Bad Health Informatics Can Kill

ICT can have positive impact on health care, but there are also examples on negative impact of ICT on efficiency and even outcome quality of patient care. Medical informaticians should feel responsble for the effects of ICT on patients and public. Systematic analysis of ICT errors and failures is the precondition to be able to learn from negative examples and to design better health information systems.

This document contains summaries of a number of reported incidents in healthcare where ICT was the cause or a significant factor. For each incident or problem at least one link to a source will be provided. With the following list, we want to rise awareness on this important issue, and provide information for further reading.

This summary was inspired by a citation of Prof. Chris Taylor found in the report "Pathways to Professionalism in Health Informatics" of the UK Council for Health Informatics Professions: "Bad Health Informatics can kill". We would like to acknowledge the contribution of Dr. G.M. Hayes (President, UK Council for Health Informatics Professions; Chairman, Health Informatics Committee of the British Computer Society; President, Primary Health Care Group of the BCS) in collecting those examples.

For further recommended reading and links: See bottom of page!

Year Name Description References
April 2017 IT failure could have let to premature deaths

IT failure that could have led to the premature deaths of up to 270 women because they weren't invited for their routine breast cancer screening leads most of the newspaper.

The problem was caused by a "computer algorithm failure", which led to some women not receiving their final breast screening when they were between the ages of 68 and 71. The problems happened between 2009 and the start of 2018.

Okt 2016 Cyberattack caused NHS trust to shut down major operations across several hospitals for 4 days On the 31 October 2016 Lincolnshire and Goole NHS Foundation Trust cancelled planned operations and outpatient appointments due to a cyber-attack on its computer network. From the 30th October - 2nd November the Trust website issued a Major Incident status stating "Following expert advice the Trust took the decision to to shut down the majority of their systems so they can isolate and destroy it."  
June 2014 Physicians expressed concerns on new clinical system

Athens Regional Medical Center announced on Thursday the resignation of Senior Vice President and Chief Information Officer Gretchen Tegethoff.The notice of Tegethoff’s resignation came six days after Athens Regional’s former CEO and president James Thaw resigned. Both Thaw and Tegethoff were targeted in a May 15 letter signed by more than a dozen Athens Regional physicians who expressed their concerns over a new computer system they felt endangered patients.

The doctors noted such problems as “medication errors ... orders being lost or overlooked ... (emergency department) patients leaving after long waits; and of an inpatient who wasn’t seen by a physician for (five) days.” The EHR, designed by health care information technology company Cerner, is meant to improve efficiency and connectivity by providing doctors, nurses and other medical professionals with a shared data set. But physicians called the implementation of the system too rushed and noted intended users lacked “readiness” prior to implementation.

April 2014 Hacking Health IT Equipment

When Scott Erven was given free rein to roam through all of the medical equipment used at a large chain of Midwest health care facilities, he knew he would find security problems–but he wasn’t prepared for just how bad it would be.

In a study spanning two years, Erven and his team found drug infusion pumps–for delivering morphine drips, chemotherapy and antibiotics–that can be remotely manipulated to change the dosage doled out to patients; Bluetooth-enabled defibrillators that can be manipulated to deliver random shocks to a patient’s heart or prevent a medically needed shock from occurring; X-rays that can be accessed by outsiders lurking on a hospital’s network; temperature settings on refrigerators storing blood and drugs that can be reset, causing spoilage; and digital medical records that can be altered to cause physicians to misdiagnose, prescribe the wrong drugs or administer unwarranted care.
Febr 2014 Ways EHRs can lead to unintended safety problems

ECRI Institute PSO reviewed 171 health IT-related events submitted by healthcare facilities during a nine-week period. Health IT problem areas identified include: inadequate data transfer from one health IT system to another; data entry in the wrong patient record; incorrect data entry in the patient record; failure of the health IT system to function as intended; and configuration of the system in a way that can lead to mistakes.

Health IT must be considered in the context of the environment in which it operates during the three phases of any health IT project: planning for new or replacement systems, system implementation, and ongoing use and evaluation of the system. Shortsighted approaches to health IT can lead to adverse consequences.

