Safer clinical systems : interim report, August 2010

Safer Clinical Systems is the Health Foundation’s new five year programme of work to test and demonstrate ways to improve healthcare systems and processes, to develop safer systems that improve patient safety. It builds on learning from the Safer Patients Initiative (SPI) and models of system improvement from both healthcare and other industries. Learning from the SPI highlighted the need to take a clinical systems approach to improving safety. SPI highlighted that many hospitals struggle to implement improvement in clinical areas due to inherent problems with support mechanisms. Clinical processes and systems, rather than individuals, are often the contributors to breakdown in patient safety. The Safer Clinical Systems programme aimed to measure the reliability of clinical processes, identify defects within those processes, and identify the systems that result in those defects. Methods to improve system reliability were then to be tested and re-developed in order to reduce the risk of harm being caused to patients. Such system-level awareness should lead to improvements in other patient care pathways. The relationship between system reliability and actual harm is challenging to identify and measure. Specific, well-defined, small-scale processes have been used in other programmes, and system reliability has been shown to have a direct causal relationship with harm (e.g. care bundle compliance in an intensive care unit can reduce the incidence of ventilator-associated pneumonia). However, it has become evident that harm can be caused by a variety of factors over time; when working in broader, more complex and dynamic systems, change in outcome can be difficult to attribute to specific improvements and difficulties are also associated with relating evidence to resulting harm. The overall aim of Phase 1 of the Safer Clinical Systems programme was to demonstrate proof-of-concept that using a systems-based approach could contribute to improved patient safety. In Phase 1, experienced NHS teams from four locations worked together with expert advisers to co-design the Safer Clinical Systems programme

Medical Cyber-Physical Systems Development: A Forensics-Driven Approach

The synthesis of technology and the medical industry has partly contributed to the increasing interest in Medical Cyber-Physical Systems (MCPS). While these systems provide benefits to patients and professionals, they also introduce new attack vectors for malicious actors (e.g. financially-and/or criminally-motivated actors). A successful breach involving a MCPS can impact patient data and system availability. The complexity and operating requirements of a MCPS complicates digital investigations. Coupling this information with the potentially vast amounts of information that a MCPS produces and/or has access to is generating discussions on, not only, how to compromise these systems but, more importantly, how to investigate these systems. The paper proposes the integration of forensics principles and concepts into the design and development of a MCPS to strengthen an organization's investigative posture. The framework sets the foundation for future research in the refinement of specific solutions for MCPS investigations.Comment: This is the pre-print version of a paper presented at the 2nd International Workshop on Security, Privacy, and Trustworthiness in Medical Cyber-Physical Systems (MedSPT 2017

A safer place for patients: learning to improve patient safety

1 Every day over one million people are treated successfully by National Health Service (NHS) acute, ambulance and mental health trusts. However, healthcare relies on a range of complex interactions of people, skills, technologies and drugs, and sometimes things do go wrong. For most countries, patient safety is now the key issue in healthcare quality and risk management. The Department of Health (the Department) estimates that one in ten patients admitted to NHS hospitals will be unintentionally harmed, a rate similar to other developed countries. Around 50 per cent of these patient safety incidentsa could have been avoided, if only lessons from previous incidents had been learned. 2 There are numerous stakeholders with a role in keeping patients safe in the NHS, many of whom require trusts to report details of patient safety incidents and near misses to them (Figure 2). However, a number of previous National Audit Office reports have highlighted concerns that the NHS has limited information on the extent and impact of clinical and non-clinical incidents and trusts need to learn from these incidents and share good practice across the NHS more effectively (Appendix 1). 3 In 2000, the Chief Medical Officer’s report An organisation with a memory 1 , identified that the key barriers to reducing the number of patient safety incidents were an organisational culture that inhibited reporting and the lack of a cohesive national system for identifying and sharing lessons learnt. 4 In response, the Department published Building a safer NHS for patients3 detailing plans and a timetable for promoting patient safety. The goal was to encourage improvements in reporting and learning through the development of a new mandatory national reporting scheme for patient safety incidents and near misses. Central to the plan was establishing the National Patient Safety Agency to improve patient safety by reducing the risk of harm through error. The National Patient Safety Agency was expected to: collect and analyse information; assimilate other safety-related information from a variety of existing reporting systems; learn lessons and produce solutions. 5 We therefore examined whether the NHS has been successful in improving the patient safety culture, encouraging reporting and learning from patient safety incidents. Key parts of our approach were a census of 267 NHS acute, ambulance and mental health trusts in Autumn 2004, followed by a re-survey in August 2005 and an omnibus survey of patients (Appendix 2). We also reviewed practices in other industries (Appendix 3) and international healthcare systems (Appendix 4), and the National Patient Safety Agency’s progress in developing its National Reporting and Learning System (Appendix 5) and other related activities (Appendix 6). 6 An organisation with a memory1 was an important milestone in the NHS’s patient safety agenda and marked the drive to improve reporting and learning. At the local level the vast majority of trusts have developed a predominantly open and fair reporting culture but with pockets of blame and scope to improve their strategies for sharing good practice. Indeed in our re-survey we found that local performance had continued to improve with more trusts reporting having an open and fair reporting culture, more trusts with open reporting systems and improvements in perceptions of the levels of under-reporting. At the national level, progress on developing the national reporting system for learning has been slower than set out in the Department’s strategy of 2001 3 and there is a need to improve evaluation and sharing of lessons and solutions by all organisations with a stake in patient safety. There is also no clear system for monitoring that lessons are learned at the local level. Specifically: a The safety culture within trusts is improving, driven largely by the Department’s clinical governance initiative 4 and the development of more effective risk management systems in response to incentives under initiatives such as the NHS Litigation Authority’s Clinical Negligence Scheme for Trusts (Appendix 7). However, trusts are still predominantly reactive in their response to patient safety issues and parts of some organisations still operate a blame culture. b All trusts have established effective reporting systems at the local level, although under-reporting remains a problem within some groups of staff, types of incidents and near misses. The National Patient Safety Agency did not develop and roll out the National Reporting and Learning System by December 2002 as originally envisaged. All trusts were linked to the system by 31 December 2004. By August 2005, at least 35 trusts still had not submitted any data to the National Reporting and Learning System. c Most trusts pointed to specific improvements derived from lessons learnt from their local incident reporting systems, but these are still not widely promulgated, either within or between trusts. The National Patient Safety Agency has provided only limited feedback to trusts of evidence-based solutions or actions derived from the national reporting system. It published its first feedback report from the Patient Safety Observatory in July 2005

