It's midsummer, 18 months before the millennium, and the traveling teams of equipment testers at Catholic Healthcare West have put more than 3,500 patient-care devices through their paces.
Subjecting one device after another to a scenario that convinces the computer clock it's the year 2000, they're hoping it won't matter a whit to the workings of monitors, pumps, analyzers and other key components of modern hospital care.
So far, the failure rate is 20%.
At the end of each test, someone snaps a digital photo of the device's computer-readout screen and includes a diagnosis that's stored with the cyber-photo in a database. Then it's time to move on.
The multimillion-dollar testing effort hit the ground running in January, but it's just a third of the way through an inventory of critical patient-care equipment in 37 hospitals, says Jack Beebe, one of several managers assigned to the search for year-2000 problems within the San Francisco-based system.
That's a lot further along than most hospitals, however.
As of January, fewer than 1% of healthcare organizations had done a detailed inventory and begun assessing millennium-date flaws that could compromise operations, according to a survey conducted by the GartnerGroup, a Stamford, Conn.-based information technology research firm.
The firm's research director for healthcare, Kenneth Kleinberg, says he hasn't seen much progress since then. In fact, he's still talking to organizations that haven't completed their budget and don't know what their problems are -- a critical lack of knowledge at this stage. "You just don't know what you're up against until you start," he says.
At the same time, organizations need to keep the equipment-related component of the problem in proper perspective. Tales of equipment gone awry, which have piled up during the past month in a sudden burst of awareness, could obscure the bigger picture.
"This is not a technology problem; it's a management challenge," says Alan Cranford, vice president for information systems operations at Tenet Healthcare Corp., Santa Barbara, Calif. Cranford, who oversees Tenet's year-2000 compliance efforts, begun in 1995, says, "We're cautiously optimistic."
Logical approach. Tenet has dealt successfully with equally complex issues before -- for example, the integration of information systems of acquired hospital companies such as OrNda HealthCorp, Cranford explains. Making sure computers and medical devices will function properly in the new millennium is a "very complex task," he says, but it's "manageable" as long as hospitals approach the problems methodically and logically.
That means identifying any software program or microchip with a date-related computation that might have a code that could not be recognized in the new millennium. In many cases, dates are stored as the last two digits of a year within that century. So "00" could be mistaken for 1900 instead of 2000 and cause a range of glitches, from the inability to print dates to a complete shutdown.
Without reports from the field to help frame the severity of this phenomenon, seers have seized on the hypothetical in sounding the alarm about medical devices -- painting pictures of widespread harm to patients unlucky enough to be hooked up to flawed devices when they malfunction.
At the other extreme, the whole issue has been portrayed as overblown, perhaps as a backlash to the doomsday visions.
Those going through the tedious, exacting work of examination are finding real-world problems somewhere in the middle:
* Not many glitches would directly harm a patient. But they could compromise the ability to diagnose and treat patients.
* Only a small number of devices would go as far as shutting down. But a significant number are plainly confused by the millennium change, and their data output reflects it.
* Dependence on automation in the lab, radiology unit, emergency department and operating room could make manual backup plans difficult if not impossible, threatening a hospital's ability to function.
* Finally, platoons of lawyers are sharpening their knives in anticipation of millennium bug horrors. Documenting a sensible, systematic approach will be an important insurance policy for hospitals in the likely event of litigation.
Crafting a commitment. The response to the year-2000 threat is the same as that for medical threats known in advance: prevention. And the treatment plan is similarly filled with variables.
The first step is taking a systematic inventory of the myriad medical equipment that could go haywire. Many hospitals don't know where to start assessing their problems because they aren't even sure what they own or use, many experts say.
"If you don't know what you have, you don't know what your risks are," says Anthony Montagnolo, vice president of technology planning at ECRI, a not-for-profit technology assessment firm based in Plymouth Meeting, Pa.
Most medical devices will operate just fine, he says, but the very real challenge for hospitals is that a small percentage of their equipment will have operational problems that must be ferreted out ahead of time. To find those needles in the haystack, though, you must first know how many haystacks you have and where they are.
The second step is to determine the millennium status of software and equipment, Kleinberg says. Only then can hospitals begin a detailed program of setting priorities and making repairs and replacements.
