Stefan

While traditional methods such as Failure Mode and Effects Analysis (FMEA) are well-established, they often reach their limits in clinical practice. This is due in particular to the subjectivity of fault identification. I would like to propose the Hazard and Operability Study (HAZOP) as a complementary risk analysis method. HAZOP offers a structured, systematic approach to risk identification and assessment, particularly suited to analysing process risks and human factors. Unlike FMEA, HAZOP uses guide words (e.g. NO, MORE, LATE, LESS, OTHER THAN) to explicitly identify and analyse potential deviations from tasks and procedures.  A systematic approach to identifying and assessing clinical risks Despite the implementation of risk management systems, practice often falls short of expectations. This is due, among other factors, to the complexity of clinical processes, the dynamics of the work environment, and interprofessional interfaces, which make a holistic risk assessment difficult. Although traditional methods are widely used, they reach their limits in clinical practice: Subjectivity: When using traditional methods such as FMEA, which rely on the team’s spontaneous fault detection and experience, critical risks are easily overlooked as they are not recognised as ‘failure modes’. Monocausality: Traditional failure-mode-based approaches lead to a monocausal derivation of causes and effects. Human factors as ‘operator error’: Human errors are easily classified as ‘user problems’ without questioning the systemic causes (e.g. time pressure, unclear responsibilities, inadequate communication). Against this background, I propose the Hazard and Operability Study (HAZOP) as a complementary risk analysis method. The HAZOP method was originally developed in the aviation industry and has established itself there as the gold standard for analysing risks in highly complex, safety-critical environments. HAZOP enables the approach required by ISO 31000 as a structured, step-by-step approach: Risk identification Risk analysis Risk evaluation Risk identification using guide words The method uses guide words as a heuristic to systematically identify potential process deviations as a starting point for the risk analysis. These guide words are adapted to clinical reality and enable a comprehensive risk analysis: Guide Word: Possible deviation. No: Failure to perform a task. More: Excessive performance of a task. Less: Inconsistent performance of a task. Late: Delayed performance of a task. Other than: Incorrect execution of a task. Using guide words as a starting point for risk identification also helps to involve those with little experience in risk management in the process. A list of guide words can and should be adapted to the specific requirements of the specialist department. Practical application: Example 'documentation of vital signs' Task: Recording and documenting vital signs in the intensive care unit. Guide word: Possible deviation No: Blood pressure is forgotten. Late: Documentation is delayed, delaying further diagnosis. Less: Not all vital signs are measured. Other than: A mix-up of patients in the documentation. Risk analysis The identified risks can be assessed using a two-dimensional risk matrix, like in other risk tools: Probability of occurrence (scale: ‘almost impossible’ to ‘almost certain’). Impact (scale: ‘no health consequences’ to ‘life-threatening consequences’). This commonly used and well-known assessment method enables measures to be prioritised and helps hospitals to proceed in a resource-efficient way. Risk evaluation and identification of measures Preventive and corrective measures are developed during interprofessional workshops, in which representatives from all relevant professional groups (doctors, nursing staff, administration, IT) work together to evaluate risks and propose solutions. Typical measures include: Process optimisations (e.g. standardisation of documentation procedures). Training to raise awareness of human factors. Technical adjustments (e.g. introduction of digital checklists). Clarification of responsibilities (e.g. through clear SOPs). Discussion The HAZOP method offers several key advantages that are particularly relevant to clinical patient safety: The use of guide words enables risks that are often overlooked to be systematically identified. This reduces subjectivity in error detection and enables more objective prioritisation of measures. The method allows for the analysis of human and organisational factors. This enables a holistic view of incident causes and supports hospitals in developing systemic solutions. HAZOP can be seamlessly integrated into the SEIPS 2.0 approach, which enables a coherent risk assessment that accounts for all relevant factors. The approach promotes collaboration among professionals from different disciplines. This strengthens the learning culture and helps to close governance gaps. Thanks to the structured approach and the use of guide words, risk analysis can be carried out more quickly and efficiently. Conclusion The HAZOP method, with its guide words, is a proven, systematic and evidence-based tool for improving clinical patient safety. It enables a comprehensive risk analysis that takes into account technical, procedural and human factors. Do you use the HAZOP method? We would love to hear from you if you're using HAZOP in a clinical setting so we can share real-life examples of its use. Email us at [email protected] or comment below (you need to be signed into the hub; sign up here, it is free and easy to do).

