Oct 04, 2017

- Posted at 5:00 pm -- By Joey - administrator

Recommendations for the Safe Use of Copy and Paste

Recommendations for the Safe Use of Copy and Paste

Recommendations for the Safe Use of Copy and Paste

Article published in AHDIONLINE MAY/JUNE 2017 Magazine

(Volume 13, Issue 3)


Lorraine Possanza, DpM, JD, MBe
and Maura Crossen-Luba, B.S., MpH, CpH

Copying and pasting information is a familiar, time saving computer function. However, errors in copy and paste can occur quickly and may not be readily recognizable. When a copy and paste error occurs in the context of patient care, the consequences can be devastating—patients may need to undergo additional or repeated procedures or may receive the wrong medications or treatments. The risks associated with using copy and paste in health care include the following (Partnership):

  • An overabundance of information (i.e., “note bloat”), which makes relevant information unclear or hidden
  • Propagation of internal inconsistencies and errors
  • Delay in diagnoses
  • Inaccuracy in billing
  • Documentation in the wrong patient chart

[read more]Although copy and paste is not a new or exclusive function in the electronic health record (EHR), the patient safety issues surrounding the practice are not well recognized. For example, in 2013, the U.S. Department of Health and Human Services Office of Inspector General found that only about one-quarter of hospitals had a copy and paste policy (OIG). Professional associations are increasingly cautioning about the use of this functionality and about its associated pitfalls (AHIMA; EHRs: ‘Sloppy and Paste’), and healthcare organizations are only now beginning to recognize and address the issue.

The lagging emphasis on the patient safety risk associated with copy and paste may be partially explained by the dearth of research on the subject. ECRI Institute’s Health Technology Assessment group performed a literature review related to copy and paste in 2015 and found only a handful of case studies on adverse effects of copy and paste and no research studies on the prevalence of adverse outcomes from copy and paste (ECRI Institute). Use of copy and paste among clinicians, however, appears to be high, with one study finding 90% of physicians that used electronic notes used copy and paste for daily inpatient progress notes (O’Donnell). The ECRI Institute literature review found studies indicating that use of copy and paste appeared in “nearly all aspects of the medical note (e.g., history of present illness, physical examination, assessment, plan)” (ECRI Institute).

With knowledge of the safety issues surrounding the use of the copy and paste functionality, the Partnership for Health IT Patient Safety (the Partnership), a multi- stakeholder collaborative convened by ECRI Institute, formed a workgroup to evaluate the issue. This workgroup, chaired by Tejal Gandhi, MD, MPH, CPPS, IHI Chief Clinical and Safety Officer, comprised of a diverse group of participants, including individual practitioners, hospital safety leaders, health information technology (IT) vendors, professional societies, academic researchers, patient safety organizations (PSOs), and medical malpractice insurers, investigated the use of this functionality.

To study this issue, the workgroup first defined the scope of copy and paste, with the focus on information that is reused from other areas or from different systems but that is volitionally obtained and used elsewhere without having to retype that information. Next, the workgroup reviewed de-identified events associated with copy and paste, further illustrating how this practice can compromise safety. For example, one report indicated that lab information was identified but copied into the incorrect chart. Finally, the workgroup identified vendor functionalities available for information reuse. The workgroup also looked at the challenges and successes others had in addressing the use of copied and pasted information (Partnership).

Although using copy and paste can interject discrepancies and incorrect information and can create diagnostic bias and impede communication, it also can help clinicians by allowing for the efficient entering of complex information and completeness of documentation and reducing transcription errors. Therefore, the copy and paste functionality can be used, but with caution (Partnership).

The Partnership workgroup issued the following four recommended safe practices in February 2016 related to using the copy and paste function in the EHR:

  • Provide a mechanism to make copy and paste material easily identifiable.
  • Ensure that the provenance of copy and paste material is readily available.
  • Ensure adequate staff training and education regarding the appropriate and safe use of copy and paste.
  • Ensure that copy and paste practices are regularly monitored, measured, and assessed.

Providers, vendors, professional organizations, and others are encouraged to examine and implement the safe practice recommendations, which are freely available at ECRI Institute’s website.

The caution offered in the use of copy and paste by the four safe practice recommendations are in many ways common sense. Copied and pasted information should include only accurate, timely, and pertinent information reflecting the care provided. Making copied information readily visible lets the reader evaluate the information

in the appropriate light and helps prevent inaccurate selection of information (i.e., truncation). Knowing the origin of copied information and knowing when a note was written allows the reader to place that information in context. Moreover, it is essential that copied information be reviewed to ensure that the information is as intended. However, without adequate staff training and assessment of current practices, those using the functionality will remain unaware of the volume of information reused and the potential for safety issues.

