Watchdog reveals flaw in Cerner computer system caused nearly 150 cases of harm at Spokane VA hospital
WASHINGTON – A computer system at Spokane’s VA hospital has caused harm to at least 148 veterans in the Inland Northwest, a draft report by a federal watchdog agency reveals.
The draft report also claims that Cerner Corp., which is being paid at least $10 billion for the electronic health records system, knew about a flaw that caused the harm but failed to fix it or inform the Department of Veterans Affairs before the system launched at Mann-Grandstaff VA Medical Center in October 2020.
VA Secretary Denis McDonough said this spring he was not aware of any harm caused by the system and he would halt its rollout if safety experts determined it increased risk to veterans, yet the draft report shows a VA patient safety team briefed the department’s deputy secretary in October 2021 about the harm and ongoing risks. Despite those warnings, the VA has since launched the system at more facilities in Washington, Idaho, Oregon and Ohio.
The draft report by the VA’s Office of Inspector General, or OIG, found the electronic health record system developed by Cerner failed to deliver more than 11,000 orders for specialty care, lab work and other services – without alerting health care providers the orders had been lost. Those lost orders, often called referrals, resulted in delayed care and what a VA patient safety team classified as dozens of cases of “moderate harm” and one case of “major harm.”
The content of the draft, obtained by The Spokesman-Review from multiple sources, may change by the time it is published. The final report will include responses from VA leadership that are not included in the draft.
The department did not respond to questions about the draft report, but on Friday, after The Spokesman-Review sent the questions, VA officials told Military Times they would delay the system’s planned launch in Seattle, Portland and other large facilities until 2023.
The case identified as major harm occurred after a homeless veteran in his 60s, who had been identified as at risk for suicide, saw a psychiatrist at Mann-Grandstaff in December 2020. After prescribing medication to treat the veteran’s depression, the doctor ordered a follow-up appointment one month later, but the order disappeared in the computer system and the appointment was not scheduled.
Weeks after the follow-up appointment was supposed to occur, according to the report, the patient called the Veterans Crisis Line saying he had a razor and planned to kill himself. First responders reached the man in time to take him to a local, non-VA hospital’s mental health unit, where he was hospitalized.
While the draft OIG report notes that the VA and Cerner have taken steps to limit the number of orders that get lost in what users describe as the “unknown queue,” it calls those mitigation efforts “inadequate” and warns the flaw will continue to put veterans’ safety at risk when the system is deployed in other hospitals and clinics.
Previous OIG reports and reporting by The Spokesman-Review have identified an array of problems with the Cerner system, but the draft report shows the scale of its impact and concludes for the first time that it caused harm to veterans.
“To protect the integrity of our work, the VA Office of Inspector General does not publicly disclose the findings from any of its projects until the publication of a final report,” OIG spokesman Fred Baker said in a statement.
The OIG is an independent oversight agency, but its report is based on the findings of a patient safety team deployed by the Veterans Health Administration – the division of the VA that provides health care to more than 9 million veterans – after McDonough visited Mann-Grandstaff in April 2021.
According to the draft OIG report, that team briefed Deputy Secretary Donald Remy and other top VA officials in October 2021 on its findings, including 60 different safety problems related to the Cerner system that had harmed veterans. The team identified the unknown queue issue as a top priority after classifying it as “major severity, frequently occurring, and very difficult to detect,” according to the draft report.
While the draft report focuses on harm caused by lost orders in Cerner’s system, it also mentions other cases of harm linked to the system, including one of “catastrophic harm” and another case the VA told the OIG may be reclassified as catastrophic. Catastrophic harm is defined by the VA as “death or permanent loss of function.”
Cerner was acquired by the tech giant Oracle in a $28.3 billion deal that officially closed June 8. In a statement, an Oracle executive said the company’s engineers were already “making technical and operational changes, with an emphasis on patient safety, to ensure the system exceeds the expectations of providers, patients, and the VA.”
“We intend to bring substantially more resources to this program and deliver a modern, state-of-the-art electronic health system that will make the VA the industry standard,” said Deborah Hellinger, Oracle’s senior vice president for global corporate communications. “We have a contractual and moral obligation to deliver the best technology possible for our nation’s veterans, and we intend to do so.”
While McDonough ordered the review himself, it’s unclear what he knew about its findings.
