Title: Managing Director
Organisation: Avienda Limited, UK
Email: [email protected]
For a copy of the references contained in this article, please contact [email protected].
The UK’s Connecting for Health (CfH) programme for information technology in the National Health Service (NHS) aims to put in place, through the use of new technology, information systems that give patients more choice and health professionals more efficient access to information and therefore ensure delivery of better patient care. Core elements of the programme will include the NHS Care Records Service (NHS CRS), which will provide a live, interactive patient record service accessible 24 hours a day, seven days a week1.
CfH is just one of a number of initiatives by European Member States that have enabled healthcare IT – for so long the “Cinderella” sector of the European healthcare industry – to achieve substantial growth over the past five years. Healthcare IT is already a }83 billion (£57 billion) business worldwide, comparable in scale to a Latin American economy, and is predicted to grow at a near double digit rate for at least the next decade2.
Despite this, the European healthcare IT market continues to be highly fragmented. Unlike the pharmaceutical sector – where the top ten firms accounted for roughly half of all pharmaceutical sales in 2002 – no single vendor of healthcare IT software, consulting or data management services has more than 1.7 billion (£1.14 billion) in worldwide healthcare revenues3. Though the widespread fear that many established European healthcare IT suppliers would fold has turned out to have been overstated, some of the weaker players have indeed left the market while some wellestablished local players have in fact become even stronger4.
However, continuing market fragmentation is not the only sign that the healthcare IT sector isn’t quite as mature as it sometimes pre tends to be. While the established sectors of healthcare innovation – principally pharmaceuticals and medical devices – are subject to a significant level of regulation and control as regards the quality, safety and performance of their products, healthcare IT in Europe remains largely unburdened by such requirements. This could have far reaching consequences for both patients and users, in at least three important respects.
Where’s the Evidence?
The first significant problem is that presented by the shortage of evidence-based research to support the many claims made for healthcare IT applications: particularly claims regarding cost and clinical effectiveness5. Put simply, the standard of proof of efficacy that IT has been required to meet as a pre-condition of large-scale deployment has not been as high as that which medical devices and pharmaceutical products have had to reach before achieving similar status. Unkind observers might go so far as to argue that the potential of IT for transforming the delivery of health and social care is, as yet, unproved and that any claims made for it at present are mere speculation.
Despite the expert consensus that there is not enough hard, research-based evidence to support all of the clinical and cost effectiveness claims made for healthcare IT, the UK’s National Institute for Health and Clinical Excellence (NICE) – the independent NHS organisation responsible for validating whether or not pharmaceuticals and healthcare products are safe and do what they are supposed to do – has never received a request, either from local users or from the Department of Health, to appraise a healthcare IT application. Little wonder, perhaps, that it is some of NICE’s most senior experts that aremost critical of the poor evidence base for healthcare IT6.
What is Best Practice?
The second consequence of the privileged status that healthcare IT has been accorded in comparison with other sectors of healthcare innovation is a natural, knock-on effect from the first. Automating healthcare using IT is the most demanding and dangerous task in the modern economy, because health services are the economy’s most complex and safety critical products. Yet because there is an absence of in-depth assessments of how well healthcare IT applications (and the organisations that use them) work in practice, there has been no consequent activity aimed at capturing, describing and then disseminating “best practices” – that is, how to implement and use healthcare IT applications safely, smoothly and responsibly.
In fact, we presently have a dangerous situation in which healthcare IT systems are being installed and implemented at breakneck speed whilst the nature of these systems means that users have to accept a much greater degree of responsibility for their effective and safe use than in other comparable service sectors. The velocity of change is so fast that the different professional groups present in a modern urban hospital – administrators, doctors, nurses, IT managers – have such different and conflicting views of the rightful role of IT in the care process that there is now a very real potential for anarchy.
Safety First or Last?
A third illustration of the uniquely privileged position of healthcare IT among all the sectors of healthcare innovation is provided by a comparison of the times taken to develop a healthcare IT application and a pharmaceutical product. The typical time span for a new drug is between ten (at best) and 17 (at worst) years. During this period, three to five years will be spent on safety studies (phase I) and an equivalent period on efficacy studies (phase II). It is quite typical for the bench-to-bed programme of development for a single drug to span at least a dozen years before the first sale is earned.
