(for Health Commissioned Services) Policy reference number Lead policy author/s. Teresa Candfield. Special Educational Needs and Disability

Transcription

1

2 Policy title Policy reference number Lead policy author/s Serious Incident Policy (for Health Commissioned Services) CG009 Teresa Candfield Accountable director Approved by: Ratified by: Equality impact statement Equality impact statement Related policies Implementation date Next review date Simon James Associated Director Special Educational Needs and Disability Name of committee and date Clinical Governance Group Date: Name of committee and date Senior Leadership Team Date: A screening assessment has been undertaken to ensure that equality is promoted and there is no discrimination in view of race, disability, age, gender, sexual orientation or religious belief. Yes Incident Policy Safeguarding Policies Consent Policy Health and Safety Policy Date on which policy comes into force Maximum date of three years

3 Contents 1. Introduction 1 2. Rationale 2 3. Aims and objectives 2 4. Policy statement Serious incident threshold 4 5. Scope 7 6. Roles and responsibilities Responsibilities of managers Responsibilities of directors in the event of a serious incident Responsibilities of staff 7 7. Training 8 8. Implementation 8 9. Audit and review Guidance Immediate actions to be taken when a serious incident occurs Reporting actions for providers Investigating a serious incident Downgrading of serious incidents Learning Information governance (IG) serious incidents Commissioners closure checklist Definitions References 16 Appendix 1: Never events - definition and further information 17 Appendix 2: Flow chart internal procedure for reporting and investigating a serious incident 19 Appendix 3: Concise root cause analysis investigation report template 20 Appendix 4: Comprehensive root cause analysis investigation report template 23 Appendix 5: Organisational responsibilities 30 Membership of Policy Development Group 31

4 1. Introduction Serious Incidents (SIs) in healthcare are rare, but it is acknowledged that systems and processes have weaknesses and that errors will inevitably happen. A good organisation will, however, recognise harm and the potential for harm and undertake swift, thoughtful and practical action in response, without inappropriately blaming individuals. The terms Serious incident requiring investigation (SIRI), Serious incident (SI) or Serious untoward incident (SUI) are often used interchangeably. This document will refer to serious incidents and SIs. Following the implementation of the Health and Social Care Act 2012, a revised serious incident framework was published in March 2013 to reflect the changed structures in the NHS. This was reviewed again in March 2015 to ensure fitness for purpose and that a whole system approach to quality improvement is taken. This policy outlines Achieving for Children s (AfC s) requirements in ensuring serious incidents are identified and acted on within the requirements defined by the NHS England s framework. The following link is available as a primary reference source: The fundamental purpose of patient safety investigation is to learn from incidents, and not to apportion blame, and NHS England s 2015 review continues to promote and build on this approach. There is continued endorsement of the application of Root Cause Analysis (RCA), a wellrecognised system-based method for conducting investigations, with potentially powerful mechanisms for driving improvement. The revised 2015 serious incident framework was developed in collaboration with healthcare providers, commissioners, regulatory and supervisory bodies, patients and families and their representatives, patient safety experts and independent expert advisors for investigation within healthcare. The fundamental principles of serious incident management remain the same, however a number of amendments were made to: emphasise the key principles of serious incident management define the roles and responsibilities more explicitly of those involved in serious incident serious incident management highlight the importance of working in an open, honest and transparent way where patients, victims and their families are put at the centre of the process promote best practice investigation principles focus attention on the identification and implementation of improvements to prevent recurrence of serious incident s (rather than completion of task sequences). The serious incident management process was simplified by two additional changes. Removal of grading: prior to the revised 2015 Framework, incidents were often graded without clear rationale, causing debate, disagreement and management of serious incidents in an inconsistent and disproportionate manner. Now serious incidents are not defined by grade - all incidents meeting the serious incident threshold must be investigated and reviewed according to principles set out in the framework. 1

