Designing Safe and Effective Digital Health Applications | Dave Levin, M.D. and Maulin Shah, M.D., Industry Voices | Healthcare Blogs Skip to content Skip to navigation

Designing Safe and Effective Digital Health Applications

| Reprints
The app revolution in healthcare is coming, but will carry risks along the way

The deployment of electronic health records (EHRs) and the emergence of robust, API-based integration have combined to create he opportunity for innovation through the integration of third-party digital health applications. This powerful, new paradigm of integration has inherent challenges and lacks a clear framework for maximizing benefit while minimizing risk. Having a set of guiding principles to help identify potential defects and mitigate risk is a good start.

We have identified six key principles that help identify specific areas of focus when developing digital health applications that will integrate with an EHR. We have also expanded on these ideas in a detailed white paper that includes a set of screening questions that can be used by IT professionals.


Principle #1 – Integration APIs can be generically risk-stratified based on function and use.

APIs that provide EHR integration points can be grouped into risk categories based on their function and use. These categories can be used as a high-level screening tool when assessing new applications or functions.


Risk Category

API Action


Low Risk

Reading data from the EHR

  • Allergies
  • Labs

Medium Risk

Writing data to the EHR

  • Documents
  • Medical history (including past medications)
  • Observations

High Risk

Writing clinical actions to the EHR

  • Prescriptions
  • Orders

Table 1. API Risk Categories

It can be safe to build applications in any of the risk categories. The key is to understand the rationale and assess if the benefit makes it worthwhile. The higher the risk, the more imperative it is to ensure solutions are both worth it and up to the challenge.

Principle #2 – Respect native EHR clinical decision support (CDS).

With rare exceptions, designers should not bypass or in any way inhibit the expected performance of native EHR CDS which is typically a combination of EHR vendor, enterprise and local customizations. All writing of clinical data into the EHR should be carefully reviewed to assess if there is an impact on CDS functionality.

In rare cases where the decision is made to bypass native CDS, the impact must be carefully documented and validated with the health system hosting the EHR. Special attention needs to be given to both the affected current CDS logic and potential future rules that could be ignored by the application.

Principle #3 – Always write data to the “right” database location.

EHRs and the analytics and reporting that are built upon them make certain assumptions about where data is located within the underlying database. All too often, applications writing to the EHR will put important information in the wrong “place,” which may work fine for their use case but can have dangerous downstream impacts.

Like CDS, analytics and reporting are typically a combination of an EHR vendor, enterprise and local design and customizations. Also, analytics can drive CDS and other real-time activities that could be adversely affected if data is written carelessly. If data is written to the “wrong” location, CDS (and clinical users) can be fooled, leading to unforeseen and undesirable results.

Principle #4 – Comprehensive non-production testing is a critical element of safe operations.

The potential for harm in clinical IT is significant. Harm reduction should be based on a “swiss cheese” model that identifies and mitigates risk at multiple levels. Testing should be standardized and use adequate data sets in a robust non-production environment. Workflows should also be validated with appropriate end-users.

Minimalistic test data is unlikely to be rigorous enough to proactively identify issues. Test scenarios should be as realistic as possible. Involving actual end-users (and not just their representatives!) is critical to identifying real-life workflows and issues.

Principle #5 – Mission critical applications should be robust and reliable.

Healthcare applications (both clinical and non-clinical) that are mission critical require high reliability. Careful planning, monitoring and rehearsal of downtime procedures are the hallmark of highly reliable systems. These should be part of any plan to deliver and support critical systems. Given the high volume of transactions, specific attention should be given to handling “silent” failures (e.g., a transaction is dropped without an obvious impact). Proactive performance monitoring is also essential.

Principle #6 – Know and follow data privacy and HIPAA best practices.

EHR source data often contains personal health information (PHI). Application designers should know and follow appropriate best practices to protect PHI and ensure compliance with HIPAA. Appropriate audit trails should be maintained, business associate agreements (BAA) should be in place and organizations should conduct regular, meaningful HIPAA compliance exercises.


Health IT is on the cusp of an “app revolution.” You need look no further than the smartphone in your pocket to see where we are headed: a symphony of applications that work together seamlessly and effectively to provide better healthcare. But the revolution also carries risks. Careful attention to the design principles outlined above combined with a methodical approach to screening and addressing issues can go a long way towards ensuring the revolution will be both safe and effective.

