Earlier this year, the ECRI Institute released its annual Top 10 Patient Safety Concerns for Healthcare Organizations1 and topping the list for 2017 was management of electronic health record (EHR) information. The ECRI acknowledged the inundation of information that healthcare providers need to manage, and it said the introduction and proliferation of EHRs has brought that challenge to the forefront.

EHR systems benefit patients and providers by improving quality, allowing quick access to medical records, enhancing diagnostics and efficiencies, and more, HealthIT.gov reports.2

But, according to a recent report3 by Moody’s, implementing an EHR system can be a significant financial risk for health systems. In a July report, Moody’s cautioned that “hospitals run the risk of incurring operating losses, lower patient volumes and receivables write-offs if there are problems with adoption of a new [EHR] system.”3 Further, health systems implementing EHR could see their operations budgets pared down. “In a sample of hospitals that have recently invested in major [EHR] and revenue cycle system conversions, increased expenses and slower patient volumes contributed to a median 10.1% decline in absolute operating cash flow and 6.1% reduction in days of cash on hand in the install year,” according to the Moody’s report.

To that point, an article4 by Modern Healthcare cited two costly examples of EHR rollout and preparation. Vanderbilt University Medical Center in Nashville has budgeted $214 million for its soon to be implemented EHR system, while preparations to launch the same EHR system at UMass Memorial Health Care (Worcester, Mass) have already reached “$26.1 million in fiscal 2016, eroding operating income to $40.7 million for the year with more being spent for the launch,” according to the article.4
Adoption and operation are only the start.

The same Moody’s report emphasized the need to protect patient data against cybersecurity threats and it believes this reality will fuel additional spending in the EHR arena.3 “As IT investments represent a growing portion of hospital budgets, an increasing amount will be allotted to guarding confidential patient data, which make hospitals a prime target for cyberattacks and ransomware events,” according to Moody’s. “We expect cybersecurity to be a primary focus of hospital management teams and their boards, with annual capital and operating budgets allotting appropriate levels of expenditures to protect patient data and testing vulnerabilities.”

Despite the significant logistical and financial investments required, the ECRI recognized the necessity of EHR. “The object is still for people to have the information that they need to make the best clinical decision,” Lorraine B. Possanza, DPM, JD, MBE, program director, Partnership for Health IT Patient Safety, ECRI Institute, said in a news release.1 “Health information needs to be clear, accurate, up-to-date, readily available, and easily accessible.”

And, we would add, cost-effective to manage. RT

For further information, contact [email protected]