Abstract
This chapter describes a comprehensive approach to adverse event investigation and risk assessment, as well as the characteristics of an integrated system for patient safety and clinical risk management. Drawing on evidence from other industries and healthcare organizations across the globe, the author’s report how such a system can be developed with the active involvement of policy-makers, healthcare managers, health professionals, and patients. Human factors and ergonomics provide the theoretical framework in which the guiding principles, methods, and tools are selected and applied to identify, analyze, and prevent risks related to unsafe care in any healthcare setting.
You have full access to this open access chapter, Download chapter PDF
Similar content being viewed by others
Keywords
1 Risk Management in Complex Human Systems and Organizations
1.1 Living with Uncertainty
Risk is an integral part of human activities, both in living and working environments. Every day, an individual performs a considerable number of actions, which, in most cases, are “inter-actions” with other people or tools or work environments. Interactions are more complex than elementary actions because the people, objects, or contexts with which we interact and offer opportunities for (affordance) and constraints on action [1,2,3]. Interactions have consequences that can change the status of objects or people. In the worst scenarios, an object used in an unexpected way can break or even cause fatal damage; inappropriate communication with another person may offend or provoke violent reactions.
The consequences of an interaction are not always predictable. For this reason, in the development of humanity, organizations have progressively emerged, places and structures in which, more or less formally, legitimate and illegitimate behaviors are distinguishable [4], in order to contain the risk associated with the intrinsic unpredictability of interactions. Organizations are socially regulated contexts, in which more or less explicit norms influence the choices and behavior of individuals. The rules, however, can be sometimes fallacious or deficient, consequently favoring the wrong choices or inhibiting the correct actions. Rules are the bureaucratic expression of power and can therefore benefit some subjects to the detriment of others, sometimes fostering environments that, in hindsight (the “historical truth”) are recognized as harmful for the organization itself or for the individuals who belong to it [5].
In today’s world, practically all human activities take place within organizations, subject to rules, involving the use of tools and interpersonal relationships. It is these interactions that determine the development of an environment of greater or lesser safety for the subjects who are a part of it or who, for some reason or another, are involved in its dynamics. It is exactly starting from these interactions that people attribute meaning to their being and to the world around us, in the constant attempt to find reasons for the activities we find ourselves performing. The activities are to be considered as aggregates of tasks more or less driven by objectives along with the material conditions in which they are carried out.
1.2 Two Levels of Risk Management in Healthcare Systems
First of all, it is necessary to embed the two activities of “risk assessment” and “investigation of adverse events” in the organizational processes of health systems. Both activities may provide reasons for study and research, or be linked to organizational objectives such as patient safety, cost containment or, compliance with regulatory obligations. Setting aside the dynamics of research, from an operational point of view the assessment of risk as an organizational function should permeate both the choices of clinicians and managers, if we accept that patient safety is an essential goal of health organizations. On the other hand, the analysis of adverse events could be an activity entrusted to specialists in the investigation of accidents, or shared between both the frontline and the bottom end as an integral part of the risk assessment process, if it is meant and used for organizational development.
Highly reliable organizations [6] manage to effectively reduce risk, thanks to a constant commitment to safety from top management, which establishes high-level objectives and provides a source of inspiration and vision for the operational lines which, on their end, have the responsibility of planning and control over operations, thanks to a true distribution of the decision-making process. In practice, these organizations work because they are structured to deal with risk, anticipating situations in which a problem is more likely to occur and knowing how to mitigate the possible consequences. Of course, this organizational competence emerges from the knowledge of its members who, at various levels, are trained to detect errors promptly, analyze them and understand their causes, quantify the probability of system failure, and take action to reduce their reoccurrence according to a priority scale. If we adopt the systemic perspective, then safety culture, which influences the knowledge and decisions of individuals, must be based on the values of participation and transparency to empower everyone to report an error, to understand processes and procedures, and to enable the development and modification of rules, tools, environments, and relationships between people. In other words, the organizational development has to be understood as a systematic monitoring and adjustment of critical interactions between system components.
Even in healthcare organizations therefore, risk management should involve both management and frontline operators. Starting with the integration of patient safety into the strategic objectives of the institution, risk management must become an integral part of health practices as well as technical and administrative support operations. At the board level, patient safety management can be established, responsible for planning and linking operational and support functions to involve risk assessment in decision-making processes at all levels. Acting as a true knowledge broker, this management would be able to uphold the strategic objective of patient safety in the various communities of practices that make up an organization [4]. At the level of the operating units, clinical risk management is established, responsible for analyzing adverse events, understanding the incidents from the systemic perspective and, subsequently, guiding learning from errors in anticipation of risk in real time.
