... I've realized that these past posts, when integrated for an upcoming investigation, tell a story that is probably not uncommon in hospitals today. They form a sort of Diary of EHR-Initiated Tragedy.
Sadly, this Diary was my account of my own mother's EHR-related injuries.
There is a new chapter brewing.
In the latest objections to the Complaint against the hospital and its agents, the retained defense attorney proffered this argument:
(ii) Plaintiff's Software Design Defect Claims are Preempted by the Federal HITECH Act.
• To the extent Plaintiff attempts to bring a common law product liability claims against defendant hospital for required use of EMR software, such a claim is barred due to Federal Preemption of this area with the passage of the Health Information Technology for Economic and Clinical Health (HITECH) Act. 42 U.S.S. 201, 300 et seq.
• Specifically, the design, manufacture, specification, certification and sale of EMR in the United States is a highly regulated industry under the jurisdiction of the Department of Health and Human Services (HHS). The HHS draws its statutory authority to design and certify EMR as safe and effective under the HITECH act as amended. Id. [See note below - ed.]
• The Supremacy Clause of the United States Constitution, article VI, clause 2, preempts and state law that conflicts with the exercise of federal power. Fid. Fed. Sav. & Loan Ass'n v. de la Cuesta, 458 U.S. 141m 102 S. Ct. 3014 (1982). "Pre-emption may be either express or implied, and 'is compelled whether Congress' command is explicitly stated in the statute's language or implicitly contained in its structure and purpose." Matter of Cajun Elec. Power Co-Op., Inc., 109 F.3d 248, 254 (5th Cir. 1997) citing Jones v. Rath Packing Co., 430 U.S. 519, 525 (1977).
• In this case, to impose common law liability upon defendant hospital for using certified EHR technology, which was in compliance with federal law and regulations for Health Information Technology, would directly conflict with Congress' statutory scheme for fostering and promoting the implementation and use of EHR.
In other words, the HITECH Act gives hospitals free license to implement clinical information technology poorly with impunity, based on cases in banks, power companies and meat-packing plants, and HHS certification means HHS has found HIT is safe and effective.
[Note]: On "... The HHS draws its statutory authority to design and certify EMR as safe and effective under the HITECH act as amended." HHS does not design or certify EMRs. Is that assertion just made up out of thin air?
Regarding "to the extent Plaintiff attempts to bring a common law product liability claims against defendant hospital for required use of EMR software", that's just made up. There is no requirement for the use of EMR software.
On HIT "certification" implying safety and effectiveness, not exactly. "Certification" is entirely irrelevant. I had previously written here that:
"Certification" of health IT is not validation of safety, usability, efficacy, etc., but a pre-flight checklist of features, interoperability, security and the like. The certifiers admit this explicitly. See the CCHIT web pages for example. ("CCHIT Certified®, an independently developed certification that includes a rigorous inspection of an EHR’s integrated functionality, interoperability and security.")
Health IT "certification" is not like Underwriters Laboratories (UL) certification of appliances. ("Independent, not-for-profit product safety testing and certification organization ... With more than a 116-year proven track record, UL has been defining safety from the public adoption of electricity to new breakthroughs that help protect our future. UL employees are committed to safeguarding people, places and products in new and innovative ways for today’s borderless world.")
"Highly regulated industry?" I guess that's why the Institute of Medicine just completed a report that concluded that health IT safety is unacceptable, that regulation is lacking, and that the health IT industry best get its act together voluntarily, or FDA will have to step in:
... the push [by the Administration] is occurring so far without any agency really ‘watch dogging’ the safety of health IT — the software, hardware and systems that record and manage patients’ health information. These expensive devices by and large have not gone through any regulatory checks for safety in the way that food, drugs and other medical technology must; most of that oversight is handled by the FDA. But at the moment, no one is required to report instances of harm caused by health information devices and no government agency currently monitors their safety.
... The current state of safety and health IT is not acceptable; specific actions are required to improve the safety of health IT. The first eight recommendations are intended to create conditions and incentives to encourage substantial industry-driven change without formal regulation. However, because the private sector to date has not taken sufficient action on its own, the committee believes a follow-up recommendation is needed to formally regulate health IT. If the actions recommended to the private and public sectors are not effective as determined by the Secretary of HHS, the Secretary should direct the FDA to exercise all authorities to regulate health IT.
As to the assertion that "to impose common law liability upon defendant hospital for using certified EHR technology, which was in compliance with federal law and regulations for Health Information Technology, would directly conflict with Congress' statutory scheme for fostering and promoting the implementation and use of EHR", let's repeat:
There are no federal laws and regulations for Health Information Technology.
The technology is unregulated. I could design an EMR tonight and put it up for sale tomorrow. It might not qualify for federal incentives if it were not "certified" by an ONC-Authorized Testing and Certification Body (ONC-ATCB), but if I could find a buyer willing to use it, there are no laws or regulations preventing that. From the ONC FAQ here:
... In order to qualify for Medicare and Medicaid EHR incentive payments, providers must use EHR technology that has been certified by an Office of the National Coordinator for Health Information Technology-Authorized Testing and Certification Body (ONC-ATCB, or ATCB). The temporary certification program provides assurances that the EHR technology adopted by health care providers is technically capable of supporting their efforts to achieve meaningful use.
As to imposition of such a common law liability "conflicting with a Congressional scheme for promoting EHR's", that is simply irrelevant.
I note the assertion is also defamatory towards Congress, implying Congress is fine with hospitals deploying health IT with reckless abandon, and should be permitted to do so with legal impunity for the sake of their "scheme."
There's also a claim made that the defendant hospital is not on the hook for EHR defects in their installed systems, because they "don't sell or manufacture the product."
They do, however, modify, customize, maintain, and test it for proper functioning in situ (the latter if they are acting responsibly, especially since the technology is experimental and not tested/approved by FDA, not even undergoing "fast track" 510(k) approval). It should also be noted that the latter 510(k) process does not confer freedom from user liability even when it is obtained.
Even to my non-legally-trained mind, I believe the duties that hospitals owe patients include these, especially with a non-FDA approved experimental technology known to cause risk, injury and death but at a magnitude that is not known:
- The duty to make a reasonable inspection of equipment it uses in the treatment of patients and remedy any defects discoverable by such inspection.
- The duty to provide equipment reasonably suited for the use intended.
Finally, as it turns out, the ED EHR in question was not "certified" when my mother became injured. It was not "certified" until many months later.
Additionally, the hospital in question made its buy decision and did its implementation several years before HITECH (enacted as part of the American Recovery and Reinvestment Act of 2009) was even a twinkle in the Administration's eye.
If I were paying handsomely for legal counsel such as outlined above, I'd cringe.
Sadly, while legal obstructionism continues (as I am finding is common regarding health IT-related litigation), more patients are being injured and killed.
-- SS