Last week, ComputerWorld published a lengthy story about the disruption of the US Department of Veterans Affairs' VistA electronic health record (EHR) system in Northern California last August. According to the story, the outage was caused by "a simple change management procedure that wasn't properly followed."
It turns out that one group of maintainers asked another to make a change to a network port configuration without having the proper authorization to do so, which the second team did. In other words, the system was done in by poor configuration management.
For reasons left better explained by the ComputerWorld article, the VistA back-up systems that were supposed to kick in, didn't.
The outage caused the VistA system to be down for a good part of a day, which caused healthcare workers to revert to paper and pencil. Patient safety was increasingly put at risk, because the VA health system is almost completely electronic. In the VA's words, the outage was "the most significant technological threat to patient safety (the) VA has ever had.â'' It has taken months to put all the paper-based information created that day back into electronic format.
The VA experience provided a glimpse of what may happen if a major outage and back-up systems fail once EHR systems are fully up and running. System designers of EHR systems need to think a bit harder about what happens when the "unthinkable" does indeed happen.