Shift-Left EHR Data Quality as a Patient-Safety Strategy in European Acute Hospitals

Introduction

A “shift-left” data quality strategy in an Electronic Health Record (EHR) means that data are validated, standardized, governed, and made clinically usable at the point where they are created, rather than corrected later in a data warehouse, registry, audit process, medicial coding or AI pipeline. In a European acute hospital, this is not merely an informatics improvement. It is a patient-safety intervention, a clinical governance obligation, and a regulatory compliance strategy under the General Data Protection Regulation (GDPR), the European Health Data Space Regulation (EHDS), and the Artificial Intelligence Act when EHR data feed AI-enabled clinical decision support systems.

The central argument of my essay is that a shift-left EHR data quality strategy should be implemented as a risk-based clinical safety programme, not as a purely technical data-cleaning project. It should prioritize data elements that directly affect diagnosis, medication safety, care escalation, handover, discharge, infection prevention, deterioration detection, and Potentially Preventable Complications (PPCs). Because PPC identification depends heavily on accurate baseline status, timing, present-on-admission information, procedures, diagnoses, and complications, poor EHR data quality can both increase the risk of harm and distort the hospital’s ability to measure preventable harm.

This discussion is not legal advice; European acute hospitals must validate the final implementation against national health law, supervisory authority guidance, procurement rules, and local clinical safety standards.

1. Regulatory context: EHDS, GDPR, and the AI Act

The EHDS Regulation creates a European framework for the primary and secondary use of electronic health data. Its stated aim is to improve individual access to and control over personal electronic health data while enabling trusted use of health data for healthcare, research, innovation, policymaking, patient safety, statistics, and regulatory activities (European Parliament & Council of the European Union, 2025). The Regulation entered into force in 2025, with phased application from 2027 onward, including later implementation milestones for EHR-system requirements and priority categories of electronic health data. (Eur-Lex)

For acute hospitals, the most operationally important EHDS provisions are those requiring healthcare providers to register relevant personal electronic health data in EHR systems, update those data, and align with European quality requirements concerning semantics, uniformity, consistency, accuracy, and completeness. EHDS priority categories include patient summaries, electronic prescriptions, electronic dispensations, medical imaging and reports, test results, and discharge reports. The European Electronic Health Record Exchange Format is also intended to support structured and unstructured data, coding systems, technical interoperability, and machine-readable exchange (European Parliament & Council of the European Union, 2025).  (Eur-Lex)

The General Data Protection Regulation (GDPR) supplies the data protection foundation. Its core principles include lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability (European Parliament & Council of the European Union, 2016). Health data are special-category personal data, and their processing requires a valid legal basis and an Article 9 condition, such as healthcare provision, public health, or research with appropriate safeguards. GDPR also requires data protection by design and by default, security of processing, and Data Protection Impact Assessments when processing is likely to create high risks, including large-scale processing of health data or use of new technologies (European Parliament & Council of the European Union, 2016). (Eur-Lex)

The Artificial Intelligence Act (AI Act) becomes relevant when EHR data are used in AI-enabled clinical decision support (CDCS), triage, deterioration prediction, diagnostic assistance, medication optimization, or automated documentation tools. For high-risk AI systems, the AI Act requires data governance, attention to data collection, preparation, cleaning, suitability, representativeness, bias, completeness, and error reduction. It also requires technical documentation, logging, transparency, human oversight, and deployer obligations, including ensuring that input data are relevant and sufficiently representative when the deployer controls those data (European Parliament & Council of the European Union, 2024). (Eur-Lex)

Thus, a shift-left strategy is a practical way to operationalize all three regimes: EHDS requires interoperable, high-quality health data; GDPR requires accurate, minimized, secure, accountable processing; and the AI Act requires reliable data governance for AI systems used in clinical contexts.

2. Conceptual foundation: data quality as clinical safety infrastructure

EHR data quality is commonly assessed across dimensions such as completeness, correctness, concordance, plausibility, currency, conformance, and bias (Weiskopf & Weng, 2013; Kahn et al., 2016; Lewis et al., 2023). A recent systematic review of EHR data quality literature found recurring use of dimensions such as completeness, correctness, concordance, plausibility, and currency, while also emphasizing the need to address conformance and bias (Lewis et al., 2023). 

