On safety ontology: a cross-section analysis of incident investigations in a public healthcare system
Safety in Health volume 3, Article number: 13 (2017)
Due to new legislation in 2011 and 2013, the Swedish public healthcare system has undergone change as regards incident reporting and supervision. Focus has turned to learning from adverse events and sharing this learning with actors within the system. The aim of this study was to explore with what underlying safety ontology adverse events in the incident reporting system are investigated.
A content analysis of 90 official and recently completed incident investigations from all six regional supervisory authority offices in Sweden was performed. Data was examined per nature of the investigation, number of targets for intervention, specific final comments in the investigation and the decision from the supervisory authority. A coding scheme was used to identify the organisational level of the targets for intervention.
With different investigation methods in use, this incident reporting system still seems to contribute to a reproduction of an organisational micro-level understanding of how risks emerge with a focus that operates in the event’s immediate spatial proximity. There are no signs of constructive dialogue on exposed matters between the main actors: the healthcare provider organisation and the supervisory authority. There are strong examples of mistranslation of social infrastructure from other safety-critical organisations. Actors and individuals at the blunt end of the healthcare system adapt to new legislation and organisational change by balancing rhetoric and practice during fulfilment of stated obligations.
Our findings support that traditional linear causality construction and traditional norms remain intact despite new legislation and recent organisational change. Through efficient and adapted working procedures by the main actors, this model still brings societal closure of harm and thereby a way to focus on moving on forward.
Lessons learned from adverse events and incidents have for decades been used for the development of safety interventions. Incidents in safety-critical organisations have throughout the twentieth century served as epistemological crossroads for further understanding of system behaviour and meaningful system intervention [1,2,3]. The Institute of Medicine’s report To Err is Human  in 2000 pointed out that reporting and subsequent system analysis of adverse events are key in quality and safety improvement in the healthcare field. Numerous healthcare organisations worldwide have since invested in, established and institutionalised incident reporting systems, most often adapted from other safety-critical organisations, arguing that economic advantages and increased patient safety are the overall aim [4,5,6].
Within this discourse, a Swedish legislative change took place in 2011 with the introduction of the Patient Safety Act  and thereafter in 2013 with the creation of a new supervisory authority: the Health and Social Care Inspectorate (HaSCI) . Both legislation and the HaSCI emphasise the responsibility of the healthcare provider organisation (HPO) to learn from adverse events, as well as sharing this learning with others. However, contemporary safety science research has shown that such learning and sharing can be difficult for organisations to apply in practice [9, 10] and that organisational forgetting is a common phenomenon [11, 12].
Since 1937, the Swedish healthcare system has used a model, regulated by legislation, for external investigation of severe incidents by a regulatory authority . The foundation of this law states that if an adverse event has resulted, or could have resulted, in a serious injury, this should be reported to the regulatory authority for an external incident investigation. This model with a HPO reporting incidents to a supervising regulatory authority has since then stayed virtually intact, even though certain modifications, including name changes, have been made over the years. Despite changes in political governance, Sweden has predominantly continued to have a public healthcare system.
The regulatory authority has in recent years issued specific regulations governing the responsibilities of the HPOs: for example, using an incident reporting system and carrying out internal incident investigations. In 2011, the aforementioned legislative change pinpointed the specific responsibility of the HPOs for patient safety improvement within their respective organisations . These regulations state that the regulatory authority ‘…ensures that reported adverse events have been investigated to a necessary extent, and that appropriate actions have been taken by the HPO to reach a high level of patient safety’.
With the creation of the HaSCI in June 2013  came the commission to take over the supervisory role of the healthcare system from the National Board of Health and Welfare, both acting under the Ministry of Health and Social Affairs. The HaSCI has six regional authority offices respectively covering certain geographical regions of the nation.
Since 2005, methodological support for conducting the internal incident investigation has been provided to HPOs by the Swedish Association of Local Authorities and Regions .
In our previous studies on a local and regional level, we focused on describing changes over time regarding the incident reporting system, identified targets for intervention from the different actors in the healthcare system and suggested alternative pathways for analysis of adverse events [15,16,17].
