EHRs are much more complex than ERP systems because they have to deal with hundreds or even thousands of medical treatment processes. In addition, they support the hugely complex billing systems for each major insurer and government payer -- whose own validation systems are designed to discover reasons not to pay, which means there's much more accountability and analysis needed in EHRs for billing than you likely realize.
Also, EHRs are supposed to exchange data with other EHRs, whether directly or through what's called a health information exchange (HIE). The huge differences in EHR data and processes makes the already Herculean task of HIE integration even more difficult because a larger organization might need to interact with multiple HIEs, each with its own custom methods.
There's no national HIE standard because that's not how the United States operates: The market gets to decide what works, which is great for meeting local needs but terrible for tasks like integration. There is an effort under way to create a national HIE standard that the regional HIEs could use, as could individual providers, but it's still in early stages -- and won't likely be mandated.
Finally, there's a government mandate called Meaningful Use, which requires that patients engage with their medical providers and their own medical data, such as by accessing test results online or consulting with physicians over email or phone. In fact, the regulations require that all medical providers make a patient's medical records available electronically to any patient who wants it.
Such engagement is supposed to empower patients to be partners in their well-being, as well as reduce costs by avoiding in-hospital treatments and reducing relapses. (In fact, cost savings was a key goal of the Clinton and Bush policies that led to the EHR mandate.) The feds have a standard called Blue Button for displaying that patient data, but it's basically a big ASCII data dump, nothing a normal person can parse. A more useful version of Blue Button is being promoted, but adopting it requires EHRs to format their data in comprehensible, consistent ways, not just dump it out. Few EHRs are designed to do that.
Thus, we have a mess of proprietary EHR systems with highly customized processes, a set of HIEs that use different standards and protocols to connect them, and a mandate to provide human-readable data from these disparate systems. What could possibly go right?
Contradiction 2: HIPAA privacy implementations and the mandate to exchange patient data
Although "privacy" is nowhere in the 1996 HIPAA law's name, enforcing confidentiality of patients' personal health information is a major component of the law. It also formalized some of the major operational goals for EHRs and HIEs, as well as provided assurance that insurers couldn't deny coverage to people in employer-sponsored plans based on information the insurers could access legitimately. In an era where insurers used medical data unrelated to claims to deny or cancel coverage and where some employers sought to avoid or remove employees who might have expensive medical needs, that privacy mandate was a big win for patients.
But HIPAA's focus on privacy works against the portability of health information that the original Clinton-era policies, HIPAA, and the later HITech (Health Information Technology) Act all sought to deliver. Before a provider can release any medical information about you to another provider, it needs your signed consent. Employees of your medical provider are covered, but not contractors such as ambulance services and home aides, specialist referrals, dentists, optometrists, and so on. They each need to get permission to see your medical data.