These dimensions have direct clinical meaning. An incomplete medication record can cause duplicate prescribing. An incorrect allergy entry can suppress appropriate therapy or fail to prevent anaphylaxis. A non-standard laboratory code can prevent a sepsis alert from firing. A delayed vital sign entry can cause deterioration surveillance to miss a critical trend. A missing present-on-admission (POIA) indicator can misclassify a complication. Therefore, EHR data quality should be treated as part of the hospital’s clinical risk-control system.

The shift-left principle changes the locus of control. Instead of relying primarily on retrospective medical coding audits, registry cleaning, warehouse transformation, or AI model preprocessing, the hospital prevents defective data from entering the care record. This does not mean burdening clinicians with excessive alerts or rigid forms. It means embedding proportionate, clinically intelligent and relevant controls into the workflow at the moment when incorrect, incomplete, duplicated, or ambiguous information is most likely to influence clinical care.

3. Implementation model for a European acute hospital

3.1 Establish a clinical data quality governance board

A clinical data quality governance board’s purpose is to ensure that EHR data are fit for clinical care, patient safety, quality improvement, regulatory reporting, interoperability, research, and AI-enabled decision support. This aligns with the EHDS focus on secure and interoperable EHR systems, the GDPR principles of accuracy, data minimisation, integrity, confidentiality, accountability, and privacy by design, and the AI Act’s requirements for data governance, human oversight, and risk control in high-risk AI systems.

A clinical data quality governance board should not be staffed only with IT or data specialists. It must be a clinical safety governance board for clinical data. Its members must be able to answer four questions continuously:

  1. Is this data clinically safe to use?
  2. Is it legally and ethically governed?
  3. Is it technically interoperable and auditable?
  4. Does it improve patient outcomes and reduce preventable harm?

Successful implementation starts with governance. The hospital should create a competent and capable multidisciplinary EHR data quality and patient safety board chaired jointly by clinical leadership and digital leadership. Core members should include the Chief Medical Information Officer (CMIO), Chief Nursing Information Officer (CNIO), Data Protection Officer (DPO), Chief Information Security Officer, quality and safety leads, pharmacy, laboratory medicine, radiology, infection prevention, health information management, coding, AI governance, procurement, legal counsel, and patient representatives.

A competent and capable body should define the hospital’s EHR data quality policy, approve high-risk data domains, oversee clinical safety cases, and set measurable data quality objectives. Under GDPR, the board should ensure accountability, data protection by design, minimization, security, and DPIA governance. Under EHDS, it should ensure interoperability, logging, and structured registration of priority health data. Under the AI Act, it should govern input data quality, human oversight, logging, monitoring, and feedback loops for AI-enabled systems. (EHDS, GDPR, AI Act))

Note: The Clinical Data Quality Governance Board shall collectively possess clinical, technical, legal, ethical, informatics, cybersecurity, interoperability, AI-governance, and quality-improvement capabilities sufficient to ensure that EHR data are accurate, complete, timely, standardised, secure, auditable, and fit for clinical care, patient safety, PPC prevention, regulatory reporting, interoperability, research, and AI-enabled decision support:

  1. Clinical and patient-safety expertise: The board must include senior clinicians and nurses who understand acute-care risk, bedside decision-making, care pathways, and adverse-event prevention. Their role is to ensure that validation rules, mandatory fields, clinical decision support, and documentation standards are clinically meaningful rather than bureaucratic.
  2. Health informatics and EHR architecture expertise: The board needs members who understand how the EHR, clinical modules, interfaces, data warehouses, terminology servers, order-entry systems, medication administration records, laboratory systems, radiology systems, and clinical decision support systems interact (enterprise architecture).
  3. Data quality science and measurement expertise: The board must be able to define, measure, and monitor data quality. The literature commonly identifies EHR data quality dimensions such as completeness, correctness, concordance, plausibility, and currency, and uses methods such as validity checks, data-source agreement, gold-standard comparison, distribution comparison, log review, and element presence. 
  4. Information governance and data stewardship expertise: The board should include data stewards or health information management experts who can translate governance principles into operational rules. Healthcare data governance requires policies, procedures, standards, ownership, decision rights, roles, responsibilities, and accountability for data use, access, retention, sharing, and quality.
  5. Legal, GDPR, and ethics expertise: The board needs legal, compliance, and Data Protection Officer (DPO) input. GDPR requires personal data to be accurate, limited to what is necessary, processed securely, and governed under accountability and data protection by design and by default.
  6. Cybersecurity and identity-management expertise: High-quality data must also be trustworthy and protected. The board should include security expertise to ensure that integrity, confidentiality, access control, and auditability are built into EHR data governance.
  7. Interoperability and terminology expertise: Because EHDS promotes interoperable electronic health data exchange, the board needs expertise in clinical terminology, semantic interoperability, and standards.
  8. AI, clinical decision support, and model-risk expertise: Where EHR data feed AI systems or advanced clinical decision support, the board needs AI governance competence. The AI Act requires high-risk AI systems to address data governance, risk management, documentation, transparency, logging, human oversight, and monitoring.
  9. Quality improvement, audit, and outcome-measurement expertise: The board must convert data-quality governance into measurable safety improvement.
  10. Change management and clinical engagement expertise: Shift-left data quality changes workflows. The board therefore needs members capable of managing adoption, training, communication, and resistance.