ECRI Report
Nov 2012 Compilations of safety issues related to EHRs in Pennsylvania healthcare facilities From Healthcare IT News: With limited data available on potential safety risks related to EHRs, the Pennsylvania Patient Safety Authority has published one of the largest compilations of safety issues related to EHRs in Pennsylvania healthcare facilities in its December Pennsylvania Patient Safety Advisory released today. ...
Of the 3,099 EHR-related events analyzed by the Authority, 2,763 (89 percent) were reported as "event, no harm," meaning an error occurred but there was no harm to the patient. Ten percent of the reports (320) were reported as "unsafe conditions," which also did not result in a harmful event. Fifteen reports involved temporary harm to the patient due to the following: entering the wrong medication, ignoring a documented allergy, failure to enter lab tests and failure to document.,08,19
Dec 2011 Computer worm forces hospitals to turn away patients A damaging, fast-spreading computer bug forced an Atlanta-area hospital system to shut its doors for nearly three days last week and divert ambulances to other facilities. Gwinnett Medical Center's two campuses, in Lawrenceville and Duluth, Ga., were forced to declare "total diversion" status and turn away all but extreme trauma cases beginning Dec. 7, when the hospital's IT department detected malware on its network. This infection was most likely the result of an infected USB and perpetuated across the network as a result of minimally protected medical systems attached to their network.

Link to paper

April 2011 Review of Reported Clinical Information System Adverse Events in US Food and Drug Administration Databases found 120 reports Background: The US FDA has been collecting information on medical devices involved in significant adverse advents since 1984. These reports have been used by researchers to advise clinicians on po-tential risks and complications of using these devices. Objective: Research adverse events related to the use of Clinical Information Systems (CIS) as re-ported in FDA databases.
Methods: Three large, national, adverse event medical device databases were examined for reports pertaining to CIS.
Results: One hundred and twenty unique reports (from over 1.4 million reports) were found, represen-ting 32 manufacturers. The manifestations of these adverse events included: missing or incorrect data, data displayed for the wrong patient, chaos during system downtime and system unavailable for use. Analysis of these reports illustrated events associated with system design, implementation, use, and support.
Conclusion: The identified causes can be used by manufacturers to improve their products and by clinical facilities and providers to adjust their workflow and implementation processes appropriately. The small number of reports found indicates a need to raise awareness regarding publicly available tools for documenting problems with CIS and for additional reporting and dialog between manufacturers, organizations, and users.
Myers RB, Jones SL, Sittig DF. Review of reported clinical information system adverse events in U.S. food and drug administration databases. Appl Clin Inf 2011; 2: 63–74. doi: 10.4338/ACI-2010-11-RA-0064
March 2011 A study of an Enterprise Health information System by Jon Patrick, University of Sydney This is a study into the roll-out of Cerner FirstNet into EDs in NSW. The original study was issued in Dec 2009 (Part 3.1). This has been added to with a new study in 2010 consisting of discussions with 7 ED Directors (Part 3.2), discussions with software experts who do performance evaluations on Cerner sites (Part 3.3), and reviews of Entity-Relationship Diagrams (Part 3.4), Schema descriptions and data tables from customer installations (Part 3.5 & 3.6). All this information is coalesced to establish a much more detailed picture of a Cerner installation (Part 3.7). A number of weaknesses are identified in the design and implementation and risk assessments are recommended for organisations using this software or intending to use it. Regulations that might minimise the risks to users of health software are recommended (Part 3.8). An alternative architecture and method for constructing clinical information systems is presented (Part 3.9). I would like to acknowledge the postgraduates who assisted in collecting the data and colleagues who offered advice and edited the written materials. Complete report
April 2010 Reports from FDA Database on EPR failures causing harm An analysis of the FDA's Manufacturer and User Facility Device Experience database (a U.S. repository on adverse events related to medical devices) identified 237 reports related to the use of health information technology. The reports of these IT-related adverse events can be searched and reviewed at the

The Huffington Post Investigative Fund, 20 Apr 2010


October 2009 The Story of the Deployment of an ED Clinical Information System - Systemic Failure or Bad Luck" The essay on Emergency Department electronic health record (EHR) problems in the Australian state of New South Wales (NSW) by medical informatics professor Dr. Jon Patrick, Health Information Technologies Research Laboratory (HITRL), University of Sydney, analysed the problems occuring after introducing a clinical ED system in an Austrialin hospital.