After The Spokesman-Review reported a veteran was hospitalized with heart failure after the Cerner system contributed to a vital medication being mistakenly stopped, McDonough said April 25 he was not aware of any other cases of patient harm related to the system. Three days later, the secretary told the House VA Committee he would halt the system’s rollout if he ever had “any reason to think that this is creating risk for our patients.”
In response to a question from The Spokesman-Review on May 25, McDonough said he heard “specific concerns about safety” during his visit to Mann-Grandstaff a year earlier that worried him enough that he sent a patient safety team to the hospital, “so that our veterans and our clinicians have some confidence that we’re not continuing practices that would increase risk.”
Asked how he defines risk, the secretary said he relies on the advice of those patient safety experts and VA clinicians on the ground – the same sources whose findings form the basis of the draft OIG report.
“If we then assess that there is reason to discontinue service,” McDonough said, “or discontinue use of the new technology – which, at the end of the day, is designed … to improve patient outcomes – then we’d obviously use that as part of the decision-making process.”
While he called the OIG’s oversight of the Cerner system’s rollout “really important,” McDonough noted those reports usually describe problems the VA has addressed by the time a report is published. In contrast, the draft report on the unknown queue issue emphasizes the problem has not been fixed and continues to create risk.
According to the draft report, the patient safety team presented its findings to top VA and Cerner officials on Oct. 12, 2021, warning that the unknown queue issue would continue to present a risk that future facilities would need to address for at least a year after launching the system. A slide from that presentation, included in the draft report, compares the lost orders to undelivered mail.
“Imagine having what you think is a list of your entire extended family on your list to send holiday cards,” the slide says. “Now, imagine half those addresses are incorrect. Finally, when the post office tried to return the cards that went to the wrong address, they stuffed them behind a bush instead of placing them back in your mailbox. End result: Your family doesn’t know you made the effort, and you don’t know your effort failed.”
Doctors, nurses and other health care workers rely on electronic health record systems to keep track of patient information and send orders requesting additional care, including X-rays, blood tests and appointments with specialists.
To send an order, the OIG report explains, the Cerner system requires users to choose a location from a drop-down list that has been matched to that specific order through “data mapping” in the underlying software code, a process for which Cerner is responsible.
Depending on the specific order, some of the location options were not recognized as a match by the system, which sent the mismatched orders to what Cerner users have called the “unknown queue.”
The location names are far from intuitive. For example, choosing the location labeled “668QD SW” would send the order correctly while choosing “668QB SW” or “668QD MH” would send it to the unknown queue without alerting users that their patients would not get the care they needed. Instead, the draft report says, the system “gave healthcare providers submitting orders the false feedback that the orders had been successfully entered.”
On Oct. 28, 2020, just five days after the Cerner system launched in Spokane, a radiology technician at Mann-Grandstaff submitted the first report of a missing order. When Cerner staff responded to the report the next day, they found it was not an isolated incident – more than 2,000 more orders were already in the unknown queue, lost during the transition from the old system.
The safety team’s initial review found more than 11,000 orders had gone missing between October 2020 and June 2021. Each of those orders had to be re-entered into the system by a VA employee to ensure veterans were scheduled for the care they needed.
A Mann-Grandstaff leader estimated the initial review of lost orders took staff nearly 600 hours of work, according to the draft report. Monitoring and managing the unknown queue took another 165 hours between Nov. 1, 2021, and May 3, 2022.
“It is already enough loss of efficiency and time to have to reenter the orders on our side,” a Mann-Grandstaff leader said, according to the draft report, adding that the additional demand on staff in Spokane “ultimately reduces access to care on our end.”
After canceling a planned visit to Spokane, Remy met virtually with Mann-Grandstaff employees in November 2021 and was informed of specific cases of harm. Following those meetings, the draft report says, a physician in Spokane sent Remy a statement that called the unknown queue issue “inexcusable and indefensible in the case of patient harm.”
“These require a great deal of staff time to research and redirect to proper location,” the doctor told Remy, according to the draft report. “This is unsafe and rather than having a well-constructed conduit, these queues reflect a fraying rope, poorly constructed and conceptualized product from its foundation.”
In December 2021, the report states, Remy forwarded that statement and detailed information on the unknown queue issue to Terry Adirim, who had just taken over as the executive director of the VA office in charge of rolling out the Cerner system. In an op-ed in The Spokesman-Review on June 8, Adirim acknowledged “difficulties” with the system’s deployment in Spokane but said transitioning to “a new, modernized electronic health record system is difficult.”
