State data showed patient safety events in Maryland's 62 hospitals more than tripled between 2019 and 2022, reaching the highest level recorded since 2004, The Washington Post reported Sept. 24.
The report of deaths and injuries was delayed for several months after the state lost access to the patient safety database following a December 2021 cybersecurity breach. While recovering from the attack, the state used spreadsheets to track some of the required information, which led to the 2022 fiscal year report being less comprehensive than those of previous years. For example, the report could not say how many Maryland patients died because of hospital mistakes.
"Marylanders deserve transparency and accountability," Chase Cook, a spokesman for the health department, told the Post. "The Maryland Department of Health is working to construct any missing information from available records."
Even without the cyberattack, the Maryland Department of Health's Office for Health Care Quality does not track many key indicators of systematic problems and relies heavily on hospitals to report mistakes voluntarily. Only incidents involving death or serious injury of a patient must be reported, though hospitals are encouraged to report less serious events. After reporting an adverse event, a hospital is required to investigate the cause and submit a corrective plan to the state. The state signs off on plans but doesn't make investigations public.
Experts told the Post this approach means only serious events are reported, and less harmful incidents and near misses are never reported. On top of that, most of the medical harm data collected by the state is not publicly disclosed due to state laws that seek to encourage hospitals to report mistakes without fear of public scrutiny.
The health department told the Post it is building a new database to track patient safety incidents and anticipates it will be ready this fall. The agency is also working to identify missing information from the 2022 report and share it once it's available.