Skip Navigation LinksSAQ40

​​​​​​Healthcare organizations play a vital role in health information technology (IT) safety and involve a large group of stakeholders, such as medical personnel, IT experts, safety leaders, patients, vendors, developers, and regulators—all of whom can help identify new ways to incorporate technology to provide safer care.

Throughout the life cycle of any technology, IT concerns (upgrades, coding changes, added or deleted devices, downtimes), governance issues (regulatory requirements, information governance), and user/usability issues (competency, changes in workflow and communication, variation in appearance of clinical content such as numeric values) can arise and affect patient safety. Combined with a fast-paced environment, there is little time for stakeholders to proactively assess safety. Working collaboratively, however, facilitates efforts to incorporate health IT safety into an organization's safety program.

The success of a health IT safety program hinges on the ability of system users to recognize, react to, and report health IT-related events for analysis and action (e.g., vendor and patient safety organization [PSO] reporting, vendor modifications). Once an event is identified and reported to the appropriate parties, it can be analyzed and solutions can be developed. To maintain success, health IT safety programs require support from all levels of the organization, including leadership and patients, as well as vendors. Executive walkrounds and proactive patient queries can help crystallize staff member concerns or demonstrate the effects of implemented solutions. Such knowledge can help prioritize safety interventions and vendor actions.

This self-assessment questionnaire, in conjunctio​n with the following resources, can be used to review and expand an effective health IT safety program and to track resulting projects, initiatives, and reviews.​

​HRC Self-Assessment Questionnaires (SAQs) can be used to identify compliance with best practices and opportunities for improvement. They include questions based on laws, regulations, standards, professional society guidelines and statements, and best practices identified by the clinical literature. Each SAQ also includes an Action Plan to help document next steps and responsible parties.

SAQs are available both as PDFs, for use as-is, or as Microsoft Word documents, which can be edited to suit your organization's custom needs, such as by adding questions regarding local or state requirements that may not be represented.

HRC recommends completing this SAQ annually and whenever significant organizational changes occur.

Topics and Metadata


Technology Management; Health Information Technology; Incident Reporting and Management


Hospital Inpatient; Ambulatory Care Center; Physician Practice; Emergency Department; Hospital Outpatient; Ambulatory Surgery Center; Home Care; Short-stay Facility; Skilled-nursing Facility

Clinical Specialty



Clinical Practitioner; Healthcare Executive; Information Technology (IT) Personnel; Nurse; Patient Safety Officer; Quality Assurance Manager; Regulator/Policy Maker; Risk Manager

Information Type


Phase of Diffusion


Technology Class


Clinical Category



SourceBase Supplier

Product Catalog


ICD 9/ICD 10






Publication History

​Published October 20, 2020

Who Should Read This

Chief medical officer, Critical care, Health information management, Information technology, Nursing, Patient safety officer, Pharmacy, Risk manager

Related Resources