Organizational Accidents Revisited
eBook - ePub

Organizational Accidents Revisited

James Reason

Compartir libro
  1. 160 páginas
  2. English
  3. ePUB (apto para móviles)
  4. Disponible en iOS y Android
eBook - ePub

Organizational Accidents Revisited

James Reason

Detalles del libro
Vista previa del libro
Índice
Citas

Información del libro

Managing the Risks of Organizational Accidents introduced the notion of an 'organizational accident'. These are rare but often calamitous events that occur in complex technological systems operating in hazardous circumstances. They stand in sharp contrast to 'individual accidents' whose damaging consequences are limited to relatively few people or assets. Although they share some common causal factors, they mostly have quite different causal pathways. The frequency of individual accidents - usually lost-time injuries - does not predict the likelihood of an organizational accident. The book also elaborated upon the widely-cited Swiss Cheese Model. Organizational Accidents Revisited extends and develops these ideas using a standardized causal analysis of some 10 organizational accidents that have occurred in a variety of domains in the nearly 20 years that have passed since the original was published. These analyses provide the 'raw data' for the process of drilling down into the underlying causal pathways. Many contributing latent conditions recur in a variety of domains. A number of these - organizational issues, design, procedures and so on - are examined in close detail in order to identify likely problems before they combine to penetrate the defences-in-depth. Where the 1997 book focused largely upon the systemic factors underlying organizational accidents, this complementary follow-up goes beyond this to examine what can be done to improve the 'error wisdom' and risk awareness of those on the spot; they are often the last line of defence and so have the power to halt the accident trajectory before it can cause damage. The book concludes by advocating that system safety should require the integration of systemic factors (collective mindfulness) with individual mental skills (personal mindfulness).

Preguntas frecuentes

¿Cómo cancelo mi suscripción?
Simplemente, dirígete a la sección ajustes de la cuenta y haz clic en «Cancelar suscripción». Así de sencillo. Después de cancelar tu suscripción, esta permanecerá activa el tiempo restante que hayas pagado. Obtén más información aquí.
¿Cómo descargo los libros?
Por el momento, todos nuestros libros ePub adaptables a dispositivos móviles se pueden descargar a través de la aplicación. La mayor parte de nuestros PDF también se puede descargar y ya estamos trabajando para que el resto también sea descargable. Obtén más información aquí.
¿En qué se diferencian los planes de precios?
Ambos planes te permiten acceder por completo a la biblioteca y a todas las funciones de Perlego. Las únicas diferencias son el precio y el período de suscripción: con el plan anual ahorrarás en torno a un 30 % en comparación con 12 meses de un plan mensual.
¿Qué es Perlego?
Somos un servicio de suscripción de libros de texto en línea que te permite acceder a toda una biblioteca en línea por menos de lo que cuesta un libro al mes. Con más de un millón de libros sobre más de 1000 categorías, ¡tenemos todo lo que necesitas! Obtén más información aquí.
¿Perlego ofrece la función de texto a voz?
Busca el símbolo de lectura en voz alta en tu próximo libro para ver si puedes escucharlo. La herramienta de lectura en voz alta lee el texto en voz alta por ti, resaltando el texto a medida que se lee. Puedes pausarla, acelerarla y ralentizarla. Obtén más información aquí.
¿Es Organizational Accidents Revisited un PDF/ePUB en línea?
Sí, puedes acceder a Organizational Accidents Revisited de James Reason en formato PDF o ePUB, así como a otros libros populares de Tecnologia e ingegneria y Salute e sicurezza sul lavoro. Tenemos más de un millón de libros disponibles en nuestro catálogo para que explores.

Información

Editorial
CRC Press
Año
2016
ISBN
9781134806072
Edición
1
Categoría
Tecnologia e ingegneria
Categoría
Salute e sicurezza sul lavoro

