Essays and Publications

Risk Analysis. Risk Management. It all sounds good. Very few people in the world will argue against doing some kind of Risk Analysis and Management. But just exactly what kind of analysis should you do? What's a practical approach?

Risk Analysis Methodology

October 2010
James O. Westgard, Sten A. Westgard

• JC Requirements for Risk Analysis
• JC Proactive Risk Reduction Methodology
• References

Risk analysis - where to start?  That’s the question facing a medical laboratory that attempts to implement a risk analysis process.

The ISO and CLSI guidelines provide brief outlines of the steps in the risk analysis process [1-5], but they leave out the many details that are important in implementing a practical process.  Much additional information is provided by the Joint Commission’s (JC) manual on “Failure Mode and Effects Analysis in Health Care: Proactive Risk Reduction” [6] which should already be available in those healthcare organizations accredited by Joint Commission. Others can purchase this document via the JC website (www.JC.org).  The potential advantage of the JC methodology is that someone in your organization may already have experience with risk analysis and may have developed the training and support staff to facilitate the applications in your organization.  Given that potential, it is important to carefully review the JC methodology to see how it fits for laboratory applications.

JC requirements for risk analysis

The JC has been the driving force for application of risk analysis in healthcare organizations in the US.  The JC standards for patient safety and performance improvement require that risk management be implemented:

QPS.11  “An ongoing program of risk management is used to identify and reduce unanticipated adverse events and other safety risks to patients and staff.

1.    The organization leaders adopt a risk management framework to include the following: a) risk identification; b) risk prioritization; c) risk reporting; d) risk management; e) investigation of adverse events; f) management of related claims.
2.    The organization conducts and documents use of a proactive risk-reduction tool at least annually on one of the priority risk processes.
3.    The organization’s leaders take action to redesign high-risk processes based on the analysis.”

Note that item 2 requires a risk-reduction tool be utilized at least annually.  While that requirement doesn’t identify a specific tool, the JC methodology makes use of Failure Modes and Effects Analysis (FMEA), which is also the common tool that is recommended in the ISO and CLSI guidelines.  Thus, the approximately 150 page JC manual might be expected to provide some help for implementing risk analysis and utilizing the FMEA tool in a medical laboratory.

JC Proactive Risk Reduction Methodology

The JC manual provides a step-by-step guidance for use of FMEA, as shown in figure 9-1:

Figure 9-1.  Joint Commission methodology for proactive risk reduction [6]

This methodology has broad application and assumes significant resources and authority.  It employs a project team, which can be resource intensive, sometimes difficult to manage, and often inefficient unless carefully facilitated.  It assumes the authority to redesign a process in order to make significant changes that will reduce risk and improve safety.  Such redesign is almost always a major project that affects many functions, departments, and people, making implementation difficult, time-consuming, and often costly.  The methodology seems appropriate for cross-function or cross-department processes, but such improvement projects will require a major commitment by the organization if the project is to be successful.  That may be the reason that the basic JC requirement is that the organization performs risk analysis at least annually, but does not require that it be done annually by individual departments or functions.  That is also why the selection of the high-risk process is so critical and requires careful consideration.

We will describe this methodology in more detail in module III of our Risk Analysis course.  Meanwhile, here are some important points to keep in mind when considering the implementation of a risk analysis methodology in your laboratory:

• The Joint Commission is the driving force for implementation of risk analysis in US healthcare organizations, therefore the JC methodology is likely to be the foundation on which many medical laboratories will develop their risk analysis approaches.
• The JC “proactive risk reduction” methodology is widely applicable, but may not be efficient for some applications in the medical laboratory.
• For practical applications in medical laboratories, it will be important to focus any risk analysis project on a limited part of the total testing process, e.g., pre-analytic, analytic, or post-analytic processes.  In cases where the total testing process must be considered, e.g., improvement of turnaround time, the initial evaluation should prioritize the importance of the pre-analytic, analytic, and post-analytic parts of the process and target the highest-risk part of the process.
• The JC risk model may consider occurrence, severity, and detection, or only occurrence and severity.  It is left to the project team to decide whether a 3-factor or 2-factor model is appropriate.
• Classification scales for 10 classes are illustrated, but only half the categories are defined, thus a classification scale for 5 categories would make more sense for medical laboratories and also be consistent with the CLSI and ISO recommendations.
• The JC methodology places more emphasis on Root Cause Analysis than is generally found in other recommendations for performing FMEA.
• Use of RCA is consistent with the JC requirements for investigation of sentinel events, therefore RCA should also be considered an important tool for implementation in medical laboratories.
• The JC redesign options are equivalent to the ISO strategies for “risk control option analysis.”  The JC provides a clear focus on one option for improving each factor – occurrence, detection, severity – and provides important guidance for developing practical solutions to reduce risks.
• The redesign options may have some limitations when applied to the analytic process in a laboratory because making changes in analytic systems may be subject to regulatory requirements (e.g., the US CLIA rules require laboratories to follow a manufacturer’s directions for safe use and any modification changes a measurement method to a classification of high complexity, which imposes different QC requirements on the laboratory).

The Joint Commission proactive risk reduction methodology provides detailed guidance for implementation of risk analysis in healthcare organizations.  For US medical laboratories, it is advantageous to adopt the JC methodology when the critical process is pre-analytic or post-analytic.  However, if the critical process is analytic, there may be other quality management tools and methodology that will be more effective, e.g., method validation protocols, Six Sigma quality improvement methodology, etc.  For the particular situation where risk analysis is to be used to customize QC procedures for the analytic process, the JC methodology may be adapted or modified to provide more efficient and effective applications.  Such modifications should consider the following:

• Select a project team composed primarily of members from the laboratory;
• Adopt the 2-factor risk model for occurrence and severity for prioritization of risks;
• Adapt the classification scales for either 5 or 3 categories for the FMEA tool for prioritization of risk;
• Apply sigma-metrics as part of the redesign methodology for analytic processes;
• Assess detection as part of the analysis of the redesigned process and validation of control mechanisms;
• Apply the 3-factor risk model that includes detection as part of the evaluation of the redesigned process;
• Carefully formulate the information for safe use that is to be included in test report.

References

1. ISO 15189. Medical laboratories – Particular requirements for quality and competence.  ISO, Geneva, 2007.
2. ISO/TC 22367. Medical laboratories – Reduction of error through risk management and continual improvement. ISO, Geneva, 2008.
3. ISO 14971.  Medical devices – Application or risk management to medical devices. ISO, Geneva, 2007.
4. CLSI EP18-3P. Risk Management Techniques to Identify and Control Laboratory Error Sources. Clinical Laboratory Standards Institute, Wayne, PA, 2009.
5. CLSI EP23-P. Laboratory Quality Control Based on Risk Management. Clinical Laboratory Standards Institute, Wayne, PA, 2010.
6. Joint Commission.  Failure Mode and Effects Analysis in Health Care: Proactive Risk Reduction.  The Joint Commission, Oakbrook Terrance, IL, 2010.