Further comments:

February 2009 Barts virus caused ‘major internal incident’ Last November’s Mytob worm attack on the network of Barts and the London NHS Trust led to its ‘major internal incident' plan being activated, with some ambulances redirected from A&E. The network failure was one of the most severe known to have occurred at an NHS hospital trust. To clean and restore the infected network, Barts had to draft in help from neighbouring trusts and a 40-strong team from BT. An interim report on the incident says clinical services were affected, though effective alternative arrangements worked. However, it also says that protracted delays in getting the network back up, and in providing access to the clinical systems that run on it, created potential risks to patient care. e-Health Insider. 15 Jan 2009.
January 2009 Software glitch causes incorrect medication dosages Patients at VA health centers were given incorrect doses of drugs, had needed treatments delayed and may have been exposed to other medical errors due to the glitches that showed faulty displays of their electronic health records, according to internal documents obtained by The Associated Press under the Freedom of Information Act. The VA's recent glitches involved medical data -- vital signs, lab results, active meds -- that sometimes popped up under another patient's name on the computer screen. Records also failed to clearly display a doctor's stop order for a treatment, leading to reported cases of unnecessary doses of intravenous drugs such as blood-thinning heparin. According to interviews and the VA's internal memos, the glitches began after the VA distributed its annual software upgrade last August [2008].'' By early October, hospitals began reporting the troubling problems: When doctors pulled up electronic records of different patients within 10 minutes of each other to offer treatment advice, the medical information of the first patient sometimes displayed under the second person's name. In some records, a doctor's stop order for intravenous injections also failed to clearly display." No explanation of what caused the software problem, which was reportedly fixed in December. MSNBC
December 2008 JCAHO Sentinel Event Alert From the Joint Commission on accreditation of healthcare organizations, a new Sentinel Events alert on Health IT: List of Sentinel Event Alerts
May 2007 Software incompatibility was part of a chain of events leading to the wrong patient getting an appendectomy. The mistake occurred Nov. 14 when two female patients were scheduled for computed tomography, or CT scans, according to the state report. The first patient underwent an appendectomy that very evening because of the CT results. But the surgery was unnecessary. The next day, a radiologist discovered the patient's CT scan was actually that of a second patient. Hospital staff told state inspectors that the technologist had trouble starting the required intravenous line for the first patient and took her out of the CT scan room to complete that task. However, the patient's information had already been entered into the computer system for the CT scan. After the second patient's scan was completed, a radiology technician noted the error, removed the first patient's information and entered information on the second patient. When the first patient's information was deleted from the computer in the scan room, it was not deleted from the computer system used by the radiologist. "This was due to an incompatibility of the software between the two systems," the state report said.

Santa Cruz Sentinel, May 23rd, 2008

Complete report

June 2006
Baby died after untrained doctor took 50-50 gamble on pressing right button A baby boy died after an untrained doctor pressed the wrong button on his bypass machine because it was a less "horrid" colour than the other, an inquest heard yesterday. Four-month-old Thomas Smith was on a heart and lung bypass machine when Simon McGuirk, a cardiac surgical registrar, accidentally turned it off. Mr McGuirk said that he did not know whether to press the orange or blue buttons to restart the machine, so opted for the blue. It sent the machine into reverse, sucking blood from Thomas's body. He died a short time later. 21/03/2006

Aug 2005
Challenges to implementing the national IT programme in GB The sociocultural challenges to implementing the NPfIT are as daunting as the technical and logistical ones. Senior NHS staff feel these have been neglected. We recommend that national programme managers prioritise strategies to improve communication with, and to gain the cooperation of, front line staff. BMJ 2005;331:331-336 (6 August), doi:10.1136/bmj.331.7512.331