In this study, we were interested in simultaneously exploring the most recent data from all regional incident reporting systems in the Swedish public healthcare system, searching for the mechanisms that could describe, understand and answer our research question: with what underlying safety ontology are adverse events in Swedish healthcare investigated? Our guiding questions were (1) what organisational levels are targets for intervention in incident investigations today? (2) what role do the actors, the HPO and the new supervisory authority, play in incident investigations today? and (3) can regional similarities or differences be seen in incident investigations today?
According to the policy activities that constitute research at our institution, congruent with both the Regional Ethical Review Board and the national Act concerning the ethical review of research involving humans (2003:460), this study meets criteria that are exempt from ethics review.
In general, the chief medical officer (CMO) of a public HPO determines when and what to report to the supervisory authority by using data from the incident reporting system. Upon decision to report, a commissioning body within the HPO is assigned to conduct an internal incident investigation. The commissioning body is most often the chief medical officer or the clinical head of department where the adverse event occurred. An analysis team is set up to perform an internal incident investigation and thereafter presents a report with causal factors and recommendations on actions to the commissioning body.
Recently, within some HPOs, these investigations have changed in nature, now having the character of a ‘short internal report’ performed by either the clinical head of department where the adverse event occurred or by the CMO who decided to report. Whichever pathway the HPO chooses a report with causal factors and recommendations on actions to take is a mandatory part of the assignment. The internal incident investigation, with or without comments from the CMO, is thereafter sent to the supervisory authority. The external incident investigation by the supervisory authority is always preceded by the HPOs’ internal incident investigation (or ‘short internal report’). At the authority, an inspector is assigned to perform the external incident investigation, but since the latest change in legislation, an auditing of the HPOs’ own internal incident investigation is the actual assignment. The report from the external incident investigation is presented to the head of unit at the authority, and after a decision addressing the fulfilment (or not) of the HPOs’ legislated obligations, the report is sent to the HPO.
Our study was conducted as a content analysis of the most recent official, and on request publicly available, completed internal and external incident investigations from all six regional supervisory authority offices in Sweden (Fig. 1). The internal and external incident investigations were both compiled and de-identified by the HaSCI. We asked for the 15 most recently completed incident investigations from each region, excluding primary healthcare, psychiatry and private healthcare organisations. This resulted in 90 internal and external incident investigations dating from December 2015 to May 2016.
The internal incident investigation from the HPO and the external incident investigation from the supervisory authority were linked together respectively and numbered as received from the HaSCI. The content analysis aimed to identify, examine and code all targets for intervention from all incident investigations and short internal reports, together with the investigations’ plans for follow-up or other intentions. Therefore, data was examined per (a) the nature of the internal incident investigation, (b) the number of targets for intervention from the internal incident investigations, (c) attached final comments from the CMO to the supervisory authority regarding the adverse event and (d) the supervisory authority decision in the external incident investigation.
A coding scheme was used to identify the organisational level of the targets for intervention in the different incident investigations. The targets for interventions were coded according to a micro-meso-macro-perspective in equivalence to previous studies [15,16,17,18]. A target for intervention at a micro-level is within the department where the adverse event occurred: for example, a local procedure, technical skills or staff issues. A target for intervention at a meso-level is outside the department where the adverse event occurred: for example, the need for collaboration with another department or hospital management. A target for intervention at a macro-level is outside the specific HPO: for example, the collaboration with another HPO, authorities, politics or pharmaceutical companies.
Due to the semi-quantitative and qualitative nature of the study, we carried out no further statistical analyses than presented below.
Internal incident investigations
In the 90 investigations analysed, a total of 313 targets for intervention were identified. The total distribution of these targets was as follows:
Micro organisational level 263 (84%)
Meso organisational level 48 (15.3%)
Macro organisational level 2 (0.6%)
On examining the nature of investigations, 43 of 90 had the character of a ‘short internal report’, compared to the more traditional ‘internal incident investigation’ done by an analysis team. The number (n) of targets for intervention was higher in the group of ‘internal incident investigations’, but the relative distribution (%) of targets for intervention was similar in the two groups:
Short internal report:
Micro organisational level n = 86 (86%)
Meso organisational level n = 13 (13%)
Macro organisational level n = 1 (1%)
Internal incident investigation:
Micro organisational level n = 177 (83.1%)
Meso organisational level n = 35 (16.4%)
Macro organisational level n = 1 (0.5%)
In 5 of 90 investigations, no targets for intervention were presented by the HPO. In these 5 investigations, the supervisory authority closed the case with no further intention.