Chapter 1
Introduction

The term ‘organizational accidents’ (shortened here to ‘orgax’) was coined in the early 1990s and was developed in the Ashgate book published in 1997 entitled Managing the Risks of Organizational Accidents. Sales of the book indicate that many people may have read it – it remains Ashgate’s all-time best-selling book on human performance. So the present book is not a revision, but a revisit. A lot has happened in the ensuing 18 years, my aim here is to update and extend the arguments presented in the first book to accommodate these developments. In short, this book is an addition rather than a replacement. And enough has happened in the interim to require a separate book.
Despite their huge diversity, each organizational accident has at least three common features: hazards, failed defences and losses (damage to people, assets and the environment). Of these, the most promising for effective prevention are the failed defences. Defences, barriers, safeguards and controls exist at many levels of the system and take a large variety of forms. But each defence serves one or more of the following functions:
  • to create understanding and awareness of the local hazards;
  • to give guidance on how to operate safely;
  • to provide alarms and warnings when danger is imminent;
  • to interpose barriers between the hazards and the potential losses;
  • to restore the system to a safe state after an event;
  • to contain and eliminate the hazards should they escape the barriers and controls;
  • to provide the means of escape and rescue should the defences fail catastrophically.
These ‘defences-in-depth’ make complex technological systems, such as nuclear power plants and transport systems, largely proof against single failures, either human or technical. But no defence is perfect. Each one contains weaknesses, flaws and gaps, or is liable to absences. Bad events happen when these holes or weaknesses ‘line up’ to permit a trajectory of accident opportunity to bring hazards into damaging contact with people and/or assets. This concatenation of failures is represented diagrammatically by the Swiss cheese model (Figure 1.1) – to be reconsidered later.
Figure 1.1 The ‘Swiss cheese’ model of accident causation
Figure 1.1 The ‘Swiss cheese’ model of accident causation
The gaps in the defences arise for two reasons – active failures and latent conditions – occurring either singly or in diabolical combinations. They are devilish because in some cases the trajectory of accident liability need only exist for a very short time, sometimes only a few seconds:
Active failures: these are unsafe acts – errors and/or procedural violations – on the part of those in direct contact with the system (‘sharp-enders’). They can create weaknesses in or among the protective layers.
Latent conditions: in earlier versions of the Swiss cheese model (SCM), these gaps were attributed to latent failures. But there need be no failure involved, though there often is. A condition is not necessarily a cause, but something whose presence is necessary for a cause to have an effect – like oxygen is a necessary condition for fire, though an ignition source is the direct cause.
Designers, builders, maintainers and managers unwittingly seed latent conditions into the system. These arise because it is impossible to foresee all possible event scenarios. Latent conditions act like resident pathogens that combine with local triggers to open up an event trajectory through the defences so that hazards come into harmful contact with people, assets or the environment. In order for this to happen, there needs to be a lining-up of the gaps and weaknesses creating a clear path through the defences. Such line-ups are a defining feature of orgax in which the contributing factors arise at many levels of the system – the workplace, the organization and the regulatory environment – and subsequently combine in often unforeseen and unforeseeable ways to allow the occurrence of an adverse event. In well-defended systems, such as commercial aircraft and nuclear power plants, such concatenations are very rare. This is not always the case in healthcare, where those in direct contact with patients are the last people to be able to thwart an accident sequence.
Latent conditions possess two important properties: first, their effects are usually longer lasting than those created by active failures; and, second, they are present within the system prior to an adverse event and can – in theory at least – be detected and repaired before they cause harm. As such, they represent a suitable target for safety management. But prior detection is no easy thing because it is very difficult to foresee all the subtle ways in which latent conditions can combine to produce an accident.
It is very rare for unsafe acts alone to cause such an accident – where this appears to be the case, there is almost always a systemic causal history. An obvious domain where unsafe acts might be the sole factor is healthcare – where the carer appears to be the last line of defence. Three healthcare case studies are among the 10 discussed below. In each, the unsafe actions of the immediate carers are shaped, even provoked, by systemic factors.
Promising candidates for close study are the generic organizational processes that exist in all systems regardless of domain – designing, building, operating, managing, maintaining, scheduling, budgeting, communicating and the like.
This book extends and develops these ideas using case studies that have occurred in a variety of domains in the period that has passed since the 1997 book was written and published. These analyses provide the ‘raw data’ for the process of drilling down into the underlying causal pathways. many contributing latent conditions recur in a variety of domains. A number of these – organizational issues, design, procedures and communications in particular – are examined in detail in order to reveal likely problems before they combine to penetrate the defences-in-depth.
Beyond this point, the book is divided into two parts. The first, comprising Chapters 2 and 3, summarizes the basic arguments underlying orgax and the unsafe acts (or active failures) that can contribute to them. These are intended as starters for those who haven’t read the 1997 book or have forgotten it.
The second and main part of this book contains seven chapters that go beyond the mid-1990s. Chapter 4 digs down into the factors underlying latent conditions. Promising candidates are the generic organizational processes that exist in all systems regardless of domain – designing, building, operating, managing, maintaining, scheduling, budgeting, communicating and the like.
Chapter 5 extends and develops these ideas using a series of 10 orgax case studies that have occurred in a variety of domains in the nearly 20 years that have passed since the first book was written and published. Three are taken from healthcare, two involving the unwanted release of radiation, one railway accident, two explosions of hydrocarbons and two aviation accidents. They show the almost unimaginable ways in which the contributing factors can arise and combine. These analyses provide the ‘raw data’ for the process of drilling down into the underlying causal pathways. Many contributing latent conditions recur in a variety of domains.
Chapter 6 discusses a well-publicised regulatory disaster relating to an NHS Foundation Trust. The various layers of regulation failed to identify a very distressing number of shortcomings in this hospital. It is highly likely that these failures are not unique to this hospital. Even as I write, news is breaking of a comparable set of regulatory deficiencies in a maternity hospital in the north-west of the UK.
Chapter 7 describes foresight training: a set of measures that are designed to make people at the sharp end more ‘error-wise’ and aware of the situational risks. These often form the last and all-too-neglected line of defence. It addresses the issue of what mental skills can we give sharp-enders to make them more alert to the dangers.
Chapter 8 looks at alternative theoretical views. These are important because it is often assumed that the Swiss cheese model is the principal explanatory metaphor. But, as you will see, it has its critics – and rightly so.
Chapter 9 is mainly concerned with patient safety. It traces a cyclical patient journey that looks both to the past and to the foreseeable future.
Chapter 10 asks the following question: is any kind of optimism justified in the matter of organizational accidents? The answer offered is a very tentative maybe.
Chapter 11 relates two stories of heroic recovery: the 2009 ‘miracle on the Hudson’ and the saving of the Japanese Fukushima Daini nuclear reactor in 2011.
Part 1
Refreshers