Committed to Safety: Ten Case Studies on Reducing Harm to Patients

Presents case studies of healthcare organizations, clinical teams, and learning collaborations to illustrate successful innovations for improving patient safety nationwide. Includes actions taken, results achieved, lessons learned, and recommendations

Impact of the Functional Resonance Analysis Method (FRAM) in safety management at healthcare organisations

Patient safety events are likely to be one of the ten leading causes of death and disability in the world (World Health Organization, 2020). To manage safety, healthcare organisations have traditionally focused on identifying failures, performing analysis of events, and developing strategies to reduce the failures. Several thought leaders have argued that the traditional method is not adequate to manage safety in a complex environment. Their argument is that safety management should not solely focus on what went wrong, it should also include efforts which enable things to go right more often. If healthcare organisations want to broaden their approach towards managing safety, suitable methods must be investigated. The Functional Resonance Analysis Method (FRAM) was developed by Hollnagel in 2004 and has been applied in high-risk industries such as railway, aviation, maritime and healthcare. FRAM investigates the interaction of the different functions within a complex, underspecified system, and improves the understanding of normal work and its variability (Hollnagel, 2012). This systematic review will assess the application of FRAM in healthcare settings to develop a rich understanding of the application of FRAM in healthcare as a complementary method to safety management. Firstly, understanding how FRAM was implemented within healthcare organisations and secondly understanding how healthcare organisations have perceived the value-add of FRAM in terms of safety management. The results are expected to provide healthcare organisations with guidance on applying the FRAM and demonstrate the value it potentially adds to safety management. In the studies reviewed, FRAM was applied in a wide variety of settings and in different contexts. Thematic value-added aspects were identified and discussed. Shortcomings and prerequisites for the application of FRAM was also highlighted. This dissertation wishes to motivate healthcare organisations to investigate and apply alternative methods such as FRAM to enhance their ability to manage safety in a complex environment

M-health review: joining up healthcare in a wireless world

In recent years, there has been a huge increase in the use of information and communication technologies (ICT) to deliver health and social care. This trend is bound to continue as providers (whether public or private) strive to deliver better care to more people under conditions of severe budgetary constraint

Usability and Security in Medication. Administration Applications

The traditional process of filling the medicine trays and dispensing the medicines to the patients in the hospitals is manually done by reading the printed paper medicinechart. This process can be very strenuous and error-prone, given the number of sub-tasksinvolved in the entire workflow and the dynamic nature of the work environment.Therefore, efforts are being made to digitalise the medication dispensation process byintroducing a mobile application called Smart Dosing application. The introduction ofthe Smart Dosing application into hospital workflow raises security concerns and callsfor security requirement analysis. This thesis is written as a part of the smart medication management project at EmbeddedSystems Laboratory, A˚bo Akademi University. The project aims at digitising the medicine dispensation process by integrating information from various health systems, and making them available through the Smart Dosing application. This application is intended to be used on a tablet computer which will be incorporated on the medicine tray. The smart medication management system include the medicine tray, the tablet device, and the medicine cups with the cup holders. Introducing the Smart Dosing application should not interfere with the existing process carried out by the nurses, and it should result in minimum modifications to the tray design and the workflow. The re-designing of the tray would include integrating the device running the application into the tray in a manner that the users find it convenient and make less errors while using it. The main objective of this thesis is to enhance the security of the hospital medicine dispensation process by ensuring the security of the Smart Dosing application at various levels. The methods used for writing this thesis was to analyse how the tray design, and the application user interface design can help prevent errors and what secure technology choices have to be made before starting the development of the next prototype of the Smart Dosing application. The thesis first understands the context of the use of the application, the end-users and their needs, and the errors made in everyday medication dispensation workflow by continuous discussions with the nursing researchers. The thesis then gains insight to the vulnerabilities, threats and risks of using mobile application in hospital medication dispensation process. The resulting list of security requirements was made by analysing the previously built prototype of the Smart Dosing application, continuous interactive discussions with the nursing researchers, and an exhaustive state-of-the-art study on security risks of using mobile applications in hospital context. The thesis also uses Octave Allegro method to make the readers understand the likelihood and impact of threats, and what steps should be taken to prevent or fix them. The security requirements obtained, as a result, are a starting point for the developers of the next iteration of the prototype for the Smart Dosing application.Siirretty Doriast