Keeping up with technology: your risks and responsibilities.

Information technology is constantly evolving. Among the most common types are electronic health records (EHRs) and computerized physician order entry systems (CPOEs).

This is sponsored content provided by Nurses Service Organization (NSO). Through AORN’s partnership with NSO, AORN members can save 10% on nurses’ malpractice insurance for three consecutive years with NSO’s Risk Management Discount. Receive a quick quote today.

Though these and other information technologies offer advantages, they also pose new challenges and potential risks. When properly implemented, information technology can simplify information retrieval, reduce medical errors, and improve communication, among other pluses. But information technology doesn’t eliminate the need for professional judgment. “People are not infallible. Neither are computers—but we tend to think they are,” said Melanie Balestra, JD, MN, NP, a California-based attorney. Always keep this warning in mind to protect your patients’ health and minimize your professional liability risk. 

Some potential pitfalls of EHRs

If your facility doesn’t already use an EHR, eventually it will. Compared with paper records, an EHR can store more information for longer periods. Also, an EHR is accessible concurrently from many workstations and can provide medical alerts and reminders. Despite these and other advantages, an EHR can make one of your key responsibilities—documenting patient care—more difficult. “Traditional paper charting is free-form,” noted Leslie Nicoll, PhD, RN, MBA, editor-in-chief of the journal CIN: Computers, Informatics, Nursing. “EHR charting is more structured; you’re forced to choose from various options in multiple lists. You have to change your thinking about charting.”
That doesn’t lessen your responsibility to document thoroughly and accurately, so you must understand how the system works and use it properly. “For instance, what if you enter something into the wrong patient’s chart?” asked Diane Kjervik, JD, RN, editor-in-chief, Journal of Nursing Law. “How do you correct that? On paper you’d line through the entry once and initial or sign it, but you can’t do that in an EHR. And, if you are able to make a correction, will the system still save the mistake?”
Another potential hitch is redundant charting, Kjervik noted. If you record the information in two different places and make a mistake in one of them, you introduce a conflict. Whether you can correct charting mistakes easily or at all may depend on the safeguards built into the system. 
If the EHR’s limitations cause documentation problems, tell your risk manager promptly. “Later it’ll be harder to prove what happened,” said Balestra. Remember, if medical errors cause a patient harm and the patient later sues, inadequate documentation will come back to haunt you.
Sometimes busy nurses find risky ways to work around EHR hassles. They may take notes on paper during the day and update the EHR when their shifts end. Or rather than give temporary nurses system passwords, they have temporary nurses document on paper and a staff nurse transcribes the notes later—which is false documentation and hence represents potential liability. Both scenarios can lead to charting errors, noted Nicoll. Even worse, other healthcare providers may base patient-care decisions on outdated data.

Be cautious about CPOEs, too

CPOEs, another up-and-coming technology, can eliminate illegible orders, check for inappropriate drugs, and prompt healthcare providers to get informed consent. But a study that evaluated systems in the United States, the Netherlands, and Australia found that they can also facilitate errors. The study revealed that a practitioner faced with endless lines of similar-looking text on a computer screen may click on the wrong line and select an inappropriate test, order the wrong drug, or enter instructions for the wrong patient.1
The study also found that trouble can result in emergency situations—for example, a physician tells a nurse to administer a drug immediately but enters the order into the system later. If that nurse isn’t around when the order shows up in the system, another nurse could give the patient an extra dose.
Overdependence on the system is another potential drawback. NPs, RNs, and other practitioners may accept the system’s output without question. Or they may not communicate directly with the patient’s other caregivers, incorrectly assuming that the system has done it for them.
As with EHRs, you need to understand the shortfalls as well as the advantages of a CPOE system and watch for trouble, especially if the system has just been introduced. Blindly following an unproven system could have lethal consequences. A case in point: According to a recent review of records at an academic tertiary-care children’s hospital, the mortality rate among children admitted for specialized care rose by 3.77% instead of dropping, 18 months after the rapid implementation of a new CPOE.2

Pen and paper are still valuable tools

While technology has made tremendous inroads when it comes to patient records and physicians’ orders, many things still are done on paper. Informed consent is one process that still uses paper, even though there may be a small electronic component: CPOE systems alert providers to get consent. Even with this electronic prompt, “the division of responsibility remains the same,” said Tina Gerardi, RN, MS, CAE, deputy executive director of the New York State Nurses Association. A practitioner performing the procedure must explain the proposed treatment plan and get the patient’s consent; an RN can witness a patient’s signature but should not obtain the consent. Still, an RN must make sure a patient understands the PCP’s explanations and instructions, and tell the provider if the patient seems confused or has questions.
Incident reporting is also still done on paper, though online reporting systems are available and may be incorporated into EHRs. Online systems can be undermined, however, if they alert practitioners about every report filed, regardless of severity. This can make practitioners complacent. That’s why it’s important to understand the system’s ranking system—if it has one. Whether you do your incident reporting online or on paper, one thing remains clear: Your most important duty is to file reports promptly, while you still remember the details.