A comprehensive white paper that includes more detail and a set of screening questions for professional developers is available here.

Dr. Dave Levin has been a physician executive and entrepreneur for more than 30 years. He is a former Chief Medical Information Officer for the Cleveland Clinic and serves in a variety of leadership and advisory roles for health IT companies, health systems and investors. You can follow him @DaveLevinMD or email

Dr. Maulin Shah is a physician and engineer and has been an innovator in health IT for 20 years. He is Chief Informatics Engineer at Providence St. Joseph Health where he leads the design and usability of clinical workflow innovations. You can follow him @maulinpshah or email

2018 Raleigh Health IT Summit

Renowned leaders in U.S. and North American healthcare gather throughout the year to present important information and share insights at the Healthcare Informatics Health IT Summits.

September 27 - 28, 2018 | Raleigh


Survey: Physicians Sour on Value-Based Care Metrics, EHRs

September 19, 2018
by Rajiv Leventhal, Managing Editor
| Reprints
They new research has several key findings related to value-based care, health IT and burnout

More than 50 percent of U.S. physicians who receive value-based care compensation said they do not believe that the metrics the reimbursement is tied to improve the quality of care or reduce costs, according to a new survey.

The research comes from The Physicians Foundation, an organization seeking to advance the work of practicing physicians and helps them facilitate the delivery of healthcare to patients. The Foundation’s 2018 survey of U.S. physicians, administered by Merritt Hawkins and inclusive of responses from almost 9,000 physicians across the country, reveals the impact of several factors driving physicians to reassess their careers.

Specifically, the new survey underscores the overall impact of excessive regulatory/insurer requirements, loss of clinical autonomy and challenges with electronic health record (EHR) design/interoperability on physician attitudes toward their medical practice environment and overall dissatisfaction—all of which have led to professional burnout.

The research revealed several key findings, including that value-based compensation is directly connected to the overall dissatisfaction problem, which is tied to metrics such as EHR use, cost controls and readmission rates, etc. Forty-seven percent (compared to 43 percent in the 2016 survey) of physicians have their compensation tied to quality/value, but when physicians were asked if they believe that value-based payments are likely to improve quality of care and reduce costs, 57 percent either disagreed or strongly disagreed that this is the case, while only 18 percent either agreed or strongly agreed that it is.

As one responding physician put it: “We are no longer in the business of healthcare delivery, we are in the business of ‘measures’ delivery.” More than 13 percent of physicians are not sure if they are paid on value.

What’s more, the research found that 88 percent of physicians have reported that some, many or all of their patients are affected by social determinants. Conditions such as poverty, unemployment, lack of education, and addictions all pose a serious impediment to their health, well-being and eventual health outcomes. Only one percent of physicians reported that none of their patients had such conditions.

Additional notable findings from the research included:

  • 18.5 percent of physicians now practice some form of telemedicine
  • 80 percent of physicians report being at full capacity or being overextended
  • 40 percent of physicians plan to either retire in the next one to three years or cut back on hours—up from 36 percent in 2016
  • 32 percent of physicians do not see Medicaid patients or limit the number they see, while 22 percent of physicians do not see Medicare patients or limit the number they see
  • 46 percent of physicians indicate relations between physicians and hospitals are somewhat or mostly negative

Coupled altogether, 78 percent of physicians said they have experienced burnout in their medical practices, according to the survey’s findings. And the results show that one of the chief culprits contributing to physician burnout is indeed the frustration physicians feel with the inefficiency of EHRs.

“The perceptions of thousands of physicians in The Physicians Foundation’s latest survey reflect front-line observations of our healthcare system and its impact on all of us, and it’s sobering,” Gary Price, M.D., president of the Foundation, said in a statement. “Their responses provide important insights into many critical issues. The career plans and practice pattern trends revealed in this survey—some of which are a result of burnoutwill likely have a significant effect on our physician workforce, and ultimately, everyone’s access to care.”

More From Healthcare Informatics


Brigham Health’s 3-Pronged Approach to Reducing EHR’s Contribution to Burnout

September 18, 2018
by David Raths, Contributing Editor
| Reprints
Focus is on individualized training, reducing unnecessary clicks, voice recognition tools

Research studies have found that “burnout” is nearly twice as prevalent among physicians as among people in other professions.  Physician surveys have found that 30 to 60 percent report symptoms of burnout, which can threaten patient safety and physician health. With EHR documentation ranked high among aspects of their work physicians are dissatisfied with, Brigham Health in Boston has taken a three-pronged approach to reducing the pain.