5 Timescale: a single timeframe of 60 working days for the completion of investigation reports, enabling providers and commissioners to monitor progress in a more consistent way. This also provides clarity for patients and families regarding completion dates of investigations. 2. Rationale Serious incidents in health care are adverse events with significant consequences for patients, families, carers, staff or organisations where the potential for learning is so great that a heightened level of response is justified. The serious incident framework describes circumstances that may require such a response, the process and procedures for correct serious incident identification thorough investigation and learning to reduce or prevent similar incidents happening in future. Serious incidents include acts or omissions in care that result in: unexpected or avoidable death unexpected or avoidable injury resulting in serious harm, including injuries requiring treatment to prevent death, serious harm or abuse never events: incidents that prevent (or threaten to prevent) an organisation s ability to continue to deliver an acceptable quality of healthcare services, and incidents that cause widespread public concern resulting in a loss of confidence in healthcare services. The needs of those affected should be the primary concern of those involved in the response to and the investigation of serious incidents. Patients and their families, carers and victims families must be involved and supported throughout the investigation process. AfC is responsible for the safety of its patients, visitors and others using its services, and it must ensure robust systems are in place for recognising, reporting, investigating and responding to serious incidents and for arranging and resourcing investigations. AfC s commissioners are accountable for quality assuring the robustness of AfC s serious incidents investigations and the development and implementation by AfC of effective actions, to prevent recurrence of similar incidents. 3. Aims and objectives An incident fitting the criteria of a serious incident warrants particular reporting and investigation. This policy sets out AfC s procedure for managing serious incidents, including incident identification, recording, reporting and investigation. The aims and objectives of this policy are to: ensure a safe environment for patients, staff and all others accessing or visiting services and premises define a serious incident outline the duties of staff in identifying, managing, reporting, recording and investigating serious incidents ensure reporting and investigation of serious incidents is timely nurture a culture of transparency and honesty in AfC encourage openness, effective investigation and learning from serious incidents ensure the organisation complies with external reporting requirements. 2

6 4. Policy statement Serious incidents must be declared internally as soon as possible by the relevant director, or if unavailable the accountable head of service, and immediate action must be taken to establish the facts, ensure the safety of the patient(s), other services users and staff, and to secure all relevant evidence to support further investigation. Serious incidents should be disclosed as soon as possible to the patient, their family (including victims families where applicable) or carers. The commissioner must be notified within two working days (48hrs) of a serious incident being discovered (by secure ). Other regulatory, statutory and advisory bodies, such as the Care Quality Commission (CQC) must also be informed as appropriate without delay, using their notification forms (available on their website). Discussions should be held with other partners (including the police or local authority, for example), if other externally led investigations are being undertaken. This is to ensure investigations are managed appropriately, that the scope and purpose is clearly understood (and those affected informed) and that duplication of effort is minimised wherever possible. The RCA investigation method should be used for serious incidents. It comprises three investigatory levels (templates and guidance are available on the local drive. Concise investigations: for less complex incidents that can be managed at a local level by individuals or small group of individuals Comprehensive investigations: for complex issues requiring multidisciplinary team management, involving experts and/or specialist investigators Independent investigations: for incidents where the integrity of the internal investigation is likely to be challenged, or where due to organisation size, capacity or the capability of available individuals and/or number of organisations involved, it would be difficult for the organisation to conduct an objective internal investigation. The investigation level should be proportionate to each individual incident. Concise and comprehensive investigations should be completed within 60 working days. Completion of independent investigations should be within six months of the commission date. Serious incidents are closed by the relevant commissioner when satisfied that the investigation report and action plan meet the required standard. Incidents can be closed before all actions are complete, provided there are monitoring mechanisms in place for ongoing implementation. The revised serious incident framework supersedes: The National Patient Safety Agency (NPSA) National Framework for Reporting and Learning from Serious Incident s Requiring Investigation (March 2013) NPSA Independent Investigation of Serious Patient Safety Incidents in Mental Health Services, Good Practice Guide (2008). The Department of Health (DoH) is currently reviewing their 2005 guidance Independent Investigation of Adverse Events in Mental Health Services, but this should be read in conjunction with this framework until further guidance is issued. Forthcoming guidance may address issues associated with Article 2: Right to Life of the European Convention on Human Rights. 3

