Special Advertising Section – Incident Reporting: Analyze, Manage, Prevent

September/October 2013
Special Advertising Section

Incident Reporting: Analyze, Manage, Prevent


Every facility runs on policies and procedures. There are regulations and rules from outside to adhere with and internal policies that can expand on the requirements formulated by government and healthcare organizations. In the end, hospitals and other healthcare facilities are highly regulated and closely monitored.

But things do sometimes go wrong. Then the response must be quick, decisive, and proper; all too often, these are life-threatening events. In the aftermath of adverse events, a critique and analysis of the event and the response is made to find weak spots in the policies and procedures already in place to prevent those very incidents. It is here that incident reporting technology can benefit everyone involved, from patients to caregivers and administrations to government and organizational elements.

Douglas Dotan is president and CEO of CRG Medical, Houston, Texas, developer of the KBCore patient safety software. He brings a bit of history to the discussion. “The patient safety evaluation system comes out of the Patient Safety and Quality Improvement Act of 2005 where Health and Human Services was given a mandate to create patient safety organizations. The common format is the way that reporting is going to be conducted so that we can get a standardization of information about patient safety events that can be analyzed and used to improve the quality of care in systems and between systems nationwide. Now, with the health insurance exchanges (HIX) in the Affordable Care Act, hospitals that have 50 beds or more and have contracts with health plans, by January 1, 2015, are going to have to have patient safety evaluation systems in place in order for those contracts to be valid so they can get paid.”

Anngail Smith, chief operations officer for CRG Medical/KBCore, expands on that idea. “We’re interested not just in incidents but in what are called near misses—which is something that doesn’t reach the patient—or even a hazardous condition because you don’t want to wait until something reaches a patient. So the requirement is you have an incident reporting system that uses the common format, a set of phases that describe an event such as different kinds of falls or different kinds of medication errors. They don’t have to use a particular database or application, but they have to use one that is in accordance with or consistent with the common format.”

Analyzing Near Misses
The policies and procedures a hospital implements act as barriers to adverse events. Or they should. But the unit and the floor can be chaotic at times and people have to prioritize their actions. Multiple layers, multiple barriers, provide multiple chances to prevent an adverse event. Smith explains, “In a near miss, one or more of those barriers has worked and what you want to know is was it a planned barrier. Was that barrier planned or was that a barrier that someone recognized the problem and managed it, but it was only in their brain that they knew what it was. That they had had enough experience to prevent the incident. So you interview the person and codify what happened so that the near miss is prevented in the future and not just for that patient. Analyzing near misses is one of the most important things.”

Dotan puts this in perspective. “Our whole philosophy and the way we’ve designed our processes is getting all caregivers to share their knowledge as appropriate when things occur. Not only reporting events but long before that. When they see something that is a condition or a situation which could be harmful, they’re encouraged to document it in the KBCore system. What we want is to be proactive, to identify conditions and situations that could cause harm and eliminate them from the process in as close to real time as possible. This way, you’re sharing knowledge about people who know what makes things go wrong and can help the organization learn how to improve those things so that they can defer any potential harm that may happen if this condition continued to exist in the system.”

Incident Reporting Systems
A variety of systems are available to do this, systems with different strengths. For example, Deborah Pelton, RN, CNO at Texas Spine & Joint Hospital, Tyler, Texas uses a reporting system from Prista Corporation, Austin, Texas. She says, “We use it for reporting all incidents in the hospital, surgery center, and our clinics. The system is accessible for any employee, using an anonymous account, to report any type of incident, be it patient fall or privacy breach. As the risk manager, I use it to investigate the incidents and then aggregate into categories and report to the Performance Improvement (PI) and Medical Executive Committees.”

Each department, from accounting to housekeeping, has quality measures that they also track on an ongoing basis. The managers are able to report that data and document “Performance Improvement Projects” electronically as well. “We plan an interactive session with our Joint Commission surveyor at the next visit to show how we do PI and information management in our organization,” adds Pelton.