In 16 of 90 investigations, the CMO recognised that ‘similar events’ had occurred within the HPO. In 1 of these 16 investigations, there was a follow-up plan by the supervisory authority. In the remaining 15 investigations, the supervisory authority closed the case.
In 8 of 90 investigations, the HPO, on its own initiative, tried to improve standards of patient safety through system intervention either using lateral distribution of knowledge on a meso- and macro-level or by performing a risk analysis as a consequence of acquired knowledge from the investigation. In none of the 8 investigations did the supervisory authority do anything further.
External incident investigations
In 70 of 90 investigations, the supervisory authority closed the case without further intention after reviewing the internal incident investigation. In the following investigations, one or more action(s) were taken by the supervisory authority:
In 15 of 90, the supervisory authority called for a completion of the investigation, and thereafter closed the case in 13 of them. The 2 remaining were planned for follow-up or a site visit.
In 3 of 90, there was a plan for follow-up
In 3 of 90, a ‘new supervisory case’ was opened for a separate investigation
In 2 of 90, a site visit took place before decision
In one regional supervisory authority office, examination revealed the following from one individual (= one head of unit):
5 of 15 calls for completion came from the same individual
2 of 3 plans for follow-up came from the same individual
1 of 3 ‘new supervisory case’ was created by the same individual
2 of 2 site visits before decision were called upon by the same individual
In the following two sections, a sample of quotations from the investigations is presented for clarification of the results. They have all been translated from Swedish to English by the first author and are all tagged with one (x) or two (x-x) italic numbers. The first number represents an investigation and the second number a target for intervention:
Examples of targets for intervention
The micro organisational level:
‘A review at the department regarding what kind of straps that are in use to secure patients on an operating table will be performed.’ (8–35).
The meso organisational level:
‘Develop a routine within the organisation to ensure which department or unit that is responsible for the follow-up of newly diagnosed prostate cancer.’ (18–90).
The macro organisational level:
‘A regional programme for all HPOs will be produced during 2016 for this group of diagnoses with the aim of shortening the delay for a group of patients.’ (50–183).
Examples of decisions from the HaSCI
‘The HaSCI finds that the HPO has fulfilled its demands of reporting and investigating. The HaSCI closes the case.’ (71).
‘The HaSCI closes the case and will not take any further action.’ (51).
‘The HaSCI finds that the HPO has not fulfilled its demands of investigating since remains of flaws are noticed and actions have not been taken. The HaSCI closes this case and opens a new supervisory case to audit the HPO’s patient safety work.’ (11).
Using the three guiding questions in the study, we here present an analysis of the semi-quantitative and qualitative results by answering the questions chronologically as stated in the ‘Background’ section, and at the end of this section, an interpretation of these answers as an explanation to the research question raised.
First, in the short time span of 6 months, Swedish HPOs and their supervisory authority have handled numerous investigations of serious incidents that have jeopardised patient safety in a variety of ways. From one point of view, this incident reporting system appears to be well-functioning and aligned both with the Patient Safety Act  from 2011, and a recent report in 2015 from the Swedish Agency for Public Management, where a systematic approach and efficiency on legislated obligations was acknowledged and appreciated . From another point of view, despite revisions of the methodological support from the Swedish Association of Local Authorities and Regions , the same linear and narrow accident causation model for conducting incident investigations remains. The model has now been in use for over a decade, suggesting that the procedure for dealing with adverse events has become a well-established standard routine within the healthcare system, and thereby has contributed to an understanding of how incidents evolve. Arguments can also be made that the healthcare system has implemented a model where a certain ‘local technical fix’ is the solution to whatever incident that occurs  and that the incident report processing of large volumes of adverse events perhaps is inadequate . Since this study shows that usage or not of provided methodological support for internal incident investigations does not alter the target for intervention after an adverse event, Hollnagel’s two principles WYLFIWYF (‘What You Look For Is What You Find’) and WYFIWYF (‘What You Find Is What You Fix’) seem highly applicable [22, 23]. The investigation method(s) seems to contribute to a reproduction of an organisational micro-level understanding of how risks emerge and incidents occur, meaning that the operating focus of the different incident investigations to a large extent is in close spatial proximity to the adverse event. This is congruent with conclusions from our previous studies in which we used geographically more constrained sets of data analysing targets for intervention and causal factors respectively [16, 17]. We cannot draw any general conclusions on actual adverse event causation models used in this newer investigation form, but since the proportions of identified targets for intervention stay nearly intact, the investigators, probably unaware of it, use an equivalent methodological approach with less effort and manpower needed to complete the assignment.