7 Important: The serious incident framework is applicable to NHS-funded care in the primary, community, secondary and tertiary sectors, and also those organisations who deliver NHS funded services in private sector locations. For staff working in AfC, it is important to note that if the child s care is not NHS funded, then it will fall out of the serious incident reporting requirements. However consideration is required in any situation for the relevance of the need to raise a safeguard alert or similar escalation. Investigations carried out under the serious incident framework are conducted for the purposes of learning to prevent recurrence. They are not inquiries into how a person died (where applicable) as this is the concern of coroners. Serious incident investigations are not conducted to hold any individual or organisation to account; these issues are addressed by criminal or civil proceedings, disciplinary procedures, employment law, regulatory systems such as the Care Quality Commission, and professional regulators such as the Nursing and Midwifery Council, the Health and Care Professions Council, and the General Medical Council. In circumstances where other agencies are required to act, these agencies must be appropriately informed and relevant protocols followed which are outside the scope of the serious incident framework, but emphasise collaborative working that informs learning and improvement. Serious incidents must be: reported in a timely manner, effectively and appropriately investigated, with development of robust action plans that are implemented, and learning shared as appropriate. If serious incidents are not being reported to commissioners or regulators within required timescales once organisations are aware of them (or not reported at all), or where investigations and action plans are not robust or effective, regulatory action or performance management of the organisation will be undertaken. Triangulation of serious incident information with other information and intelligence should be encouraged, for example via quality surveillance groups. 4.1 Serious incident thresholds Serious incidents are events in health care where the potential for learning is so great, or the consequences to patients, families and carers, staff or organisations so significant, that use of additional resources to mount a comprehensive response is warranted. Serious incidents can affect patients directly, but also include incidents indirectly impacting on patient safety or an organisation s ongoing ability to deliver healthcare. Serious incident occurrence demonstrates weaknesses in a system or process and requires addressing to prevent future incidents that could result in avoidable death or serious harm (see definitions in section 11) to patients or staff, future incidents of abuse to patients or staff, or future significant reputational damage to the organisations involved. It is essential to investigate serious incidents to ascertain contributing factors and the underlying fundamental issues or root causes. Serious incidents can be single isolated events or multiple linked or unlinked events that indicate systemic failures within a health or commissioning system. There is no definitive list of events or incidents that constitute a serious incident. Lists can lead to incident management that is inconsistent (such as under-investigation) or inappropriate (such as full investigations when not indicated). 4

8 However, the circumstances below require a serious incident to be declared. Acts and/or omissions occurring as part of NHS-funded healthcare (including community care) that result in: Unexpected or avoidable death of one or more people (caused or contributed to by care or service delivery weaknesses such as lapses, acts or omission). This includes: Suicide or self-inflicted death homicide by a person in receipt of mental health care within the recent past (generally within last six months, but each case must be given individual consideration Unexpected or avoidable injury resulting in serious harm to one or more people Unexpected or avoidable injury to one or more people requiring further treatment by a healthcare professional in order to prevent service user death or serious harm Actual or alleged abuse (sexual, physical, psychological) or acts of omission which constitute neglect, exploitation, financial or material abuse, discriminative and organisational abuse, self-neglect, domestic abuse, human trafficking and modern day slavery where: or healthcare did not take appropriate action or intervention to safeguard against such abuse occurring, including failure to: take a complete history gather information on which to base a care plan or treatment assess mental capacity seek consent to treatment share information, when to do so would be in the best interest of the client in an effort to prevent further abuse by a third party follow policy on safer recruitment where abuse occurred during the provision of NHS-funded care (includes abuse resulting in or identified by a serious case review (SCR), safeguarding adult review (SAR), safeguarding adult enquiry or other externally-led investigation). A never event: all never events are defined as serious incidents although not all never events necessarily result in serious harm or death (see appendix 1 for never events definitions and further information). An incident or series of incidents that prevent or threaten to prevent an organisation s ability to continue delivery of healthcare services of an acceptable quality, including (but not limited to) the following: information governance related issues: failures in the security, integrity, accuracy, availability of information such as data loss property damage security breach or concern (including patient absence without authorised leave if patient presents a significant risk to themselves or the public) population-wide healthcare incidents such as screening or immunisation programmes (potential for harm may extend to a large population) 5

9 inappropriate enforcement or care under: Mental Health Act (1983) Mental Capacity Act (MCA)(2005), including Deprivation of Liberty Safeguards (MCA DOLS): systematic failure to provide an acceptable standard of safe care (this may include incidents or a series of incidents necessitating ward or unit closure or service suspension); or activation of a major incident plan (by provider, commissioner or relevant agency) Major loss of confidence in the service, including prolonged adverse media coverage or public concern about the organisation or healthcare quality provided (N.B. often identified and reported retrospectively, but not automatically signifying a failure to report.) Every incident must be considered on a case-by-case basis. Borderline cases will be managed according to the judgement of people involved. When it is unclear if an incident fulfils the serious incident definition, providers and commissioners must discuss openly and honestly to agree the appropriate and proportionate response. Discussions raised by AfC will be undertaken by the relevant director or head of service in their absence. Initially it may be unclear whether system or process weaknesses (including acts or omissions in care) caused or contributed towards a serious outcome. Open discussion and proportionate investigation is the simplest, most defensible position. If a serious incident is declared but, on further investigation the serious incident definition is not fulfilled, the incident can be downgraded. This can be agreed at any stage of the investigation. The purpose of downgrading is to ensure efforts are focused on incidents with problems identified and learning and action required. A near miss may be classed as a serious incident. The outcome of an incident may not always reflect the potential severity of harm that could be caused should the incident (or a similar incident) occur again. An assessment of risk will decide whether a near miss should be classified as a serious incident, and should consider: the likelihood of the incident occurring again if current systems or process remain unchanged the potential for harm to staff, patients and the organisation should the incident occur again. Not every near miss should be reported as a serious incident but, where significant risk of system failure and serious harm exists, the serious incident process should be used to understand and mitigate that risk. Serious incidents may be identified through various routes including, but not limited to: incidents identified during the provision of healthcare such as patient safety incidents or serious, distressing or catastrophic outcomes for those involved allegations made against or concerns expressed about a provider by a patient or third party initiation of other investigations for example: serious case reviews (SCRs), safeguarding adult reviews (SARs), safeguarding adults enquiries (Section 42 Care Act) information shared at committee meetings (such as integrated governance) complaints whistle blowing prevention of future death reports issued by the coroner. 6

