docs icon indicating copy to clipboard operation
docs copied to clipboard

Published 20 hours ago verified publisher icon cds-hooks

Patient-view and risks for inappropriate advice

Open bvdh opened this issue 5 years ago • 3 comments

Some key CDS-Hooks use cases include:

  1. Show card based on FHIR data
  2. Show multiple cards relate to the same FHIR/context data, possibly from different CDS-Services

This makes the following scenario's possible:

  • When the CDS-Client decides to update information a CDS Sever depends upon, an update to the resource(s) will be present in the scratch-patch of the CDS-Client/EMR. Other cards are based on the old data and and no longer valid, they might even providing suggestions that can be potentially harm-full to the patient.
  • A Card is presented that provides a suggestion that solves an issue. The Suggestion is followed. Later, another change overrides that suggestion causing the original issue to re-appear. The current specification does not state the CDS-Service is recalled. It can also not access the information in the CDS-Client context. As a result, the practitioner cannot rely on the CDS-Service to provide guidance.

These scenario's both introduce significant and potentially dangerous situations. This raises the question of what use of the patient-view hook is justified that does not introduce these risks? If none, we should not publish the hook. If some, we should mention those, mention the risks and state that the patient-view SHALL not be used for such advice.

In practice this severely limits the use the patient-view. Addressing these issues might very well requiring new testing. As a result, one could even wonder whether the required changes are compatible with a maturity-level of 4.....

bvdh avatar Oct 04 '19 14:10 bvdh

Hey @bvdh,

At root - you're struggling to define how different CDS clients implement workflow and UI as it relates to the display of external CDS.

Should CDS Hooks really attempt to define this behavior? Our approach thus far has been to not prescribe cds client UI.

Would non-normative track recommendations for cds client behavior address your concerns?

Isaac

isaacvetter avatar Oct 09 '19 16:10 isaacvetter

Bas,

Do note that we do try to call out a related risk already in the spec:

The risk that a CDS Service could return a decision based on outdated patient data, resulting in a safety risk to the patient.

https://cds-hooks.org/specification/1.0/#security-and-safety

isaacvetter avatar Oct 09 '19 16:10 isaacvetter

Add documentation to note: For more information on patient safety issues see Security & Safety.

brynrhodes avatar Oct 09 '19 16:10 brynrhodes