Second, we noticed a lack of constructive dialogue between the different actors: the HPO on one side and the supervisory authority on the other. On the one side, the HPO fulfils its administrative obligations, but only few practical attempts can be traced regarding the system’s effort to enhance the level of patient safety, through for example lateral distribution of acquired knowledge or by shedding light on recurring organisational weakness. On the other side, the supervisory authority plays its auditing role by merely seeking the fulfilment of stated obligations. Rarely does it ask for completion of an investigation from the HPO. Further, it is remarkably rare that the supervisory authority tries to broaden the investigation by for example more accounts from the adverse event, follow-up plans or site visits. A dialogue on exposed matters, in which interaction between the two main actors probably could make patient safety issues take leaps forward, is hardly noticeable between the two with the actual power to initiate this. This uncovered ‘lack of dialogue’ between main actors of the system can be seen as a strong example of mistranslation of incident reporting systems from other safety-critical organisations to healthcare, where the highly essential social infrastructure for investigation has been missed and instead the processes of filing investigations have been more in focus . We also argue that the entire process of promoting the use of an incident reporting system and performing incident investigations can be regarded as part of a moral enterprise [24, 25] that has important implications for the ability of an organisation to move on by constructing narratives addressing societal purposes of closure [26,27,28]. In summary, the fulfilment of these purposes ensures that the system has control of the unreliable parts that occasionally emerge, and in such a context, the authoritative auditing and filing role becomes unquestionable.
Third, our data showed that in a vast majority of reported adverse events, the same investigatory approach was observed in all the regional supervisory authority offices; the case was closed after the first reviewing of the internal incident investigation. However, we here made an observation on variability and human behaviour. One individual authority investigator both identified the necessity of more accounts in various cases and used the given authority role as a catalyst for safety improvement within the system. With our limited data, we can only speculate if this finding was coincidental, due to education and in-job training, a high level of work-related vigilance or maybe due to the personal view of the assignment. In previous studies, we have raised concerns about the lack of in-job training of staff being a factor behind the finding of targets for intervention on a micro organisational level and that individuals within the authority mainly look upon themselves as auditing the process .
Finally, focusing on all the guiding questions together, we argue that the results in this study picture the consequences that can emerge in a system with mandatory incident investigations in a resource-constrained environment, such as the Swedish public healthcare system. Actors and individuals at the blunt end of the system need to adapt to new matters, such as in this case legislative change and ministerial construction, but mostly by finding pragmatic working solutions to their performance that balance rhetoric and practice beneath a continuous flow of new adverse events and incidents . However, this example of human behaviour also opens a discussion on alternative pathways for conducting incident investigations in the healthcare field. Other organisations in society, and recently even healthcare systems, have established the use of independent investigation teams to ensure that unfiltered and system-wide causal factors are identified [30, 31]. The traditional idea of adverse event causation that emphasises decomposition or reduction into malfunctioning system components was for decades the major theory in activities enhancing safety. In the report To Err is Human , this idea seems to be conceptualised and adhered to in the way construction of an incident reporting system evolves and is acknowledged. However, since the dawn of Heinrich’s theorems in the 1930s , several schools of thought in safety science have developed alternative approaches to the construction of adverse event causation and changed the epistemological starting point on how adverse events evolve, including Perrow’s ideas on potential multiple incidents in complex tightly coupled systems , Vaughan’s description of individuals and organisations accustoming to deviant behaviour from an original norm  and Snook’s analysis of the slow ‘practical drift’ of an organisation that uncouples practice from formal routine .