10 5. Scope This policy applies to all staff (who deliver services under NHS Funded care), and are employed by AfC (including locum and agency staff), contractors, students on placements and volunteers. It must be used for all SIs that affect patients, clients, staff, external contractors or visitors, either on AfC premises or witnessed/noticed by employees in the course of their duties but outside AfC premises and services. 6. Roles and responsibilities 6.1 Responsibilities of managers Managers must: ensure their staff are informed about this policy and know how to access it ensure the required actions for incidents are followed by staff from the moment an incident occurs ensure all staff attend the relevant mandatory training relating to this policy ensure all incidents are reported to the Head of Integrated Services for Children with Disabilities (ISCD) if appropriate review staff compliance with this policy and take action with any staff member who fails to comply with standards within this policy. 6.2 Responsibilities of directors in the event of a serious incident Only a director can declare an incident as a serious incident. The Director is responsible for: Appointing the Lead Investigator Establishing time frames for reporting Ensuring information is provided to update STEIS. 6.3 Responsibilities of staff All staff must ensure: they familiarise themselves with the contents of this policy and understand what is meant by the term serious incident all incidents are reported to the Head of ISCD they escalate and inform line managers of incidents that meet the criteria of serious incidents immediately. If the line manager is unavailable it must be raised with a senior manager within AfC, and where appropriate the relevant director is also informed reporting of any incident is timely; failure to do so may lead to disciplinary action they have attended the required training in relation to this policy any uncertainties about the reporting of incidents that meet the criteria of a serious incident are raised with their line manager as a matter of urgency 7

11 7. Training Staff must attend all mandatory training as stipulated in the training and development policy. All training attendance will be monitored by the training manager and line managers, and recorded on staff s training records. Access to training is advertised via all-staff s. Nonattendance at training will be reported to the line manager. 8. Implementation Staff will be advised of this policy by their line manager at induction. The policy will be readily accessible on the following link: It will be disseminated through: staff Induction relevant governance newsletters local governance groups other relevant training opportunities Implementation and compliance will be reinforced through: team meetings staff forums feedback of learning from serious incident reviews. 9. Audit and review Elements of compliance to incident reporting will be undertaken by the AfC Head of ISCD service with the support of the governance and audit staff. All related audits will be reported to the Standards and Improvements Team. 10. Guidance 10.1 Immediate actions to be taken when a serious incident occurs A safe environment should be re-established as soon as possible. Any urgent clinical care that may reduce the harmful impact of the incident must be given immediately. The needs of patients and their family and carers are made the first priority. Serious incidents should be disclosed as soon as possible to the patient, their family (including victims families where applicable) or carers. All relevant equipment or medication should be quarantined, labelled and isolated as appropriate. To maintain product liability, no piece of equipment should be returned to the manufacture for repair or examination until the provider has carried out all necessary tests on the equipment as suggested by the Medicines and Healthcare products Regulatory Agency (MHRA). 8