The system was apparently easy to adapt to, requiring minimum training. “It was really just a shift from paper and limited use of an old electronic system to the new one that really works,” Pelton says. “Our managers all learned the system together, over the course of about a 2 hour session, when we first implement Prista ActionCue. New managers are taught one-on-one by our quality director, taking maybe an hour or so. We recently had an update session that Billie Anne Schoppman, the co-founder of Prista, came to our hospital to teach. She spent a half day updating our managers and their frontline supervisors. Then we spent some time just cleaning up some old performance measures and adding new ones that we wanted to track.”

Don Jarrell, co-founder and executive vice president at Prista explains how the company developed its incident reporting system. “We see all kinds of clipboards and filing cabinets with forms where activities of real life are being jotted down and then compiled and transferred by human eyes and hands to another form, possibly with a desk calculator involved, and this is what’s passing for management information processing in a lot of hospitals. What we wanted to do is, in our design principle, take a really good understanding of the healthcare environment, but look at it through a properly technology-enabled lens.”

The Prista system is what is known as a Software as a Service (SaaS) program. Jarrell notes, “We are server-based and it’s a far more secure environment than in most hospitals where you’ve got a data center or a data closet that many different people can access. We’re in a data center that’s as good as any large company would have; it’s got all of the certifications for SAS 70 and it’s HIPAA audited.”

SAS 70 is a statement on auditing standards by AICPA (American Institute of Certified Public Accountants) from 1993, where an independent auditor is to evaluate a service provider’s controls and generate a report based on the evaluation. SAS 70 is the most common auditing standard in the U.S.

In the case of Prista’s solution, the actual report can be created by anyone in the hospital and that starts a process by which the incident report moves from a creator to a supervisor to a designated department manager based on the location, category of the event, etc. and then on up to the risk manager. The report is based on best practices and business intelligence approaches to make it acceptable at all reporting levels.

The Agency for Healthcare Research and Quality (AHRQ), a section in the Department of Health and Human Services of the federal government, has the mission is to improve the quality, safety, efficiency, and effectiveness of health care for all Americans. As one of 12 agencies within the Department, AHRQ supports research that helps people make more informed decisions and improves the quality of health care services. Incident reporting falls under their list of concerns and they spend a lot of effort to find the good and weed out the bad.

AHRQ has developed several Common Format descriptors. The Common Formats apply to all patient safety concerns, including incidents—patient safety events that reached the patient, whether or not there was harm—and near misses or close calls—patient safety events that did not reach the patient. These include event information such as descriptions of patient safety events and unsafe conditions to be reported and specifications for patient safety aggregate reports and individual event summaries. Technology providers obviously want to have their products get a favorable review based on AHRQ criteria.

Didier Salem, CEO of International Developers (ID Inc.), Clearwater, Florida, shares, “We meet AHRQ requirements and our application can be accessed with iPads, tablets, or regular PCs. Now we are introducing a smartphone app, another prerequisite for AHRQ.”

Salem forecasts the challenge of common formats will be more important in the future. “I believe that within the next couple years we are going to see more hospitals adopting the AHRQ format, although I suspect that not all hospitals are going to do all of the data elements that the AHRQ format requires. We will see movement toward adopting the categories, the sub-categories, and the flow that AHRQ is suggesting with their common format. We also see mobility, tablets, phones becoming more popular in hospitals, and we predict that the requirement to be able to report and review incidents on any device is going to become the criteria for anyone who looks to using or acquiring an incident management system.”

ID Inc. provides a complete set of management tools, but their dashboard is one of the most impressive options. The management dashboard shows, in a graphical format, all of the incidents for a certain period of time and allows a “30,000-foot bird’s eye view” of the data, drilling down all the way to the individual data elements of a specific event.

One of the facilities using ID Inc.’s reporting system is Shands Hospital at the University of Florida. Gainesville, Florida’s Shands is a 939-bed general medical and surgical facility that is also a teaching hospital. Linda Allen, quality systems manager at Shands is quite familiar with the ID Inc. product. “It’s an easy way for all staff and physicians, to report any time that they see potential harm to a patient or actual harm to a patient. It’s a way for us to track opportunities for improvement and it follows the philosophy that what you don’t know you can’t fix. In the past, incident reporting was perceived as a penalizing system; somebody did something wrong, they report it and then you follow up and they get punished. But the healthcare culture is really pushing towards a safer environment and by reporting we can improve and make our hospitals safer. So the patient safety report system is on our portal, our intranet, and it’s easy to access to report events related to patients.”