In summary, looking at the research question raised through findings in this present study with a limited sample of recently completed internal and external incident investigations, our analysis is that traditional norms including hierarchies of power and control stay intact, that translation of investigation infrastructure from other safety-critical organisations have taken a narrow diverged focus and that traces of adjustment to contemporary safety science research suggesting focus on interactions at different organisational levels are weak regardless of the latest organisational and legislative changes in the Swedish healthcare system. So far, we see these changes, which in rhetoric promotes ‘the responsibility of learning from adverse events’, as a lost opportunity to alter the direction of a non-fruitful yet long-lasting incident reporting system. Under other circumstances—for example, a shift towards the usage of a variety of incident causation models, establishing routines for handling large volumes of adverse events, redesigning the social infrastructure of the incident reporting system, raising discussions on the core purpose of performing incident investigations and enhancing knowledge (meaning power) by acknowledging the importance of professional training of investigation teams—this incident reporting system could play a significant role and be a powerful tool in a patient safety improvement strategy not only in the public healthcare system such as the one studied.
This study seeks to understand in what safety ontology the Swedish healthcare system presently exist. Using both semi-quantitative and qualitative methods, an analysis of a data set in recently completed incident investigations covering all regional supervisory authority offices was performed. Obvious signs of a healthcare system using traditional linear causality construction with a focus on the event’s immediate spatial proximity were found. Furthermore, strong signs of mistranslation of social infrastructure from other safety-critical organisations together with investigation work efficiency and closure of cases as essential parts of the main actors’ performance were also found. Despite new legislation and recent organisational change at different levels within the healthcare system, with rhetoric stating both improvement and high levels of patient safety, traditional norms of power and hierarchy stay intact. However, we believe that such findings represent an adaption made by the main actors to their different obligations. Through this adaption, the system still brings societal closure of harm, changing focus to a move on forward and a contribution to the legitimacy of care in the Swedish healthcare system.
Chief medical officer
Health and Social Care Inspectorate
Healthcare provider organisation
‘What You Find Is What You Fix’
‘What You Look For Is What You Find’
Perrow C. Normal accidents: living with high-risk technologies. New York: Basic Books; 1984.
Vaughan D. The challenger launch decision. Chicago: The University of Chicago Press; 1996.
Snook SA. Friendly fire: the accidental shoot down of US Black Hawks over Northern Iraq. Princeton, NJ: Princeton University Press; 2000.
Kohn LT, Corrigan JM, Donaldson MS. To err is human: building a safer health system. Washington DC: National Academies Press; 2000.
Leape LL. Reporting of adverse events. N Engl J of Med. 2002;347:1633–8.
Leape LL, Berwick DM. Five years after to err is human: what have we learned? JAMA. 2005;293:2384–90.
The Swedish Patient Safety Act (SFS 2010:659). https://www.riksdagen.se/sv/dokument-lagar/dokument/svensk-forfattningssamling/patientsakerhetslag-2010659_sfs-2010-659/. Accessed 30 June 2017.
Swedish Government Proposition (Prop. 2012/13:20). http://www.regeringen.se/49bbd5/contentassets/5357b4f877c8422c90508e73380464b2/inspektionen-forvard-och-omsorg---en-ny-tillsynsmyndighet-for-halso--och-sjukvard-och-socialtjanst-prop.-20121320. Accessed 26 Oct 2017.
Woods DD, Cook RI. Nine steps to move forward from error. Cogn Technol Work. 2002;4:137–44.
Macrae C. The problem with incident reporting. BMJ Qual Saf. 2016;25:71–5.
Haunschild PR, Polidoro F Jr, Chandler D. Organizational oscillation between learning and forgetting: the dual role of serious errors. Organ Sci. 2015;26:1682–701.
Peerally MF, Carr S, Waring J, et al. The problem with root cause analysis. BMJ Qual Saf. 2016;0:1–6. https://doi.org/10.1136/bmjqs-2016-005511.
The Social Welfare Board. The report on public child welfare 1937. http://www.scb.se/H/SOS%201911-/Socialtjänst/Samhällets%20barnavård%20(SOS)%201931-1960/Samhallets-barnavard-1937.pdf. Accessed 30 June 2017.