Catholic Healthcare West completed an initial assessment in December 1997, which outlined "the gross level of effort needed" to tackle the problem, says Dick Hutsell, vice president and information officer for year-2000 efforts.
A program management office was established at the corporate level to fight a campaign on three fronts -- computer software, computer-controlled medical equipment and network infrastructure -- each under the direction of a full-time manager.
CHW has committed 25% of its information-technology resources for a two-year period, which includes diverting 100 of the system's 400-person information systems staff to the task, says Hutsell. About $100 million is earmarked for capital and operations during the fiscal year that began July 1, and he says the effort will cost an estimated $130 million to $150 million by the time it's over, including the cost of replacing equipment.
The current 40-person project staff will balloon to as many as 200.
In the medical-device division headed by Beebe, 73,000 pieces of equipment have been identified, 22,000 with some type of date processor. From that list of targets, test findings already have mapped out some hot spots and relatively safe areas.
For example, thousands of infusion pumps that deliver intravenous solutions to seriously ill patients have been free of problems. But crucial patient monitors in the critical-care and intensive-care units have registered a significant rate of date-related errors.
The same types of results have been logged by a similar effort at Orange, Calif.-based St. Joseph Health System, where a testing schedule had covered seven of 16 facilities in the hospital system by June.
Of a total inventory of 47,100 devices, a third of the inventory has been assessed for impact on patient care, and 22% of the assessed equipment has been deemed mission-critical, says Dan Forrester, director of technology management at St. Jude Medical Center, a St. Joseph facility in Fullerton, Calif.
Of that mission-critical base, 54% of the devices were able to be tested, whereas 46% had microchips embedded in a way that precluded testing.
Of those tested, 18% failed.
Vendor gap. As early as 1997, vendors of healthcare software began talking up the year-2000 problem, announcing they were on the case and that hospital customers should get their work forces and checkbooks ready to handle important programming revisions (Feb. 17, 1997, p. 98).
Companies supporting these comprehensive, high-profile healthcare computer applications also were relatively forthcoming about systems that would be fixed and those that would not be -- making it clear what had to be replaced.
Compared with tracking several hundred software companies, the task of determining the status of medical devices made by an estimated 16,000 companies has been exponentially more difficult.
The difficulty was underscored last month by the U.S. Department of Veterans Affairs, which sent inquiry letters to its 1,600 medical-equipment vendors but still had either no answer or an unacceptable answer from a third of the roster after trying to get actionable status reports for a year (July 13, p. 14).
Official letters, when received, may not be the final word anyway. Some equipment makers flip-flop on whether their equipment will make the year-2000 grade.
"We've received various letters where the vendor has said one thing and then a month later contradicted it with another letter," says Carol Barnett, coordinator of year-2000 efforts at PeaceHealth in Bellevue, Wash.
"About three out of seven vendor compliance letters are false. They may be compliant per their definition but not ours," concurs Marion Powell, a consultant who until recently led year-2000 compliance efforts at Egleston Children's Hospital at Emory University in Atlanta. She recommends thoroughly testing equipment regardless of manufacturers' representations.
Forrester agrees it may be risky to take the word of a vendor that reports it has determined the extent of flaws in its products and is instructing customers on what to do. Some of the testing at St. Joseph has yielded results that conflict with the more optimistic pronouncements of vendors.
"We have sent a number of large, well-known manufacturers back to the drawing boards," he says. That happened as late as the end of June, when a team identified a scenario with a vendor-verified device in which the dates turned correctly but the equipment "didn't want to schedule any patients in 2000," Forrester says.
The only letter St. Joseph will take to heart from a vendor is one that says a device has problems. If a manufacturer OKs a device in correspondence, it will be tested anyway. "I will not let a letter define the risk to my patients," says Forrester.
Put to the test, no device has been identified as a potential cause of death because of failure, he emphasizes. But he adds that therapeutic or diagnostic equipment failures abound, and the inability to use them in a clinical setting could put patients at risk.
Front-line failure. That became clear when a St. Joseph testing team found some type of millennium-date problem with all seven blood gas analyzers at the first hospital it took on.
Luckily, the problems were minor. "Within days, all seven were remedied," Forrester says. That was good news for the equipment budget: The machines cost $40,000 each.