12 A simultaneous and objective entry should be made in the patient s clinical records and, where necessary, statements taken using a supportive statement taking process. The risk of recurrence should be considered immediately and actions taken to mitigate in advance of the investigation. The incident should be reported internally immediately, and to CQC and the commissioner within 48hrs. The need for reporting to the Local Safeguarding Board should also be considered at this point. The designated director, plus other relevant members of the senior management team, should be advised as soon as an incident that meets the criteria of serious incident has occurred or is discovered. Only the director can declare the incident as a serious incident, and they are responsible for: appointing the lead investigator establishing time frames for reporting ensuring information is provided to up-date CQC and the commissioner. In line with the principles set out in Being open (NRLS & NPSA 2009), the patient and their family or carers must be informed that a serious incident has occurred and appraised of any actions being taken to address the situation. This should include details of the process being undertaken to investigate the incident and ensure learning is captured to prevent recurrence. A named contact from AfC should be identified and details provided to the family. Where a serious incident raises concerns in relation to individual staff culpability or competence, the staff member must be treated with care and consideration and supported within the principles of a just culture. Staff involved or affected by the incident should be supported in line with AfC s incident policy. Measurement, drawings or photographs of the situation of the incident should be taken if necessary, appropriate and practical to do so. Relevant documentation should be copied and secured to preserve evidence and facilitate investigation and learning. The AfC communications lead should be notified of the incident and kept updated especially where there is a potential media interest, and a relevant response for dealing with serious incidents triggered where appropriate. If more than one organisation is involved in a serious incident, the Clinical Commissioning Group should take a decision on who will act as the lead organisation for the purposes of investigation and incident management, and be responsible for reporting the incident. Where there is more than one commissioner for the various provider organisations involved, the Commissioners should make a decision on who is the relevant coordinating commissioner for serious incident management purposes. The NHS Commissioning Board Area Team can support this decision-making process. Raise a safeguarding alert to the relevant local authority if the serious incident is concerning an allegation of abuse (including the definition of neglect or act of omission). 9

13 10.2 Reporting actions for providers A senior member of staff should be designated as responsible for reporting and follow-up of serious incidents within given timescales. They should also be responsible for ensuring relevant internal staff are informed of the incident, such as the communications lead who will need to work with the executive team to prepare any statements. All serious incidents should be recorded as an incident within two working days of the incident being identified as an serious incident (wworking day: days that exclude weekends and bank holidays, and run from 23:59 on the day the incident is raised to 23:59 on the day the incident is reported), to relevant external bodies including the commissioner. CQC notifications should be updated within three working days if the situation changes significantly after the initial report. This will be undertaken by the head of service, but they will need informing of significant information to be able to do this effectively (see Appendix 2: Flow chart internal procedure for reporting and investigating a serious incident). All serious incidents must be reported by AfC to our commissioners directly to facilitate performance monitoring of the incident and its management, trend analysis and shared learning. Depending on the nature, circumstances and outcome of the incident, consideration should be given to other bodies to whom the incident must be reported, for example: Care Quality Commission (CQC) Coroner Department of Health Health and Safety Executive Health Education England (if a student is involved in an serious incident) Local authority for example, Safeguarding Team Medicines and Healthcare Products Regulatory Agency (MHRA) Monitor NHS Protect Police Professional regulators such as the Nursing and Midwifery Council Public Health England Serious Adverse Blood Reactions and Incidents (SABRE) GMC Staff should refer to guidance produced by specific bodies to ensure compliance with their requirements for reporting timescales. When reporting serious incidents, providers must comply with locally agreed and documented Caldicott data protection and information governance requirements. Never events should be reported in accordance with the Revised Never Events Policy and Framework (NHS England Patient Safety Domain 2015) Investigating a serious incident The principles of Root Cause Analysis (RCA) and relevant NHS England guidance should be applied to all investigations (see Appendix 3: Concise RCA Investigation Report Template and 10

14 Appendix 4: Comprehensive RCA Investigation Report Template). Only staff who have received the appropriate and relevant training should undertake a RCA investigation. Actions for AfC AfC policies should be followed and should reflect the following. All serious incidents should be investigated using best practice methodologies such as RCA. Methodology should be briefly, but clearly, set out in the investigation report. See local drive for the concise and comprehensive templates for RCA investigation reports. Staff leading serious incident investigations should have up-to-date training and be competent in investigative methodology, techniques and analysis, and report writing. The director is responsible for ensuring that the investigation is undertaken and reviewed as required within the reporting framework and timelines. The investigation team should be sufficiently removed from the incident to be able to provide an objective view. The investigation team must have no conflict of interest in the incident, real or perceived, and must be available at short notice. Consider securing external expert contribution, if necessary. The investigation team should include a professional(s) with experience relevant to the incident under investigation. Where the investigation involves more than one organisation, co-operation and collaborative working between organisations is essential for minimising duplication, uncertainty and/or confusion relating to the investigation process. Ideally, only one investigation should be undertaken (by a team comprising representatives of relevant organisations) to meet the needs and requirements of all parties. This can be difficult to achieve in practice as investigations may have different aims and purposes and this may inhibit joint investigations. Where this is the case efforts must be made to ensure duplication of effort is minimised. See Appendix 6 for Organisations responsibilities following a serious incident. The Being open framework principles (NRLA & NPSA 2009) should be followed: Where a serious incident raises concerns in relation to individual staff culpability or competence, these concerns should be managed in accordance with local HR procedures and referred to professional bodies as appropriate. Investigations should seek to understand what happened, why it happened and recommend what systems or processes should be put in place to prevent future occurrence. Identified improvements should be targeted at the contributory and causal factors using a human factors approach, such as the design of jobs, equipment, environment and procedures as well as competencies, training and non-technical skills. An agreed action plan should set out how each recommendation from the investigation will be monitored, implemented, measured, and shared. It should also make clear who is responsible for taking action, together with the timescales for delivery. A review date should be set to establish the efficacy of actions planned and taken and the sustainability of the overall approach. 11