“Any rollout of this scale and complexity understandably comes with challenges. They were expected,” Adirim wrote. “Of course, throughout all these efforts, patient safety remains our highest priority.”
More than three-quarters of the orders lost between October 2020 and June 2021 were for radiology services, but there were more than 2,500 lost requests for other clinical services, the OIG found. The initial review found 273 different providers had submitted orders that went missing and one patient had 29 orders in the unknown queue.
According to the draft report, a VA leader asked Cerner in June 2021 to remove the unmatched locations from the drop-down menu to reduce the risk of orders being lost. Cerner finished that work in September 2021 and updated the system in February 2022 to add an alert if a user tries to submit an order with an unmatched location. Until March 2022, the only way to recover the lost orders was for a Cerner employee to send a daily report of orders in the unknown queue that VA employees then had to re-enter.
Since March 11, the draft report says, VA employees have been able to generate those reports, but the problem has not been fully resolved. The OIG found more than 200 orders remained in the unknown queue on May 16.
In addition to the single case of major harm, the VA patient safety team identified 52 cases of “moderate harm” that required an increased level of care or a longer hospital stay, and 95 cases of “minor harm.” The draft report gives an example of minor harm in which a follow-up appointment for a veteran with uncontrolled diabetes was delayed by 14 months, suggesting that even delays that didn’t result in severe harm could still impact a patient’s long-term health.
That harm may have been avoided if Cerner had notified VA of the problem that has existed in all versions of its system since at least 2014, when the company’s commercial clients reported the problem in an online help forum the OIG found.
The draft report indicates Cerner’s lack of transparency has persisted, with the OIG noting that two of the four Cerner employees contacted for the investigation – including a Cerner vice president – did not respond to “repeated requests for information.” The two executives who cooperated with the investigation didn’t provide a rationale for failing to notify the VA of the problem, the draft report states, and admitted that it is something all of their clients have to “monitor and work through.”
One of the executives confirmed that communication about the issue from Cerner “did not occur for a few months,” and the OIG noted that if VA employees hadn’t noticed the problem, it may not have been identified and more care would have been missed.
Cerner also has failed to meet its contractual obligations for keeping the system online, prompting Sen. Patty Murray of Washington and other top Democrats on the House and Senate VA panels to send a letter to McDonough on June 7 with detailed questions about the more than 50 incidents when the system has been partly or completely unusable.
VA pioneered the use of electronic health records in the 1980s, when the department developed a system called VistA that is still used in nearly all of VA’s 171 medical centers and more than 1,100 clinics across the country. Both VistA and the Cerner system are built on database technology and programming language that date back to 1979, but VA officials have pitched Cerner as a more modern product.
In 2017, then-President Donald Trump announced the VA would sign a $10 billion contract to replace VistA with Cerner’s system, although the OIG has estimated the total cost of the project could exceed $21 billion. In May, the Senate sent a bill to President Joe Biden’s desk that requires more transparency from the VA about the cost and progress of implementing the Cerner system.
In an online event June 9, a day after Oracle’s acquisition of Cerner was finalized, Oracle founder Larry Ellison promised to modernize the Cerner system and “make it much easier to use.”
The official rationale for the VA’s contract with Cerner has been to improve coordination with the Department of Defense, which started rolling out a version of Cerner’s system at Fairchild Air Force Base in 2018. Mann-Grandstaff and its affiliated clinics in Spokane, Coeur d’Alene, Sandpoint, Wenatchee and Libby, Montana, were chosen as the VA pilot sites partly because of their proximity to Fairchild.
After the Cerner system was launched at Mann-Grandstaff on Oct. 24, 2020, the VA delayed its launch at other facilities until March 26, 2022, when it went live at Walla Walla’s VA medical center and its affiliated clinics in Washington, Idaho and Oregon. The draft report reveals top VA officials were told the flaw presented ongoing risk five months before they deployed the system at those facilities.
The system has since been deployed at facilities in central Ohio on April 30 and in White City and Roseburg, Oregon, on June 11. It is set to launch in Boise on June 25.
The system was scheduled to roll out at larger, more complex facilities in Seattle and elsewhere in the Puget Sound region Aug. 27, but on Friday VA officials told the Military Times the department would delay its deployment at those sites until March 2023. The Portland VA medical center, previously scheduled to go live in November, will now adopt the system in April 2023.