By contrast, healthcare IT systems and applications, because they do not require the grant of a marketing authorisation before they can be sold or distributed (which in turn requires the compilation of significant evidence of a product’s safety, quality and performance), can be placed on the market as soon as they are ready - or sometimes even sooner.
A recent report by the Anglo-Dutch IT firm LogicaCMG entitled “Testing Times for Boardrooms” concludes, for instance, that two thirds (68%) of IT managers around Europe think that too many products and services are launched with insufficient testing. NHS Trust managers were included among the respondents to the survey, 89% of whom said that they had problem-ridden systems just 48 hours after going live with a new application7.
This kind of situation simply would not be allowed with pharmaceuticals and medical devices. Both types of products come under the supervision of a competent authority in each European Member State (such as the Medicines and Healthcare products Regulatory Agency (MHRA) in the UK) which provides marketing authorisations and administers the system by which medical devices are approved and given a “CE”mark, prior to being placed on the market. Perhaps most importantly, these competent authorities - or their designated representatives - inspect the manufacturing of both medicines and medical devices to ensure that regulations are being complied with and operate a system for receiving reports of problems with products, investigating those reports and subsequently issuing warnings to users. Healthcare IT applications are not covered by any of these systems for independently inspecting and monitoring safety, quality and performance. Is it time that this situation changed?
Time for Regulation?
Everyone involved in using or supplying healthcare IT systems in Europe should be concerned by the present situation. If other sectors of healthcare innovation are subject to the sometimes heavy burden of clinical trials and regulatory compliance and yet still experience incidents where patient safety is compromised and reputations damaged, then we should be extremely concerned by the temptation to recklessness that the lack of regulation in healthcare IT presents.
Indeed, with so many small and mediumsized enterprises competing in such a highly fragmented marketplace whichmakes so few formal efficacy and safety demands, it would be little short of miraculous if, within the next few years, none of them have supplied an application which contains some intrinsic design flaw which it is wholly foreseeable could cause harm to a patient.
One of the major barriers to changing attitudes is the oft-repeated mantra that healthcare IT is, in itself, a risk-reducing system. The latest review document from the UK’s Connecting for Health programme describes, for instance, the NHS CRS as “a means to improve care through better safety and outcomes” 8. On the one hand this is, of course, true. Ensuring that healthcare professionals have timely access to relevant information, whenever and wherever it is needed, will indeed help prevent decisions that may cause harm or risk of harm. However, it will not eradicate them entirely and, given the lack of benefits evidence already discussed, it is particularly disingenuous to believe that information technology is going to be a cureall for every kind of medical harm.
That same review document also contains a frank admission that the service needs to be subjected to a comprehensive risk assessment: particularly as regards the issues associated with the use of “sealed envelopes” by which patients can limit access to some or all of their record. Elsewhere, we are seeing early implementations of decision-support systems failing to have any impact at all on prescribing errors9 and clinical information systems failing to prevent the unlawful disclosure of patient-identifiable information10. We will only start to prevent these kinds of failures when we are able to contextualise IT in healthcare in exactly the same way as we would in other safety critical fields, such as aviation or nuclear energy generation: as an engineering problem in its own right.
Few regulatory demands are presently placed upon European healthcare IT suppliers and the barriers to entry into this particular sector of the healthcare industry remain unsubstantial. While there is no compelling evidence to suggest that healthcare IT applications are so scandalously unsafe that they should immediately be subjected to a regime similar to that used for pharmaceuticals and medical devices, the gulf between healthcare IT and its sister sectors is dramatic enough to indicate a market that, while no longer in its infancy, is still not a fully grown adult.
As healthcare IT applications cease to be the sole preserve of a limited number of trial-blazing sites and become more and more deeply embedded in routine care throughout the NHS and the independent sector, considerations of patient safety and liability reduction will surely necessitate the imposition of a more structured, formal system of clinical trials, regulatory approval and product licensing for IT systems. It is difficult to disagree with the suggestion, already made by other respected commentators, that the now adolescent European healthcare IT market might greatly benefit from a more disciplined approach to quality, safety and performance11.