The Therac-25: A Major Failure in Patient Safety

Posted on: Fri, 03/13/2020 - 11:53 By: Leon San Salvador
Radiation Symbol

March 8-14, 2020 is Patient Safety Awareness Week! As stated by the Institute for Healthcare Improvement, it "is an annual recognition event intended to encourage everyone to learn more about health care safety." Their page on the subject goes on to explain that, "Although there has been real progress made in patient safety over the past two decades, current estimates cite medical harm as a leading cause of death worldwide." Sadly, these deaths are largely preventable.

This initiative was created to raise awareness about the role that everyone in the healthcare industry plays in ensuring the safety of patients - even if they never even see one. You might be wondering why we at Dream Axiom would concern ourselves with this. After all, we are a creative agency and technology contractor, not a medical company!

While it's early for a formal announcement, we can at least share the fact that we are doing work for a company that IS in the medical field. Although nobody on our team will ever be seeing patients (unless they change careers), our work will likely affect those who do. Understanding this fact is important. When those who work in technology fail to grasp the impact their work may have on others - especially in medicine - the consequences can be deadly. Case in point: the Therac-25. The harm done by this piece of medical technology delivers a tragic lesson in patient safety, and ultimately demonstrates how lack of accountability, insufficient testing, and overconfidence in design can lead to disaster.

According to its Wikipedia page, The Therac-25 was a computer-controlled radiation therapy machine. By design, it gave patients a limited, targeted dose of radiation. It was the latest model in a line of such machines, the previous systems being the Therac-6 and the Therac-20. Those models used physical, mechanical hardware locks to prevent patients from receiving radiation overdoses. However, the Therac-25 had no such hardware. This was cutting edge technology, and the software controls in the computer component were thought to be enough to prevent such an occurrence.
Unfortunately for the six patients between 1985 and 1987 bombarded with a hundred times the normal dose of radiation, this was not the case. Three of these pour souls died.

Ultimately, the persistent and untiring work of hospital staff physicist Fritz Hager of the East Texas Cancer Center led to the discovery of this deadly problem. The machine's cryptic and undocumented "MALFUNCTION 54" error was getting them nowhere, and the manufacturer's responses to queries were unhelpful and alarming in their flippancy. Hager and the technician who had experienced the error spent an entire weekend working to pinpoint the problem. Finally, after hours of relentless experimentation, they were able to recreate the error and identify the cause. A certain combination of keystrokes and sudden mode changes would cause the machine to fire multiple energy beams that lead to the deadly overdoses.

The control software which was thought to be sufficient to protect against this scenario had not been tested thoroughly enough. The lack of the previous models' hardware safety interlocks meant that nothing stood between the system's inability to keep up and the safety of the patients who ultimately suffered from radiation poisoning. The Therac-25 incident led to multiple investigations, the FDA declaring the device to be defective, and the manufacturer AECL to release software patches and hardware upgrades to render the device mostly safe. "Mostly", because a new error was found in 1987, leading to another death. (For more on this story, read this excellent Hackaday article.) 

Ultimately, it wasn't the software's fault. It wasn't the hardware's fault. It was multiple departments' mutual reliance upon "the other guy" having done their part. The software designer "knew" that the hardware was safe. The hardware engineers "knew" that the software could compensate. A classic saying comes to mind: "The left hand didn't know what the right hand was doing."

As we close out 2020's Patient Safety Awareness Week, we should take the story of the Therac-25 as an object lesson about assuming. (Yes, we all know what "Assume" spells.) The very lives of patients are in the hands of those who trust the technology that we build. We must ensure that trust is well-earned. No one team can assume that the other has all the bases covered. It is our duty to ensure that the pieces of any system we build will not only work in their own isolated space, but will interact properly - and safely - with all the others. It's not just doctors and nurses, not just the "boots on the ground" in hospitals and clinics. It's all of us who touch the systems they use. Patient safety is our job too.


Add new comment

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.