And it’s not just an input-only system, something that seemed to be the situation in the past. As Allen says, “We used to gather information, but we didn’t do anything with it. Now we’ve got a dashboard, querying ability, and exporting ability. This information is shared broadly throughout our organization and, again, encouraging staff to report events and encouraging us to take that information and make improvements.”

Once again, the acceptance curve wasn’t very steep. “Actually, it was very quickly accepted,” recalls Allen. “But I do want to put a caveat in there in that we’d been using ID Inc. for quite some time; we basically had an online system for reporting before we had an electronic medical record. However, over time, we’ve looked at ways of streamlining the data entry process; making it easier for the staff to get the information in. In the last couple years there’s been another kind of increase between the initiatives towards reporting more and looking at what some of the barriers were and then also looking at our culture, again, of safety and trying to improve it.”

Allen likes the company as well as the product. “The system is actually very robust; it’s very customizable. The vendors are very progressive and they’re always looking to improve it. As the environment changes and the industry changes and the requirements change, they’ve been kind of on the cutting edge of all that.”

Making Systems Easy to Use
Mike Porisky, president of CCD Health Systems, Santa Monica, California, acknowledges that systems must to be easy to learn as well as to use. “The product should be extremely easy and intuitive to use for front-line staff so that incidents (and near-misses) can be entered quickly, with the necessary details to perform a thorough follow-up. We have also found that every client’s data forms are unique. Whether they need to submit event details to AHRQ, WHO, ISMP (Institute for Safe Medication Practices) or their own state, the forms must be easily customizable with the ability to export to these agencies.”

He continues, “We believe our Incident Analyst product is the most flexible and customizable solution on the market. It can easily accommodate the collection requirements of any healthcare organization and the changes can be performed locally without having to involve the vendor. Giving customers the ability to change terminology and content allows them to build a system that supports their existing policies and procedures—evolving as their needs change.”

To help speed up the entry process, CCD’s forms dynamically adapt to display only the content that is relevant to information already entered, such as the type of incident, severity, or location. Accuracy is maintained by limiting the questions to what is necessary and then providing the responses to these questions as selections rather than free-text.

Porisky adds, “The ability to tailor the product for each client is paramount, and Incident Analyst was built from the ground up to support this flexibility. We offer two licensing solutions in order to accommodate the size of a client’s organization. Incidents details can be stored in our data center—accessed through the web, or the application and database can be installed locally for clients who wish to manage the application themselves. We are always making changes to simplify the entry process, as well as adding functionality to improve the investigation and analysis of incidents,”

CCD’s Incident Analyst includes integrated feedback/complaints, root cause analyst, and claim modules—providing end-to-end coverage for managing incidents.
Like most technology areas, incident reporting is not a stagnant market. Porisky see some challenges coming, however. “The first is ‘openness’—allowing patients and family to report incidents and be directly involved in the improvement process. Some hospitals are working on this capability today, but they still hesitate to provide direct access to their reporting tools. Perhaps their vendor is not Web-based or their product is not considered secure. Once trust is established, patients should be able to become an integral part of the process—especially as mobile computing grows.”

Predicting Incidents Before They Happen
The second advancement that the healthcare industry should expect is the ability to predict incidents before they happen on a patient-by-patient basis. CCD has a Predictive Analysis module that can monitor various elements related to an admitted patient (such as age, medication, procedure, department, etc.) and compare this information to previously collected incident statistics. If a patient’s score is outside of the norm, alerts are sent to the appropriate staff. “We are still working on perfecting these algorithms and hope to find clients to validate this idea of Predictive Prevention within the next year,” Porisky comments. “Inter-agency sharing has grown over the last few years and we look forward to a day when vendors can tap into all national data and share, with their clients, lessons learned throughout the health care industry.”

