Article Text

Download PDFPDF

Managing the patient safety risks of bottom-up health information technology innovations: Recommendations for healthcare providers
  1. Mark A. Sujan
  1. Warwick Medical School, University of Warwick, Coventry, UK
  1. Author address for correspondence: Mark A. Sujan Warwick Medical School University of Warwick Coventry CV4 7AL, UK m-a.sujan{at}


Health information technology (IT) offers exciting opportunities for providing novel services to patients, and for improving the quality and safety of care. Many healthcare professionals are already improving services through the development of numerous bottom-up local health IT innovations. Such innovations from the ground up are to be welcomed, but healthcare providers are struggling to develop processes for managing the risks that come with the introduction of health IT into clinical processes. I argue that too often the main strategy appears to be one of organisational ignorance. This puts patients at risk, and it threatens the successful adoption of health IT. I recommend that healthcare providers focus on strengthening their processes for organisational learning, promoting proactive risk management strategies, and making risk management decisions transparent and explicit.

  • Digital health
  • risk
  • safety
  • security
  • electronic health record

Commons license

Statistics from

Request Permissions

If you wish to reuse any or all of this article please use the link below which will take you to the Copyright Clearance Center’s RightsLink service. You will be able to get a quick price and instant permission to reuse the content in many different ways.


Health systems, in the United Kingdom and worldwide, are going digital. Healthcare providers need to ensure that they harness the ‘information revolution’ to provide better health outcomes, better patient experience and better value.1 While national policy is concerned to a large extent with major information technology (IT) programmes, such as the widespread introduction of Electronic Health Records (EHRs), many healthcare professionals are already improving their services through development of numerous bottom-up local health IT innovations. Healthcare providers need to be mindful of the potential risks to patient safety that come with the introduction of new IT into clinical practice, but many organisations are struggling to find the right strategy to engage adequately with such bottom-up small-scale innovations.

The recent Wachter review2 and other influential reports published by The King’s Fund3 and the Nuffield Trust4 set out a strategy and recommendations for the transformation of the National Health Service (NHS) towards a fully digitised and interoperable health system. It is expected that the digital infrastructure will be a key mechanism for delivering the vision set out in the NHS 5-year forward view for a modern health service.1 Indeed, health IT offers exciting opportunities for providing novel services to patients, and for improving the quality and safety of care.2,5 Experiences from several countries illustrate the wide range of potential benefits that IT can bring to healthcare, including: more engaging and patient-centred care, better access to care in rural and underserved areas, greater continuity of care across organisational boundaries, efficiency gains and cost savings.2,6

However, there is still a lively debate about the extent to which the available evidence supports the claims about the benefits of IT in healthcare.79 In addition, there is an increasing amount of evidence to suggest that the introduction of IT can lead to unintended consequences, and create opportunities for failure, which can have significant effects on patient safety and data security.6, 1014 For example, concerns about the quality and safety of care have recently sparked controversy about the Cerner EHR system iHealth introduced in 2016 by Island Health at Nanaimo Regional General Hospital (British Columbia). After a series of problems and failures, some staff refused to use the system and decided to go back to pen and paper to protect the safety of patients.15

The Wachter review recognises that the NHS lacks clinicians with skills in digital health and health informatics. In response, the government set up the NHS Digital Academy with a brief to train significant numbers of clinicians to become suitably qualified Chief Clinical Information Officers (CCIO). Such CCIOs are set to become the champions and the leaders of local digital transformation.16 This is an important step forward, because it recognises that technological change needs to be carried by changes in the workforce and the culture within every organisation.

A further important observation made in the Wachter review is the need to allow for local variation in order to avoid the pitfalls of a centralised top-down approach, which formed the basis of the previous, much criticised National Programme for IT. From a patient safety perspective, I believe this is crucial for two reasons: first, because patient safety risks need to be understood and managed within the local context of use of any technology;17,18 and second, because much of the digital innovation is driven from the ground up by enthusiastic clinicians aiming to improve care within their local context.