In order to effectively and efficiently assess risks in hevalthcare, it is necessary to use theories and methods consistent with the level of complexity of health activities. The systemic approach [7] provides a lens capable of visualizing health activities by tracking the dynamics of the interactions between the subjects involved, the tools, and the environments in which they take place. It also takes into consideration the reasons and interpretations that underlie the choices and behaviors of individuals and community practices.
Ergonomics, or human factors engineering (HFE), as “interaction science” has its focus on systems’ dynamics and design of interfaces. Therefore, HFE provides a valid and robust theoretical and methodological knowledge base to address health risks within an integrated framework, encompassing patient safety and clinical risk management [8, 9] (Fig. 11.1).
Ergonomics and human factors (HFE), the science of interactions. Source: https://iea.cc/what-is-ergonomics/
2 Patient Safety Management
The patient safety function must first of all contribute to organizing the data relating to the possible risks present in the health system, so that they can be accessed systematically and whenever necessary. There are both data generated specifically for patient safety, and data produced routinely for other purposes, but which may be useful for risk assessment. Both types of data refer to a range of activities of healthcare organizations, as shown in Table 11.1.
Data integration is certainly the best way to have the widest representation of possible risks [10] even if, as mentioned, it is necessary for the Patient Safety Manager to help define the method of collection and the structure of specific data, possibly also intervening in information flows of nonspecific data to obtain ad hoc or periodic reports of relevant information, such as the indication of a possible sentinel event included in a claim and not previously reported. In other words, the corporate patient safety function must transform large masses of qualitative and quantitative data into information useful for assessing the current risk and for producing organizational knowledge [11] relating to the appropriate response to mitigate future risk.
In risk assessment, in addition to the classical criteria of frequency with which dangerous events occur and of the severity of possible consequences, the criteria of imputability of the event to patient care and of corresponding preventability of adverse events are becoming more relevant. Thanks to the emergence of novel studies and research in various clinical contexts, some events considered historically as complications or “accidents” have actually been demonstrated to be preventable and therefore attributable to the treatment provided or omitted rather than to the patient’s underlying pathology or to an acceptable side effect of the treatments. A clear example of a type of complication that is now considered an adverse event is an infection related to the central venous catheter. Evidence demonstrated that in many situations [12, 13] this type of infections have been cleared, thanks to good practices. In the category of “accidents,” we can consider patient’s falls, where adequate evidence is available: to evaluate risk factors and classify patients at risk; to apply preventive actions so to reduce their frequency and contain their consequences [14, 15].
Studies and records of performance evaluation and healthcare outcomes are also possible sources of risk assessment data although they should be appropriately investigated in the context of clinical audits to reconcile the variations that may appear due to the quality of the data essentially coming from administrative flows, affected by, as an example, the limited validity of hospital mortality data [16].
3 Clinical Risk Management
The clinical risk management function exists to anticipate adverse events and to mitigate the possible consequences when they occur. It is a matter of implementing the Hippocratic principle “primum non nocere” in clinical and care practice, using the technological and organizational resources available at a given time and in a specific operating context. At this level, risk management takes place in real time, in front of and with patients, following good practices for safe care and continually re-evaluating the correctness of diagnoses and the effectiveness of treatments. In this sense, the analysis of adverse events and especially near-misses can and must become a fundamental activity in the management of patients and departments because, if carried out as a systematic review of clinical cases, almost in real time, within operating structures, it can limit the negative effects of adverse events on patients, clinicians, and organizations. Beyond the technicalities which sometimes intimidate those who would like to apply an instrument such as significant event auditing or root cause analysis, it is actually a question of integrating the two phases of clinical reasoning. It includes diagnosis and therapy, with almost real-time reflection on the effects of diagnostic and therapeutic decisions and actions, starting from the cases that give rise to doubts, which for one reason or another cause surprise or concern and interfere with the ordinary flow of activities, and which, therefore, demand an analysis and an explanation, drawing the attention of the operator in charge of that patient.
The process just described is the aforementioned “Sensemaking” [17], i.e., the need to find a valid explanation in the face of a problematic situation. The specific knowledge of risk management can help healthcare workers to take into consideration the complex interactions between human, technical, and organizational factors underlying the problematic situation, restoring to the classical “clinical picture” the colors and shapes that constitute the substance, and the frame that is the reference context. Table 11.2 lists the operational phases for the analysis of the adverse event, which we will see in detail in the next paragraph.