3.2 Prioritize safety-critical data elements

The hospital should not attempt to validate every EHR field with equal intensity. A shift-left programme should start with data that influence immediate clinical risk and PPC prevention. Priority domains include patient identity, allergies, medication orders, medication administration, diagnoses, problem lists, comorbidities, weight, height, renal function, pregnancy status where relevant, vital signs, laboratory results, imaging results, device insertion and removal times, surgical procedure times, infection markers, fall risk, pressure injury risk, Venous Thromboembolism (VTE) risk, discharge medications, discharge summaries, and present-on-admission status.

For PPCs, the hospital should specifically prioritize baseline status and temporality. PPC classification depends on whether a condition developed after admission and whether it was plausibly preventable given the patient’s condition, procedures, and care context. The original PPC method explicitly relied on present-on-admission (POA) indicators to distinguish pre-existing conditions from hospital-acquired complications (Hughes et al., 2006). Modern PPC grouping systems similarly use whether a condition was present on admission, patient characteristics, reason for admission, procedures, and clinical relationships to determine potential preventability. (Potentially Preventable Complications)

Note: The First Hour Quintet (FHQ) is a term defined by the European Emergency Data Project (EED Project). It identifies the five most critical, time-sensitive medical emergencies in European prehospital care where immediate intervention drastically improves survival and long-term outcomes (Cardiac Arrest, Severe Trauma, Stroke, Acute Coronary Syndromes (e.g., Heart Attacks), Acute Respiratory Failure).

3.3 Define “data contracts” for clinical data producers

A (clinical) data contract is a formal agreement about the meaning, format, timing, owner, permissible values, provenance, and downstream use of a data element. In a hospital, data producers are clinicians, nurses, pharmacists, laboratory staff, imaging staff, administrative staff, devices, interfaces, and sometimes AI tools. A data contract for a medication order, for example, should specify the required drug identifier, dose, route, frequency, indication where needed, start time, stop time, prescriber identity, allergy checks, renal-dose logic, and administration linkage.

These contracts should be embedded in EHR configuration, interface specifications, procurement contracts, and clinical policy. They should also define what happens when data are uncertain. In acute care, forcing certainty can be dangerous; therefore, the system should allow clinically legitimate unknowns, provisional diagnoses, exceptions, and override reasons, while preserving auditability.

Note: A data contract for clinical data producers can be understood as a data-quality Service Level Agreement (SLA) between those who create clinical data and those who depend on it for care, reporting, research (secondary use), reimbursement, interoperability, and AI-enabled decision support. In an acute hospital, the “service” is not only IT availability. It is the reliable production of clinically meaningful, timely, complete, standardized, and safe EHR data.

3.4 Embed point-of-care validation without creating alert fatigue

The operational core of shift-left EHR data quality is point-of-care validation. Examples include range checks for vital signs, unit checks for weight and laboratory values, required dose-route-frequency fields for prescriptions, duplicate patient warnings, allergy-medication conflict checks, renal-dose checks, pregnancy or age contraindication checks, impossible date checks, procedure-admission temporal checks, and mandatory acknowledgement of critical results.

