EHR Vendor Checklist

name change projectElectronic health records (EHRs) should improve quality, safety, efficiency, patient and family engagement, care coordination, and public health. Risk managers can assist their organizations in implementing and managing EHRs in an efficient and effective way by remaining aware of available resources and best practices for EHR adoption and by being alert to changes in federal and state laws and regulations that relate to EHRs. Implementing and maintaining EHRs in a secure, effective, and efficient manner in healthcare institutions and physician office practices continue to be daunting organizational tasks that can benefit from risk management participation as new errors and risks to patient safety can arise with EHR adoption.

Contracts with EHR vendors, in particular, raise risks of liability. One concern is whether contractual agreements with EHR vendors will limit vendor liability and create new legal duties for clinicians and healthcare organizations regarding patient care. EHR vendors typically use contract language to limit their liability exposure for patient harm that may be related to the use of their systems. Vendor contracts may include warranty disclaimers, damage limitations, hold harmless and indemnification provisions, purchaser obligations requiring data confirmation (e.g., verification of the accuracy of critical test results), duties to identify and report program errors, and statements that the software is not intended to substitute for the "skill, knowledge, and experience of a licensed physician." Allocation of liability is an important risk management issue; consequently, risk managers should ensure that...