Design Workshops

Context

“Patient Safety: Freedom from accidental injury due to medical care or from medical error.”
US Institute of Medicine 2000

“One in eight NHS trusts has been told it must urgently improve the care it provides, by a new regulator publishing ratings on England's 392 trusts. The assessments by the Care Quality Commission show a drop in the number of hospitals meeting basic standards in areas such as hygiene and safety.”
BBC News online Thursday, 15 October 2009

Hippocrates said “first, do no harm” over two millennia ago. In late 1999, the Institute of Medicine in the U.S. published To Err is Human: Building a Safer Health System [1]. This report estimated that 44,000 to 98,000 Americans die each year in medical accidents. In the U.K. in the 12 months July 2007 to June 2008 805,000 patient safety incidents, 73% of which occurred in acute or general hospitals. This resulted in 3,375 deaths as a result of patient safety incidents.

“James Reason wrote his book on human error in 1990. Patient safety became a priority for health services around the world. Reasons' ideas then informed US and DH policy (2000) and today they influence training programmes, the design of patient safety interventions, etc. A somewhat unpredictable and lengthy trajectory!” E-mail correspondence November 2009

Systems View

So what is the state of Patient Safety Practice and how can it be improved in the future. This is the subject of the one-day master class and one week CPD course in System Safety for Patient Safety.

Modern Approach to Patient Safety - Systems View

Health care provision is made up of a set of complex interacting systems. These systems are dependent on human performance, technology (medical devices) and support services (electronic health records, e-mail, heat, light etc).

An accident is an unintended event or sequence of events leading to harm, such as death, injury, environmental or material damage. In the context of patient safety an accident would be an event causing injury due to medical management rather than the patient’s underlying illness. For instance, the patient could be given a drug that causes harm.

An error is an act or omission that could have Patient Safety consequences; that is could lead to, or contribute to, an accident.

Errors are normal in complex systems [2]. There is a vast literature about safety in aviation, nuclear and automotive industries (all complex system) on the ways to address errors and safety. These domains view error not as a personal problem (the bad old process of blaming, naming and shaming) but as a system problem [3]. This is the discipline of System Safety Engineering [4].

From a system perspective, errors are learning opportunities. Error-reduction in health care has all too often blamed individuals, rather than examining systems, and hence has often failed to detect or correct underlying systems failures when errors occur. Changing the culture of medicine to increase reporting of errors is central to current efforts to reduce errors, and hence accidents, in health care.

Improving health care safety is not simple and should be based on a systematic approach to setting up services, buying equipment, providing a service and disposing of equipment. Changes made to improve patient safety have costs attached to them, such as money, delays, new errors and an inability to use scarce resources elsewhere.

The system approach views system design as the key to error reduction; good systems make errors difficult, and safety easy. The system model understands that people make mistakes, and that personal vigilance cannot prevent errors in poorly-designed systems. Systems must be designed to make them resistant to human error.

Improving Patient Safety

The system approach to patient safety emphasises the need to shore up systems to prevent or catch errors. For example, errors in routine behaviour (“slips”) can best be prevented by building in redundancies and checks. Similarly, as the number and complexity of medical devices increase strategies to decrease errors when healthcare workers interact with complex technologies and machines should be instigated.

Healthcare is extraordinarily information intensive. But volume only begins the challenge. Think about trying to keep track of one patient’s current illnesses, past medical history, medications, allergies, and test results. Now add the fact that the patient will be seen by many different doctors, often working for different healthcare systems.

The current situation is not good but is improving with computer systems being introduced to provide “computerised provider order entry” (CPOE), electronic health records, and a variety of other information technology solutions (bar-coding for medication administration, “smart” intravenous pumps, etc).

The potential for improved safety is immense, but so is the potential to introduce errors and contribute to accidents. If computerisation is unaccompanied by other types of systems solutions, an appropriately staffed and trained workforce, and a “safety culture” then safety issues arise. In the computerised world, errors can harm dozens, even hundreds of patients, if they are not discovered and rectified.

