Although clinical decision support is a key patient safety strategy, it may also have unintended consequences. Investigators analyzed clinical decision support system malfunctions and surveyed chief medical informatics officers about such incidents. Nearly all health systems experience decision support malfunctions, and the majority of respondents' health systems had at least one within the last 12 months. Detailed examination of several specific cases found that software updates, differences in data fields and codes, unintended enabling and disabling of rules, and technical problems with other systems all resulted in decision support malfunctions. These vulnerabilities often remain undetected and lead to irrelevant or erroneous alerts, which in turn contribute to alert fatigue. The authors suggest that clinical decision support requires more robust testing and monitoring to reach its potential as a patient safety tool.