15 The patient and their family and carers should have an opportunity to respond or comment on the findings and recommendations outlined in the final report. Assurance should be given that their responses or comments will be considered as part of the quality assurance and closure process undertaken by the commissioner. Boards must monitor and review all serious incident investigations and seek assurances about learning and the embedding of action plans. Consider who, outside of the immediate incident, may benefit from the learning arising from the RCA, including nationally, and share the learning accordingly Downgrading of serious incidents Serious incident reports can be downgraded and relevant records amended at any stage in the investigation. Any downgrading must be agreed with the relevant commissioner on a case by case basis. If it continues to be considered a patient safety incident despite being downgraded, it should be reported on the local incident reporting system, and investigated accordingly. A clear audit trail should be kept Learning All organisations with a responsibility for notifying or receiving details of serious incidents have a responsibility for the dissemination of learning. They should consider disseminating relevant learning where, in their opinion, there are new or important learning points, or the learning is likely to be of use to other organisations in preventing harm to patients, staff or the public. Managing, investigating and learning from serious incidents in healthcare requires considerable time and resource. Care must be taken to ensure an appropriate balance between the resources applied to the reporting and investigation of individual incidents and resources applied to implementing and embedding learning to prevent recurrence. Incidents should be prioritised by the most significant opportunities for learning and prevention of future harm. This is not achieved by having prescribed lists of incidents that count as serious incidents. The multi-incident investigation root cause analysis (RCA) model provides a useful tool for thoroughly investigating reoccurring problems of a similar nature (for example, a cluster of falls or pressure ulcers in a similar setting or amongst similar groups of patients) in order to identify the common problems (the what?), contributing factors (the how?) and root causes (the why?). This allows one comprehensive action plan to be developed and monitored and, if used effectively, moves the focus from repeated investigation to learning and improvement. If a wide-spread risk is identified and there is evidence of a multi-incident investigation having been or being undertaken and improvements being made, this can be used as a way of managing and responding to other similar incidents within an appropriate timeframe. If another similar incident occurs before the agreed implementation target date for preventative actions or improvement plans, a separate investigation may not be required. Instead, consideration should be given to whether resources could be better used on the delivery of improvement work rather than initiating another investigation. This would need careful assessment, engagement with those affected and agreement on a case by case basis. 12

16 It is important that all incidents (including those that do not meet the threshold for a serious incident and where a full investigation is not required) are documented and recorded on local incident system to ascertain prevalence. Commissioners are responsible for sharing relevant learning with organisations to whom the learning may be applicable including, for example Quality Surveillance Groups and NHS England, professional regulators, and the providers from which they commission services. Commissioners and providers are best placed to identify relevant learning. NHS England will disseminate relevant learning nationwide through professional networks and bodies, via communications with all relevant healthcare sectors and organisations and other stakeholders and through summary reports and seminars. Professional networks and bodies are responsible for disseminating relevant learning to their members and other networks and bodies Information governance (IG) serious incidents Information governance provides a way for staff to deal consistently with the many different rules about how information is handled, including those set out in: the Data Protection Act 1998 the common law duty of confidentiality the Confidentiality NHS Code of Practice the NHS Care Record Guarantee for England the Social Care Record Guarantee for England the international information security standard: ISO/IEC 27002, 2013 and ISO/IEC 27001,: 2013 the Information Security NHS Code of Practice the Records Management NHS Code of Practice the Freedom of Information Act 2000 the Human Rights Act article 8 the report on the review of patient-identifiable information (also known as The Caldicott Report )(Department of Health 1997) the Information: To share or not to share? The Information Governance Review (also known as The Caldicott 2 Review )(Department of Health 2013) the information: To share or not to share - Government Response to the Caldicott 2 Review (Department of Health 2013). Any incident involving the actual or potential loss of personal information that could lead to identity fraud or have other significant impact on individuals should be considered an SI. Information about information governance is available on the Health and Social Care Information Centre (HSCIC) website at: systems.hscic.gov.uk/infogov Incidents relating to information governance issues must be reported using the information governance toolkit, available at: in accordance with guidance published by HSCIC in May 2015 entitled Checklist guidance for reporting, managing and investigating information governance and cyber security sis requiring investigation, available: 13