The level of formalization and depth of the analysis may vary in consideration of health systems’ policies and available resources; however, all the methods of systemic analysis of adverse events have in common the five activities described in Table 11.2.
The activity of analyzing adverse events and near-misses can therefore become the third pillar of clinical competence to complement diagnostic and therapeutic activities, keeping the focus on patient safety. The risk of a drift to bureaucratize Significant Event Audit (SEA) and Root Cause Analysis (RCA), or, even worse, the risk of the exploitation of formally non-punitive analysis to identify a scapegoat, are still present. The true measure of cultural change and organizational development towards patient safety lies precisely in the effective integration of the analysis of adverse events into clinical and care practices. These are activities that can be made professional certification requirements for healthcare workers, to be evaluated both through retrospective review of cases subjected to systemic analysis and through prospective checks in which the same clinical case becomes the object of simulation in which the decisions and actions of clinicians are evaluated using behavioral markers related to technical and non-technical skills. Both methods require the establishment of teams of investigators composed of clinicians from the specialist branch and experts in ergonomics and the human factor, possibly but not necessarily external to the structure. Examples of systemic efficacy evaluations can be traced both in the Netherlands [18] and in the United States Veteran Health Administration [19], while in France the participation in the reporting and learning system is a real professional certification requirement defined by the Haute Autorité de Santé. The evaluation of technical and non-technical competences in simulated scenarios taken from clinical cases of adverse events is found in many works, now also the subject of in-depth reviews [20, 21].
4 Systemic Analysis of Adverse Events
4.1 The Dynamics of an Incident
For the purpose of this chapter, we take the definition of a “patient safety incident” to include near-misses, adverse events, and sentinel events, usually distinguished by the severity of the consequences. Also, we do not differentiate between the terms “accident” and “incident,” where the former is generally used in high-risk industry referring to an event that affects quite a large number of victims, while the latter usually refers to individual harm.
Incidents in healthcare should be studied according to the systemic perspective, in order to be able to fully understand them and to foster organizational learning. The actions and failures of the individual play a central role, but the individual’s way of thinking and acting is strongly conditioned by the clinical context and by the broader organizational dynamics. Incubation of an incident begins with defects in high-level organizational processes, such as the planning and programming of production of services, the forecasting of activity volume, the planning and maintenance of environments and technologies, the development strategies and personnel policies. Failures at this level create latent conditions of danger that penetrate and spread in operational contexts such as the operating room or the emergency room. There they can cause local conditions, such as excessive workload or poor interaction with the equipment, which contribute to errors or violations. Many unsafe actions may be performed at the frontline, but few are able to penetrate the defenses of the system and generate the adverse patient outcome. The fact that the safety barriers engineered in the system, such as alarms and procedures, have deficiencies due not only to latent errors but also to active errors is illustrated in Fig. 11.2 by an arrow that pierces the barriers defense system generating the accident. Figure 11.2 is an adapted version of the famous Swiss-cheese model of accident dynamics, in which clinicians who work on the frontline are represented as the last barrier before the accident and as the inheritors of the system’s failures rather than those responsible for the unsafe actions that cause incidents. However, the model should not be understood as an invitation to shift the assignment of responsibility from frontline professionals to managers at the organizational level, given that managers also work in a complex environment, in which the ramifications of decisions and actions are not immediately obvious. Therefore, according to Reason [22] managers are neither more nor less to blame than the operators of the frontline, since, as human beings, they can also make mistakes in planning and execution. It is therefore appropriate for the safety culture to be shared at all levels so that managers and designers take into account the dangerous conditions that may arise from their decisions or actions. Sometimes the perception of risk is lower in those who work at a great distance from the frontline because the lack of direct contact with production processes and the context of operations pushes blunt end managers and designers to underestimate the dynamics of performance safety. To blame is the attitude of managers and designers who decide and act without a constant confrontation with the reality of the frontline and without involving in the strategic decisions those who are in direct contact with the production process.
Swiss-cheese model of accident dynamic adapted to healthcare
In healthcare, the distance between the blunt end and the sharp end is in some cases accentuated by the fact that some political and organizational choices take place outside healthcare facilities and are based on risk and benefit assessments that are not always consistent with the mission of health facilities. There are therefore problems of an inter-organizational type that go beyond the boundaries of health facilities and which, sometimes, can be decisive for the quality and safety of care. As observed in the aviation context [23], the pharmaceutical and biomedical equipment industry, the government, and related agencies, professional associations and scientific societies make a substantial contribution to the design of the structures and of the processes of diagnosis and treatment, introducing a further level of complexity in the system that is lacking in the representation depicted in Fig. 11.2.