Dec 2005

Unexpected Increased Mortality after CPOE Implementation Among 1942 children who were referred and admitted for specialized care during the study period, univariate analysis revealed that mortality rate significantly increased from 2.80% (39 of 1394) before CPOE implementation to 6.57% (36 of 548) after CPOE implementation. Multivariate analysis revealed that CPOE remained independently associated with increased odds of mortality (odds ratio: 3.28; 95% confidence interval: 1.94–5.55) after adjustment for other mortality covariables. Pediatrics 116 (6), dec 6 2005, 1506-1512
Nov 2005 Qualitative Evaluation of EMR revealed problems Seven key findings emerged: users perceived the decision to adopt the electronic medical record system as flawed; software design problems increased resistance; the system reduced doctors' productivity, especially during initial implementation, which fuelled resistance; the system required clarification of clinical roles and responsibilities, which was traumatic for some individuals; a cooperative culture created trade-offs at varying points in the implementation; no single leadership style was optimal--a participatory, consensus-building style may lead to more effective adoption decisions, whereas decisive leadership could help resolve barriers and resistance during implementation; the process fostered a counter climate of conflict, which was resolved by withdrawal of the initial system. from Nov 3rd, 2005
July 2005 Dosing error related to CPOE The authors used a novel approach to analyze a dosing error related to computer-based ordering of potassium chloride (KCl). In this case, the error was the product of faults in interaction among human and system agents that methods limited in scope to their distinct analytical domains would not identify. The authors characterized errors in several converging aspects of the drug ordering process: confusing on-screen laboratory results review, system usability difficulties, user training problems, and suboptimal clinical system safeguards that all contributed to a serious dosing error. Horsky J et al. Comprehensive analysis of a medication dosing error related to CPOE. J Am Med Inform Assoc. 2005 Jul-Aug;12(4):377-82.
May 2005 Project Management Problems at Veterans Affairs The HeV study was conducted from November 2004 through January by consultants with Carnegie's SoftWare Engineering Institute. The report agreed that the VA needs to replace its current computer system, but cited many technical and managerial problems with the VA's plans: * Deadlines - not test results - are driving the project. "Critical processes and procedures (are) frequently eliminated to meet end dates." * The VA has inadequately assessed risks and alternatives. * Managers at headquarters don't listen to experts, and "many decisions are driven by unrealistic, subjective information." * VA culture inhibits "raising risks, issues, problems or differing opinions." * The project management office "does not have the needed staff, authority, responsibility or operational procedures." St. Petersburg Times Online
March 2005 Medication Errors due to CPOE

Nationwide adoption of computerized physician order entry systems likely will not be hampered by a Journal of the American Medical Association study published last week (Koppel R, Metlay JP, Cohen A, Abaluck B, Localio AR, Kimmel SE, et al. Role of computerized physician order entry systems in facilitating medication errors. Jama 2005;293(10):1197-203) that found that CPOE systems might actually facilitate mistakes as well as prevent them, according to some patient safety experts. The study instead should raise people's awareness about the most effective ways to implement the systems, some experts say.
Researchers looked at a CPOE system at a large teaching hospital between 2002 and 2004 and found that the system facilitated 22 types of medication error risks. Some error risks identified included mixing up patient names in the computer and delays because of frequent computer crashes. Also, the researchers cited fragmentation of patient records as a problem, saying that up to 20 screens might be needed to view all of a patient's medications, which increases the likelihood of selecting the wrong medication. Errors cited occurred as frequently as several times a week to every day.

Complete iHealthBeat article

Comment of J. Nielsen

Jan 2005 Medical Errors Linked to 20 MN Deaths Twenty patients died in Minnesota hospitals during a 15-month period because of medical errors or oversights including falls, faulty medical equipment and administering the wrong medication, the state Health Department said in a new report. The report, released Wednesday, documented 99 serious errors between July 1, 2003 and Oct. 6, 2004. Minnesota is the first state to report its mistakes under standards developed by the National Quality Forum, a Washington-based nonprofit. New Jersey and Connecticut also adopted the standards, which are being considered elsewhere. Complete Associated Press/New York Times article
Jan 2005 Report Finds Computer Entry Errors on the Rise January 13, 2005 Automating processes in medicine has been widely touted by both the health care industry and lawmakers as a way to improve efficiency and reduce errors. However, a recent report by not-for-profit drug industry standards group U.S. Pharmacopeia found that medication errors associated with computer entry are growing steadily. Mistakes associated with computer entry were the fourth leading cause of error in 2003, compared with the seventh leading cause in 2000, according to the report. Computer entry errors are defined by MedMARx, USP's national database for medication errors, as "incorrect or incomplete entry of information into a computer system that is associated with the medication use process," according to the report. Complete iHealthBeat article
July 2004 NHS few evidence of benefit Institute for Public Policy Research (IPPR) claims that while the potential benefits of better use of IT in the NHS are clear, there is still very little evidence to show that it is making a difference. This could be because there are no effective evaluation methods for these projects -- which in itself is worrying -- or because the benefits are not being realised. Managing the change in business processes and working practices that will accompany the new IT systems is crucial to the success of the National Programme for IT in the NHS July 27, 2004
Jan 2003 CPOE failure Cedars-Sinai Medical Center is suspending use of a multmillion-dollar computerized systems for doctors' orders after hundreds of physicians complainiend that is was endangering patient safety and required too much work. One patient with heart failure did not receive the pills this physician ordered until he mentioned it to a nurse. Another patient did not receive a walker until three days after is was ordered. A baby was given local anesthetic for a circumcision one days early. Similar stories of delays and inconvenience abound, although none involved deaths or permanent injuries, doctors said.

