Gethin

Working across frontline emergency care, patient safety and digital patient safety over the course of my 22-year career in the NHS has given me a unique perspective on how digital systems shape real clinical practice. As a paramedic now working as a Clinical Safety Officer within NHS Wales, I’ve seen first‑hand how digital tools can support safer care—but also how they can contribute to patient harm when things don’t work as intended. In this blog, I reflect on the challenges of identifying issues and, more importantly, assessing patient harm in a digital context. These thoughts aren’t theoretical, they come from day‑to‑day reality: the calls, the investigations, the conversations and the moments where something in the digital healthcare system doesn’t work the way it should—and a patient feels the impact. I’m sharing these thoughts to stimulate conversation, hopefully build shared understanding and help strengthen our collective approach to digital patient safety across the UK. The growing complexity of digital healthcare Digital healthcare has evolved rapidly, and with that evolution comes complexity. Electronic health records, diagnostic platforms, telehealth solutions, national and local systems—all interacting with each other in ways that aren’t always obvious. When something goes wrong, pinpointing where the issue originated can be incredibly challenging. Was it a configuration setting? A workflow design flaw? A user misunderstanding? A vendor update? A mismatch between national and local versions of the same system? Add to that, the fact that some third‑party suppliers are unable or unwilling to share detailed technical information (I assume due to concerns that competitors may gain access to it) makes it even harder to determine how the incident occurred or how to prevent it from happening again. Interconnected systems, shared responsibilities Because digital care rarely sits within a single organisation, the responsibilities for harm often cross boundaries too. Different organisations use systems differently. Local configurations vary. Some teams rely on national services; others are still using legacy versions. All of this makes investigation slower, more complicated and highly dependent on strong cross‑organisational collaboration. No single organisation can fully assess digital‑related harm in isolation, but still we try! The challenge for non-patient‑facing Health Bodies For organisations like mine, there is an added complexity: we don’t have direct clinical access to patients. This means our ability to assess harm depends on the engagement of colleagues across health boards and trusts—many of whom are experiencing significant operational pressures. Data security and privacy Sharing information about harm while protecting patient data is essential, but not always simple. We must balance transparency with strict confidentiality requirements. Digital errors, diagnostic risks and human interpretation Not all harm is caused directly by digital systems. Sometimes the system works correctly, but the presentation of the data creates an issue, or the clinician/user interaction or interpretation of the data is the issue. Other times, issues stem from algorithmic limitations, technical malfunctions or messaging fabric (infrastructure that connects the system components and allows them to communicate) problems. Determining whether harm originated with the tool, the user or the interaction between them is rarely straightforward, and tools like Systems Engineering Initiative for Patient Safety (SEIPS) are vital in breaking this complexity down. Training, local workarounds and the gaps no one talks about Training remains a significant challenge. National bodies like mine are not responsible for delivering frontline training, and local approaches vary widely. This leads to several risks: Depth and quality of training varies. Important system features may be misunderstood or overlooked. Safety considerations are not always emphasised during training. Local 'shortcuts'—never designed, tested or approved—become normal practice. Once these shortcuts become embedded in everyday workflows, they can be incredibly difficult to unwind. Yet they often play a significant role in digital‑related incidents. The existing DCB0129 and DCB0160 standards provide a useful foundation, but they offer limited guidance on how to investigate and learn from digital incidents. They were designed at a time when digital healthcare was far less complex than it is today. Suppliers don’t like to highlight their products weaknesses or errors made; therefore, there is vast variation in the quality of investigation reports shared post incident. Rather than worrying about reputational damage, I wish the focus was on candour and opportunities for learning and development. The timeliness problem: when harm takes time to surface Digital harm isn’t always immediate. It may be a misfiled result, a confusing display or a workflow that gradually introduces delay. Additional challenges include: Variation in national policy timescales (in Wales six differing policies provide timescale guidance). The need for clinical review to confirm harm. Limited capacity among clinicians supporting digital investigations. This can make it difficult to meet regulatory expectations for timely disclosure—even when everyone involved is committed to doing the right thing. Freedom to Speak Up: a critical enabler of early detection Speaking up plays a vital role in identifying digital‑related safety issues early. Many concerns emerge informally at first—“this doesn’t look right” or “this field always causes confusion.” If staff feel unsure about raising these concerns, they can remain hidden until harm occurs. Strengthening a Freedom to Speak Up culture is essential. It provides all staff a protected route to escalate concerns, even when they feel uncertain or worry that a system issue might be dismissed as user error or a training gap. I firmly believe that a strong speaking up culture means digital risks are more likely to be surfaced early, before they become incidents. A rapidly changing safety landscape Wales has seen significant changes in digital governance and health policy in recent years, from the transition from NHS Wales Informatics Service (NWIS) to Digital Health & Care Wales (DHCW) to updates in national structures (NHS Executive now NHS Performance & Improvement) and regulatory expectations. As I type, the National Health Service (Concerns, Complaints and Redress Arrangements) (Wales) Regulations 2011 (often referred to as 'Putting Things Right') are undergoing review and update. These shifts can create uncertainty about roles, responsibilities and reporting pathways. When something goes wrong, it’s not always clear who is responsible for what—and this ambiguity can complicate harm assessment. Where digital meets traditional healthcare Digital systems are embedded into clinical workflows, communication pathways and multi‑team processes. Every interface, integration point and manual interaction/data entry represents a potential source of risk. Reviewing these interconnected pathways is rarely quick or straightforward, but it is essential for understanding how digital harm occurs and how it can be prevented. Conclusion and call to action: building a safer digital future together The reflections in this paper highlight the complexity of digital patient safety work. Digital systems bring enormous potential for improving care, but they also introduce new risks that we are still learning how to manage. To address these challenges, we need a coordinated national approach that brings together healthcare organisations, digital suppliers, clinical safety experts, policymakers and frontline staff. This means: Updating and strengthening digital safety standards. Improving consistency in both incident investigation and harm assessment. Enhancing training and digital literacy. Supporting timely, transparent reporting. Facilitating availability of clinicians to undertaken harm reviews. Encouraging openness and speaking up. Improved incident data triangulation. Thematic analysis of incidents and nationally shared learning. Building stronger cross‑organisational collaboration. Most importantly, we need a culture where digital concerns are raised early and acted upon quickly. The opportunity ahead is significant, as are some of the challenges… But I truly believe that by working together, we can shape a safer digital health landscape—one that protects patients, supports professionals and ensures that innovation enhances care rather than complicating it. Further reading on the hub: How do we harness technology responsibly to safeguard and improve patient care? NHS England warns electronic patient record could pose ‘serious risks to patient safety’: what can we learn? The foundations for a safe digital service delivery in health—A blog by Rob Ludman Applying a robust approach to digital clinical safety in diagnosis b