17 e.pdf There is no simple definition of a serious incident for information governance. Incident severity must be assessed using scale and severity factors outlined in the HSCIC guidance. As a guide, information governance serious incidents include: Any incident which involves actual or potential failure to meet the requirements of the Data Protection Act 1998 and/or the Common Law Duty of Confidentiality. Incidents of unlawful disclosure or misuse of confidential data, recording or sharing of inaccurate data, information security breaches and inappropriate invasion of people s privacy. Personal data breaches which could lead to identity fraud or have other significant impact on individuals. Both electronic media and paper records relating to staff and service users. All incidents reaching the threshold for Level 2 information governance-related serious incidents Requiring Investigation (SIRI) are reported publicly via the information governance toolkit and should also be reported and investigated as serious incidents. Information reported to the information governance toolkit will be published within the public domain. Duplication of reporting is currently required; the information governance toolkit does not provide a mechanism for informing relevant commissioners, thus the local commissioner will need to be notified as well Commissioners closure checklist Commissioners hold responsibility for closure of serious incidents. AfC staff must be aware of what they will be requiring prior to considering an incident closed. Commissioners should ensure the following have been submitted: an appropriate investigation that identifies findings, based on root causes and recommendations a satisfactory action plan with action points to address each root cause recommendation(s) and with a named lead and timescale for implementation lessons learned, including partners or stakeholders with whom the learning has been shared full completion of the CQC notification covering the above points, for example date investigation completed, population of RCA Lessons learned field a summary of each never event for inclusion in the commissioner s annual reporting arrangements. Six to twelve months after an independent investigation, the team should undertake an independent audit assessing how far the recommended actions have been implemented. 14

18 11. Definitions Abuse: a violation of an individual s human and civil rights by any other person or persons. Abuse may consist of single or repeated acts. It may be physical, verbal or psychological. It may be an act of neglect or an omission to act, or it may occur when a vulnerable person is persuaded to enter into a financial or sexual transaction to which they have not consented, or cannot consent. Abuse can occur in any relationship and may result in significant harm or exploitation of the person subjected to it. Incident: an event or circumstance that could have resulted, or did result, in unnecessary damage, loss or harm such as physical or mental injury to a patient, staff, visitors or members of the public. NHS-funded services and care: healthcare, that is partially or fully funded by the NHS, regardless of the location. Permanent harm: directly related to the incident, not to the natural course of the patient s illness or underlying conditions, defined as permanent lessening of bodily functions, including sensory, motor, physiological or intellectual. Prolonged pain and/or prolonged psychological harm: pain or harm that a service user has experienced, or is likely to experience, for a continuous period of 28 days. Serious incident requiring investigation: an incident that extends beyond affecting patients directly and includes incidents which may indirectly impact patient safety or an organisation s ability to deliver on-going healthcare. Serious harm - This includes: Severe harm (patient safety incident that appears to have resulted in permanent harm to one or more persons receiving NHS-funded care); Chronic pain (continuous, long-term pain of more than 12 weeks or after the time that healing would have been thought to have occurred in pain after trauma or surgery ) Psychological harm, impairment to sensory, motor or intellectual function or impairment to normal working or personal life which is not likely to be temporary (has lasted, or is likely to last for a continuous period of at least 28 days). Unexpected death: where natural causes are not suspected. Local organisations should investigate these to determine if the incident contributed to the unexpected death. 15

19 12. References Checklist guidance for reporting, managing and investigating information governance and cyber security sis requiring investigation [online], Health and Social Care Information Centre (May 2015) df (accessed 7 July 2015) Information governance toolkit incident reporting tool user guide [online] Health and Social Care Information Centre (2015) (accessed 7 July 2015) Revised Never Events Policy and Framework [online] NHS England Patient Safety Domain (2015) (accessed 07 July 2015) Serious incident framework [online] NHS England Patient Safety Domain (2015) (accessed 7 July 2015) Being Open [online] National Reporting and Learning Service (NRLS) & National Patient Safety Agency (NPSA)(2009) (accessed 7 July 2015) 16