The Los Angeles Times. Jan 22nd, 2003

Update after 2 years

Jan 2003 Wrong coding Michigan, USA: 8,500 people received letters notifying them that medical bills issued the previous year had been wrongly coded to indicate that they were dead. Ananova
Nov 2002 Repeated crashes of hospital information system Beth Israel Deaconess Medical Center's computer system crashed repeatedly over 31/2 days, periodically blocking access to patient records, prescriptions, laboratory reports, and other information, and forcing the hospital to revert to the paper-based systems of what one executive called ''the hospital of the 1970s.'' Hospital executives said yesterday that patient safety was never jeopardized. But scores of employees worked overtime printing records, double-checking doses, physically running messages from the labs to the wards and back - even rushing out to buy copier paper. The crisis took the hospital by surprise. CIO Magazine Feb 15, 2003
Nov 2002 Radiation overdose Cancer patients in Panama died after being overdosed by a Cobalt-60 radiotherapy machine. eWeek March 8, 2004
June 2002 Poor incidence logging A pilot study into NHS medical errors was so dogged by computer problems and poor incident logging that its findings are unreliable, the government's chief medical officer, Professor Sir Liam Donaldson, admitted today. Overall, the report from the national patient safety agency (NPSA), suggests there could be around 970,000 errors made each year within the NHS, but just 1% of the 27,110 incidents recorded were classed as major or catastrophic. The NPSA and Sir Liam were today forced to concede that there were problems with the quality of the data. Sir Liam said there were snags with "data capture, data transfer and data transmission". He said computers in primary care centres and in mental health services did not integrate well with the NPSA system. Guardian June 18, 2002
Febr 2002 No pregnancy "A locum working in one of our practices enquired about a patient's pregnancy during a consultation and the patient became anxious as she was not pregnant!! It soon became apparent that the letter on the patient's computer notes, which the doctor was referring to, had belonged to another patient of the same name and had been scanned into the wrong patient's computer records. The practice have enquired into this; they are reconsidering whether they should allow scanning to be done by staff whilst doing other reception duties." North Peterborough PCT Clinical Governance
Newsletter February 2002
Dec 2001 Transplant reversal after computer error Glasgow: A kidney transplant patient was given an organ from a close relative that did not match after information was wrongly entered into a computer. Her body rejected the new kidney and she had to undergo a second operation to have it removed. She is now back on dialysis. The operations took place at the Western Infirmary in Glasgow last month but records show that the results of a laboratory matching test had been wrongly entered into the computer at Glasgow Royal Infirmary. The information suggested that the relative's kidney was a match for the patient. A secretary made the mistake putting the information into her computer. Systems are in place to prevent a recurrence. Daily Telegraph Apr 12, 2001
Sept 01 Fire causes e-mail delays NHS wide: A firewall failure at an undisclosed BT datacentre on 1 September caused e mail delays for thousands of NHS professionals. Syntegra managed to clear the backlog of queued messages several days alter. At its worst, there were over 80,000 queued messages. Computer Weekly Sept 13, 2001
Dec 2002 Hospital Records Hacked Seattle, USA: A sophisticated hacker took command of large portions of the University of Washington Medical Center's internal network earlier this year, and downloaded computerized admissions records for four thousand heart patients. The intrusions began in June, and continued until at least mid-July, before network administrators at the Seattle teaching hospital detected the hacker and cut him off SecurityFocus Dec 6, 2000
March 2000 Breaches of Patient Privacy Kaiser Permanente accidentally breaches medical confidentiality of 858 people while carrying out a software upgrade to its website. Multiple Sclerosis News Aug 2000
Oct 2000 Blackout due to IT failure Eastbourne, GB: Staff at an Eastbourne hospital carried out a caesarean section operation by torchlight after emergency generators failed to start after a power cut. Eastbourne district general hospital's two emergency generators, which are computer operated, failed to start after lightning hit the town's power supply at 2.15am. The problem was compounded when the computer registered that the generators had started, so when mains power returned 20 seconds later it was prevented from entering the hospital's mains.

