A 62-year-old man with a past medical history of hypertension, hyperlipidemia, and type A aortic dissection repair presented with chest pain at a community hospital. An aortic protocol computed tomography (CT) for dissection was ordered and performed, and the preliminary reading from the on-call resident was "no acute changes." Since the dissection was believed to be stable and a higher level of care appeared unnecessary, the patient was admitted to the medicine service of the hospital for further workup.
Six hours after the patient arrived to the medical floor, he developed increasing migratory chest pain, dyspnea, and diaphoresis. The medical team arrived to find him hypotensive, tachycardic, and minimally responsive, with unequal blood pressures in his arms. Despite intensive care unit transfer and aggressive life-saving interventions, he died a few hours later. Autopsy revealed proximal progression of the false lumen of his known type A dissection with rupture into the pericardial sac.
The case was reviewed in light of the tragic outcome. The hospital that cared for the patient was a federal facility affiliated with a large academic medical center. This facility had no in-house radiology services at night; thus, nighttime studies were sent electronically to on-call residents at the academic medical center. A data firewall had been constructed to "improve information security" at the federal facility, which rendered the radiology residents unable to access previous studies, only the text reports of the studies. The barrier, which had initially blocked both text reports and actual radiology studies, was well known to the on-call radiology residents, and they had developed a workaround to allow them to access the text reports. In this particular case, the overnight read by the resident was based on a comparison of the current study with the results on the text report of the prior dissection. The following morning, an attending radiologist determined that a comparison of the new study and the prior images clearly demonstrated proximal progression of the dissection.
Following this case, data safety and monitoring policies were changed. Access to stored imaging was facilitated and the firewall was disabled. Informal enquiries with other federal institutions suggest that employment of such firewalls and security protocols is commonplace.
This seemingly relatively simple adverse event reveals a host of issues. Although the literature involving radiology resident–read errors and discrepancy rates between attending radiologists is extensive, solutions to these problems are not clear.(1,2) A particular problem with this case is that it is not typical of those associated with physicians in training. The adverse event was not due to a resident's failure to recognize certain pathology or the risk that the identified pathology represented to the patient. Instead, this is a case in which the resident had an inadequate comparative modality (using a written report of a prior film to compare with the current images) on which to base his or her current assessment.
An important tool for radiologists, from experienced practitioners to novices, is availability of old images to compare with current images. Although old films have always been available for review, having only a single physical copy of a prior study often compromises real-time access. The advent of digital imaging has revolutionized the ability of radiologists (and others) to have easy access to a variety of comparative studies. However, transferring imaging between facilities presents new challenges. In the past, a thick folder of films would accompany the patient, but images are now compressed onto disks, transferred through the Internet, or viewed via "bridges" set up between systems that have existing relationships.
The benefits of easy access to prior images are many. When outside images are sent with patients and imported into the picture archiving and communication system (PACS), clinicians are significantly less likely to order repeat films.(3) However, in this case, the goal of having access to the old image was not to prevent a repeat imaging study; it was to look for a change in an existing disease state. Had the patient arrived during normal working hours, his new image would have been compared with his old image. Because he arrived after hours, his films were viewed at an affiliate hospital with no ability to access old images. Most providers are familiar with service changes during off hours; it is unclear whether these changes impact outcomes.(4,5) In the current case, recognizing this vulnerability, the residents at the affiliate devised a "workaround" to allow access to prior text reports. Unfortunately in this case, the workaround was inadequate.
If the transmission of radiology images is considered a type of communication, this case can be summarized as follows: the best form of communication was not available after hours and the workaround devised to overcome this vulnerability was not robust enough. While the underlying cause might be perceived as an overly zealous security system at the federal facility, the federal government has mandates for ensuring the security of health data when it is transmitted across public networks, and these rules apply to federal and private facilities alike.(6) Given these mandates as well as widespread reports of loss of control of patient health information data, it might be expected that many hospitals have a reflexive desire to protect access to their data systems. However, these same important security measures can impair sharing of critical patient information in a timely fashion. Thus—despite remarkable advances in digital storage of patient information—when two systems need to share data but have no means to do so, clinicians are essentially transported back to the days when a medical record request was sent to a neglected basement fax machine. It is not surprising that workarounds are seen as a potential answer.
