Incident Reporting

Service: Risk Management
Subject: Risk Management Operations
Setting: Incident
Type: Risk Notes

OVERVIEW OF ISSUE

Incident reports are administrative tools to capture information when there has been harm or an unexpected outcome (including a near miss) occurs at a healthcare organization. Challenges associated with incident reports include fear of repercussion for reporting incidents, the discretionary (voluntary) nature of incident reporting/management systems, lack of clarity related to what to report and what to document, and whether incident reports are shared with patients and/or their substitute decision-maker(s). Having a strategy in place that speaks to organizational expectations is key to managing these challenges.

Note: This Risk Note does not cover investigating or disclosing incidents once they have been reported. Please refer to HIROC’s Risk Resource Guide on Critical Incidents and Multi-Patient Events. Ensure that provincial/territorial legislation for reporting and disclosing critical incidents is followed.

Key Points

  • Do not document in the health record that an incident report was completed or file a copy of the incident report in the health record. Do record the event which gave rise to the incident in the health record if a patient is affected.

Things to Consider

The Healthcare Organizational Policy

  • The incident reporting policy should address:
    • When an incident report should be completed (e.g. by end of shift);
    • Who reports incidents (e.g. the person who first becomes aware of the incident;
    • What incidents to report (i.e. incident definition);
    • Incident severity, procedure for responding to incidents including an escalation strategy which may involve immediate notification of the risk manager/designate for critical incidents;
    • What to do if equipment is involved in the incident;
    • The role of leadership in reviewing incidents, recommendations and outcomes. Consider developing an algorithm or decision tree capturing key processes and decisions related to incident reporting and management.
  • Some healthcare organizations have a separate policy on critical incidents while others combine both topics in one policy; where separate policies exist ensure each policy includes a cross reference to the other.

Incident Reporting/Management System

  • An incident reporting/management system may be electronic or paper based, although electronic is becoming more common and will likely be the norm in the future.
    • Typical fields on an incident reporting form include:
    • Incident type; • Severity of incident;
    • If there was a witness to the incident;
    • Name and unique identifier of the affected patient/ person;
    • Some healthcare organizations include space for the reporter to provide a description of the incident including what could have been in place to prevent the incident from occurring. If the system is electronic, there is typically a character limit in this section. The intent is for the narrative to be brief, factual and objective. Specific incident types (e.g. falls and medication incidents) may require additional information to be included.
  • It is up to the healthcare organization to decide if the individual entering the incident should include their name. One advantage of identifying the reporter is the manager of the area where the incident occurred will be able to follow-up with the appropriate person.
  • If the incident reporting system is electronic, there should be a downtime procedure. One benefit of electronic incident reporting systems is that notification of the incident report can be sent to whomever the healthcare organization deems should receive it (e.g. Risk Management receives all incidents, Pharmacy receives all medication incidents, Biomedical Engineering receives all equipment-related incidents). The workflow and distribution can also be based on severity (e.g. Vice-President receives all critical incidents).

Role of Leadership

  • The designated reviewer (often a manager or director) who receives the incident report is responsible for reviewing the incident report and, in general, signing it off either electronically or in hard copy. Some healthcare organizations set a time limit for this and senior leadership is notified if the incident reports are not closed in a timely fashion (applicable to electronic incident reports). The designated reviewer may also be responsible for coordinating any required follow-up arising from the incident including the identification of recommendations and outcomes.
  • The designated reviewer may be responsible for assigning the final severity of the incident and commenting on if disclosure took place.
  • Leadership can also play a role in analyzing incident trends and developing strategies for mitigating incidents. Sharing such strategies with staff and physicians reinforces the merit of completing an incident report in the first place.

Documentation

  • The facts of the incident should be documented in the health record if a patient is affected by the incident and in the incident reporting/management system. Documentation should include date and time of the incident, incident details, care provided, known outcomes, and who was notified. Documentation should be objective, not assign blame, and avoid hearsay and speculation.
  • The incident report is an organizational administrative tool and is not directly relevant to the care provided to a patient; for this reason HIROC advises against the practice of recording in the health record that it was completed or filing a copy of the report in the health record.

Patients and/or Substitute Decision-Makers

  • Patients and/or their substitute decision-makers (SDM) may ask for a copy of the incident report. When faced with this request, it is helpful to try to understand the circumstances surrounding why the request is being made and whether there are ongoing litigation and/or proceedings related to the incident.
  • In general, there is no reason why an incident report cannot be released to the patient/and or their SDM unless it is subject to a ground of legal or statutory privilege. An incident report that is completed in the ordinary course of business using a standard healthcare organization template is very unlikely to attract any legal or statutory privilege. A unique incident report prepared following an investigation that is narrative and not on a standard template may attract privilege.
  • Whether privilege attaches to an incident report should be reviewed prior to releasing the report to patients and/or their SDM.
  • As incident reports may be subject to production during legal proceedings, their contents may not be private or confidential and this should be taken into consideration whenever the document is completed by the reporter.
  • An offer to review the health record may be given as an alternative, as the information in the incident report should be captured in the health record itself. Given that incident reports are merely administrative documents it may seem that there is little added value in sharing the incident report if the health record has been reviewed. However, it is possible that a patient or SDM who is refused the opportunity to see the document will assume it contains more information than it does and such refusal may create more harm than simply providing the document in the first place.

References

Date last reviewed:
This is a resource for quality assurance and risk management purposes only, and is not intended to provide or replace legal or medical advice or reflect standards of care and/or standards of practice of a regulatory body. The information contained in this resource was deemed accurate at the time of publication, however, practices may change without notice.