Many healthcare providers are struggling to fully embrace the opportunities afforded by health IT, and to develop processes for managing the risks that come with the introduction of health IT into clinical processes. In this paper, I look at how healthcare providers might manage the risks of health IT in use, with a particular view to local bottom-up innovations. I argue that many of the patient safety risks relating to health IT are probably quite predictable, but all too often healthcare providers do not properly consider potential risks, and leave these unaddressed. This puts patients at risk, and it threatens the successful adoption of health IT. I draw upon experiences from a number of projects funded by the Health Foundation to outline three key recommendations for how healthcare providers might better manage their health IT risks.


I believe that it is useful to consider the different ways in which health IT innovations are introduced into clinical practice, because in this way we can determine the gaps that exist in current organisational risk management practice. On the one hand, there are large national- and organisation-wide projects, where expensive third-party health IT systems are introduced throughout an organisation or even throughout a health system. An example is the introduction of EHRs such as iHealth. Manufacturers of such systems are expected to have robust quality and safety assurance processes in place. Healthcare providers make purchasing decisions through procurement committees. These committees usually place great reliance on manufacturers to build ‘safe’ systems, and they look for quality standards such as the European Conformité Européene marking.19 While this is not unreasonable, there are plenty of examples that suggest that this in itself is not sufficient to ensure that technology is safe when used in clinical practice.18,20,21 This is because the local context of use, and the procedures and infrastructures in place can have a significant impact on patient safety.22

There is another form in which digital innovations rapidly transform health services, however, and this is talked about much less, and is seriously under-researched. On a site visit, I talked to a consultant in acute care, who demonstrated to me an electronic handover tool that his team has developed. The clinical team had experienced problems with poor handover, missing data and inappropriately prioritised patients. The team felt that these problems resulted, to a large extent, from the ad-hoc use of non-standardised (i.e. random) pieces of paper during handover. The electronic handover tool addresses this issue by providing a standardised approach, and it displays real-time data (e.g. recent observations) as well as a red-amber-green classification to indicate patient acuity. From problem identification to tool development and deployment in clinical practice, this innovation project was entirely a local effort driven exclusively by the enthusiasm of the clinical team.

In the NHS, and in health services worldwide, there are many more such examples, where enthusiastic clinicians and healthcare professionals drive local bottom-up health IT innovations in order to provide more accessible, more patient-centred, and better services to their patients. The breadth of examples spans almost all clinical processes, and includes innovations such as locally developed electronic and mobile handover tools, electronic observation tools to support compliance with Early Warning Score assessments, mobile bed management tools, mobile patient referrals, electronic sepsis screening tools, web portals offering advice to patients with long-term conditions, clinician-led chat rooms for patients, virtual counselling and mobile phone apps that support patients with mental health conditions. The local digital innovation potential within the health service appears limitless, and for the most part they are great ideas that can improve patient care. But what about the safety risks to patients?

While such innovations are to be welcomed, they frequently occur somewhat ‘under the radar’ of organisational risk management and governance processes. The reasons for this can be manifold. The perceived bureaucracy might put off clinicians. For example, a clinician setting up a patient portal might use an outside server to host the service – and they might perceive that aligning this with organisational information governance procedures would be a lengthy process with uncertain outcome. In other situations, healthcare professionals might fear that innovations would never get off ground if they had to cut through all of the organisational red tape. Other reasons might be a strong focus on the expected benefits, which blinds to potential risks, or simply a lack of awareness that relevant organisational processes exist. In the case of the electronic handover tool referred to above, the clinical team initially regarded their innovation as part of their everyday quality improvement efforts, and only later started to embed this within the wider, more formalised organisational quality improvement initiatives.

I believe there is much value to these bottom-up initiatives. However, the downside is that organisations are not aware of the various local improvement efforts that are going on, and that these improvement efforts might not draw on relevant quality improvement and safety management expertise.23 As a result, potential patient safety risks might not be properly thought through, and in some instances patients could be harmed.


In safety engineering, risk is often described in terms of the likelihood of an event occurring, and the severity of the associated consequences. In safety-critical industries, much effort goes into predicting and preventing the so-called high-severity, low-frequency events, that is, the rare, but potentially catastrophic accident scenarios. Of course, such events have to be understood and prevented in healthcare, too, as tragic cases repeatedly demonstrate.18,24 However, equally relevant in a healthcare context are risks that have relatively high likelihood of occurrence but maybe only moderate severity of consequences.25 These are events that happen relatively often and cause minor or moderate harm, such as many prescribing errors.26 Because such medium-level risks are common occurrences, they are predictable and understandable, and improvements or countermeasures can be put in place.