However, the hospital should avoid indiscriminate hard stops. Poorly designed alerts can produce alert fatigue and clinician workarounds. Evidence reviews of computerized provider order entry and clinical decision support show that these tools can reduce medication errors and adverse drug events, but unintended consequences include alert fatigue and provider burden (Agency for Healthcare Research and Quality, 2024). (Computerized Clinical Decision Support)

A safer design is tiered validation. Low-risk anomalies should generate soft warnings. High-risk contradictions, such as a life-threatening allergy conflict or missing dose for a high-alert medication, may justify hard stops. Medium-risk issues should allow override with structured justification. Alert performance should be monitored through override rates, acceptance rates, downstream harm signals, and clinician feedback.

3.5 Use international semantic standards and interoperable formats

A European acute hospital should standardize clinical meaning at entry, not only during extraction. This requires controlled terminologies and coding systems for problems, laboratory observations, medications, imaging, procedures, devices, and discharge information. SNOMED CT supports consistent clinical terminology and is used internationally; LOINC provides universal identifiers for laboratory and clinical observations (SNOMED International; Regenstrief Institute). 

The hospital should implement an efficient and effective  terminology service that manages SNOMED CT, LOINC, WHO ICD, WHO ATC or validated and verified national drug dictionaries, UCUM units, and high quality, verified and validated national-to-international mappings. It should version mappings, document assumptions, and prevent uncontrolled proliferation of local codes. This is essential for EHDS interoperability, cross-border exchange, analytics, AI safety, secondary use, and PPC measurement.

3.6 Build AI and CDSS guardrails into the EHR workflow

Artificial Intelligence (AI)-enabled data quality tools can support shift-left implementation. Natural language processing (NLP) can identify contradictions between free text and structured fields. Predictive models can identify missing risk assessments. AI-assisted documentation can propose structured codes. However, these tools must not silently overwrite the clinical record. Clinicians should review, accept, reject, or correct AI-generated suggestions (Human-in-the-loop, HITL).

For high-risk AI systems, the AI Act requires data governance, relevant and representative datasets, bias assessment, technical documentation, logging, transparency, and human oversight. It also requires deployers to use systems according to instructions, assign competent human oversight, monitor operation, keep logs, and ensure input data are relevant and sufficiently representative when they control those data (European Parliament & Council of the European Union, 2024).

Accordingly, the hospital should maintain AI model documentation, local validation evidence, drift monitoring, bias testing, incident reporting, and clinical override workflows. AI should be treated as a controlled clinical technology, not as an invisible data-cleaning layer.

Note: Human-in-the-loop (HITL) bridges the gap between AI capabilities and human intelligence to ensure systems are accurate, safe, and aligned with human values. It combines the speed of machine learning with human judgment.

Note: A risk is a potential future event that might happen, while an issue is a problem that has already occurred and is affecting you right now. Mitigation refers to the proactive steps taken to reduce the likelihood or negative impact of a risk before it materializes.

Note: A failure mode is the specific way, or manner, in which a care process, or system can fail to perform its intended function. In Failure Mode and Effects Analysis (FMEA), teams identify these modes to evaluate the resulting consequences and mitigate risks before they occur. Once the failure modes are identified, teams prioritize them to decide where to focus prevention or mitigation efforts. This is typically done using the Risk Priority Number (RPN), a numerical score used in FMEA to evaluate, compare, and prioritize potential risks in a care process or system. It guides teams on which failures require immediate corrective action (e.g. hospital power failure/brown out mitigation, never events).

3.7 Implement privacy, security, and auditability by design

Shift-left data quality must not become excessive data collection. GDPR requires data minimization, accuracy, confidentiality, integrity, and accountability. It also requires privacy by design and default, meaning that only necessary data should be processed by default and access should be limited to what is needed for the clinical purpose (European Parliament & Council of the European Union, 2016).

The hospital should therefore combine data quality with access control, role-based and context-based permissions, pseudonymization for secondary use, encryption, audit logging, retention rules, patient rights management, and regular security testing. EHDS also requires EHR systems to support interoperability and logging, including recording who accessed data, what categories were accessed, when, and from which source (European Parliament & Council of the European Union, 2025).

3.8 Measure data quality and link it to outcomes

The hospital should run clinically relevant operational dashboards for completeness, correctness, plausibility, timeliness, conformance, duplication, reconciliation, and provenance. Examples include the proportion of medication orders missing dose or route, allergy reconciliation completion, duplicate medical record numbers, missing present-on-admission (POA) indicators, uncoded laboratory tests, late vital-sign entry, incomplete and unsigned discharge summaries, missing device removal times, and critical results without documented acknowledgement.