The problem of hyper-regulation in healthcare is particularly critical because, if it is true that this is a sector in which the autonomy of professionals of the first line is so accentuated that any attempt to standardize the practices may clash with established professional traditions, and in which the personalization of care is an important part of the clinical touch, then a blind standardization of the procedures can have a negative impact on patient safety [24].
4.2 A Practical Approach: The London Protocol Revisited
Vincent and colleagues [25, 26] extended the Reason model to apply to the analysis of patient safety incidents, classifying the conditions of the clinical context that favor errors and the characteristics of the organizational system in a single frame of factors that influence clinical practices. The model originally included seven factors of which the environmental and technological factor was then split into two different classes, given the increasing relevance of devices and digital applications (Table 11.3). At the forefront of clinician–patient interactions are factors relating to the patient’s condition. In all clinical situations, a patient’s condition directly affects practices and outcomes of health services. Other factors, such as a patient’s personality, communication style, and any psychosocial problems, can be very important because they affect communication with healthcare professionals. The design of activities and tasks, the availability and usefulness of protocols, and the results of diagnostic tests can also influence the care process and the quality of the results. Individual human factors include the knowledge, skills, and experience of each health professional, and also affect the quality and safety of services. Each staff member is part of a group within an operating unit, as part of a large hospital or out-patient facility which is in turn embedded in a healthcare system. The way in which an individual works and their impact on the patient is bound and influenced by the other members of the group, by the way they communicate, support, and supervise each other.
The group is influenced by the organizational actions and decisions of the management of the unit and of the healthcare system. These include allocation of human and technological resources, staff training, objectives and periodic management verifications, and so on. Management of the health system is in turn influenced by the property and the institutional contexts, including economic constraints, current legislations, and the broader political and economic climate.
The framework of eight factors is a useful scheme for the analysis of patient safety incidents, which include both clinical factors and high-level organizational conditions. It represents therefore a useful guide for the analysis of adverse events as it invites clinicians and risk managers to take into consideration a wide range of factors that at different levels determine the results of health services. When applied in a systematic way to the analysis of incidents, it allows for a ranking of the factors that highlights those with a greater bearing on patients’ outcomes and for the prioritization of interventions to prevent system failures in the future.
A clinical case can be examined from many perspectives, each of which can highlight facets of the care process. Cases have always been used to train health professionals and to reflect on the nature of diseases. They also serve to illustrate the dynamics of decision-making, the evaluation of clinical practices, and above all, when errors are discussed, the impact of accidents or failures on people. The analysis of accidents, for the purposes of clinical risk management, covers all these aspects and includes broader considerations regarding the reliability of the health system.
There are different techniques for analyzing cases in healthcare. In the United States, the most common technique is root cause analysis (RCA). This approach to case analysis, employed by the Joint Commission, is very thorough and intensive, requires time and resources, and originated from the “Total Quality Management” approach to health safety. RCA is promoted and has been adopted in many countries, with results that do not always correspond to investment in time and resources [27].
For a wide range of reasons, the so-called London protocol [26] approach to system analysis seems more convincing and, in fact, it has been translated into many languages and is widely used in health systems all around the world. The term “Root Cause Analysis,”, an analysis of the root cause, even if widespread, is misleading because it implies the possibility of tracing the incident back to a single cause. Given the complexity of the healthcare world, this is very difficult because clinical practices are determined by many factors that interact at various levels. The performance outcome is therefore the result of a chain of failures instead of the evident consequence of a single root cause. An even more important objection to the use of the term “Root Cause Analysis” concerns the purpose of the investigation. The analysis of adverse events does not aim, in fact, to search for the cause but for the overall improvement of a system that has not been able to prevent the accident. Of course, it is necessary to understand what happened and why, if only to explain it to the patient and their family. If the purpose is to improve the safety of the system, we must go beyond the cause and reflect on what the accident reveals about the holes and inadequacies of the system in which it occurred.
The incident is a window into the system, a breakdown [28] that allows us to grasp the dynamics which are impalpable when everything is going well: we speak therefore of “System analysis,” that is the analysis of interactions within the system in which the events took place. In this sense, the study of cases is not a retrospective search for the root cause, but an attempt to look to the future to prevent risks to patient safety. The root cause is not important because it concerns the past, not the future and risk prevention activities. The shortcomings of the system revealed by the incident remain present until action is taken to remove them, after a careful analysis of the factors that contributed to them.
