Health IT and Patient Safety: Latest Institute of Medicine (IOM) Report

By: Peter Murray, Geneva

The latest Institute of Medicine (IOM) report, “Health IT and Patient Safety: Building Safer Systems for Better Care,” (1) recommends several measures, including the possibility of increased government oversight, to help protect Americans from potential medical errors associated with the increasing use of health IT in patient care. The report recognises that health IT, where implemented appropriately, can help improve health care providers' performance, provide better communication between patients and providers, and enhance patient safety, which ultimately may lead to better care.
However, the report notes, health IT that is poorly designed or not properly used can create new hazards. Within this context, the Department of Health and Human Services (HHS) asked the IOM to evaluate concerns and to make recommendations on ways that both government and the private sector can make patient care safer using health IT. The IOM finds that safety analyses should not look for a single cause of problems but should consider the system as a whole when looking for ways to make a safer system, and that vendors, users, government, and the private sector all have roles to play. The IOM’s recommendations include improving transparency in the reporting of health IT safety incidents and enhancing monitoring of health IT products. (2)
At a time when the US government is investing billions of dollars to encourage hospitals and health care providers to adopt health IT, demonstrated improvements in care and safety are not yet established, the IOM report says. While some of these technologies have significantly improved the quality of health care and reduced medical errors, concerns exist about potential harm as health care providers increasingly rely on health IT to deliver care. The report examines a broad range of health information technologies, including electronic health records, secure patient portals, and health information exchanges, but not software for medical devices. Among the recommendations are that:

  • the secretary of the U.S. Department of Health and Human Services (HHS) should publish a plan, to include working with the private sector, to minimize patient safety risks associated with health IT and report annually on the progress being made. If there is insufficient progress toward improving safety within a year, the U.S. Food and Drug Administration should exercise its authority to regulate the technologies.
  • HHS should establish a mechanism for technology vendors and users to report health IT-related deaths, injuries, or unsafe conditions, and such reporting should be mandatory for vendors.
  • a new Health IT Safety Council should be funded to evaluate criteria and develop methods for assessing and monitoring safety and measuring impacts of health IT on safety. The agency should ensure that health IT vendors support the free exchange of information and not discourage health care providers from sharing patient safety concerns.
  • HHS should establish quality management principles and risk management processes in designing and implementing health IT products. Alerts in technology systems should be designed to have lower false-alarm rates and computer interfaces need to be more intuitive for users.

The IOM’s report is likely to be as influential in both the USA and the UK as its earlier reports that were often used to support the safety case for investment in healthcare IT. (3)


  1. Institute of Medicine. Health IT and Patient Safety: Building Safer Systems for Better Care. 2011, Nov. 8.
    Opens external link in new window
  2. National Academy of Sciences. To improve patient safety, health information technology needs better oversight, accountability. Press release. 2011, Nov.08. Available online at
    Opens external link in new window
  3. Whitfield, L. IOM reports slams health IT safety. 2011, Nov. 16.
    Opens external link in new window