What records are legally valid?

Remember that reports or other documents transmitted via “low-tech” e-mail or fax can be just as legally valid as paper originals or records stored in an EHR. “They’ll generally hold up in court as long as automatic date stamps or other systems are in place to prove they’re authentic and weren’t altered,” said Balestra. A court may still require the original of a faxed document as additional backup, though. To protect yourself, keep copies of all electronic communications you send or receive.

High-tech or low, remember security

With all patient-related documents, whether paper or electronic, taking appropriate security measures to protect privacy remains a top priority. To comply with the regulations of the Health Insurance Portability and Accountability Act (HIPAA), you must do everything possible to prevent unauthorized people from viewing patients’ health information. Don’t leave printed documents lying around for others to see. If you input or transmit information electronically, keep the computer screen turned away from prying eyes and don’t walk away from the computer without signing off first. Never share your user ID and password. If you’re faxing or emailing information to patients, get their permission for doing so, and follow up to make sure they received it.
When it comes to information technologies, learn what these systems can and can’t do and how to use them properly, so you can give patients the best possible care and minimize potential for professional liability. You must also scrupulously follow all policies and procedures outlined by your facility and ask about your potential professional liability for information-related errors. Technologic ignorance isn’t a valid defense. “Nurses are ultimately responsible for the patient outcome,” said Gerardi. “Using technology doesn’t usurp your accountability.”



Ash JS, Berg M, Coiera E, et al. Some unintended consequences of information technology in health care: the nature of patient care information system-related errors.

Han YY, Carcillo JA, Venkataraman ST, et al. Unexpected increased mortality after implementation of a commercially sold computerized physician order entry system. J Am Med Inform Assoc. 2004; 11, 121-124. ​

Pediatrics. 2005; 116: 1506-1512. ​

Frequently Asked Questions

You have questions. We have answers. (It's why we're here.)

What kinds of activities might trigger a disciplinary action by a licensing board or regulatory agency? 

The fact is anyone can file a complaint against you with the state board for any reason—even your own employer—and it doesn’t have to be solely connected to your professional duties. All complaints need to be taken seriously, no matter how trivial or unfounded they may appear. 

How does a shared limit policy work?

A shared limit policy is issued in the name of your professional business or company. The policy provides professional liability insurance coverage for the business entity named on the certificate of insurance and any of the employees of the business entity, provided they are a ratable profession within our program. Coverage is also provided for locum tenens professionals with whom the business entity has contracted for services the locum tenens performs for the business entity.

The business, and all eligible employees and sub-contractors you regularly employ, will be considered when determining your practice’s premium calculation and share the same coverage limits you select for the business.

We have a shared limit policy. Are employees covered if they practice outside our office?

The policy covers your employees outside the office as long as they are performing covered professional services on behalf of your business.

If your employees are moonlighting, either for pay or as a volunteer, they should carry an individual professional liability insurance policy to cover those services. Otherwise, they might not be covered for claims that arise out of these activities.

There are plenty more where those came from.

See more FAQs

NSO Learning Center

More insights from some of the best minds in nursing.

Keeping up with technology: your risks and responsibilities.

Information technology is constantly evolving. Among the most common types are electronic health records (EHRs) and computerized physician order entry systems (CPOEs).

Abbreviations in Documentation: A shortcut to disaster for Nurses

Trying to save time by using abbreviations? Make sure that you aren't putting yourself or your patients in jeopardy.

Administer meds without a doctor's order? Proceed with caution.

Registered nurses generally should administer medications only with a physician’s order. Only certain advanced practice nurses have prescriptive authority, and their qualifications, as well as the type of drug and the amount they are allowed to prescribe, vary from state to state.

Are You Filing Incident Reports Properly?

Knowing when—and how—to file incident reports can help you to protect yourself, your patients, your colleagues, and your organization.