20 Appendix 1: Never events - definition and further information Never events are a particular type of serious incident that meet all the following four criteria. They are wholly preventable, where guidance or safety recommendations that provide strong systemic protective barriers are available at a national level, and should have been implemented by all healthcare providers. Barriers include: physical barriers (such as special equipment that makes it impossible to connect medications via the wrong route) time and place barriers (such as withdrawal of concentrated medication from settings to prevent accidental selection) or systems of double or triple checking only where supported by visual or computerised warnings, standardised procedures, or memory and communication aids. Please note: as all human action is vulnerable to human error, particularly where there is a risk of staff becoming overloaded, processes that rely solely on one staff member checking the actions of another or referring to written policies are not strong barriers. Each never event type has the potential to cause serious patient harm or death. However, serious harm or death is not required to have happened as a result of a specific incident occurrence for that incident to be categorised as a never event. Serious harm is defined as a patient safety incident that appears to have resulted in any of the following: permanent harm to one or more people receiving NHS-funded care chronic pain (continuous, long-term pain of more than 12 weeks or after the time that healing would have been thought to have occurred in pain after trauma or surgery) psychological harm impairment to sensory, motor or intellectual function impairment to normal working or personal life which is not likely to be temporary (has lasted, or is likely to last for a continuous period of at least 28 days). There is evidence that the category of never event has occurred in the past, for example through reports to the National Reporting and Learning System (NRLS) and STEIS, and a risk of recurrence remains (incident types that have been eradicated by technical, medical, or scientific advances are excluded). Occurrence of the never event is easily recognised and clearly defined. This requirement helps minimise disputes around classification, and ensures focus on learning and improving patient safety. It is anticipated the never event list will be reviewed annually by NHS England. 17

21 Never events core list The never events list for 2015/16 Surgical Wrong site surgery: wrong implant or prosthesis retained foreign object post-procedure Medication Misselection of a strong potassium-containing solution Wrong route administration of medication Overdose of Insulin due to abbreviations or incorrect device Overdose of Methotrexate for non-cancer treatment Misselection of high strength Midazolam during conscious sedation Mental health Failure to install functional collapsible shower or curtain rails General Falls from poorly restricted windows Chest or neck entrapment in bedrails Transfusion or transplantation of ABO-incompatible blood components or organs Misplaced naso- or oro-gastric tubes Scalding of patients Further information can be found in Appendix 1 of the Revised Never Events Policy and Framework: 18

22 Appendix 2: Flow chart internal procedure for reporting and investigating a serious incident Immediate actions The member of staff identifying the incident must contact the AfC Head of Service, Caroline Baxter T: Head of service coordinates any immediate actions necessary Head of service decides whether to inform the director of a potential serious incident in liaison with colleagues if necessary (the rest of this flow chart assumes a serious incident) Head of service ensures contemporaneous notes are made and kept of decisions and immediate actions taken Head of Service will make an informed decision to escalate to the relevant Director, Simon James T: Within 24 hours Director reports to NHS England London by phone if serious enough: office hours , and ensures incident has been reported to CQC. Limited info early better than full info late. If a serious incident of particular gravity, it should be reported to Kingston CCG s Joint Commissioner by telephone: Elizabeth Brandill-Pepper The director informs the AfC CEO and the director of the service affected (if different) CEO allocates director to lead the serious incident resolution and investigation Director appoints investigating officer Director, in liaison with the investigating officer, ensure all relevant agencies have been informed (eg CQC, Coroner, DH, H&S Executive, Local Authority Safeguarding Team, MHRA, NHS Protect, Police, PHE) Director ensures contemporaneous notes are kept of all decisions and actions taken. Level 1: concise investigation Only undertaken for incidents, complaints and events that have resulted in no, low or moderate harm, so not relevant for serious incident policy. Refer to AfC incident policy or complaints policy. Level 2: comprehensive investigation Usually potential or actual severe harm Full RCA investigation Investigating officer must update incident log and respond to NHSL queries Director must oversee investigation Director to inform Integrated Governance Committee (IGC) Final Board report to include learning Level 3: independent investigation Incidents of high public interest or attracting media attention. AfC panel required Director to appoint an independent chair Panel membership and terms of reference developed by Chair Director must manage potential and actual media interest Director to inform IGC Final Board Report to include learning Within 60 to 80 days The Investigating Officer must ensure the final report sent to the relevant commissioner within 60 working days of the incident being reported; 6 months if an independent investigation is required. Director to ensure The AfC Board is kept informed throughout the investigation and approves a copy of the report at a Part 2 meeting. Commissioner to close serious incident after quality assurance review of report (within 20 calendar days of receiving report), once satisfied that the report fulfils the required standard for a robust investigation and action. 19