Y2K should keep risk managers awake at night

If you have downplayed the potential effects of the year 2000 (Y2K) problem at your facility, you may be in for a nightmare — while everyone else is out celebrating the New Year — eighteen months from now. The Y2K problem is going to hit health care facilities hard, according to two experts who spoke at the recent meeting of the American Society for Healthcare Risk Management (ASHRM) in San Diego.

The problems are inevitable even if you are seriously addressing the problem right now, said William McDonough, MPAH, ARM, FASHRM, vice president and national health care risk management practice leader for Johnson & Higgins National Health Group in Boston. He speaks frequently on the Y2K problem in health care facilities, and the advice he had for risk managers was not at all comforting.

"My advice for what you can do? Buy a new filing cabinet for all those claims that are going to come in," he says. "You should count on lawsuits, business failures, board resignations, and shareholder loss of confidence."

Y2K computer glitches will lead to a rash of claims against the facility for failure to treat, failure to diagnose, and failure to monitor, he said. But on the other hand, McDonough said he does not expect a dramatic increase in medical malpractice claims from bodily injury. Those claims already are common, and the Y2K problem will happen essentially on just one day. Some computer repercussions, such as losing scheduling data, can have a ripple effect that will affect efforts to follow up on test results, for instance, so there will be an increase in that kind of lawsuit. Claims for actual injuries resulting from the Y2K glitch likely will not be all that numerous, he said.

But that doesn’t mean they won’t happen. In fact, he predicts that there will be plenty of incidents in which ventilators will shut off or infusion pumps will work improperly, for example, and patients will be injured. The potential effect on an individual patient is enormous, he said.

"There will be deaths, no doubt about it," he predicted. "These are the things that should be keeping you awake at night."

The Y2K problem, also known as the millennium bug, results when a computer is programmed to assume that the first two digits in any date are 19. When the actual date rolls over to 2000, the computer may mistakenly think the year is 1900. Any dates programmed into the computer may be interpreted as 1901, for instance, instead of 2001. Or the computer could just become fatally confused and shut down.

McDonough said most health care facilities will encounter significant Y2K problems, but the difference will be the degree. If you are well on your way to addressing the problem by now, it is possible that you will be able to minimize the effect on your organization. If you haven’t started, or if you’re not making much progress by now — well, maybe you should buy several filing cabinets.

It’s probably too late to hire a computer consultant to fix your facility’s Y2K problems. There just aren’t enough qualified consultants to go around. At this point, you’re better off concentrating on your internal response to the problem, which could include hiring a full-time computer consultant.

In addition, McDonough made these recommendations:

o Beware of exclusion language from medical malpractice carriers.

Almost all states now allow language in medical malpractice policies that let the carriers off the hook for any computer-related medical injuries. Watch carefully for any changes in your policies, McDonough cautioned. Your insurer will want to slip this past you so that any liability rests entirely with your facility.

o Realize that any alteration to your equipment absolves the manufacturer of liability — and most equipment has been altered.

In most facilities, about 90% of your software has been "tweaked" to customize it to your needs, he noted. Contracts almost always state that the manufacturer has no responsibility for subsequent problems once you do that. "That means you cannot count at all on passing liabilities back to the vendor," he said.

o Don’t depend too much on compliance letters from vendors.

You’ve probably already thought about getting compliance letters from vendors, attesting to their Y2K readiness. That’s fine, but don’t count on them too much. You also need to seek independent validity testing and third-party endorsement.

"That’s so you can say to the plaintiff’s attorney that you did not just rely on the vendor’s letter," McDonough said.

Embedded chips mean problem’s everywhere

Many of McDonough’s words of caution were underscored by Tony Montagnolo, MS, vice president of technology planning for ECRI, the independent health care research institution in Plymouth Meeting, PA.

He confirmed that the number of potential Y2K problems in any one facility is almost impossible to calculate because there are so many devices that have embedded computer chips that could be affected. Even if the device appears to be not much of a "computer," it may depend on an embedded chip that will be affected.

"Even if your ventilator has no place to punch in the date, embedded chips still can affect it," he said. "And you can’t really test embedded chips. There are just too many of them."

ECRI’s investigations have revealed that about 15% of all hospital equipment will be affected by the Y2K problem. Some of those problems will be minor, like an incorrect date printed on a form, and some will be major, like a defibrillator that will not activate because it thinks it was last tested in 1900. Montagnolo said this is ECRI’s advice for risk managers:

o Take inventory, and prioritize your response.

o Perform a legal audit.

o Contact suppliers to see what they are doing.

o Test equipment.

o Repair or replace problem equipment.

o Hold your breath, and say your prayers.

Be careful with tests that could backfire

The inventory phase should include anything that has batteries or an electrical cord, he said. That is a huge number of items in your facility. Include all of those items, whether you own them or not.

"Watch out for the secret stash of devices, too," he said. "Everyone knows tales of restrooms that have been out of order for months and when you look inside, you find it’s the secret stash of infusion pumps that the nurses squirreled away for when they really need them."

Your inventory should result in a high-, medium-, and low-risk assessment that you can use to prioritize testing and repairs. Montagnolo said high risks are "things that will kill you quickly," such as anesthesia machines and infusion pumps. Medium risks are "things that will kill you slowly," and low risks are "things that probably won’t kill you even if they malfunction."

Once you get to the testing phase, be very careful. McDonough and Montagnolo both told stories of health care providers who were trying to check equipment for Y2K problems and found that their tests backfired on them. In one case, Montagnolo said a hospital was testing an MRI unit and rolled the date up to Jan. 1, 2000. Once staff saw how the machine responded, they tried to set it back to the correct date. It wouldn’t go back.

In another case, McDonough said a hospital tried to test an entire operating room and ambulatory care center by shutting it down on a Friday night. The tests went fine over the weekend, and the OR opened for business on Monday morning. But then an infection control nurse did a routine check and found lots of bad bugs and mold. The problem? They had shut down the heating and air conditioning system during the test and the normally stable OR temperatures fluctuated.

"They had to close the OR and ambulatory care center for nine days, and their CEO was very upset," he says. "Always include the infection control nurse in plans like this. It’s an example of how far-reaching the Y2K problem can be."

For More Information

o William McDonough, Johnson & Higgins National Health Group, 200 Clarendon St., Boston, MA 02116. Telephone: (617) 421-0200.

o Tony Montagnolo, ECRI, 5200 Butler Pike, Plymouth Meeting, PA 19462. Telephone: (610) 825-6000.