Porisky isn’t the only one eyeing the future. In Toronto, Canada, RL Solutions has been in the thick of incident reporting. Vice President for Product Management Catherine Lathem makes a few predictions: “I believe that incident reporting is going to become more rigorous from a legislation standpoint. Luckily, we designed our system, RL6, to stay up-to-date with any new requirements. Risk managers are going to start looking for more analysis of their existing data. It’s not enough anymore to just collect data; you have to know what to do with it so you can be more proactive. They’re also going to seek out additional sources of data to make more informed interventions such as infection information and environmental data. For example, our peer review module connects with our incident report module, to give risk managers a more complete picture of their adverse events.”

She continues, “The RL approach is to make products so easy and enjoyable to use that people actually want to report! RL6 makes reporting easier because we let users create their own forms so they make sense to their organization. We make it more accurate by customizing tasks and alerts for the end user and keeping the file managers up to date, and giving them the ability to export to PSOs (patient safety organizations). Finally, RL6 makes event reporting more acceptable by letting managers send reports via email or .PDF, so they can share patient safety data with their hospital.”

Their computer application technology gives RL Solutions an advantage in the user’s eyes as well. Lathem explains, “RL6 is flexible. We make it a priority to listen to our clients and, time and time again, they’ve said how important flexibility is; they want to customize our products to meet their needs. For example, our unique icon wall uses bright colors and intuitive symbols to make the system more user-friendly. RL’s services are flexible, too. Our remote system administration service helps clients who need an extra hand maintaining their system. We’ll configure and update their system remotely, letting them focus more time on patient care instead of software administration.”

But no system is going to provide benefits if it isn’t used and used properly. Training on new systems can be a hassle for staff stressed by budget and time constraints.

“For end users, RL6 is very easy to learn,” claims Lathem. “Our forms are intuitive so they can learn how to quickly enter an event with minimal training. We offer extensive training for system administrators to get the most out of the system such as instructor-led courses and personalized one-on-one training. Our online resources, such as e-learning modules, are always available to all of our clients. We also train those power users so they can train their own staff.”

Looking Toward the Future of Incident Reporting
Every company wants to be a leader now and well into the future. At RL Solutions, they are using a roadmap to continued success. “RL Solutions is committed to continuous innovation, market understanding and client engagement,” admits Lathem. “Our success will come from creating easy-to-implement data analyses for our clients, helping them gather all the information they need to make more meaningful decisions. Our roadmap gives us a comprehensive view of the future for our products. For example, we just released RL6:Mobile, which is our new mobile incident and patient feedback reporting app. This will significantly increase reporting by empowering staff to use their smartphones to submit incident reports. It’s currently available for iPad and iPhone, and we’ll be releasing an Android version early next year. Embracing new technologies will help ensure we maintain our leadership position in the market.”

Reporting an adverse incident is a requirement, but how it is done takes on many different forms.. And those forms end up in many different places. Reporting solution providers, such as Quantros, are often federally registered patient safety organizations (PSOs).  PSOs provide protection for the patient safety work product that is generated in a care facility from discovery during civil litigation. “That works hand in hand with our safety incident reporting system so that when events are entered into the system, the investigations that an organization does in their efforts to improve quality and safety, have legal protection,” explains Keith Hagen, CEO of Quantros, Milpitas, California.

Hagen continues, “On the safety incident reporting side, it’s a system that allows the collection of information around quality related events, allows for root cause analysis, and the gathering of additional information and the workflow related to that. Those things can be pushed into quality improvement programs and generate trending to understand the data and how to improve quality and safety. Organizations, of course, get equal or even more value from recording and managing the near misses as they do of actual events that created harm. So, in a nutshell, that’s what we’re focused on: quality and safety.”

Quantros supports different care settings: traditional acute care, ambulatory surgery centers, clinics, behavioral health, long-term care, and even retail pharmacy. Hagen points out, “Because we’re basically software as a service, we have a database of almost 3.5 million safety related events, complete with the classifications for those events. We’ve been able to use all of that knowledge to create a smart system, Smart Classification, so that people will be able to type in, in free text, what happened. We’ll then compare that free text to 3.5 million other free text explanations of events and provide the highest probable classification for that event.”

