Listen to the article
Dive Brief:
ECRI has named insufficient governance of artificial intelligence in healthcare as one of its top 10 patient safety concerns for 2025.
The report, which ECRI published Monday, warned AI could lead to misdiagnosis and outlined steps healthcare providers should take to mitigate risks posed by the technology.
ECRI included other threats on its list of patient safety concerns, noting that cybersecurity breaches can delay care and diagnostic errors can lead to improper treatment.
Dive Insight:
ECRI, a nonprofit focused on healthcare safety and quality, publishes a report of the top 10 threats to patients every year. The scope of the report extends beyond the medtech industry, with the top concern this year being the risks of dismissing patient, family and caregiver concerns. It also covers topics that affect manufacturers of medical devices and diagnostics.
This year, ECRI put insufficient AI governance second on its list of the top patient safety concerns. The nonprofit said AI has been present in healthcare for years and has the potential to improve outcomes and reduce costs. Yet, ECRI is also concerned about the potential for AI to endanger patients.
“Medical errors generated by AI could compromise patient safety and lead to misdiagnoses and inappropriate treatment decisions, which can cause injury or death,” ECRI said. “Staff may also have difficulty determining when events are attributable to AI, making such errors harder to track.”
ECRI provided recommendations for mitigating the risks posed by AI. If implemented, some of the advice could have implications for medtech companies with products that use AI. ECRI is advising healthcare providers to form multidisciplinary committees to evaluate new technologies that use AI and regularly assess safety and clinical outcomes related to practices impacted by AI.
The nonprofit put medical error and delay in care resulting from cybersecurity breaches fourth on its list of the top patient safety concerns. The ranking reflects the potential for breaches to cause patients to “experience poor outcomes from delays in tests and procedures, longer lengths of stay, more complications from medical procedures, more transfers and higher mortality rates,” ECRI said.
ECRI has advised healthcare providers to regularly assess cybersecurity risks and their adherence to best practices. Reviews should cover evaluations of threats and vulnerabilities, which can include connected medical devices, and the effectiveness of the organization’s existing security measures.
Diagnostic error placed seventh on the list of patient safety concerns. ECRI focused on the misdiagnosis of cancers, vascular events and infections, reflecting malpractice claims data that suggest they account for most serious errors. The nonprofit’s analysis of why errors happen focused on human mistakes and organizational shortcomings, rather than the accuracy of diagnostic tests.
Other threats to safety listed in the report include the wide availability of medical misinformation, the growing threat of substandard and falsified drugs, and inadequate communication and coordination during discharge.
