NHS South Tyneside Clinical Commissioning Group

South TynesideCommissioning Group:

Risk and Incident Reporting Policy Version 1.1

NHS South Tyneside Clinical Commissioning Group

RISK AND INCIDENT REPORTING POLICY

CONTENTS

1Policy Statement

1.1Introduction

2Culture of Openness

3Definitions

3.1Personal accident

3.2Violence, abuse, harassment

3.3Ill Health, work or environment related

3.4Clinical incident

3.5Fire incident

3.6Security Incident

3.7Data loss incident

3.8Medication incidents

3.9Near Miss

4Reporting an Incident

4.1Risk and Incident Forms (Datixweb)

4.2Reporting Arrangements

4.3Stakeholder/External Reporting Arrangements

4.3.2The Reporting of Injuries, Diseases and Dangerous Occurrences Regulations (RIDDOR)

4.3.3National Reporting and Learning Service

4.3.3Medicines and Healthcare Products Regulation Authority (MHRA)

4.3.4NHS Counter Fraud and Security Management Service (CFSMS)

4.3.5Controlled Drugs

4.4Risk Rating of Incidents

5Incident Investigation

5.1Levels of Investigation

5.2Serious Case Reviews under the Children Act 1989

5.3Training for investigations

6Information and Support

6.1Support for Staff

6.2Being Open with Patients, Relatives and Carers

6.3Documentation

7Adverse Incidents: Additional Requirements

7.1Major incidents

7.2Establishing and running a rapid response line (hotline)

7.3Risk Assessment following a violent incident

7.4Allegation of abuse towards a child/vulnerable adult

7.5Incidents reported from other sources

7.6Media liaison

7.7Adverse Reporting Advice for Academic Researchers

8Serious Incidents

8.1Definition

8.2Criteria for Reporting SIs

8.3Additional Guidance for Breach of Confidentiality Serious Incidents

9Roles and Responsibilities

9.1All Staff

9.2Accountable Officer

9.3Head of Quality and Patient Safety (with appropriate risk management and patient safety support from NECS)

9.4Directors

9.5Senior Leads

9.6Health and Safety specialist

10Learning the Lessons

11Support and Training

12Monitoring Effectiveness of the Policy

13Equality and Diversity

13.1 Equality and diversity statement

13.2Equality impact assessment

14Implementation and Dissemination

15Links to Other Policies

APPENDIX A

Appendix B

Appendix C

APPENDIX D

APPENDIX E

1Policy Statement

1.1Introduction

1.1.1For any risk management strategy to work, potential and actual risks and incidents must be reported and action taken to prevent a recurrence. This policy covers the reporting of all types of incidents, including near misses. Reporting of near misses where there has been no actual injury or loss may enable appropriate action to be taken to prevent future incidents.

1.1.2NHS South TynesideClinical Commissioning Group (the CCG) has a responsibility for managing risks identified in the commissioning process to ensure the quality of the services it commissions are safe and of a high standard. The CCG has a responsibility for to ensure their contractors have effective systems in place to identify and manage risks and incidents and support them in the development of these where necessary. Further, they need to act as a conduit for information about such risks and incidents, to ensure that the learning (and the opportunities for risk reduction) from them is not lost within the CCGsor the wider NHS.

1.1.3For the purposes of this Policy, the term incidents also refers to significant events.

2Culture of Openness

2.1The CCG has an open and non-judgmental approach to the reporting of adverse incidents. It is important that everyone within the organisation contributes to the reporting and learning process. The processes and procedures in this Policy are not designed to apportion blame, but focuses on the understanding the root cause of errors and learning from them to avoid a further reoccurrence.

3Definitions

‘An adverse patient incident is defined as any event or circumstance arising during NHS care that could have or did lead to unintended or unexpected harm, loss or damage’.

‘Harm is defined as injury (physical or psychological), disease, suffering disability or death. In most circumstances harm can be considered to be unexpected if it is not related to the natural cause of the patients underlying condition

The following is a list of the types of incidents that can occur ((See Appendix A for further examples).

3.1Personal accident

3.1.1Personal accidents are 'accidental' incidents/significant events which affect and/or involve a person or persons and resulted or could have resulted in injury.

3.2Violence, abuse, harassment

Incidents which cannot be reasonably said to be accidental in motive and include physical assaults by any person, deliberate self harm, aggressive incidents, and other incidents involving verbal abuse, sexual or racial harassment, or intimidation or threatening behavior.

3.3Ill Health, work or environment related

Illness which is related to work or the environment and could include hospital acquired infections, industrial asthma and eczema.