The London protocol is the model we have adopted for the analysis of cases of adverse events in the context of peer reviews, i.e., audits and mortality and morbidity reviews. The sources of information used to reconstruct the case are the spontaneous reports of the operators, the review of the clinical documentation, or the observations made in the field. The main questions that guide the analysis are:
-
1.
When did it happen? (timeline of events and consequences)
-
2.
What happened? (type of problem and clinical conditions)
-
3.
Why did it happen? (contributory and latent factors)
Although clinical documentation is an excellent source for reconstructing the dynamics of accidents, interviews with the subjects involved in the management of the case under analysis are very important to piece together the reality of the situation because in official documents one sometimes tends to report only non-compromising information. In some cases, on-site observation can help to understand patient flows within the clinical context and critical interactions between professionals and technologies in the real environment.
Once the timeline of events has been reconstructed, through the analysis of clinical documentations, interviews of people involved in the case and eventual on-site visits, we proceed to the identification of the type of care delivery problems and to the description of the factors that contributed to it.
Care delivery problems are actions, omissions, or deviations in the diagnostic-therapeutic process that have direct or indirect effects on the quality of care. Some problems concern the monitoring of the patient’s condition, the timing of the diagnosis, errors in the treatment, etc. Clinical conditions concern basic patient health status and the intrinsic risks of the treatments that contributed to the accident.
Factors that contribute to the event are the conditions in which the accident occurred, inherited from previous decisions by the professionals who were acting in the place and at the time of the adverse event. Any combination of determinants can contribute to a problem in care. Analysts must distinguish the factors relevant only to the particular instance from those that consistently appear in the operational context or throughout the entire organization. For example, there may be a communication problem between two doctors that contributes to an adverse event. If this problem is not usual, it may not require further consideration, but the fact that it has been found indicates shortcomings in the system, which must be explored in order to find a solution and prevent the problem from invalidating the quality of communication in critical situations.
The factors that have contributed to the adverse event are the target of improvement actions, which in some cases are instituted after a single accident, especially when the consequences are very serious. To implement more extensive and costly interventions, it is necessary to collect a series of incidents to detect latent factors that require priority prevention measures. It is advisable to always provide indicators to assess over time the impact of the improvement actions undertaken.
In the Tuscan model, unlike the one proposed by Vincent and colleagues, the analysis of problem type and latent factors [27] takes place in the context of peer meetings with all the actors who have managed the case. In fact, the London protocol requires one or more external analysts to reconstruct the case and analyze it with reference to clinical documentation, interviews with operators, and any observations made in the field. In the Tuscan model, on the other hand, the clinicians, with the help of an internal facilitator prepared for this role, analyze the incidents in their own operational reality. This favors the development of a shared perspective on problems and a commitment to promote and implement improvement initiatives that arise from the analysis, in a more informal atmosphere and focused on individual behaviors through the review of morbidity and mortality, a more profound and detailed way when conducting a significant event audit. Table 11.4 describes the different techniques of incident analysis included in the Tuscan model for patient safety management.
5 Analysis of Systems and Processes Reliability
The analysis of the cases of adverse events can be illuminating, permitting the detection of deficiencies of the system and the creation of improvement plans following a bottom-up approach. Once the systemic perspective is learned, we can also proceed by adopting a diametrically opposed approach to patient risk analysis. In other words, one can start from the analysis of diagnostic-therapeutic processes instead of one or more cases of accidents that actually occurred, systematically examining the possibilities of failure, following the approach of Human and System Reliability Analysis—HRA [29].
HRA was defined as the application of relevant information to the behavioral characteristics of human beings and of systems to the design of objects, infrastructures, equipment, and environments used in places of life and work. HRA techniques are used both in accident analysis and more generally in the analysis of organizational processes and have been used for over 50 years in high-risk industries and in the military sector. Of these, the most famous is Failure Modes and Effects Analysis (FMEA), which we will discuss later.
