British Journal of Radiology 74 (2001),62-68 © 2001 The British Institute of Radiology
A generic approach to risk assessment for the Ionising Radiations Regulations 1999
D Pearson, PhD, FIPEM
1
A T Rogers, MSc, MIPEM
1 and
E Moss
2
1 Department of Medical Physics
2 Corporate Affairs, Nottingham City Hospital NHS Trust, Hucknall Road, Nottingham, NG5 1PB, UK
 |
Abstract
|
|---|
The Ionising Radiations Regulations 1999 (IRR99) require that an explicit risk assessment be carried out to control properly the risks associated with the use of ionising radiation. Prior to IRR99, risk was controlled implicitly via mechnanisms such as Local Rules and staff monitoring, which were initiated by the Radiation Protection Adviser using professional judgement. To enable a consistent approach across our Trust's radiation users, a generic model of risk assessment was employed. This had been developed previously by the Trust in response to a national initiative within the NHS to manage risk. The methodology involves the generation, by a multidisciplinary staff brain-storming session, of a complete list of all possible risks. This is followed by a risk stratification process based upon severity of consequence and frequency of risk. Auditable controls are then applied and quantifiable outcome measures are monitored for continued compliance. Template risk assessments are presented to aid others in this process. It is estimated that even in a large teaching hospital with a full complement of medical radiation applications, the time resource necessary for this approach is of the order of a few days.
|
Introduction
|
|---|
The Ionising Radiations Regulations 1999 (IRR99) require that an explicit risk assessment be carried out for the use of ionising radiation [1]. Over the years, Radiation Protection Advisers (RPAs) have carried out risk assessments implicitly and have established controls necessary to reduce the risks from ionising radiation. These controls have been procedural (e.g. Local Rules), structural (e.g. shielded walls) or engineering controls such as room interlocks. Some work has been undertaken on risk assessment in specific medical radiation applications, which attempts to quantify and explain radiation risks [2]. However, the aim of this paper is to provide a simple, generic risk assessment methodology that can be applied to the use of ionising radiation in response to the requirements of IRR99.
Nottingham City Hospital NHS Trust developed this risk assessment methodology in 1996 in response to the requirement of Trust Boards to demonstrate management of risk [3]. Since then it has been successfully used to manage both clinical and non-clinical risks throughout the hospital at all organisational levels. Examples to date include implementation of new invasive procedures (e.g. novel cardiac catheters) and role extension of nurse practitioners.
|
Method
|
|---|
The method is carried out in four steps:- Risk identification.
- Risk analysis.
- Risk control.
- Risk management strategy.
Risk identification
First, a session is held for all staff involved in the process to identify the risks, highlighting what could go wrong, how it could happen and what would be the effect. Those involved can use their professional knowledge or other sources of information, such as records of complaints and untoward incidents. The latter requires an open attitude to the reporting of untoward incidents and near misses. For an interventional X-ray room, for example, a multidisciplinary team of radiographers, radiologists, physicists, nurses and helpers could brain-storm the potential risks. At this stage, all potential risks should be recorded.
Risk analysis
There are two major factors in the assessment of risk. These are:
- Severity: the consequences of an incident or failure.
- Frequency: the frequency or probability of an incident occurring.
For each risk, severity and frequency are assessed on a three-point scale as high, medium or low.
The severity can be assigned from a number of viewpoints. If the risk of physical injury or death occurring as the result of an incident is high, the severity of the risk is high. A small increase in lifetime cancer risk as a result of minor exposure to radiation compared with the background level of risk of cancer could be viewed as a low risk. Alternatively, the severity can be assessed in financial terms. What are the costs of an incident to the Trust? Is there a financial risk to the Trust in terms of potential litigation costs? The boundaries associated with financial risk used by the Trust are:
- Low: less than £10 000.
- Medium: £10 000–£100 000.
- High: greater than £100 000.
Finally, risk can be assessed in terms of risk to reputation. This might be adverse publicity undermining public confidence in the Trust, which may have a knock-on effect on GP referrals or healthcare commissioners that could adversely affect the working of the hospital.
The frequency of a risk is assessed on the basis of how often a particular risk is likely to occur, for example:
- Low: less than once a month.
- Medium: once a month.
- High: more than once a week.
Each risk identified in the first stage is assigned a severity and a frequency. This is not an exact science and an educated guess might be the best way to assign severity and frequency in the first instance. Any available information, however, can be used to reach conclusions. Risks are then plotted onto a three by three grid on the basis of severity and frequency (Figure 1
). The completed grid provides an overall picture of the various risks that have to be addressed. The risks are then split into three categories, A, B and C, as a means of reaching consensus and agreeing priorities.
View larger version (12K):
[in this window]
[in a new window]
|
Figure 1. Grid assigning risks identified to Categories A, B and C. The grid also includes risks identified from Table 1 .
|
|
Risk control
The major aims of risk control are to identify ways in which risk can be eliminated, avoided, made less likely or made less costly. On Figure 1, the aim is to move risks from categories A and B towards category C. To this end, an action plan is developed, treating category A and B risks as high priorities for action. The action plan includes the control measures currently in place. For IRR99, these will include Local Rules, shielding, protective clothing, procedures and specialist equipment. For each risk, performance indicators are identified, which will allow departments to demonstrate that the risk is under control. These should be simple and measurable, and may include accreditation by external bodies such as the Royal College of Radiologists, patient and staff dose records, incident reports and the results of interdepartmental dosemeter calibration audit. Any action required to further reduce the risk is also documented. This may include gathering further information about the severity and frequency of risks to refine the assessment or to develop quantitative performance indicators. For example, an audit of request cards to determine how often GPs request inappropriate X-ray examinations may give departments information on the frequency of a risk and act as a performance indicator to demonstrate that referral guidelines are in place and working. The residual risk, if all controls are working properly, can also be documented.
