To err is human. Can the same be said for our digital counterparts?
by Michelle Tan Min Shuen
Not too long ago, I asked a room full of bright-eyed children to draw the first image that came to mind when I said the word “technology”. Almost instantaneously, the children began to move their hands in tight little squares which were almost instinctively filled in with blue colour pencil, resembling misshapen computers and smartphones that are almost ubiquitous to our daily lives. Pacing around the room, one child’s drawing, in particular, caught my eye. The strokes of her colour pencil were gentle but firm, arching to reveal a dark, brooding mare nestled starkly on her blank canvas.
If digital technology were to inhabit a tangible form, it would be a wild horse, streaking, unbridled, across every aspect of our lives. And currently, we would be in the heart of the largest stampede in the world — the fourth industrial revolution — characterized by the rapid growth of new technologies that connect the physical, digital and biological realms in unprecedented ways. The healthcare sector is no exception, with digital technologies such as genomics, AI and blockchain gradually replacing processes traditionally performed by human beings.
At this point, it is no doubt that the digital transformation of the healthcare industry has helped streamline care management processes and made the provision of healthcare vastly more efficient. But with the growing number of phishing campaigns, mishandled patient data, and healthcare data breaches, this begs into question the safety of the sudden influx of health information technologies (HIT), and whether current aspirations towards the notion of a technology-driven “Smart hospital” is even a good idea to begin with.
The inherent flaws of electronic health records (EHRs)
EHRs play an increasingly important role in documentation and exchange of patient information in multi-and interdisciplinary patient care systems. EHRs are digital records of a patient’s medical history, which contain vast amounts of patient data ranging from diagnoses to laboratory results. Most importantly, effective EHRs can be shared with other healthcare providers and organisations remotely and in real time. By enabling quick access to patient records, EHRs play a vital role in increasing operational efficiency. In fact, EHRs equipped with more advanced technologies such as predictive analytics can even identify trends in a patient’s health data, helping healthcare providers recognize patterns, predict diagnosis and recommend potential treatment options that they would otherwise likely have overlooked.
Multiple studies have highlighted that one of the greatest barriers to successful EHR adoption is the lack of system interoperability between EHRs. Coincidentally, its greatest barrier to adoption also recurs as a significant flaw in the safety of this technology. In many countries, patient data is fragmented and stored across multiple EHRs. Should a patient visit different hospitals using different and disjointed EHRs, possible risks arise for the simultaneous creation of two medical records for the same patient. In another scenario, should one party neglect to update the EHR, other doctors would subsequently be unable to get a full picture of the patient’s health data and overlook details not included in the EHR when making important treatment decisions. In both cases, the consequences are disastrous, potentially resulting in incorrect diagnoses, increased risk from redundant medical procedures and even unsuitable medications being dispensed. In the case of EHRs, the idiom “all or nothing” holds especially true — the lack of cooperation from just one stakeholder creates a ripple effect which adversely affects all other stakeholders in the highly interconnected network of healthcare providers and recipients.
Indeed, “Interoperability is a necessity to achieving transformational goals in healthcare,” as Joe Morse, President of Therigy, a provider of specialty pharmacy management software, rightfully pointed out. However, it is to be noted that driving the interoperability of EHRs is ultimately still a shared responsibility between key stakeholders including vendors, care providers, healthcare organisations, and other public and private agencies, all of which have conflicting priorities and motives. Perhaps even more worryingly, these stakeholders are attributing the failures of the EHRs to each other. For example, healthcare providers have blamed EHR developers for poor usability, while government officials blame EHR developers for lack of interoperability. In response, EHR developers blamed healthcare providers for how the EHR is configured by local organizations, and the government for not establishing the groundwork for widespread interoperability. This way, each stakeholder effectively shirks any responsibilities of improving the flawed EHR system. Until new rules and regulations regarding EHR interoperability are established, the concept of shared responsibility to build better and safer EHR systems is unlikely to gain significant traction, and the safety concerns underlying EHRs are likely to persist.
The emerging risk of human-machine interfaces (HMI)
Most areas of healthcare use machines to help them achieve their patient care objectives. From one of the tiniest of medical tools, the pulse oximeter, which collects biometrics of patients via photoelectric sensing principles, to sleek artificial intelligence (AI)-powered surgical robots which assist doctors in performing incisions with unprecedented accuracy and precision, HMI technology is integral to the practice. The HMI is a dashboard that connects a user to a machine, system, or device. As such, it mediates the bidirectional exchange of information between machines and humans. Given the absolute requirement for a HMI in every technological tool, as well as its vital role of bridging the gaping chasm between humans and machines, its design not only has important consequences for the health and safety of its users, but also, indirectly, the assessment, monitoring and treatment of patients.
Today, rapid technological advancements are instigating novel developments in HMI technology to operate increasingly complex systems, creating more avenues for which user safety can be compromised. The emerging risk of safety hazards arising from the usage of more complicated HMIs to power complex medical, diagnostic and treatment equipment cannot be ruled out in the near future. Currently, studies have shown that more than one third of occupational accidents can be attributed to users tampering with safety barriers in HMIs in order to facilitate the work process, or with the impression that doing so would increase output. With the complex HMI systems of today, it is very likely that the factors intended to keep the user safe and well protected would seem as an “obstruction” to efficient workflow rather than the tool. Additionally, given the current healthcare climate, where care is increasingly being shifted from the physician to the patient, there is a rise in demand for miniaturised and portable medical devices to cater to the ageing population and the chronically ill. Lacking proper medical training and accessibility to round the clock medical aid, these vulnerable groups would be on the shorter end of the stick should they erroneously use their medical devices as a result of complex HMIs which are too hard for them to understand, inevitably compromising their safety.