The term “safety culture” is used as shorthand for an environment in which teamwork, clear communication, and openness about errors (both to other healthcare professionals and to patients) is at work [5]. “Safe industries” (such as aviation and nuclear power) have learned to “flatten hierarchies” – to create environments and cultures in which it is not only acceptable for someone lower in the organizational structure to raise a concern, it is seen as essential.

Organisations that are serious about improving patient safety build in ways to hear about unsafe conditions and errors from front-line staff, often via “incident reporting systems” [6]. Moreover, many organizations have embraced a technique drawn from engineering called Root Cause Analysis [7].

Preventing Diagnostic Errors

Studies have demonstrated that diagnostic errors are common, and that they can be deadly [8]. There are systems fixes (e.g. combining better information technology with more clinician training on common mistakes) that can decrease the frequency and severity of diagnostic errors. Computerised diagnostic decision support is not there yet, but the direction is clear.

Improving diagnostic accuracy also requires that we understand how doctors think. For example, many errors occur when doctors are too quick to come to a decision, and then defend that judgment too vigorously even in the face of contradictory evidence. This is known as confirmation bias. Other similar issues such as affordances and information bias also need to be considered.

How can these errors caused by human factors issues be prevented? The answer will come through a systems approach, in this case the creation of better systems to train physicians to avoid common diagnostic mistakes.

Standards

There are a number of standards in other domains that have been adapted for patient safety. These include:

1. International Electro technical Commission. IEC 61508: Functional Safety of Electrical / Electronic / Programmable Electronic Safety Related Systems, 1999. A standard which aims to provide a generic framework, which can be instantiated in sector-specific forms as required.
2. MoD. Defence Standard 00-56 Issue 4: Safety Management Requirements for Defence Systems. UK Ministry of Defence. The UK Ministry of Defence’s safety-critical systems framework standard, dealing with risk concepts and general safety issues.
3. RTCA. RTCA/DO-178B: Software Considerations in Airborne Systems and Equipment Certification. Radio Technical Commission for Aeronautics, December 1992. The primary standard (technically a guideline) on the development of safety critical systems for civil aerospace applications. This standard is now undergoing revision and will be published as do-178c.
4. CENELEC, “EN 50126 - Railway Applications: The Specification and Demonstration of Reliability, Availability, Maintainability and Safety (RAMS”), European Committee for Electro technical Standardisation, 1997.

Medical Domain Variants:

1. ANSI/AAMI/ISO 14791:2000/A1:2003 Medical Devices - Application of Risk Management to Medical Devices
2. DSCN 14/2009 Application of Patient Safety Risk Management to the Manufacture of Health Software (PDF, 78 KB) Implementation Date: 30/12/2009
3. DSCN 18/2009 Application of Patient Safety Risk Management to the Deployment and Use of Health Software (PDF, 120 KB) Implementation Date: 01/04/2010
4. Draft IEC80001: "Risk management for IT networks containing medical devices" 2009

Challenges

Reviewing the potential approaches to improving safety highlights a number of challenges:

• In the absence of evidence, and in light of the high cost of some of the interventions, institutions are understandably confused about which combination of safety approaches to adopt.
• Identifying and addressing workarounds that ease operation but undermine system safety mechanisms.
• The “bubble in the carpet” effect – fix one problem and another emerges. Improving safety in complex organisations involves disturbances of existing work patterns that often create unintended consequences. For example, enactment of working time regulations have decreased the number of consecutive hours that doctors can work preventing errors due to fatigue, but have increased errors due to poor hand-overs to new workers at the end of a shift.
• The business case for safety. Safety measures can be expensive and the “pay-back” is something not happening. How can this “benefit” be represented appropriately in the trade-offs decision makers have to undertake when allocating scarce resources?

Improving patient safety is difficult. The systems are highly complex and inter-related. There are lessons to be learnt from other domains but these must be adapted for the healthcare environment. It is these challenges that we address as an overview in our one day course and in more detail in our one week courses on “System Safety for Patient Safety”.