These metrics should be connected to clinical outcomes and PPC indicators. Relevant outcome measures include medication-related harm, healthcare-associated infections, pressure injuries, falls with harm, venous thromboembolism (VTE), postoperative complications (SSIs, DVT, PE, ...), acute kidney injury (AKI), sepsis deterioration, length of stay (LOS), (potentially preventable) readmission (PPR), (standardized) mortality, and patient complaints (PREMs, PROMs). The hospital should use statistical process control (SPC), audit sampling, incident reviews, and clinical validation to distinguish true safety improvement from mere documentation change.

Note: The "Rule of Ws" is a classic medical mnemonic used by clinicians to monitor and anticipate common postoperative complications, particularly those presenting as fevers. It provides a logical timeline for when specific issues are most likely to emerge following surgery (Wind, Water, Wound, Walking, Wonder Drugs).

Note: Hospital discharge continuity of care refers to the coordinated transition of a patient from the hospital to home or another care setting. It relies on timely, accurate information sharing, clear follow-up appointments, and active caregiver involvement to prevent complications and reduce the risk of (preventable) hospital readmissions (PPR).

4. Importance for patient safety and outcomes

Shift-left EHR data quality improves patient safety because modern hospital care depends on accurate digital information. Clinicians often make decisions from medication lists, allergies, laboratory trends, imaging reports, prior diagnoses, device status, and discharge information entered by other professionals. The EHR is therefore part of the care environment itself.

Medication safety is a clear example. Clinical decision support (CDS) can reduce medication errors and adverse drug events when alerts are relevant, patient-specific, and integrated into prescribing workflows (Agency for Healthcare Research and Quality, 2024). But such systems depend on accurate patient weight, renal function, allergies, medication history, route, dose, and timing. A renal-dose alert cannot work reliably if creatinine values are delayed, miscoded, or attached to the wrong patient. An allergy alert cannot work if allergy information is free text, duplicated, outdated, or not reconciled.

Diagnostic safety is another example. Diagnostic error is associated with failures in information gathering, result follow-up, communication, and care coordination. AHRQ identifies clinical decision support, test-result notification, education, and peer review as patient safety practices relevant to diagnostic error prevention (Agency for Healthcare Research and Quality, 2020). Shift-left validation helps ensure that symptoms, vital signs, laboratory results, imaging findings, and differential diagnoses are captured and communicated before diagnostic closure occurs.

The outcome benefit is not automatic. EHR controls can improve safety only if they are clinically meaningful, usable, proportionate, and monitored. Poorly designed validation can increase documentation burden, produce alert fatigue, and encourage workarounds. Therefore, a mature shift-left strategy must combine technical validation with human factors engineering, clinician co-design, training, audit, feedback, and governance.

Note: In software, "elephant paths" (also known as "desire paths") refer to the unofficial workarounds or shortcuts users and developers create to bypass intended product designs. They reveal friction in your software and indicate where user behavior contradicts the intended experience.

5. Importance for avoiding Potentially Preventable Complications

PPCs are especially sensitive to EHR data quality because they concern complications that develop after admission and may be linked to processes of care. Preventing PPCs requires early recognition of risk, reliable documentation of baseline status, timely preventive interventions, and accurate recording of complications.

First, shift-left data quality supports clinical prevention. Pressure injuries require reliable skin assessment, mobility status, nutrition risk, device pressure documentation, and repositioning plans. Falls require fall-risk assessment, medication review, mobility support, cognitive status, and environmental precautions. VTE prevention requires accurate risk assessment, contraindications, prophylaxis orders, and administration records. Healthcare-associated infection prevention requires accurate device insertion and removal times, antibiotic timing, culture results, isolation status, and infection markers. Medication-related PPCs require accurate allergy, medication reconciliation, dose, renal function, and administration data.

Second, shift-left data quality supports early detection. Many PPCs begin as subtle changes in vital signs, laboratory values, mobility, intake-output balance, wound status, or device status. If these data are late, incomplete, inconsistent, or unstructured, deterioration models and clinical teams may fail to recognize preventable harm in time.

Third, shift-left data quality supports valid measurement. PPC classification depends on temporality and present-on-admission status. If the EHR does not reliably distinguish pre-existing disease from hospital-acquired complications, the hospital may misclassify events, undercount preventable harm, overcount complications that were already present, or misdirect improvement resources. This is why present-on-admission (POA) information was central to early PPC methodology (Hughes et al., 2006).