Thankfully, there is a solution to this problem. The gist of it is that in the age of increasing automation and complexity, the need for complicated HMIs to remain user-friendly and easy to understand is key to minimising machine-related fatalities. As the home healthcare market continues to experience exponential growth, the need for HMI systems to additionally be designed with portability and a small form factor that makes it easier for a patient to handle in the home becomes yet another important factor to consider. The effectiveness of the HMI System – and consequent effectiveness of its use – depends upon an exacting design process that incorporates all technical, ergonomic, and communication requirements.
Additionally, the implementation of laws such as the Occupational Safety and Health (OSH) Act of 1970 as well as the creation of agencies like the Occupational Safety and Health Administration (OSHA) has helped to increase the safety of workers operating or in close contact with machines over the past forty years. In fact, there was a 2.8 percent average annual decrease in overall machine-related fatality rates from 1992 through 2010, and even today, deaths due to these causes are on a steady decline. Additionally, the large variety of user-friendly medical devices that are increasingly becoming available to the general public proves that such an outcome is indeed achievable.
Challenges of using AI
AI is coming alive. With each passing second, AI is learning, growing, and expanding its capabilities at an unprecedented pace. In fact, AI has accomplished tasks that humans have never dreamed of achieving within the limited constraints of time. For this reason, there is currently a strong inter-national interest in the use of AI to revolutionise the way healthcare is delivered. Forecast to reach a market size of USD 61.59 billion by 2027, AI presents paramount potential in improving the efficiency and accuracy of healthcare processes, albeit mainly in specific areas such as identifying pathologies through images, and mainly when augmenting as opposed to replacing human activities. However, the usage of AI in clinical practice presents its own sets of challenges, especially with regard to patient safety.
Many would intuitively associate one the use of AI in healthcare with cybersecurity threats. Given that the number of cyberattacks on healthcare organisations has been increasing exponentially over the past few years, it is not hard to deduce that healthcare is, indeed, one of the biggest targets of cybercrime. The modes of cyberattack are varied and non-exhaustive — Training data sets can be manipulated. AI systems can be reverse engineered to gain access to sensitive patient data. Offensive AI can even mutate itself to stealthily mimic humans to avoid detection, allowing it to not only steal information but to also rewire it in such a way that integrity checking is impossible. “Did a physician really update a patient’s medical record or did ‘Offensive AI’ do it? Can a doctor or nurse trust the validity of the electronic medical information presented to them? This is the new threat and it is best executed by AI.” Noted Richard Staynings, a Chief Security Strategist at Cylera.
On the opposite end of the spectrum, AI is also effectively being leveraged as an IT defence mechanism. Advanced malware protection inoculates the Local area network (LAN) and responds instantaneously to anomalous behavior patterns. Blockchain is already being used to securely encrypt patient data, and is highly efficient in identifying and preventing attempts to hack patient databases.
We are in the midst of an AI arms race — a race for both hackers and healthcare providers to innovate and adopt the most capable forms of AI for cyber warfare. The question is, who’s winning?
Technology as a dark horse
Indisputably, health information technologies improve patient’s safety by reducing medication errors, reducing adverse drug reactions, and even improving compliance to practice guidelines. Though the use of digital technology has the potential to transform and improve the delivery of healthcare, it also raises many concerns, including how patient safety will be maintained given the systemic flaws in our EHR system and challenges arising from developing safe technologies and competent AI technologies to safeguard our data.
Technology may not be the panacea to all the world’s problems. But we cannot discount the immense potential it has in revolutionising patient safety in healthcare. Given the rapidly evolving changes in the world, solving the aforementioned challenges is likely to be a matter of when, not if. Who knows? Technology might just be the dark horse in the classic conundrum that is safety and security in the digital age.
- Alotaibi, Y., & Federico, F. (2017, December). The impact of health information technology on patient safety. Retrieved from https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5787626/#:~:text=We%20conclude%20that%20health%20information,improving% 20healthcare%20quality%20and%20safety.
- Durbin, S. (2020, October 12). Council post: How criminals use artificial intelligence to FUEL cyber attacks. Retrieved from https://www.forbes.com/sites/forbesbusinesscouncil/2020/10/13/how-criminals-use-artificial-intelligence-to-fuel-cyber-attacks/?sh=482948c75012
- Flaspöler, E., Hauke, A., & Pappachan, P. (2009, October). The human machine interface as an emerging risk. Retrieved from https://osha.europa.eu/en/publications/human-machine-interface-emerging-risk
- Koh, D. (2019, September 19). Healthcare cybersecurity – the impact of ai, iot-related threats and recommended approaches. Retrieved from https://www.healthcareitnews.com/news/asia-pacific/healthcare-cybersecurity-impact-ai-iot-related-threats-and-recommended-approaches
- Sittig, D., Belmont, E., & Singh, H. (2017, July 15). Improving the safety of health information technology requires shared responsibility: It is time we all step up. Retrieved from https://www.sciencedirect.com/science/article/pii/S2213076417300209