Timetables

The National Patient Safety Agency [9] has described patient safety as process by which an organisation makes patient care safer involving identification and assessment of patient safety risk, management of patient safety risk, reporting and analysis of incidents, capacity to learn from and follow up incidents and implement solutions to minimise the risk of them recurring. All of these issues are addressed by the discipline of System Safety Engineering.

The team of York has over 15 years of experience in researching and teaching System Safety Engineering for high impact industries, such as the civil aviation, military, nuclear and railway domains. The team has particular expertise in the use of Information Technology in such systems but has much broader understanding than just IT.
It has become clear that the challenges identified above for the health care domain are similar, but different, to those seen by other industries that have the ability to do harm. The courses therefore take the teams’ experience and tailor it to look at the health care domain.

The one day course focuses on an overview of the risk based systems safety approach advocated by the NPSA to address safety from an acquisition perspective. What does an NHS procurer need to consider when purchasing a piece of equipment or setting up a new service.

The one week course is appropriate for all those who have an involvement in procuring, designing, operating and maintaining healthcare systems from a patient safety perspective. It does so from a system safety perspective, which incorporates safety management issues, technical equipment issues, human factors and procedures issues. It does not emphasise Information Technology systems but does show how to place such systems into an overall risk based through life safety management system.

The timetable for the one-day master class is:

The timetable for the one-week course is:

Attendees will receive a folder of lecture notes, lectures by members of the University teaching team, an opportunity to consider case studies in small groups facilitated by members of the team, an opportunity to participate in led discussions on a range of issues raised during the course, and a certificate of attendance for use part of the attendees continuing professional development portfolio.

Teaching team

The team for these courses is:

Leader: Dr Mark Nicholson is the Co-ordinator of the University of York’s Masters Programme for Continuing Professional Development students in System Safety / Safety-Critical Systems Engineering. He lectures on a number of the courses that form the programme and on courses for industrial organisations tailored to the needs of that organisation. He has worked in the area of system safety for 15 years. He is a member of the Safety and Reliability Society and the Safety–Critical Systems Club. He is a Secretary of EUROCAE WG63 rewriting the Aerospace Recommended Practices ARP 4754 and ARP 4761. These practices are currently called up as acceptable Means of Compliance for safety certification requirements for future large civil aircraft, such as the Airbus-350 and Boeing 787. He has provided consultancy for companies on system safety issues. He is currently exploring ways in which the lessons learnt from such experience can be incorporate into the domain of patient safety and in-particular the “connecting for health” programme in the NHS.

Ibrahim Habli is a research and teaching fellow in safety-critical systems at the High Integrity Systems Engineering (HISE) research group at the University of York. He currently teaches on the MSc in Safety-Critical Systems Engineering and the MSc in Gas Turbine Control System Engineering. His main research interests include model-based safety assessment, safety case development, software safety assurance and safety-critical product lines.

References

[1] Kohn L, Corrigan J, Donaldson M, eds. To Err is Human: Building a Safer Health System. Washington D.C.: Committee on Quality of Health Care in America, Institute of Medicine. National Academy Press, 2000
[2] Perrow C, Normal accidents: living with high risk technologies, New York Basic Books, 1984
[3] University of York, Safety Critical Systems Engineering MSc, www.cs.york.ac.uk/postgraduate/Msc_SafetyCriticalSystemsEngineering.htm
[4] Reason J. Human Error: models and management. British Medical Journal 2000:320: 768-70
[5] Pronovost P, Sexton JB. Assessing safety culture: guidelines and recommendations. Qual Saf Health Care 2005; 14:231-3.
[6] National Reporting and Learning Service, www.nrls.npsa.nhs.uk, 15th October 2009
[7] Root Cause Analysis www.nrls.npsa.nhs.uk/resources/collections/root-cause-analysis/
[8] Graber ML, Franklin N, Gordon R. Diagnostic error in internal medicine. Arch Intern Med 2005; 165:1493-9.
[9] National Patient Safety Agency, www.npsa.nhs.uk