Fourth, shift-left data quality reduces the gap between clinical reality and administrative coding. PPC programmes can fail if they become retrospective coding exercises disconnected from care delivery. A shift-left strategy makes the clinically relevant facts - risk factors, baseline status, interventions, contraindications, complications, and timestamps - available while care is still ongoing (in-line). That allows prevention, not just measurement.

Preventable patient harm is a major policy and safety concern. A systematic review in The BMJ found that preventable patient harm occurs across care settings, with drug-related harm, therapeutic management, and invasive or surgical care among common categories (Panagioti et al., 2019). WHO also identifies medication errors, unsafe surgery, healthcare-associated infections, diagnostic errors, falls, pressure ulcers, patient misidentification, unsafe transfusion, and venous thromboembolism as important patient-safety problems (World Health Organization, 2023).

6. Relationship between Shift-Left EHR Data Quality, Evidence-Based Medicine, and Evidence-Based Practice

A shift-left EHR data quality strategy is a prerequisite for reliable Evidence-Based Medicine (EBM) and Evidence-Based Practice (EBP) in European acute hospitals. EBM requires clinicians to integrate the best available research evidence with clinical expertise and the individual patient’s circumstances and preferences (Sackett et al., 1996). EBP extends this principle into everyday clinical, nursing, administrative, and organisational practice by translating valid evidence into consistent care processes, protocols, pathways, and quality-improvement interventions (Melnyk et al., 2010; Brunt, 2023).

However, both EBM and EBP depend on trustworthy patient data. Research evidence and clinical guidelines must be applied to the correct patient, at the correct time, using accurate information about diagnoses, comorbidities, allergies, medication history, laboratory values, vital signs, imaging, risk scores, and treatment response. If EHR data are incomplete, delayed, duplicated, miscoded, or clinically implausible, then even a well-designed evidence-based guideline or clinical decision support system may produce unsafe recommendations.

Shift-left EHR data quality therefore functions as an enabling infrastructure for EBM and EBP. By validating and standardising data at the point of entry, the hospital increases the reliability of bedside decision-making, medication alerts, deterioration detection, care bundles, PPC surveillance, audit, benchmarking, and learning-health-system feedback loops. In this sense, shift-left data quality connects evidence generation with evidence implementation: it ensures that clinical evidence is not only known, but applied safely to accurate, patient-specific information.

This is especially important for preventing Potentially Preventable Complications (PPCs). Evidence-based prevention bundles for falls, pressure injuries, healthcare-associated infections, venous thromboembolism, adverse drug events, and postoperative complications depend on accurate risk assessment, timely documentation, structured care-plan activation, and reliable monitoring. Poor EHR data quality can interrupt this chain, causing the hospital to miss risk signals, delay preventive action, or misclassify complications. A shift-left strategy therefore strengthens the practical execution of EBP by making the EHR a dependable platform for prevention, surveillance, and continuous improvement.

EBM defines the obligation to use the best evidence for individual patient care; EBP translates that evidence into routine clinical workflows; and shift-left EHR data quality ensures that these evidence-based decisions and workflows are executed on accurate, complete, timely, and interoperable patient data. Without high-quality data at the point of care, evidence-based healthcare becomes vulnerable to diagnostic error, medication error, missed deterioration, unreliable performance measurement, and avoidable harm.

7. Practical implementation sequence

A realistic European acute hospital implementation can proceed in eight phases:

  1. Regulatory and clinical risk assessment. Map EHDS, GDPR, AI Act, national health law, medical-device rules, and hospital safety obligations. Identify EHR workflows that affect diagnosis, medication, deterioration, handover, discharge, and PPCs.
  2. Data inventory and criticality ranking. Catalogue safety-critical EHR data elements, their clinical owners, sources, standards, validation rules, downstream uses, AI dependencies, and PPC relevance.
  3. Data contracts and standards. Define required fields, terminologies, units, timestamps, provenance, exception handling, and quality thresholds. Align with SNOMED CT, LOINC, drug dictionaries (WHO ATC, RxNorm), , UCUM units, and EHDS exchange requirements.
  4. Workflow redesign. Co-design validation with clinicians. Embed clinically relevant checks into prescribing, nursing assessment, laboratory reporting, imaging reporting, surgical documentation, discharge, and device management.
  5. Technical implementation. Configure EHR forms, clinical decision support, terminology services, interface engines, identity management, audit logs, security controls, and AI/Clinical Decision Support System (CDSS) monitoring.
  6. Privacy and AI governance. Complete Data Protection Impact Assessments (DPIA) where required, define legal bases and GDPR Article 9 conditions, implement access controls, evaluate AI system classification, create human oversight procedures, and document model/data governance.
  7. Pilot and safety case. Start with high-risk units or workflows such as emergency admission, ICU transfer, medication prescribing, surgery, or discharge. Test usability, false positives, override rates, and safety incidents before scaling.
  8. Continuous learning. Monitor data quality, alert performance, clinician burden, patient-safety incidents, PPC trends, and outcome metrics. Use feedback to adjust validation rules, standards, training, and governance.

Conclusion

A shift-left EHR data quality strategy in a European acute hospital should be understood as a clinically governed, legally accountable, interoperable, privacy-preserving patient-safety system. EHDS makes high-quality interoperable health data central to European healthcare. GDPR requires accuracy, minimization, security, and accountability. The AI Act requires rigorous data governance, human oversight, logging, and deployer responsibility when AI systems use clinical data.

For patient safety, the strategy matters because inaccurate or incomplete EHR data can directly influence prescribing, diagnosis, escalation, handover, discharge, and clinical decision support. For PPCs, it matters because prevention and measurement both depend on accurate baseline status, present-on-admission indicators, timestamps, procedures, diagnoses, risk factors, and preventive interventions. The hospital that corrects data only downstream can measure some defects after harm has occurred. The hospital that shifts data quality left can prevent defects from becoming clinical risks and issues.

EBM tells clinicians what should be done based on evidence; EBP embeds that evidence into practice; shift-left EHR data quality ensures the patient-specific data used to apply that evidence are safe, accurate, and actionable.

References

Agency for Healthcare Research and Quality. (2020). Diagnostic errors. In Making Healthcare Safer III: A critical analysis of existing and emerging patient safety practices.

Agency for Healthcare Research and Quality. (2024). Computerized clinical decision support to prevent medication errors and adverse drug events. In Making Healthcare Safer IV.

Brunt, B. A., & Morris, M. M. (2023). Nursing professional development evidence-based practice.

European Parliament and Council of the European Union. (2016). Regulation (EU) 2016/679: General Data Protection Regulation. Official Journal of the European Union.

European Parliament and Council of the European Union. (2024). Regulation (EU) 2024/1689: Artificial Intelligence Act. Official Journal of the European Union.

European Parliament and Council of the European Union. (2025). Regulation (EU) 2025/327: European Health Data Space. Official Journal of the European Union.

Hughes, J. S., Averill, R. F., Eisenhandler, J., Goldfield, N. I., Muldoon, J., Neff, J. M., & Gay, J. C. (2006). Identifying potentially preventable complications using a present on admission indicator. Health Care Financing Review, 27(3), 63–82.

Kahn, M. G., Callahan, T. J., Barnard, J., Bauck, A. E., Brown, J., Davidson, B. N., ... & Schilling, L. (2016). A harmonized data quality assessment terminology and framework for the secondary use of electronic health record data. Egems, 4(1), 1244.

Lewis, A. E., et al. (2023). Electronic health record data quality assessment and tools: A systematic review. Journal of the American Medical Informatics Association, 30(10), 1730–1740.

Melnyk, B. M., Fineout-Overholt, E., Stillwell, S. B., & Williamson, K. M. (2010). Evidence-based practice: step by step: the seven steps of evidence-based practice. AJN The American Journal of Nursing, 110(1), 51-53.

Panagioti, M., Khan, K., Keers, R. N., et al. (2019). Prevalence, severity, and nature of preventable patient harm across medical care settings: Systematic review and meta-analysis. BMJ, 366, l4185.

Regenstrief Institute. (n.d.). LOINC data standards.

Sackett, D. L., Rosenberg, W. M., Gray, J. M., Haynes, R. B., & Richardson, W. S. (1996). Evidence based medicine: what it is and what it isn't. bmj, 312(7023), 71-72.

SNOMED International. (n.d.). What is SNOMED CT?