Stefan Peil summarises a pilot study he has done to see whether a structured systems model can support the preparation of a morbidity and mortality (M&M) conference discussion. The example used is a coronary angiography risk scenario to explore whether a model-based representation of patient safety knowledge could serve as a reliable basis for an artificial intelligence (AI)-assisted decision template. The work was produced to address a practical problem in patient safety: relevant information for M&M preparation is often spread across diagrams, reports and team knowledge, which can slow and make shared understanding less consistent. The pilot study, therefore, examined whether systems modelling could help organise, make transparent and reuse safety relevant information in a more structured way. The full study is attached at the end of this page. The challenge The identified challenge was the lack of a structured, reusable approach to preparing patient safety discussions for M&M conferences. The aim was not to automate clinical judgement, but to test whether a model-based risk analysis derived from team knowledge could serve as a structured input for drafting an M&M decision template. M&M preparation often relies on fragmented information and informal interpretation. In complex clinical environments, such as coronary angiography, risks do not arise from a single isolated factor. They emerge from the interaction between tasks, people, technology, information flow and organisational conditions. In this specific pilot example, the safety concern was a risk scenario in coronary angiography in which cognitive overload during real-time decision-making and escalation could contribute to complications not being detected in time. This formed the basis for testing whether a structured model could provide a clearer and more traceable starting point for discussion. Method and measures To explore this, a systems model based on Systems Engineering Initiative for Patient Safety (SEIPS) 2.0 was created in Systems Modeling Language (SysML) using SPARX Enterprise Architect. The objective was to represent the work system, the contributory task factor, the resulting risk and the proposed measures in a traceable form. The model focused on one coronary angiography scenario. The critical task factor was described as cognitive density in real-time decision-making and potential escalation. In the model, this contributed to the risk that complications would not be detected in time. The text states an impact on quality of care, an occurrence rating described as relevant and an overall risk class of moderate. The proposed measures were: pre-procedure briefing risk-adapted staffing standardised laboratory layout regular simulation drills. The intended achievement was a more structured, transparent and reusable basis for M&M preparation and discussion. Outcomes and lessons learned The pilot showed that a structured model can be a useful way to organise safety-relevant knowledge. Because the model linked work system elements, risks and measures in a traceable way, it provided a clearer starting point for discussion than unstructured text alone. The practical process tested in this pilot was: defining a relevant patient safety scenario in coronary angiography modelling the work system and the contributory task factor linking this to a patient safety risk documenting possible mitigating measures using the model as the basis for an AI-assisted one-page decision template. One important observation was that the AI-generated output reflected the underlying model's content. This suggests that a structured model can support more consistent synthesis than relying only on memory or informal interpretation. The text does not describe multiple alternative technical approaches in detail, so it cannot be stated from the source whether other options were formally compared or ruled out. It also does not state direct patient involvement. Staff involvement is referenced indirectly by using team knowledge as an input to the model. The text does not report formal measurement tools, outcome metrics, time savings, patient safety indicators or model costs. Therefore, no validated impact measurement can be claimed from the source. A key lesson learnt was that AI can assist with drafting and synthesis, but cannot replace clinical judgement, governance or safety review. Any output generated from the model still needs to be checked against the source material and reviewed by responsible clinical and patient safety leads. Impact This work is only a prototype, not as a formal effectiveness study. As a result, the impact that can be claimed is limited. The main result was that the structured model appeared to support: clearer organisation of safety-relevant knowledge better traceability between work system factors, risks and proposed measures a more consistent starting point for multidisciplinary discussion reuse of modelled information for drafting a one-page M&M decision template. At the same time, the the study is explicit about what was not demonstrated. The pilot did not test whether the approach: improved patient outcomes reduced harm shortened preparation time in routine practice improved care delivery in a measurable way. A further limitation was that only a single, limited example was used, and some information was withheld for data protection reasons. This means the results were narrower than would be needed for broader implementation decisions. What worked was the structured linkage between the work system, contributory factors, risks and measures. What remains uncertain is whether this translates into measurable operational benefit in routine clinical governance. A likely barrier to improvement is the need for continued expert review, because AI-generated output cannot be used without clinical validation and governance oversight. If repeated, the next stage would need a clearer evaluation design, including defined measures of clarity, consistency, usability and possibly preparation time. Next steps The next step is a practical pilot in real clinical governance settings. A suitable next-stage comparison would be conventional M&M preparation versus model-supported preparation in a small, clearly defined pilot. The proposed questions for the next phase are: Does the approach improve clarity and shared understanding? Does it help teams identify contributory factors more systematically? Does it support consistency and traceability of measures related to patient safety? The study does not provide evidence of long-term organisational change, staff reaction, patient impact statistics or system-wide implementation results. Therefore, those elements cannot yet be stated as outcomes. However, based on insights from the pilot study, the anticipated longer-term value would be to make patient safety knowledge: more structured more reusable easier to discuss across professional groups more clearly linked to the wider work system rather than to isolated errors. A sensible next step would, therefore, be a controlled local test with defined governance, clinical review and evaluation criteria before any broader adoption.