HRA techniques are applicable at all stages of the life cycle of a production process. The techniques developed to predict in advance the possible failures of a system and the prevention and containment measures of damages have been associated in particular with the growth of the nuclear power industry [30]. To obtain the consent of populations for the installation of nuclear power plants, the results of risk assessments made with HRA have been widely disseminated, in order to demonstrate the designers’ ability to anticipate risks and to reassure the inhabitants of areas near plants. This type of analysis involves the detailed specification of the characteristics of the processes, the quantification of probability and failure modes, the measurements of the possibility of different types of human error, and finally consideration of the effects resulting from all possible combinations of error and system failure, in order to obtain an overall assessment of system security.
Reality has shown on several occasions that this risk assessment method is not sufficient to guarantee the safety of high-risk production processes and even less the safety of workers and inhabitants of areas near plants [31]. The complexity of many safety-critical systems makes an a priori analysis of possible system failures and human errors impossible and unreliable. Despite this, it is considered useful to apply this type of healthcare technique to promote reflection among frontline operators before introducing technical or organizational innovation. For example, before introducing a new procedure, it is useful to reflect on the possible, critical aspects of the different phases of the procedure, or, in the case of technological innovation, back-up solutions can be prepared to deal with any malfunctions of the instrument. Given the tendency towards improvization rather than planning in health practices, the use of HRA techniques can foster the development of systemic thinking aimed at anticipating risk situations and preparing operators to manage them to protect patients.
There are numerous risk prediction techniques that have been developed in the industry, in many cases for commercial purposes, without scientific validation or supporting publications. For those confronting this type of technique, difficulty arises from the use of various acronyms to name instruments that are often similar but originating in different environments, such as FMEA, PSA, PRA, SLIM, HEART, THERP, HAZOP, and other acronyms that in some cases are proprietary variants of the HRA approach [32].
Some techniques are primarily aimed towards the detailed description of a task or a sequence of technical actions. For example, in “hierarchical task analysis,” the activity is broken down into a series of tasks, sub-tasks, and operations, down to a considerable level of detail that can be useful to detect the risks of each individual operation, quantify and classify them, and to determine the security measures to be adopted to avoid failure of the task, while also taking into account situational and systemic factors.
The purpose of quantifying the risks is to develop probabilistic models that should allow us to predict errors and to estimate the probability of system failure. Quantification is the most controversial aspect of the HRA because assigning numerical values to uncertain events caused by multiple factors, i.e., the expected probability that an operator makes a mistake, is an enormous challenge from the scientific and the practical point of view. Quantification is often entrusted to the judgment of a group of experts and is not the fruit of rigorous observation of operational practices and of recording the frequency of actual errors. These techniques have a normative character in and of themselves, that is, they tend to describe activities as they should be and errors as can be expected on the basis of “a priori” knowledge of the problems.
They are descriptions of synthetic and non-analytical things, which therefore cannot take into account the complexity of the operations and the dynamic trend of practices at the sharp end. In healthcare, they have been successfully applied, especially in areas such as the blood transfusion sector that, due to the nature of the activities performed, allow a detailed synthetic description and a precise guide to the application of procedures.
The technique of greatest interest to the health field is the “old” Failure Modes and Effects Analysis (FMEA). Many organizations that promote clinical risk management have proposed its use to assess the risks linked with the various steps of a diagnostic-therapeutic process both proactively and reactively. The FMEA is a methodology that guides security officers in analyzing the criticality of a work-related process and identifying possible improvement actions to reduce the risk of accidents. It is a prevention tool that identifies the weak areas of a process and develops improvement actions based on subjective judgments provided by the process stakeholders. The purpose of the analysis is to understand the risks of a process, i.e., what could go wrong (failure mode) and what the possible consequences could be (failure effects), in order to make the process safer and more efficient.
Created in 1949 by the US military to determine the effects of system and equipment failures, it has been used by NASA since 1960 to predict bankruptcies, and to plan preventive measures and back-up systems for the Apollo space program [29]. Since then, the FMEA has been used in many safety-critical sectors such as the aerospace industry, industrial chemical processes, nuclear and automotive.
FMEA is a particularly flexible and rather simple tool; for this reason, it is sometimes used, in reactive mode, in the analysis of cases together with the systemic model. It is predominantly used in a proactive manner, which requires accredited facilities to perform at least one analysis with FMEA each year.
The application of FMEA in proactive mode involves the description of the steps in a process, failure modes (what could go wrong?), contributory factors (why should failure happen?), and effects of each failure (what could be the consequences of any failure?).
The application of FMEA is divided into seven steps:
-
1.
Select a process to be evaluated with FMEA, bearing in mind that this technique works best for the analysis of linear processes that do not have many sub-processes. In the case of many sub-processes, it is advisable to apply the technique to each individual sub-process.
