By Rick Schrenker
Disclaimer: The opinions expressed in this article are solely those of the author. They do not purport to reflect the opinions or views of 24×7 Magazine.
What will we do differently on the other side of the pandemic? I, for one, hope the clinical engineering field reflects on how our founding story is rooted in safety and why this matters today.
I was quite upset a few years ago when the field decided to adopt the moniker HTM, or healthcare technology management. Not because I thought the new name misrepresented what we did; indeed, managing health technology has long consumed the majority of our time. But people claimed that HTM is our profession. I rejected that idea then and I reject it now.
I won’t revisit all of my arguments here, but will simply point out that my profession is engineering, not management, and I refuse to primarily identify as a manager. Setting that aside, CE/HTM’s roots lie in our contribution to healthcare’s main objective: “First, do no harm.” Healthcare technology management encompasses one set of tools we apply to achieve that goal.
Over the second half of my career, I’ve focused on systems engineering, risk management, and standards development—not simply to apply them to technology management, but to influence technology development and regulation. To me, our experience needs to be reflected in our identity, and our voice needs to be heard outside of just our community.
CE’s Relationship with HIT
To illustrate the importance of tying our identity to safety, I’m going to speak to some recent issues about the relationship between clinical engineering and healthcare IT (HIT). Before criticizing the HIT industry, I want to recognize how instrumental HIT (and IT, in general) has been to helping us deal with the COVID-19 pandemic. They are among the many heroes who have risen to the occasion, and we owe them our gratitude, as do the BMETs, CEs, and support staff in our hospitals (which includes a newly minted BMET, my son-in-law, Brad Burkholder).
First, let me tell you about a time when I served as the U.S. user representative on the international standards committee that developed ISO/IEC 80001 and its initial set of associated technical reports.
Keep in mind that 80001 focused on the risk management of medical devices on general-purpose IT networks.I don’t remember how many people were active in the group—maybe 30. But I do remember that while there were people there representing the provider and regulatory communities as well as the medical device industry, there was little representation from the IT community. A U.K. telecommunications company sent a representative, and for a while a prominent U.S. networking company sent someone as well.
As it became clear that we were intent on developing a risk management standard, the U.S. company pulled out. We tried to involve them and others, but they were not interested. My take: The HIT industry did not want to acknowledge that their products should be considered for regulation like medical devices.
Still, some of us tried. Knowing early on that we would have to introduce the HIT community to our perspective, we developed an appendix comparing what we were doing in 80001 to existing IS risk management standards. I was somewhat familiar with a few of their standards and recommended practices—for example, ISO 20000 and ITIL—and knew their understanding of risk management was different than ours: Risk management to IT industry was to be applied to projects, while ours was to be applied to safety (or at least that’s what risk management means to me).
Now, I’m left to wonder just how seriously clinical engineering takes safety anymore. I don’t mean that in any specific sense, but rather one in general. For example, since well before COVID-19 appeared, we have been involved in the support of disinfection and sterilization technologies. But how seriously—how formally—do we apply safety-related risk management principles to that work? Do we communicate what we have learned to regulators and standards developers? And how seriously do we expect others to take us if we don’t?
Not Just Healthcare-Specific Issues
Years ago, I was invited to participate in a cross-discipline workshop that focused on how some safety-critical technology domains applied to then-emerging safety cases. Among the participants were professionals from government organizations such as NASA, the FDA, the Federal Aviation Administration (FAA), and the Nuclear Regulatory Commission (NRC), as well as a few from the academic community. Early on, one of the presenters from one of the nonmedical groups started sharing some of their problems, and I laughed. The presenter looked at me, and I said, “I wasn’t laughing at what you were saying; I was laughing at how similar our problems are. Different technology, different scale, but conceptually the same safety issues.”
During the last hour of the conference, the NRC attendee told the FDA representative that their organizations should collaborate more since they experience similar problems. I spoke up and said that while all of our problems may be the same, our regulatory paradigms were very different. The NRC and the FAA regulate both the production and the use sides of their industries, while the FDA is largely restricted to regulating only the production side of the medical device industry.
Recently I have been seeing movement in our domain to adopt some of the formal aspects of quality management systems. That’s a good thing. But I see more attention being given to standards like ISO-9001 than to ones in the medical device domain that include focused attention to safety risk management. I thinkthis topic needs broader discussion within the clinical engineering community—and manufacturers and regulators creating standards like 14971 and 13485 need to hear the results of that conversation.
On a related note, one thing I’ve heard throughout my 40-plus-year career that always drives me up a wall is some version of “The FDA approved it, so it must be safe.” With a few exceptions, the FDA’s role is to approve devices for marketing. Although I haven’t worked closely with the FDA for a few years, I’m still pretty comfortable saying most of their decision-makers have little, if any, clue what the point of care is really like from a technology application perspective.
That’s not to say that they don’t possess deep knowledge about risk management as applied to the devices they clear for marketing. They do. But they don’t know what it’s like for caregivers to cognate all the information and all the control options presented by the menageries of devices at a patient bedside. They don’t know what it’s like for a BMET to be called to that bedside to address a problem being experienced by the caregiver. They don’t know.
And yet … and yet …
When I used to participate in meetings where regulators, manufacturers, and a few hospital workers showed up, inevitably discussions (sometimes heated) would emerge between regulators and manufacturers over aspects of the device clearance process. Every time—every time!—I would have to remind them that they really should involve their customers in the discussions, because whether the regulators’ needs were satisfied or the manufacturers were experiencing hassles, making them happy was always secondary to me.
Having said all that, the industry has had a remarkable track record of delivering useful and safe medical devices to the caregiving community. But why, given the rate of technological change, should we assume that this will remain the case going forward? Especially during an era when the HIT industry is becoming increasingly and even transparently integrated into the technology at the bedside—an industry that, at least in the past, took an ostrich-like approach to dealing with safety?
Who will be the champion for healthcare technology safety, in the broad sense, going forward? Again, given the accelerating rate of technological change, how can it be accomplished in a manner that neither over- nor under-constrains the transfer and application of useful tools to caregivers? If CE/HTM chooses to more actively serve in this role, how will it make that happen? More to the point, how will you make it happen?
Given how you’ve responded to the pandemic, I know you can figure it out.
Rick Schrenker is a systems engineering manager for Massachusetts General Hospital. Questions and comments can be directed to 24×7 Magazine chief editor Keri Forsythe-Stephens at [email protected].
