Any framework used to regulate health information technology needs to be flexible and not stifle innovation while also leveraging existing patient safety and healthcare quality-improvement efforts, according to a new report by the Bipartisan Policy Center (PDF).

A Washington-based think tank founded in 2007 by former Senate majority leaders Howard Baker, Tom Daschle, Bob Dole and George Mitchell, the center hopes to guide the development of an HHS regulatory framework for health information technology.

The report noted that, while health IT plays an important role in improving healthcare quality and safety, it has the potential to cause harm “if not effectively developed, implemented, or used.” But then it cites a 2011 Institute of Medicine report that suggested health information systems were involved in less than 1% of medical errors.

Essential to such a framework, the BPC stated in the report, is a nonpunitive environment in which IT-related “patient safety events” can be reported and studied. To that end, the BPC also recommends the use of standardized reporting formats that “will significantly improve the ability for data to be aggregated and analyzed to support system-wide response and improvement.”

Potential for harm and the degree of direct patient contact should determine the level of oversight required, according to the report. With this in mind, the BPC stated that oversight for health IT should not be subject to the “traditional regulatory approaches” used in the oversight of medical devices.