Guardian Oct 12, 2000

Jan - May 2000 Millenium Bug blamed for test error The Millennium Bug resulted in more than 150 pregnant women being given incorrect results of a Down's Syndrome test. The computer error during screening at Sheffield's Northern General Hospital meant the women were originally told they were in the low-risk group. As a result of the mistake, four Down's syndrome pregnancies went undetected. Two of the women later gave birth to Down's Syndrome babies, while two other women terminated their pregnancies.

BBC News Sept 13, 2001

Official report Setp 13 2001

2000 Ambulance computers blamed for 999 chaos "Britain's 999 call system was thrown into chaos last week when problems at the London Ambulance Service caused a knock-on effect around the country, … At the height of the difficulties last weekend, staff at London Ambulance took more than 20 minutes to answer calls compared with the usual five seconds. As a result, delays cascaded through the system as BT operators attempting to get through to London were left on hold and unable to deal with new incoming emergency calls from all over the country. According to insiders, callers trying to reach their local police headquarters, fire service or ambulance service were unable to get through to the operators for significant periods. The London Ambulance Service admitted last week that there had been long delays on Saturday - the longest for 20 minutes. The service said it was still experiencing serious problems, with delays of up to nine minutes in answering calls in the early hours of last week morning. The problems have coincided with the introduction of a new computer system at London's Central Ambulance Control. …"


Daily Telegraph Dec 3, 2000

April 2000 Wrong supsension from cervical screening programme Scottland: An investigation into why thousands of women were suspended from a cervical screening programme has found that nine died from the disease. The figure was revealed in a report into the way three health boards - Tayside, Forth Valley and Fife - managed their cervical screening services. The authorities admitted at the end of last year that nearly 15,000 women were incorrectly left off a list for smear tests. The problem arose with a computerised system which calls women aged between 20 and 60 for routine examinations. Women who failed to respond to three invitations for smears before 1994 were suspended from the system. This meant they were not invited back for screening again - which is against national guidelines. BBC News April 26, 2000
Feb 1998 Errors in blood bar coding Oxford, Bristol: It was discovered that hospitals were being issued with different bags of blood bearing the same six-figure bar code identification numbers, suggesting the same contents. The problem could be easily solved by upgrading hospital computer systems, but hospitals lack sufficient funds. The National Blood Service has long recognised the issue and, following Government funding to install a new computer system, it has switched to an internationally used 15-figure system. However, as hospitals have no provision in their budget to upgrade systems to read the new longer bar codes, the blood bags are currently being identified through the old six digit codes placed alongside the newer coding. Computing Feb 11, 1998
Oct 1997 Death of meningitis patient Patient, 18, died three days after being admitted to hospital. Her GP had diagnosed possible meningitis but errors involving the hospital's new computer system and the misspelling of her surname meant that drugs needed to fight the infection were withdrawn.

Daily Telegraph Aug 28 1998

May 1993 Wrong doses of radiation Staffordshire hospital: A programming error caused cancer patients to receive the wrong doses of radiation. For a period of 10 years nearly 1,000 cancer patients at North Staffordshire Royal Infirmary received between 5% and 35% less radiation than they required. Margaret Grieveson, the hospital physicist, wrongly assumed that a 'correction factor' which adjusts the dose according to the distance of the radiation source from the skin, had not been built into the Eclipse 6/130 computer. It had arrived without a manual. A report into the disaster, published in 1993, said that out of 1,075 patients who had received wrong doses, more than 401 had since died and a further 91 had suffered a recurrence of their cancers, including 26 who had surgery to remove their bladders. The report also said it was impossible to say whether those who died would have survived if it had not been for the mistake. May 13 1997

Official report: Committee of Inquiry into the conduct of isocentric radiotherapy at the North Staffordshire Royal Infirmary, West Midlands Health Authority; 1994

Oct 1992 London Ambulance Dispatching System Around 20 people thought to have lost their lives because of delays or failures in despatching ambulances. A. Finkelstein Website
1985-87 Therac-25 incident

Between June 1985 and January 1987, the Therac-25 medical electron accelerator was involved in six massive radiation overdoses. As a result, several people died and others were seriously injured. The reasons were software errors.