3.4Clinical incident

A clinical incident is one which arises in the context of the duty of care owed to patients by members of the healthcare professions (including medical/dental practitioners, nurses, midwives, professions allied to medicine, laboratory staff and relevant technicians), or consequences on decisions or judgments made by those professions in their professional capacity or relevant work.

3.5Fire incident

Any incident which involves smoke, fire, suspected smoke or fire, or fire alarm, whether it be actual or suspected.

3.6Security Incident

A security incident is one in which there is fraud, theft, deception, criminal damage, car crime, amongst other things involving patients, staff, visitors to the CCGs and their property, as well as encompassing all CCGproperty.

3.7Data loss incident

Any incident involving the actual or potential loss of personal identifiable information that could lead to identify fraud of have other significant impact on individuals should be reported as an incident and RI form completed in the first instance. These types of incidents are also considered serious incidents (SIs) and therefore, the SOTW Serious Incident Policy must also be applied. Section 8 in this Policy provides further details and also relevant Information Governance policies and procedures should be adhered to.

3.7.1Examples of these types in incident include:

• Loss of patient notes
• Patient letters sent out incorrectly/mislaid
• Loss of USB stick containing patient/personal information
• Staff payslips lost/mislaid

3.8Medication incidents

Any incident that involves medication, including administration or documentation errors, adverse effects, prescribing errors, dispensing errors

3.9Near Miss

A near miss is any near incident of any category which could have caused injury, damage or loss to patients, staff, visitors or to property of the CCG. It should include equipment failure where no individual is affected.

4Reporting an Incident

The CCG uses the risk management system Datix to report and record all risks and incidents. This system is currently managed by the Risk and Patient Safety Team within NECS and hosted on the SOTW server.

4.1Risk and Incident Forms (DIF1 on Datixweb)

4.1.1An incident form (DIF1) must be completed for every identified risk, incident and near miss that takes place. Staff have a responsibility to ensure a form is completed if they have witnessed or been involved in an incident or near miss. Forms should be completed on the day that the risk is identified, incident occurs or is reported.

4.2Reporting Arrangements

4.2.1Any incident of a violent or criminal nature committed to the person should be reported in the first instance to the police and relevant line manager.

4.2.2A separate form is required for each individual directly affected by the incident i.e. any person who suffers or potentially suffers injury, ill health or loss. Only known facts must be recorded and not opinions and each section of the form must be completed (see guidance notes with DIF1form)

4.2.3Details of any equipment (e.g. serial numbers, model, manufacturer) involved in the incident should be recorded and, where appropriate, retained untouched and in safe keeping for examination/repair.

4.2.4On completion, the DIF1 form should be sent to the appropriate manageror responsible person immediately who will rate the risk of the incident. This could include an appropriate clinical lead.

4.2.5Once the incident has been assessed and risk rated by the manager or responsible person, the incident should be moved on within the system to the “being reviewed” stage of the process.

4.2.7Monthly reports will be produced for review at the Quality, Safety and Risk Committee (or any other the relevant committees as specified by the CCG Board) to ensure that lessons can be learned from the incidents that have occurred.

4.2.9All incidents which involved patient safety are required to be reported nationally to National Patient Safety Agency via the National Reporting and learning System (NRLS). This is a statutory requirement and must be done on a monthly basis (point 4.3.3 refers).

4.3Stakeholder/External Reporting Arrangements

4.3.1The provision of information and support to organisations lead officers, patients and staff is addressed in Section 6. This section identifies the external agencies and stakeholders who require may information regarding specific risks and incidents. A list of stakeholders and external agencies is set out in Appendix B.

4.3.2The Reporting of Injuries, Diseases and Dangerous Occurrences Regulations (RIDDOR)

The RIDDOR Regulations 1995 require employers and others to report accidents and some diseases that arise out of or in connection with work. These reports enable the enforcing authorities to identify where and how risks arise and to investigate serious accidents.

It is a statutory requirement that all RIDDOR reports are submitted to the Health and Safety Executive within 10 days of the event. On identifying a RIDDOR reportable incident, the manager or responsible person must inform the Health and Safety responsible person immediately (telephone or email).

This function is currently provided via an Service Level Agreement with the Health and Safety Team at South Tyneside Foundation Trust. The team will provide support in identifying those incidents that need to be reported to the Health and Safety Executive in line with the appropriate RIDDOR guidance.

A summary of RIDDOR reportable incidents is attached at Appendix C.