-
2.
Organize a multidisciplinary group with all the actors who have been involved in the process being analyzed, some of whom may be included only for the part of the analysis that concerns them.
-
3.
Set a meeting to analyze the process starting with the description of steps in the process, trying to describe each phase in a detailed manner and without any bias.
-
4.
For each step of the process, list all the possible failure modes (FM), that is all that could go wrong, including rare and minor problems. Then proceed to identify the possible contributory factors and consequences of each failure mode.
-
5.
For each failure mode identified, have the group assign a numerical value on a scale from 1 to 10 for the frequency of the FM (where 1 represents a very low frequency and 10 a very high one), the severity of the possible consequences (where 1 represents a low severity and 10 a very high one) and the probability of identifying FM on the part of the operators (where 1 represents a high probability of identification and 10 a low one).
-
6.
Calculate the Risk Priority Index (RPI) for each FM, taking the product of the frequency score (F), the severity score (S), and the probability of identifying the failure by the operators (I). The possible calculation results range from an RPI equal to 1 to an RPI equal to 1000.
-
7.
Define improvement plans, starting from the FM that have accumulated a higher RPI score and therefore require priority interventions.
While defining the improvement plan, it is useful to keep in mind that if the FM has a high frequency it would be advisable to eliminate the contributory factors, or to add technological or organizational constraints, such as a procedure that envisages an independent double control, so as to change the process and reduce the probability of failure. If, on the other hand, the failure mode is difficult to identify by the operators, it is necessary to increase its visibility, for example by an appropriate use of alarms or other warning systems, or by including a passage in a procedure that anticipates the event. Finally, if the failure mode can generate very serious consequences, it is necessary to draw up emergency plans to counteract a decay towards disaster or a repetition of the event at a short, temporal, and spatial distance in the same healthcare facility or in others of the same healthcare system.
6 An Integrated Vision of Patient Safety
Due to the limitation of resources available for health systems, in high-income as well as in low- and middle-income countries, risk assessment and the analysis of adverse events can ultimately contribute substantially to the reduction of waste and to the better use of human and technological resources. Many industries have learnt to renew their systems in the crisis, starting from the reduction of waste and the improvement of the reliability of processes and products. Healthcare systems, in the same way, could emerge from any crisis disseminating the analysis and prevention of risks on the operational lines, with the active involvement of all health professionals and, at the same time, by centralizing patient safety management to embed risk prevention in corporate strategies.
The connection between clinical risks and financial risks related to the direct and indirect costs of adverse events is an indispensable reason for top management to act on patient safety, as highlighted by those institutions and insurance companies that reward health systems that do well and sanction those that fall short, with respect to value for patients as well as accountability of management and health professionals.
In conclusion, patient safety departments or units, clinicians, and citizens must make a common commitment to rethink and reorganize health services, to have the courage to change consolidated habits, and to finally replace the paternalism that has determined for centuries the doctor–patient relationship so that, under a banner of open and transparent communication around the risks and opportunities of every health service, they may walk together through the realm of uncertainty.
References
Reason J. Human error. Cambridge: Cambridge University Press; 1990.
Reason J. The human contribution: unsafe acts, accidents and heroic recoveries. Farnham Surrey: Ashgate; 2008.
Norman D. The psychology of everyday things. New York: Basic Books; 1988.
Wenger E. Communities of practice: learning, meaning and Identity. Cambridge: Cambridge University Press; 1998.
Beck U. Risikogesellschaft. Auf dem weg in eine andere moderne. Frankfurt a.M.: Suhrkamp; 1986.
Hines S, Luna K, Lofthus J, Marquardt M, Stelmokas D. Becoming a high reliability organization: operational advice for hospital leaders. Rockville, MD: Agency for Healthcare Research and Quality; 2008.
Carayon P, Hundt AS, Karsh BT, Gurses AP, Alvarado CJ, Smith M, Brennan PF. Work system design for patient safety: the SEIPS model. BMJ Qual Saf. 2006;15(Suppl 1):i50–8.
Carayon P, editor. Handbook of human factors and ergonomics in health care and patient safety. 2nd ed. Boca Raton, FL: CRC Press; 2011.
Albolino S, Bagnara S, Bellandi T, Llaneza J, Rosal-Lopez G, Tartaglia R, editors. Healthcare systems ergonomics and patient safety 2011. Boca Raton, FL: CRC press; 2011.
Vincent C. Patient safety. Chichester: BMJ Books; 2011.
Nonaka I, Takeuchi H. The knowledge-creating company: how Japanese companies create the dynamics of innovation. Oxford: Oxford University Press; 1995.
Lipitz-Snyderman A, Steinwachs D, Needham DM, Colantuoni E, Morlock LL, Pronovost PJ. Impact of a statewide intensive care unit quality improvement initiative on hospital mortality and length of stay: retrospective comparative analysis. BMJ. 2011;342:d219.
Palomar Martínez M, Alvarez Lerma F, Riera Badía MA, León Gil C, López Pueyo MJ, Díaz Tobajas C, Sierra Camerino R, Benítez Ruiz L, Agra Varela Y. Grupo de Trabajo del Estudio Piloto “Bacteriemia Zero”. Med Intensiva. 2010;34(9):581–9.
Oliver D, Healey F, Haines TP. Preventing falls and fall-related injuries in hospitals. Clin Geriatr Med. 2010;4:645–92.
Bellandi T e gruppo di lavoro regionale per la prevenzione delle cadute. La prevenzione delle cadute in ospedale. Pisa: ETS; 2011.
Girling AJ, Hofer TP, Wu J, Chilton PJ, Nicholl JP, Mohammed MA, Lilford RJ. Case-mix adjusted hospital mortality is a poor proxy for preventable mortality: a modelling study. BMJ Qual Saf. 2012;12:1052–6.
Weick K, Sutcliffe C. Managing the unexpected: assuring high performance in an age of complexity. San Francisco, CA: Jossey-Bass; 2001.
Smits M, Janssen J, de Vet R, Zwaan L, Timmermans D, Groenewegen P, Wagner C. Analysis of unintended events in hospitals: inter-rater reliability of constructing causal trees and classifying root causes. Int J Qual Health Care. 2009;4:292–300.
Bagian J, King B, Mills P, McKnight S. Improving RCA performance: the Cornerstone Award and the power of positive reinforcement. BMJ Qual Saf. 2011;20:974–82.
Yule S, Flin R, Paterson-Brown S, Maran N. Non-technical skills for surgeons in the operating room: a review of the literature. Surgery. 2006;139(2):140–9.
Hull L, Arora S, Aggarwal R, Darzi A, Vincent C, Sevdalis N. The impact of nontechnical skills on technical performance in surgery: a systematic review. J Am Coll Surg. 2012;214(2):214–30.
Reason J. Human error: models and management. BMJ. 2000;320(7237):768–70.
Shappell SA, Wiegmann DA. A human error approach to accident investigation: the taxonomy of unsafe operations. Int J Aviat Psychol. 1997;7(4):269–91.
Bellandi T, Albolino S. Human factors and ergonomics for a safe transition to digital health. Stud Health Technol Inform. 2019;265:12–21.
Vincent C, Taylor-Adams S, Stanhope N. Framework for analysing risk and safety in clinical medicine. BMJ. 1998;316(7138):1154–7.
Taylor-Adams S, Vincent C. Systems analysis of clinical incidents: the London protocol. Clin Risk. 2004;10(6):211–20.
Bellandi T, Tartaglia R, Albolino S. The Tuscany’s model for clinical risk management. In: Tartagllia R, editor. Healthcare systems ergonomics and patient safety. London: Taylor and Francis; 2005. p. 94–100.
Winograd T, Flores F. Understanding computers and cognition: a new foundation for design. Norwood, NJ: Intellect Books; 1986.
Kirwan B. A guide to practical human reliability assessment. London: CRC Press; 2017.
Slovic P. The perception of risk. London: Routledge; 2016.
Perrow C. Normal accidents: Living with high-risk technologies. Updated ed. Princeton University Press: Princeton, NJ; 2011.
Lyons M, Adams S, Woloshynowych M, Vincent C. Human reliability analysis in healthcare: a review of techniques. Int J Risk Saf Med. 2004;16(4):223–37.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.
The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.
Copyright information
© 2021 The Author(s)
About this chapter
Cite this chapter
Bellandi, T., Romani-Vidal, A., Sousa, P., Tanzini, M. (2021). Adverse Event Investigation and Risk Assessment. In: Donaldson, L., Ricciardi, W., Sheridan, S., Tartaglia, R. (eds) Textbook of Patient Safety and Clinical Risk Management . Springer, Cham. https://doi.org/10.1007/978-3-030-59403-9_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-59403-9_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-59402-2
Online ISBN: 978-3-030-59403-9
eBook Packages: MedicineMedicine (R0)