Going to Other People’s Events

Do you ever go along to other people’s events? I don’t mean, do you gatecrash parties, that sort of thing. I mean, do you ever choose to step out of your familiar round of IET, BCS, INCOSE, your organisation, etc, and go to an evening or lecture or seminar that wasn’t intended for people like you?

I suppose, because you are reading this, that you are probably a systems engineer. If not, welcome – this article is, as you can see, in a way about you.

I normally think – no, I’ll correct that, I normally go about silently believing, that medical device design is a specialised domain that doesn’t concern me professionally, and that safety is a complicated discipline with its own battery of techniques (FMEA, FMECA, …) that are sadly necessary but have very little to do with enjoyable activities like discovering requirements.

So I went along to the IET Healthcare Technologies Network’s evening event “Medical Devices: Designing for Safety”.

Do we too spend a lot of our time “preaching to the choir”, and too little time either challenging the usual congregation with new issues, or reaching out to the unconverted hordes outside?

- Ian Alexander

The speaker, Mark Boult, started his talk by … not talking. He made us all sit in groups of 3 and work out our own answers to questions like “Why do accidents occur?” and “What should we consider when designing for safety?”. It was at once apparent that the audience already had a lively idea of many possible answers to the questions that the talk was going to discuss. Do we too spend a lot of our time “preaching to the choir”, and too little time either challenging the usual congregation with new issues, or reaching out to the unconverted hordes outside?The event was held in Southwark – right in front of the shell of Winchester Palace, next to the Cathedral – at the offices of Det Norske Veritas (DNV). DNV is the Norwegian equivalent of Lloyd’s Register: an organisation that has for centuries certified that ships are safe to sail, and that has in recent years branched out into all kinds of terrestrial safety work as well.

Boult began by pointing out a grim, if extrapolated fact: about 40,000 people per year must be being killed by mistake in UK hospitals. That’s around 200 per hospital. If you compare this with under 4,000 killed on Britain’s roads, you can see this is an enormous number of deaths. There must be many more “near misses”, errors that resulted in survivable overdoses or rapid scoldings of junior staff.

How do so many accidents occur in places that are meant to help people get better?

Traditional manufacturing concentrated on minimising hardware failures by paying attention to Unsafe Conditions, with analyses like FMEA (Failure Mode Effects Analysis). And maybe software failures as well.

But Unsafe Acts also cause accidents, and making equipment more reliable does not reduce user errors. 80% of accidents are at least partly caused by individual or organisational issues. Of course, product design can make human errors more or less likely.

Errors – and accidents – become much more likely when operators are “Hungry, Angry, Late, or Tired” (“HALT”). So do we write in the Acceptance Criteria for our requirements that the test hall must be noisy, smelly, hot, and full of distractions?

OK, said Boult, so we’re going to test the product in a cool quiet place with a skilled operator paying careful attention to a script, but get a range of trained or under-trained people to use it in a busy hospital? The nervous laughter from the audience showed that he had our full attention.

And have we paid attention to how and where our devices are going to be used? continued Boult. In the home? Will all the buttons and switches for the expert user be helpful or confusing? And the advanced features may permit new kinds of accident in the hospital, too. An infusion pump is usually for one drug for one patient. But suppose the patient needs 2 drugs? Some pumps have two channels. The pump monitors the patient’s vital signs, and infuses the drugs accordingly. But a nurse short of equipment connected up one pump to 2 patients. The second patient got the right drug – adjusted for the first patient’s vital signs….

Of course, the talk was all about safety and medical devices. Nothing to do with discovering requirements at all.

Share Button

Leave a Reply