Chapter 2
The 'Anatomy' of an Organizational Accident

As outlined in Chapter 1, orgax occur in complex systems possessing a wide variety of technical and procedural safeguards.1 They arise from the insidious accumulation of delayed-action failures lying mainly in the managerial and organizational spheres. such latent conditions (or latent failures) are like resident pathogens within the system. Organizational accidents can result when these latent conditions combine with active failures (errors or violations at the ‘sharp end’) and local triggering factors to breach or bypass the system defences. In this chapter and Chapter 3, we will examine in some detail the processes that give rise to latent condition. For now, I should stress that defensive weaknesses are not usually gaping holes or absences; rather, they are more like small cracks in a wall.
Figure 2.1 sets out the basic ‘anatomy’ of an organizational accident. This model is now used in a variety of hazardous technologies to guide accident investigations and to monitor the effectiveness of remedial measures. The direction of causality is from left to right:2
  • The accident sequence begins with the negative consequences of organizational processes (i.e., decisions concerned with planning, forecasting, designing, managing, communicating, budgeting, monitoring, auditing and the like). Another very influential factor is the system’s safety culture.
  • some of the latent conditions thus created are transmitted along departmental and organizational pathways to the various workplaces where they show themselves as conditions that promote errors and violations (e.g., high workload, time pressures, inadequate skills and experience and poor equipment)
  • At the level of the individual at the ‘sharp end’, these local latent conditions combine with psychological error and violation tendencies to create unsafe acts. many unsafe acts will be committed, but only very few of them will penetrate the many defences and safeguards to produce bad outcomes.
  • The fact that engineered safety features, standards, administrative controls, procedures and the like can be deficient due to latent conditions as well as active failures is shown by the arrow connecting the organizational processes to the defences.
It is clear from the case studies discussed above that the people at the human–system interface – the ‘sharp end’ – were not so much the instigators of the accident; rather, they were the inheritors of ‘accidents-in-waiting’. Their working environments had been unwittingly ‘booby-trapped’ by system problems.
Figure 2.1 Summarizing the stages involved in an organizational accident
Figure 2.1 Summarizing the stages involved in an organizational accident
When systems have many layers of defences, they are largely proof against single failures, either human or technical. The only types of accidents they can suffer are organizational accidents, that is, ones involving the unlikely combination of several factors at many different levels of the system that penetrate the various contro...

Índice