Leveson NG, Turner CS. An investigation of the Therac-25 accidents. Computer. 1993; 26 (7): 18-41.
1980 Sabotage Sabotage of MCBIS by hospital staff endangers and disrupts the delivery of inpatient health care. Wide-spread interference, along with other implementation problems, cripples the ability of MCBIS to function properly and affects health care costs and quality of services. Dowling AF. Do hospital staff interfere with computer system implementation? Health Care Manage Rev. 1980 Fall;5(4):23-32.


Recommended further reading

Marc Green. Error and Injury in Computers & Medical Devices. With more infromation on the Therac-25 accident.

Several examples of common, costly, preventable healthcare information technology failure are presented at Scot Silverstein webpage.

Rechenfehler mit tödlichen Folgen. Fokus digital, 18.10.07. In German.

Valdes IH: Editorial: RHIO's and the Illusion of Health IT Success. LinuxMedNews, Dec 12, 2005.

A general mailing list on IT risks is RISKS (, discussing examples of computer failure in all areas (not only medicine).

Aarts J, Doorewaard H, Berg M. Understanding Implementation: The Case of a Computerized Physician Order Entry System in a Large Dutch University Medical Center. in JAMIA May-June 2004. This paper argues that it is sometimes very hard to define what should be considered as failure.

An introduction into human computer interaction and related errors in medical information systems is presented at Here, the Therac-25 is taken as one example, and a lot of further references is provided.

Anderson JG, Goodman KW. Ethics and Information Technology, Health Informatics Series, New York, Springer, 2002. This book collects in chapter 6 ("Evalution: An Imperative to Do no Harm") several case studies of health information systems failures, most of them with negative impact on the efficiency of patient care.

Ash J ,Coiera E, Berg M. Some Unintended Consequences of Information Technology in Health Care: The Nature of Patient Care Information System-related Errors. J Am Med Inform Assoc. 2004, 11: 104-112. Case studies from various countries on PCIS implementation are analysed, pointing to the fact that "PCIS applications seem to foster errors rather than reduce their likelihood". The nature of those errors is then further analysed.

Gell G. Side effects and responsibility of medical informatics. Int J Med Inform 2001; 64(2-3):69-81. This paper analyses some examples of side effects of IT in health care, focussing e.g. on the consequences of relying too much on output of applications systems (e.g. misinterpreting output of computer calculations), and on the ethical consequences of relying on computers when life-and-death decisions have to be made (e.g. survival predictions). It strongly argues that health informaticians should be aware of and feel responsible for the effects of his or her work on the patients and on the problems.

Leveson N. Safeware: system safety and computers. Reading (MA): Addison-Wesley, 1995. Nancy Leveson is known due to her analysis of the Therac-25 event.

Rigby M, Forsström J, Roberts R, Wyatt W. Verifiying quality and safety in health informatics services. BMJ 2001; 323(8 September 2001):552-556. This paper presents several examples for software errors and calls for a European certification initiative . Direct link to the paper.

Sauer C. Deciding the future for IS failures; not the choice you might think. In: Currie WL, Galliers R, editors. Rethinking management information systems. Oxford: Oxford University Presss. 1999. Comprises an overview and assessment of the literature up to 1999 on IS failures.

Serious Hazards of Transfusion (SHOT) Annuals Report, describes numerous incidents involving computers and blood transfusions. Available from:

The Research Unit for Cybermedicine at the University of Heidelberg has established a database of published and unpublished cases of adverse events caused by advice given on health-information websites. Unit's website is

The Bristol Enquiry. Two of the recommendations from this enquiry have direct impact on the effect of bad health informatics.

Pilot-in-command oder computer-in-command? Some reflections on computer use in aircrafts (in German).

Homepage of the Working Group
Last change: 08.05.2018