Quantros has helped hospitals develop performance improvement programs to identify why events are happening, how to educate their staff to prevent events, and how to change their processes and procedures to improve the safety and quality of the care they’re giving. As Hagen says, “That’s another unique aspect of what we offer; we’re not just some software vendor who’s knocking out code, we’re very focused on improving quality and safety and we have a wide breadth of products and services to enable organizations to do that.”

The AHRQ common format is somewhat restricted, so Quantros built a classification of events, a taxonomy with almost 2,000 event types and the nature and sub nature of those incidents. “We take this superset of classifications and, as part of our configuration for a hospital, narrow that down to just what they use,” Hagen says. “It makes it very easy for them to use the application and not get bogged down with a lot of detail. If you’re creating ad hoc classifications and adding and changing and deleting every day, you won’t be able to do any statistical trending, you won’t be able to do comparisons between multiple facilities. By having the concept of a super set of a taxonomy, we’re able to give people the power to do that. As we continue to grow in different care settings, as these care setting expand what they want to track and how they want to track it, that taxonomy continues to expand.”

Integrating the incident reporting system with other existing and future IT applications is also the goal at RGP Healthcare Solutions, San Francisco, California “We built an end-to-end application, Pavisse, unlike anything in the industry today,” says Radgia Cook, president of RGP Healthcare. “It handles incident management; it handles patient complaints; it handles employee and non-employee situations; and it also handles grievances. Next year, 50-bed hospitals and above will have to have electronic health records systems able to handle grievances. Our system will not only take care of that functionality and allow the hospital to be able to report to patient safety organizations, but it also manages the process all the way through. Whether you’re reporting issues anonymously or you’re reporting an incident that led to a sentinel event and needs a root cause analysis, you can utilize Pavisse to take you from the very first entry on the Web or on a portal or in a hospital, all the way through to the claims and management module that allows you to track what’s going on with legal issues.”

Pavisse goes beyond analytics and auditing so management can do more than just trending. According to Cook, “We use an embedded application, a very advanced report writing tool, to handle business intelligence easily and very effectively. It’s difficult to write those reports, but we have a team that does nothing but that so we can report on any piece of data that is entered into the system. We build the reports for the clients so they don’t have to hire somebody to build their own reports and maintain them. We can provide comparison data from one floor to another, one department to another, one facility to another, down to the data granularity level.”

Although this may sound complex at first, RGP provides training and consulting after the implementation that makes it easy to adapt to the system. Cook explains, “We pre-enter a year of historical data for the client, and we are there when they go live. The training is in 1- to 2-hour sessions for as many employees as they would like to have. Our training is all done on site. If they need help, we come back on site as needed. We actually come back for 8 hours of no-charge consulting, per facility, every quarter. We have our consultants come back once a quarter with all the information they need, not only to show them how to better use the application, but how to read their data in a more efficient manner and, potentially, how to really streamline their processes to better serve their patients. Our audit module allows us to do dynamic testing so we can find areas of problems in hospitals before they start affecting lives. We break audits into very small components and the application will use its business intelligence reporting to let you know where your priority focus areas are. It also tracks your near misses, corrective action plans, peer review, and HIPAA compliance as well as other areas of non-compliance an organization may have.”

CRG’s Dotan understands that preventing adverse events isn’t accomplished by just making an entry in a reporting system. “Having a system in place means nothing if there isn’t a culture that utilizes the information is generates. It starts with people utilizing it at the bedside, it continues when management does the right kind of analysis on the information and provides feedback. In many institutions you’ll find this happening and in many institutions it doesn’t happen, or it doesn’t happen very well. The feedback has to go, not just to the individuals who sent you the information, but shared amongst the entire institution to basically raise the quality of care.”

He believes that when reporting of near misses or unsafe conditions increases, it doesn’t mean a hospital is performing poorly; it means the hospital is actually performing better because it has the opportunity to prevent harm in the future by analyzing what went wrong. “You’re much safer because you’re aware of what’s going on and you’re learning as an organization and you have the opportunity to improve and prevent,” he says.

The challenge then is to create a culture that uses incident reporting instead of fearing it. As Smith puts it, “Analyze the past, manage the present, and prevent events in the future.”

Tom Inglesby is an author based in southern California who writes frequently about medical technologies and improvement strategies.