in such traditional library functions as storage, retrieval, and dissemination of medical information (Food and Drug Administration, 1989). As of this writing, however, the FDA's policy on the regulation of computer products had not been finalized; this situation creates uncertainty for vendors about potential regulation and its effects on system development costs and time.
Liability for system defects is also a concern of vendors, particularly given the still-developing field of medical computer liability (Brannigan and Dayhoff, 1986; Willick, 1986; Metzger, 1988; Denis and Poullet, 1990). It has been asserted that a strict liability is likely to be applied to system vendors in cases in which the computer produces output on which a physician relies without further checking, for example, patient record systems (Brannigan and Dayhoff, 1986; Bronzino et al., 1990).
Liability for defects in clinical decision support systems is less clearly defined. System developers (i.e., health care specialists and computer programmers), manufacturers, purchasers, and users are all involved in bringing a computer system to the patient. In cases in which harm is caused, liability could be assigned if negligence (i.e., lack of due care) can be proved and if the patient can prove that the negligent party owed a duty of care to the patient. (Physicians already have an established duty of care to patients.) Practitioners are expected to use such systems to supplement the medical library or to act in place of a consultant; they can ignore information provided by such systems and are expected to evaluate its accuracy. Thus, liability for negligence in the use of clinical decision support systems could apply to practitioners.6
The nature and obduracy of the legal barriers to CPR implementation must be understood, underscored, and addressed. For that reason, Appendix B discusses legal aspects of computer-based patient records and record systems. Among the more critical legal aspects addressed there are regulatory and accreditation issues, evidentiary issues, patient privacy and record access concerns, record ownership questions, legal risks attached to specific CPR systems, and computer contracting issues. The committee regarded these issues as significant obstacles and formulated a specific recommendation to address legal barriers (see Chapter 5).
To transmit and link records presumes the existence of an infrastructure, that is, a network and standards for data communication on the network.