But the potential cost to the hospital was not just the price tag of each unit but the volume of surgery it could prevent by being out of service, he says. And though it's not uncommon for a device to break down or be unavailable for a variety of reasons, it would be another matter if the entire inventory conked out at once.
Testing results at CHW at this point include more than 50 blood gas analyzers with problems, Beebe says.
A blood gas analyzer "is really important if you're really sick," he says. It provides crucial information to physicians in serious situations involving general anesthetic or loss of blood. Its importance is driven home on television programs like "ER," where the trauma doctor played by actor Anthony Edwards routinely yells out, "I need a blood gas!"
Other types of glitchy devices monitor vital signs or medication dosage, and the data they produce must be accurate and reliable. But at CHW, investigators found:
* 25 electrocardiographs of one manufacturer failed the test.
* More than 40 anesthesia monitors, all the same brand, had a date problem.
* Six computed tomography scanners mishandled dates.
* More than 150 patient monitors used in critical-care and intensive-care units showed incorrect dates that didn't match supposedly corresponding dates in a printout.
Some ultrasound machines have become clueless about the date, which they normally use to calculate the age of fetuses being photographed for records, Beebe says.
In addition to affixing wrong or useless dates to records, faulty equipment could produce misleading trend information about a patient's condition by getting test results out of sequence, he says.
Left untested, inventories of devices could mishandle dates in so many subtle and severe ways that it could create a credibility problem with device-produced data in general, observers warn.
"The actual effect of the Y2K problem on a specific piece of equipment can be quite variable," says Paul Schyve, M.D., senior vice president of the Joint Commission on Accreditation of Healthcare Organizations.
Knowing the effect can help determine whether a date-related failure is a data-reporting problem with no real impact, a nuisance that clinicians can live with or a real threat to patient care and safety, Schyve says.
Degrees of impact. News coverage of the medical-device threat has homed in on products with life-and-death significance, such as implanted pacemakers and defibrillators. But experts say year-2000 problems are absent or relatively minor in those devices and do not interfere with performance.
The pacemaker threat is subjected to hyperbole because of a microchip embedded in the device, but it's used to regulate time of day, not date, says Bertram Reese III, corporate director of information systems for Sentara Health System.
When a patient moves to a different time zone, for example, a doctor adjusts the performance for a different 24-hour pattern of sleep time and activity, says Reese, whose testing teams have tackled 10% of the 14,000 medical devices awaiting verdicts within the Norfolk, Va.-based system.
Patients will be able to use a buggy defibrillator, but the internal chip that posts the time and date of any shock-triggering event will not record it accurately, Schyve says.
Despite that flaw, the shock of a defibrillator isn't something likely to go without notice, says Reese. "The patient knows he had an event, and he'll be able to piece it together."
With other devices, though, sometimes the internal date-reporting feature does matter. Undated or misdated electrocardiograms, for example, can deprive a physician of information on changes in heart rhythm over time because they don't establish the sequence of serial tests or the time in between, Schyve says.
Portable ECG machines were among the faulty devices the VA identified last month during its report on vendor cooperation, he says. The Joint Commission is one of several healthcare organizations in a VA-led alliance pressing vendors for more information on the millennium status of medical devices.
Clinicians face more serious problems in disciplines such as radiation oncology, in which the dosage of radiation in beams or implanted pellets depends on the age of a patient and the length of exposure, Schyve says. The harm in an overdose is obvious, but an underdose also could be harmful by not having the intended effect on a tumor, he says.
Some failures of machines could compromise both patient care and hospital operations. St. Joseph's investigations have identified year-2000 complications with 10 laboratory-specimen analyzers, the hubs of today's labs with price tags of about $120,000 each, Forrester says.
The analyzers are workhorses, handling up to 200 samples an hour and often reporting the results through a computer interface to a laboratory information system.
Gone are the days of testing specimens manually. In fact, medical technologists are so far removed from what used to happen in a lab that Forrester says he's not confident a manual backup procedure could be set up to work around a widespread equipment failure. "Labs are one of the most automated departments in a facility," he says.
Conversely, a bank of unaffected lab instruments could be reporting results into oblivion if the lab information system fails to function, says Susie McBeth, associate director of the Joint Commission's department of standards. In either scenario, she says, test results might not get back to a physician in time to help a patient.