Sutton, R. T., Pincock, D., Baumgart, D. C., Sadowski, D. C., Fedorak, R. N., & Kroeker, K. I. (2020). An overview of clinical decision support systems: benefits, risks, and strategies for success. NPJ digital medicine, 3(1), 17.

Weiskopf, N. G., & Weng, C. (2013). Methods and dimensions of electronic health record data quality assessment: Enabling reuse for clinical research. Journal of the American Medical Informatics Association, 20(1), 144–151.

World Health Organization. (2023). Patient safety.

Peter Van Osta. An essay concerning a new healthcare.

Popular posts from this blog

De financiële leefbaarheid van een Belgisch acuut ziekenhuis onder BFM, nomenclatuurafdrachten en supplementen

1. Inleiding: leefbaarheid is geen eenvoudige “winst per dienst” Voor Belgische algemene ziekenhuizen bestaat er geen publiek, uniform en eenduidig boekhoudkundig klassement dat per acute dienst exact aangeeft wat “winstgevend” of “verlieslatend” is. Dat zou bovendien sterk verschillen per ziekenhuis, algemene en financiële regeling, kamerpolitiek, case-mix, schaalgrootte, conventiegraad, ligduur, personeelskost en interne kostenallocatie. De onderstaande indeling moet daarom gelezen worden als een financieringslogische en empirisch onderbouwde schematisering , niet als een universele winst-en-verliesrekening. De kern is dat Belgische ziekenhuizen in hoofdzaak worden gefinancierd via een complex duaal systeem : enerzijds het Budget van Financiële Middelen (BFM), dat vooral verpleegkundige, niet-medische en werkingskosten dekt; anderzijds medische honoraria, waarvan artsen een deel afdragen aan het ziekenhuis. In 2023 bestond de omzet van algemene ziekenhuizen volgens 'Naar een gez...
Read more

Cheat sheet medische dossiervoering, MZG-codering en BFM-impact - voor artsen in Belgische acute ziekenhuizen

 Inleiding Deze cheat sheet is geschreven als intern ziekenhuisdocument, voornamelijk voor Belgische artsen in een niet-psychiatrisch ziekenhuis. De belangrijkste bron voor deze cheat sheet is MZG , een verplicht registratiesysteem voor Belgische niet-psychiatrische ziekenhuizen. MZG ondersteunt onder meer organisatie en financiering van de gezondheidszorg (BFM); de registratie gebeurt via Portahealth (PH).  Het Belgisch ziekenhuisdossier moet minimaal diagnoses, onderzoeken, adviezen, behandeling, evolutie, operatie-/anesthesieprotocol en ontslagverslag bevatten; het ontslagverslag moet de continuïteit waarborgen en het dossier moet de diagnostische en therapeutische aanpak getrouw weergeven.  Voor MZG worden administratieve en medische gegevens continu geregistreerd binnen semestriële registratieperiodes; overdracht aan de FOD Volksgezondheid gebeurt uiterlijk vijf maanden na het einde van de registratieperiode, na uitgebreide interne en externe controles en valid...
Read more

Organisatie van acute, niet-planbare zorg en electieve geplande zorg in een Belgisch ziekenhuis - invloed op het zorgproces en het Budget Financiële Middelen (BFM)

Inleiding Hieronder doe ik een bescheiden poging om de impact te bespreken van acute, niet-planbare zorg (vb. cardiologie/oncologie in een acute setting) en electieve, planbare zorg (vb. schouder-, knie-, heupingrepen) op de zorgprocessen én op het Budget Financiële Middelen (BFM) van een Belgisch algemeen ziekenhuis. Acute, niet-planbare zorg: proces- én BFM-impact Acute zorg (spoed, AMI, CVA, traumatologie, urgente oncologische trajecten, INZO, ...) vereist 24/7-beschikbaarheid, korte doorlooptijden, “stand-by” capaciteitsbuffers en sterke interdisciplinaire coördinatie en organisatie. Operationeel vertaalt dit zich in continu bemande teams (spoed, cathlab call-rondes, interventionele radiologie, INZO, ...), observatie-/short-stay-bedden en snelle (klinische) diagnostiek. Financieel rust een groot deel van de vaste kostenlast op het BFM (A- en B-onderdelen): investeringen/kapitaal (A), algemene werkingsmiddelen (B1), en dienst-/case-mix-afhankelijke verdelingen (B2). het KCE schetst ...
Read more