I would argue that, similarly, many of the health IT risks arise from very common types of hazards that might be anticipated and assessed readily. Consider, for example, the fast-growing domain of medical apps.27 Although the technology is relatively new in a health context, many of the risks are not, for example, the information stored in apps does not currently transfer easily to electronic patient records – this can result in gaps in documentation and potentially conflicting or contradictory advice being given; the advice provided by apps could be inaccurate or misleading – patients might suffer harm from wrong drug dose adjustments or inadequate drug frequencies; and apps run on mobile devices, which might be lost or stolen – sensitive patient information might be inadvertently disclosed. I suspect that such risks are hardly surprising to clinicians. Many clinicians will have experienced similar problems in other contexts, such as gaps in documentation due to poor communication and handover.28

So, if many risks are predictable, can patients expect to be protected? Too often, the organisational strategy of dealing with such bottom-up innovations under the radar of organisational governance frameworks appears to be one of organisational ignorance, pretended or real: patient safety risks are ignored at the organisational level, and innovations are assumed to be safe until proven otherwise. Then, following an incident or an adverse event, the organisational risk management and governance machinery springs into action.29 All too often the end result is that individual clinicians are blamed, but deeper learning about the organisational processes and structures is rare.30,31

Healthcare providers need to foster bottom-up health IT innovations, and provide an organisational structure to manage effectively any patient safety risks.


Healthcare providers need to focus on strengthening their processes for organisational learning.32 The importance of organisational learning for improving patient safety has been highlighted many times.33,34 Following the Mid Staffordshire inquiry, the Berwick report called for the NHS to become a system devoted to continuous learning and improvement.35 Effective organisational learning can be hard to achieve in practice, and the barriers to organisational learning have been documented in the literature.3638 The review of the introduction of the iHealth EHR found that staff, who had been initially very supportive, were disappointed and frustrated because their concerns had not been taken seriously, there was little in terms of feedback and improvements, and staff were blamed for mistakes in the use of iHealth.39

It is widely recognised that the introduction of IT into work processes, clinical and otherwise, can cause disruption to existing work practices.40 Organisations are dependent, therefore, on feedback from staff who engage with the technology, and who are able to provide valuable information about weaknesses and inadequacies of electronic systems. For staff to feel comfortable providing such information, healthcare providers need to ensure that they foster an open and just culture, where staff reporting incidents are not blamed.41

Healthcare organisations also need to acknowledge that deviations from planned procedures and protocols do not necessarily represent ‘violations’.42 Healthcare is a complex system that relies on local adaptations by healthcare professionals to provide the resilience necessary to deal with changing demands, disruptions and surprises.43,44 Healthcare organisations can utilise different instruments to tap into this important information about local adaptations. Examples include adaptation-reporting schemes,45,46 learning from excellence reporting47 and supporting informal learning in communities of practice.48


Healthcare providers need to develop and promote proactive risk management strategies, which are best practice in other safety-critical industries.49,50 Patients have a right to expect that healthcare providers have thought systematically and thoroughly about patient safety risks before a system is introduced. However, the capacity for the proactive identification and mitigation of technology-related risks is underdeveloped or lacking in many healthcare organisations.5153

Methods and techniques for the proactive identification of risk in healthcare exist, even if most of them come with limitations.54,55 The most frequently used prospective hazard analysis technique is failure mode and effects analysis (FMEA), for which a healthcare specific version (Healthcare FMEA) has been developed.56 FMEA and its variants have been used, for example, to analyse organ procurement and transplantation, patient handover in emergency care and intravenous drug infusions.5759 More recently, human reliability analysis techniques, such as systematic human error reduction and prevention approach, have been used to analyse drug prescription and administration in hospital, primary care and community settings.6062 However, such methods are used still only infrequently, and often those who drive bottom-up health IT innovations do not know them.14 There is a need to provide greater awareness and education about the existence and possible use of such techniques, along with the recognition of their limitations.