A workaround may be defined as "clever methods for getting done what the system does not let you do easily."(7) Viewed in this light, workarounds might be considered comparable to a "near miss," that is, an opportunity to recognize a dysfunction in the existing system. In the case of a near miss, an existing vulnerability in the system almost harms a patient but is prevented by individual vigilance or by good luck. In the case of workarounds, existing processes or limitations seem to erect barriers to getting work done.(8) Well-intentioned providers find ways to get around these barriers. Unfortunately, these workarounds represent vulnerabilities. Because they are not officially sanctioned practices, they are often known only to a few people. In other instances, important processes are circumvented (i.e., security of patient information). Finally, workarounds may ineffectively cover up dangerous system vulnerabilities. Those who create workarounds may feel that they have made the system better, thus, the issue is never addressed at a higher level in the organization. In this case, while the residents likely felt that they had greatly improved their system, it is not clear whether addressing the problem at a higher level of the organization might have resulted in a better solution (one wonders, for example, whether the hospital's chair of radiology, risk manager, and privacy officer knew about the situation and its potential risks to patient care). Tragically, the limitation of the workaround was only recognized when a single patient presented with the wrong disease process at the wrong time of day.
While one may focus attention on the security measures that were in place at the facility, these barriers were not insurmountable. Once the case was reviewed and the system problems defined, data monitoring policies were changed and access to stored imaging was facilitated. The culprit in this case was not the security system, it was the workaround and the failure to address the broader systems flaw before it led to a tragic outcome.
- Workarounds should be recognized as limited, and perhaps dangerous, processes people put in place to compensate for what they see as barriers to providing care.
- Hospital and departmental leaders should encourage a culture that allows for open discussion of errors, near misses, and workarounds so that systems vulnerabilities may be identified and mitigated.
- Difficulty in accessing medical records as patients move between medical systems remains challenging despite growth in digital records. Providers should acknowledge when they are working with limited information regarding a patient's past medical history.
Robin R. Hemphill, MD, MPH Chief Safety and Risk Awareness Officer, Veterans Health Administration Director, VA National Center for Patient Safety
1. Yoon LS, Haims AH, Brink JA, Rabinovici R, Forman HP. Evaluation of an emergency radiology quality assurance program at a level I trauma center: abdominal and pelvic CT studies. Radiology. 2002;224:42-46. [go to PubMed]
2. Carney E, Kempf J, DeCarvalho V, Yudd A, Nosher J. Preliminary interpretations of after-hours CT and sonography by radiology residents versus final interpretations by body imaging radiologists at a level 1 trauma center. AJR Am J Roentgenol. 2003;181:367-373. [go to PubMed]
3. Lu MT, Tellis WM, Fidelman N, Qayyum A, Avrin DE. Reducing the rate of repeat imaging: import of outside images to PACS. AJR Am J Roentgenol. 2012;198:628-634. [go to PubMed]
4. Mohammed MA, Sidhu KS, Rudge G, Stevens AJ. Weekend admission to hospital has a higher risk of death in the elective setting than in the emergency setting: a retrospective database study of national health service hospitals in England. BMC Health Serv Res. 2012;12:87. [go to PubMed]
5. Arabi Y, Alshimemeri A, Taher S. Weekend and weeknight admissions have the same outcome of weekday admissions to an intensive care unit with onsite intensivist coverage. Crit Care Med. 2006;34:605-611. [go to PubMed]
6. Cao F, Huang HK, Zhou XQ. Medical image security in a HIPAA mandated PACS environment. Comput Med Imaging Graph. 2003;27:185-196. [go to PubMed]
7. Ash J S, Berg M, Coiera E. Some unintended consequences of information technology in health care: the nature of patient care information system-related errors. J Am Med Inform Assoc. 2004;11:104-112. [go to PubMed]
8. Halbesleben JRB, Wakefield DS, Wakefield BJ. Work-arounds in health care settings: literature review and research agenda. Health Care Manage Rev. 2008;33:2-12. [go to PubMed]