Following the Partnership’s publication of the Safe Practice Recommendations in 2016, the National Institute for Standards and Technology (NIST) examined the functionality of the recommendations. In conducting its analysis, NIST observed copy and paste-related tasks performed by clinical providers and interviewed these same clinical providers regarding their experience with the EHR and the copy and paste functionality. The NIST study supported the human factor aspects of the recommendations, mainly the visibility of the functionality and knowledge about the provenance of the materials copied. It was impossible to fully test the recommendations concerning training and monitoring (Lowry).

The NIST report and the Partnership workgroup emphasized that some materials should never be cop ied and pasted, such as dates, signature lines, and blood bank information. Other information must be properly reviewed and edited when it is copied and pasted. Some information is more appropriate for copying and pasting with review, such as stable information that changes in frequently (i.e., past medical, surgical, or social history). Additionally, NIST reported that copying and pasting a medication with its dosing is much safer than selecting a medication from a dropdown menu, but that pasting new medication orders should be discouraged (Lowry). NIST published its findings from this study in January 2017 as report NISTIR8166, Examining the ‘Copy and Paste’ Function in the Use of Electronic Health Records.

The takeaway message from the Partnership’s safe practices and the NIST report is that it is important to visualize what has been copied and pasted to be aware of the source of the information. Further, any copied and pasted information should still be reviewed and edited for accuracy and completeness. The work of the Partnership underscores the importance of multi-stakeholder cooperation and collaboration across all aspects of health care and health IT. The workgroup and the resulting safe practices have shown not only that all health IT stakeholders have distinct roles to play in health IT patient safety, but also that they can come together to make the use of this technology safer. More information regarding the Partnership and additional Safe Practice Recommendations and work- groups can be found at the ECRI Institute website.


Dr. Possanza joined ECRI Institute in 2013 and is the project director for the Partnership for Health IT Patient Safety, a project that is convened and operated by ECRI Institute. Dr. Possanza is a board-certified podiatrist who has served on the staff of numerous hospitals, surgical centers, and nursing facilities and provided care in the VA Hospital system. Dr. Possanza attained her law degree while working full time in her podiatry practice. After leaving her practice, she served as the director of risk management at a 400-bed teaching hospital and transitioned into the practice of law, defending physicians and hospitals in professional liability actions and subsequent ly working in a regulatory and transactional health law practice focusing on Stark, Anti-kickback, HIPAA, and HITECH issues. She is admitted to practice in Pennsylvania and before the United States Patent and Trademark Office and maintains an active podiatric medical license in Pennsylvania. Additionally, Dr. Possanza holds a Master of Bioethics (MBE) from the University of Pennsylvania, with interests in clinical ethics mediation and end-of-life care.

Ms. Crossen-Luba is a business development/patient safety analyst at ECRI Institute and is responsible for project management and the development of risk management guidance on a variety of topics for ECRI Institute’s Patient Safety, Risk, and Quality group. Her quality improvement project experience for healthcare facilities includes project management, recruitment of hospitals, and implementation of best practices. Ms. Crossen-Luba has also researched and written numerous healthcare risk, quality, and patient safety guidance articles, and has been involved in developing various other educational and training materials for healthcare professionals.


AHIMA. “Appropriate use of the copy and paste functionality in electronic health records.” American Health Information Management Association (AHIMA), 2014 [cited 2016 Mar 2], www.ahima.org/topics/ehr.

ECRI Institute. “Copy/paste: prevalence, problems, and best practices.” 2015 Oct [cited 2017 May 2], www.ecri.org/Resources/HIT/CP_Toolkit/CopyPaste_Literature_ nal.pdf.

“EHRs: ‘sloppy and paste’ endures despite patient safety risk.” Chicago: American Medical Association; 2013 Feb 4 [cited 2017 May 2], www.amednews.com/article/20130204/profession/130209993/2/

Lowry SZ, et al. “Examining the ‘copy and paste’ function in the use of electronic health records.” National Institute of Standards and Technology (NIST). U.S. Department of Commerce. NISTIR 8166, 2017 Jan [cited 2017 Jan], http://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8166.pdf

O’Donnell HC, et al. “Physicians’ attitudes towards copy and pasting in electronic note writing.” NCBI, J Gen Intern Med 209 Jan;24(1):63-8, www.ncbi.nlm.nih.gov/pubmed/18998191.

Of ce of Inspector General (OIG), U.S. Department of Health and Human Services. “Not all recommended fraud safeguards have been implemented in hospital EHR technology.” OEI-01-11-00570. 2013 Dec [cited 2016 Mar 2], http://oig.hhs.gov/oei/reports/oei-01-11-00570.pdf.

Partnership for Health IT Patient Safety. “Health IT safe practices: toolkit for the safe use of copy and paste.” 2016 Feb [cited 2017 May 8], www.ecri.org/Resources/HIT/CP_Toolkit/Toolkit_CopyPaste_final.pdf.



Write A Comment

Your email address will not be published. Required fields are marked *