Risk management
To manage risk effectively, different levels of control and funding are required for different levels of risk. The same broad categories used to define the severity and frequency of risks (A, B and C) can be used to define the controls required. Each category is now defined in terms of the expected policies, procedures and financial plans that may need to be in place to manage the risk. Some suggestions are:
- Category C: systems must comply with legislation and all practicable steps must be taken to minimise risks. Staff must be appropriately trained and a commitment to ongoing training must be demonstrated. These risks have little or no financial impact.
- Category B: there must be written procedures in place that are audited regularly. Management systems must contain one independent checking mechanism. Financially, such risks are managed out of revenue budget.
- Category A: management systems must contain two independent checking mechanisms. The system must be auditable and audited regularly at agreed intervals. The audit trail must be traceable to named positions. An example of such a system is ISO9000. Any incident in this category of risk requires immediate action by specialist personnel. The Trust must insure against the financial impact of such risks via, for example, the Clinical Negligence Scheme for Trusts.
The risk management process requires regular monitoring and review using, where possible, the quantitative performance indicators identified in the action plan.
|
Results
|
|---|
Table 1 gives an example of risk identification for an interventional X-ray screening room. The table also identifies the severity and frequency of the risks identified. The risks have been numbered and have been transferred to the Risk Assessment grid in Figure 1.
Table 2 is an action plan developed from this risk assessment. Table 3 is an action plan for a general X-ray room. Table 4 is another sample action plan, this time for the risks associated with a nuclear medicine service. None of these tables attempt to be a complete risk assessment, as space is limited.
|
Discussion
|
|---|
The approach defined in this paper is a generic one, which identifies Health & Safety risks and attempts to manage the risk by application of controls and audit of quantitative performance measures. The proportion of resources allocated is determined by the risk's severity and frequency. This is a first attempt at a systematic risk control approach and is distinct from the more well known documentation of radiation risks from medical and occupational exposure [4, 5]. In addition it is distinct from the also more common risk:benefit analyses employed to inform decisions regarding justification of medical exposure [for example, 6].
As can be seen from Tables 2 and 3, the major differences between risk assessments for a general and an interventional X-ray room are the differing levels of severity associated with the risk occurring and the frequency of occurrence. This reflects both the generic nature of the approach and also the change in severity represented by the higher dose rates encountered in an interventional X-ray room. Furthermore, the actions and controls required to manage this risk are consequently more involved, i.e. it is worth assigning more resource to manage the greater risk.
The two X-ray examples given in the results section are probably not exhaustive but represent a fairly complete first attempt. They could be modified by further consideration by the professionals involved. Even so, we estimate that a full set of risk assessments for radiology could be developed within one morning, with a similar time being spent on consultation and redrafting. Extending this analysis to all areas of radiation work encountered in a teaching hospital with a cancer centre leads to a total resource of a few days work each for a small group of staff. It is impossible to be prescriptive about the total time involved since this will vary in terms of number of distinct radiation activities within the hospital and also how many staff are engaged in the risk assessment development process. However, it is likely to be a small cost given the benefits from a systematic approach.
The benefits from our approach are: (i) a broader coverage of potential risks achieved from the brain-storming approach to risk identification; (ii) involving a spectrum of professionals in the process leads to a wider ownership and acceptance of the actions required to control the risk; and (iii) the totality of actions to control all the risks can be considered together and thus prioritised within an overall programme to minimise hospital exposure to risk.
The quantitative approach to performance measures allows hospitals to demonstrate that the controls in place are working and allows audit to be carried out.
|
Conclusion
|
|---|
The method of risk assessment proposed:- Is generic.
- Is simple and easy to use.
- Can be applied to types of activity, e.g. standard X-ray room, interventional X-ray room, small radiation laboratories etc.
- Identifies quantitative performance measures for audit purposes.
Much of the work on risk assessment in radiation protection has already been carried out, adequate control measures are in place and there is a wealth of performance monitoring data readily available. This method will satisfy the requirements of IRR99 without necessitating a large volume of work.
Received for publication June 6, 2000.
Accepted for publication August 31, 2000.
|
References
|
|---|
-
The Ionising Radiations Regulations 1999. SI 3232. London: HMSO, 1999.
-
Mountford PJ. Risk assessment of the nuclear medicine patient. Br J Radiol 1997;70:671–84.[Abstract]
-
NHS Management Executive, Risk management in the NHS. London: Department of Health, 1993.
-
National Radiological Protection Board., Occupational, public and medical exposure, Documents of the NRPB 4(2). Chilton: NRPB, 1993.
-
National Radiological Protection Board, Estimates of late radiation risk to the UK population, Documents of the NRPB 4(4). Chilton: NRPB, 1993.
-
Working Group Chaired by P Forrest, Breast cancer screening—report to Health Ministers. London: Department of Health, 1986.
This article has been cited by other articles:
|
|
|
|
 
A Nisbet and M Cocker
Experiences of a proactive IR(ME)R inspection in radiotherapy
Br. J. Radiol.,
April 1, 2004;
77(916):
329 - 332.
[Abstract]
[Full Text]
[PDF]
|
|
|
Top
Abstract
Introduction