Swedish Association of Local Authorities and Regions. Risk analysis and adverse events analysis: working methods to enhance patient safety, 3rd ed. 2015. http://webbutik.skl.se/bilder/artiklar/pdf/7585-237-9.pdf. Accessed 30 June 2017.
Wrigstad J, Bergström J, Gustafson P. Mind the gap between recommendation and implementation—principles and lessons in the aftermath of incident investigations: a semi-quantitative and qualitative study of factors leading to the successful implementation of recommendations. BMJ Open. 2014;4:e005326. https://doi.org/10.1136/bmjopen-2014-005326.
Wrigstad J, Bergström J, Gustafson P. Incident investigations by the regulatory authority of Swedish healthcare—a 20-year perspective. J Hospital Admin. 2015;4:68–76. https://doi.org/10.5430/jha.v4n6p68.
Wrigstad J, Bergström J, Gustafson P. One event, three investigations: the reproduction of a safety norm. Saf Sci. 2017;96:75–83. https://doi.org/10.1016/j.ssci.2017.03.009.
Cedergren A, Petersen K. Prerequisites for learning from accident investigations—a cross-country comparison of national accident investigation boards. Saf Sci. 2011;49:1238–45.
The Swedish Agency for Public Management. Final report on the creation of the Health and Social Care Inspectorate. http://www.statskontoret.se/globalassets/publikationer/2015/201508.pdf. Accessed 30 June 2017.
Heifetz RA, Linsky M. A survival guide for leaders. Harv Bus Rev. 2002;80:65–74.
Mitchell I, Schuster A, Smith K, et al. Patient safety incident reporting: a qualitative study of thoughts and perceptions of experts 15 years after ‘To Err is Human. BMJ Qual Saf. 2016;25:71–5.
Hollnagel E. Investigation as an impediment to learning. In: Hollnagel E, Nemeth CP, Dekker SWA, editors. Resilience engineering perspectives: remaining sensitive to the possibility of failure, vol. 1. Aldershot: Ashgate Publishing; 2008. p. 259–68.
Lundberg J, Rollenhagen C, Hollnagel E. What-You-Look-For-Is-What-You-Find—the consequences of underlying accident models in eight accident investigation manuals. Saf Sci. 2009;47:1297–311.
Dixon-Woods M, Yeung K, Bosk CL. Why is UK medicine no longer a self-regulating profession? The role of scandals involving “bad apple” doctors. Soc Sci Med. 2011;73:1452–9.
Dekker SWA, Nyce JM. Cognitive engineering and the moral theology and witchcraft of cause. Cogn Tech Work. 2012;14:207. https://doi.org/10.1007/s10111-011-0203-6.
Dekker SWA. The field guide to understanding ‘Human Error’. 3rd ed. Farnham: Ashgate Publishing Ltd; 2014.
Dekker SWA. Employees: a problem to control or solution to harness? Prof Saf. 2014;56:32–6.
Dekker SWA. The psychology of accident investigation: epistemological, preventive, moral and existential meaning-making. Theor Issues Ergon Sci. 2014;16:202–13.
Rasmussen J. Risk management in a dynamic society: a modelling problem. Saf Sci. 1997;27:183–213.
Macrae C. Early warnings, weak signals and learning from healthcare disasters. BMJ Qual Saf. 2014;23:440–5.
Macrae C, Vincent C. Learning from failure: the need for independent safety investigations in healthcare. J R Soc Med. 2014;107:439–43.
Heinrich HW. Industrial accident prevention: A scientific approach. New York: McGraw-Hill; 1931.
The authors would like to thank the staff at all the regional supervisory authority offices at the HaSCI for their contribution by providing the compiled and de-identified incident investigations.
The study was partially funded by a grant from The Swedish National Patient Insurance Company without any further involvement.
Availability of data and materials
The datasets analysed during the current study are, on request, publicly available and are also available from the corresponding author on reasonable request.
Ethics approval and consent to participate
Consent for publication
The authors declare that they have no competing interests.
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
About this article
Cite this article
Wrigstad, J., Bergström, J. & Gustafson, P. On safety ontology: a cross-section analysis of incident investigations in a public healthcare system. Saf Health 3, 13 (2017). https://doi.org/10.1186/s40886-017-0064-7