4.3.3National Reporting and Learning Service

The National Reporting and Learning Service (RLS) isa national database of all patient safety incidents introduced by the National Patient Safety Agency(NPSA). TheNRLS system is a nationally managed by the NHS Commissioning Board and has a mandate to identify patient safety issues and find appropriate solutions.

All patient safety incidents, both clinical and non-clinical, must be reported to the NRLS. The NNRLS has published a set of data quality standardsto improve the quality, accuracy and timeliness of patient safety incident data submitted to the NRLS. The standards are aimed at NHS staff responsible for submitting patient safety incidents to the NRLS via local risk management systems. The reporting of patient safety incidents to the NRLS is managed via the Datix system.

The NRLS recommends that all NHS health care organisations comply with the standards to ensure the information used when issuing patient safety guidance (e.g. safety alerts) is as comprehensive as possible. The standards will also aid the improvement of data analysis for local organisations and ensure they meet their obligations under the Data Protection Act.

The standards have been incorporated into this Policy as follows:

• Standard 1: Reporting to the National Reporting and Learning Service (NRLS): NHS organisations should submit all their reported patient safety incidents (PSIs) to the NRLS’s Reporting and Learning System (NRLS).

• Standard 2: Regularity of reporting: every NHS organisation should submit reported PSIs regularly to the NRLS - regularly is defined as at least monthly.

• Standard 3: Exclusion of person identifiable information: every NHS organisation should ensure that PSIs reported through the NRLS do not contain person identifiable information in the free text fields.

• Standard 4: recording actual degree of harm as a result of the PSI: every NHS organisation should ensure that the degree of harm recorded for each PSI describes the actual harm to the patient as a direct result of the PSI.

• Standard 5: speed of reporting of the most serious PSIs to the NRLS: every organisation should report PSIs with an actual degree of harm of either “severe” or “death” (as described in (4.3.2.4) to the NRLS within two working days of the incident occurring.

4.3.3Medicines and Healthcare Products Regulation Authority (MHRA)

Incidents involving possible failure or defect of medical equipment will be reported to the MHRA by Risk and Patient Safety Team (currently aligned with the North East Commissioning Support Service (NECS). All equipment involved in an incident must be removed from service until an investigation has been undertaken or permission has been given from the appropriate authority to release the equipment for use.

4.3.4NHS Counter Fraud and Security Management Service (CFSMS)

The CCG is required to report incidents of physical assault on staff to the NHS Counter Fraud and Security Management Service and to co-operate in any investigation or subsequent action initiated by them. This function is currently provided via an Service Level Agreement with the Local Security Management Specialist (LSMS) as part of the Health and Safety Team at South Tyneside Foundation Trust. The LSMS will provide support in identifying those incidents that should be reported to the CFSMS.

For incidents relating to financial irregularity and fraud issues, the Chief Finance Officer will be responsible for instigating this procedure in conjunction with the Accountable Officer and the Local Counter Fraud Specialist in accordance with the Secretary of State Directions and appropriate fraud policies and procedures.

4.3.5Controlled Drugs

It is a requirement that all incidents relating to controlled drugs are reported to the CCGs Accountable Officer for Controlled Drugs. These incidents are then discussed at the Local Intelligence Network.

4.4Risk Rating of Incidents

Incidents and near misses are be classified into 2 categories. Higher categories of incident (i.e. those incidents rated red or amber) require more complex immediate responses, investigation and review. General guidance as to how incidents should be rated is given below (also Appendix 2 of the CCG Risk management Strategy gives further details).

All reported incidents and near misses must be rated accordingly to the actual impact and the future risk to people and the organisation. This will establish:

• The level of local investigation and analysis that should be carried out;
• The reporting requirements in relation to the National Patient Safety Agency, the Health and Safety Executive and other relevant agencies.

The formulae from the AS/NZS 4360-1999 Risk Management Standard should be used when rating all incidents and near misses;

risk = impact x likelihood

Figures 1, 2 and 3 on the following pages demonstrate how to determine what the risk rating of an incident is. Figure 1 is the risk rating matrix, figure 2 outlines the impact descriptors and figure 3 outlines the likelihood descriptors:

Fig.1: Risk Rating Matrix

Fig. 2: Impact Descriptors

A number 1 to 5 indicates the impact of the risk occurring:

Fig.3:Likelihood Descriptors

A number 0 to 5 indicates the likelihood of the risk occurring. The probability and time period are guidelines only to enable the likelihood score to be identified.

5Incident Investigation

5.1Levels of Investigation

5.1.1It is the responsibility of individual practices to ensure that an appropriate investigation take place following an incident or near miss according to the severity and possible implications of the incident. It is important to note that: