that doctors and hospitals use to fight other institutions threatening their turf and supremacy.

    Personally, I find today’s NY TImes article “Once a Neglected Treatment, Now an Expensive Specialty Drug” much more threatening. It’s about hedge funds buying cheap, neglected drugs and then jacking up the price by an insane multiple. This holds some patient lives hostage for money.

    Healthcare economics is changing quickly and we can scarcely predict at whose mercy we are likely to be when we do get sick. But I don’t think doctors, particularly surgeons, are necessarily the choir boys.

    1. jrs

      Oh yea, I had never seen the forms before but lately forms that all disputes with the physician must go to arbitration and not to trial. So one might say this is to avoid frivolous suits which is all well and good, but sometimes I wonder: well what if it is to protect incompetent physicians who really shouldn’t be practicing?

    2. curlydan

      there are some sick f*$%s in this world. what better way for a hedge fund to get 2/20 than to dip into the price gouging world of pharma?

  11. Roy M Poses MD

    This post on Health Care Renewal was written by Scot Silverstein MD, not me. (I am the blogmeister for Health Care Renewal, though.)

Comments are closed.