Brigham Health, which is the parent organization that includes Brigham and Women’s Hospital, Brigham and Women’s Faulkner Hospital and the Brigham and Women’s Physicians Organization, rolled out its implementation of Epic in 2015. In a Sept. 18 presentation that was part of the Harvard Clinical Informatics Lecture Series, Brigham Chief Information Officer Adam Landman, M.D., said the organization’s initial EHR physician training was eight hours of classroom training on where to find things in the EHR instead of focusing on workflows and how to use the EHR to support it.  “Our experience was not the best,” Landman admitted.  They followed up with tip sheets, a help desk and a swat team to do service calls, but providers only rated those interventions as somewhat helpful, so Brigham informaticists re-doubled their efforts to:

• Improve the EHR;

• Provide one-on-one training in the clinical setting; and

• Offer voice recognition software and training.


Mastering the EHR: How Optimization Services Foster Quality Documentation & Physician Satisfaction

We know the goal of the electronic health record (EHR) is to create an optimal work environment that allows providers to maintain a healthy work/life balance while efficiently capturing critical...

Landman said IT teams at Brigham feel a sense of urgency about reducing the burden of EHR documentation. “Burnout is an epidemic, and the EHR is a component of this,” he said, adding that the changes are not just a one-year cycle but must involve continual iterative improvements. “We need to be more aggressive about making changes,” he said.

He described some efforts to reduce notifications and remove clicks from the medication refill process. They also removed a hard stop when discontinuing a medication. Those three changes alone reduced the number of clicks per month by 950,000 across the health system.

They also worked to reduce clinical decision support alerts with very low acceptance rates by turning them off. Three alerts with very low acceptance rates were turned off. “If we thought they were important, we would fine tune them to increase the acceptance rate,” Landman stressed. “That is part of clinical decision support lifecycle management. But we will continue to iterate to reduce the number of unnecessary clicks.”

A year and a half ago, Brigham also created a one-to-one support program, in which an expert trainer would meet the physicians in their practice and help them with their work flow. A pilot project involved four specialties, including general surgery. Each session was 90 minutes to two hours long, and providers were offered one or more follow-up sessions, as well as optional training on speech recognition. After seeing some negative feedback on their initial classroom training, the one-to-one sessions were met with a very positive response. Almost 95 percent said it was valuable, and 95 percent said they thought their efficiency with the EHR would improve following the training. Based on that early success, the training effort is now being rolled out to much larger groups of physicians at Brigham and across the Partners HealthCare network.

In another attempt to improve documentation turnaround time, Brigham has made voice recognition tools and training available to physicians. They made two-hour training sessions mandatory for those interested in adoption, with additional personalization sessions also available. Informaticists partnered with departments to build department-specific order sets. (Brigham also started offering 15-minute e-learning sessions for residents.) More than 90 percent of surveyed physicians said the training met expectations, and 70 percent said they would be willing to have additional training, Landman said. Currently 5,000 physicians across Partners are trained to use voice recognition tools with the EHR.

Landman also cited a study that compared U.S. and international use of Epic that saw a huge disparity in length of documentation notes. The U.S.-based users’ notes were nearly four times longer on average than those of their international counterparts. Epic users overseas tend not to complain about the burden of documentation, he noted. This has to do with how the provider notes are used in billing, he said, adding that CMS is working on proposals to change billing requirements that may alleviate some of the documentation burden for physicians.

In closing, Landman urged informatics colleagues to think about working on EHR optimization research and studying the impact of policy and technology changes. “New technology tools can seem fun and exciting, but for physicians who see up to 100 patients per day, they can be quite overwhelming,” he said. “We don’t want physicians spending half their time doing administrative work.”






Related Insights For: EHR


Electronic Consent: Setting a New Standard for Informed Consent

Please register to download

The Direct Impact on Satisfaction, Compliance, Productivity, and Cost

The inefficiencies inherent to paper-based consent form processes can result in missing or improperly scanned forms. This leads to delays and inconsistencies, drains the valuable time of clinicians, exposes hospitals to risk, and ultimately, impacts patient safety.

For many health systems, enhancing the informed consent process is directly tied to key strategic initiatives, such as patient safety, cost savings, and risk management.

See more on EHR