One might argue that to a certain extent this extends also to regulatory bodies. While there is a strong regulatory focus on counting harms (e.g. through the NHS patient safety thermometer), there are few regulatory incentives for healthcare providers to systematically identify and to reduce patient safety risks proactively. This requires funding and an adequate knowledge base to enable assessors and inspectors to look for appropriate evidence and to ask the right questions.


Healthcare providers should make decisions about risks, risk reduction and risk acceptance explicitly and transparently.63 This is not to suggest that all risks should be eliminated, but patients should expect that healthcare providers be in a position to describe their patient safety risks, and to justify why these are thought to be acceptable.

Again, this is best practice in UK safety-critical industries as well as in several other countries. Before and during the introduction of a new system or major changes to existing practices, organisations document the risks they have identified, the risk reduction measures they have implemented, and the justification for why the residual risk is thought to be acceptable in a report referred to as safety case.64 The safety case can be critiqued both internally and externally, and it can provide assurance that risks have been considered appropriately.

NHS Digital standards SCCI 012965 and SCCI 016066 for the management of risk in the manufacture and use of health IT explicitly require the development of such a clinical safety case modelled after industrial practice. However, awareness of these standards appears not widespread among healthcare professionals implementing health IT innovations. In addition, the regulatory landscape is still evolving, and there is uncertainty and confusion about the regulatory status of many health IT products.6769


We are seeing many exciting bottom-up, local health IT innovations being developed and adopted to improve patient care. Healthcare providers need to encourage bottom-up health IT innovations, but also provide frameworks to ensure that patients remain safe. This requires active engagement with local innovations, and proactive consideration of patient safety risks. Thinking about risks proactively does not inhibit innovation, but instead supports the adoption and spread of useful technologies that are safe.

Methods and frameworks for understanding and managing health IT risks exist, and healthcare providers should not ignore the patient safety risks that might come with the introduction of health IT. A key challenge appears to be the current lack of awareness and safety management knowledge among both organisations and healthcare professionals. In response to the suggestions made in the Wachter review, government policy focuses on the education of clinicians to become CCIOs, who can champion and lead health IT innovations. The extent to which this includes aspects of patient safety and risk management is not yet clear. Arguably, it might be unreasonable to expect clinicians to become experts in all aspects of technological change. A complementary strategy might be to consider the more widespread training and deployment of clinical safety engineers and safety professionals within healthcare providers.

The introduction of health IT into clinical practice, both bottom-up and organisation-wide, needs to be underpinned by a strong commitment to organisational learning. Healthcare professionals experience the problems with health IT on a daily basis. They are not responsible for these problems, and they can provide valuable insights into how the technology can be improved. Healthcare providers need to resist the temptation of blaming staff, and invest in formal and informal processes for learning and improving from staff feedback.


This work was supported in part by research grants from the Health Foundation.

The manuscript is based on a presentation given at UK eHealth Week, London on 4 May 2017.


  1. 1.
  2. 2.
  3. 3.
  4. 4.
  5. 5.
  6. 6.
  7. 7.
  8. 8.
  9. 9.
  10. 10.
  11. 11.
  12. 12.
  13. 13.
  14. 14.
  15. 15.
  16. 16.
  17. 17.
  18. 18.
  19. 19.
  20. 20.
  21. 21.
  22. 22.
  23. 23.
  24. 24.
  25. 25.
  26. 26.
  27. 27.
  28. 28.
  29. 29.
  30. 30.
  31. 31.
  32. 32.
  33. 33.
  34. 34.
  35. 35.
  36. 36.
  37. 37.
  38. 38.
  39. 39.
  40. 40.
  41. 41.
  42. 42.
  43. 43.
  44. 44.
  45. 45.
  46. 46.
  47. 47.
  48. 48.
  49. 49.
  50. 50.
  51. 51.
  52. 52.
  53. 53.
  54. 54.
  55. 55.
  56. 56.
  57. 57.
  58. 58.
  59. 59.
  60. 60.
  61. 61.
  62. 62.
  63. 63.
  64. 64.
  65. 65.
  66. 66.
  67. 67.
  68. 68.
  69. 69.