The business risks. Whether or not a millennium-date problem directly affects a patient, the devices affected by the millennium bug were put there for good clinical and business reasons, observers say. So the loss of use creates both clinical and business complications that could undermine the operation of a key department.
"If you've lost laboratory, radiology or pharmacy, you've lost your hospital," Forrester says.
However, healthcare organizations can't get single-minded about finding and fixing glitches, because what counts most is that processes of care are preserved with integrity, says Schyve of the Joint Commission.
That means considering how possible year-2000 malfunctions would affect a range of hospital capabilities, spanning medical devices, software applications, telecommunications and automated aspects of a facility.
CHW is identifying about 20 software applications at each facility that have to work if the system hopes to preserve patient safety, quality care and financial viability, Hutsell says.
The information technology division will work to ensure the facilities receive software releases from vendors that fix the problems, and that the releases are installed and tested in time, he says.
Meanwhile, the infrastructure division will work to secure computer workstations and the electronic networks that connect them, and communications are under way with trading partners whose efforts will affect CHW.
Allina Health System in Minneapolis is working to guarantee core operational processes rather than concentrating on compliance of devices or systems.
It formed a team of patient-care providers and risk-assessment experts to identify key processes, looking for threats to their continuance and developing contingency plans, says Alan Abramson, Allina's vice president for information services.
When operations leaders gave it some thought, their No. 1 priority wasn't devices or software but something much more basic: telephone communications. Abramson says the top goal at Allina will be to secure private branch exchanges, known as PBX lines, so that hospitals will be able to continue communicating internally if outside telephone service is affected.
Next on the list is a guarantee that order management and admission/discharge systems will work, with a backup plan if they don't. The plan is to be ready for testing by April 1, 1999.
Another priority is lab systems, says Abramson, emphasizing that hospitals need devices up and running for specimen analysis.
Allina has identified 100,000 devices through a computerized maintenance inventory, and it has budgeted $5 million to $6 million this year for replacement of millennium-flawed inventory. But the system hasn't subjected microchips to failure-testing or documented individual devices.
Abramson says the system is monitoring manufacturer statements in a clearinghouse established by the Rx2000 Solutions Institute, a not-for-profit organization based in Edina, Minn. In addition, project leaders meet monthly with vendors such as HBO & Co. and Hewlett-Packard, tracking new announcements about software releases and information about the nature of programming flaws, Abramson says.
And Allina is planning to mobilize manual techniques in places where business is particularly at risk because of computer failure.
The object of the year-2000 initiative is not necessarily to identify failures but to develop ways to work around the failures that could occur, he says.
Legal risk ahead. In many ways, year-2000 compliance is an extension of conventional risk management. "You have to be able to prove that you've done what was prudent and necessary," says Tom Lindl, a vice president at medical equipment consulting firm U.S. Counseling Services in Brookfield, Wis. "One thing seems to be certain: The lawyers will be involved."
And the nexus of legal liability and technical complexity means that medical equipment compliance can't be taken for granted.
Manufacturers' blanket assertions of compliance are especially suspect.
A particular version of software changed during repair can mean the equipment you own won't comply, despite what a manufacturer's database might say, warns consultant Marion Powell. So test and document, she advises.
"Post-2000, if there are any legal snafus, I don't think courts would look upon it very kindly" if you didn't test at-risk equipment, she says.
This exam is timed. Beyond the obviously critical software and devices, however, providers may not be able to get to all their inventory in the time left to repair and prepare.
GartnerGroup research shows that some larger providers that started efforts before 1998 are motivated and confident they will be able to test every device. But smaller, resource-constrained providers have said they will rely on third-party test results and on letters of assurance from their vendors.
Most, though, "will probably fall somewhere in the middle, testing as many devices as they can and focusing on those that appear to present the greatest risk of problems," according to a GartnerGroup research note issued in June.
The process of device testing is not easy, and if not done carefully it can do more harm than good to the equipment (See related story, p. 52). The testing requires either intimate knowledge of a particular device's circuitry or clear direction from the vendor on how to prompt the device to reveal its programming.
But, Forrester says, healthcare networks can't wait for the perfect test procedure or a straight answer from all vendors in an inventory. His advice to providers: "Quit talking about it and just go do it."