Skip to main content

Operational Risk Management and Compliance Management in Emergency Department

Client Question

We recently underwent an Accreditation Canada visit and were cited for not using 2 patient identifiers. The nurse picked up the patient in the ED and she was familiar with the patient and neglected to check her name and DOB. Patient identifiers is something that we have been struggling with for the past two accreditations. We thought we had it all well in hand but it only takes one incident to get cited on failing the ROP. Does anyone have a process or audit tools that are used routinely to audit staff using 2 patient identifiers? Any help would be greatly appreciated. Thank you 


In order to comply with the required organizational practices (ROPs), we first need to have a closer look at it. ROPs in this case are the standards that the organization is being held against and must meet. So lets understand what does the ROP actually require. Following is a statement from one of the ROPs that relate to the question at hand. On an average Accreditation Canada had identified that the ROP related to two patient identifier was typically not met in 10% of the cases consistently during 2010-2012. 

"Working in partnership with clients and families, at least two person-specific identifiers are used to confirm that clients receive the service or procedure intended for them."

The Accreditation Canada has some useful guidelines around this. It is the intention of the guideline and this ROP to mitigate several potential risks. These are not limited but could include:

  • Privacy breaches
  • Allergic reactions
  • Discharge of clients to the wrong families
  • Medication errors
  • Wrong person/procedures.
What can be considered as person-specific identifiers?
These include the client’s full name, home address (when confirmed by the client or family), date of birth, personal identification number, or an accurate photograph ID. It is important to note that  the client’s room or bed number, or using a home address without confirming it with the client or family, is not person-specific and should not be used as an identifier.

The situation described above is similar to a scenario where there is a familiarity with the patient. The standard's guideline speaks to the fact that  in a long-term or continuing care where the team member is familiar with the client, one person-specific identifier can be facial recognition. Even in this case it does not negate the fact that one additional unique patient identification needs to be checked before proceeding with patient care. 

When checking the client identification most common mistake done is staff members using phrase is " Are you John?" or "Is your date of birth January 1st 1980?". These are not recommended way of partnering with clients and families when checking for their identification. The staff instead of stating the answer or a positive response, should asking patients for the identifiers (e.g., “What
is your name?” or "What is your date of birth?").

Working in Emergency Department is stressful and often patients can be in a state where they may or may not be able to respond due to their consciousness. When clients and families are not able to provide the identification information,other sources of identifiers can be explored. These could include wristbands, health records, or government issued identification.

One question that I get asked often is - Is it OK if the two identifiers are taken from the same source. As per Accreditation Canada, it is OK if the two IDs are taken from the same source.

A detailed analysis of this situation can be done through fishbone analysis or five why analysis.

Once the team identifies contributing factors affecting their particular environment for the lack of compliance, they can then identify relevant mitigating factors and solutions.

There are many strategies that can be adopted to increase the compliance level. Some of those ideas are presented in the subsequent fishbone titles "Solutions".

Often it is incorrectly believed that having a policy on two identifier is sufficient. Having a policy on two patient identifier is a good starting point. Ultimately it is the  Unit managers in clinical areas who are responsible for ensuring that the policy is implemented and followed by staff members.

In a situation where a staff are found non-compliant, managers should investigate into reasons for non compliance and address any potential barriers.

Some key strategies that can be used to monitor and mitigate risk related to patient harm
  1. Reliable Verification Processes: Organization should create a reliable verification processes that can ensure use of two patient identifiers are being used at the point of care.
  2. Ensure that the verification process involves use of questions that require an active response.
  3. Create a high performing team environment by providing education/simulation programs to support the development of teamwork and communication in the emergency department, operating room, or other environments were focused time out is required. 
  4. Coach care team members on how to give constructive feedback.
  5. Encourage documentation and reporting of errors involving patient identification. Establish protocols for management of wrong patient incidents including timely notification, documentation, disclosure, and investigation.
  6. Implement formal strategies to help ensure consistent adherence to patient verification policies/practices. This could include periodic chart audits, analysis of reported incidents, as well as learning from legal claims. 

What does the process should look like?
If there are processes related to patient identification then a review of those processes against the accreditation standard as outlined here would be a good staring point. In the absence of a process, a new process or policy related to patient identification verification should be written. At the end of approval of this new policy, it will be crucial to train all staff members as well as introduce a process that can provide an ongoing recurring training opportunities for staff.

What should be the content of the new policy?
  • It should focus on how to do two independent patient identifier verification.
  • It should cover the audit process, frequency and intervals.
  • As the team works through this, a process for escalating any barriers related to noncompliance should also be discussed and documented. This would allow an opportunity for broader communication and shared learning around how the issue will be handled and what support may be required from broader team and organizational leaders. 

What should the audit process look like?

  1. Audit process can be simply a list of process flow chart outlining the key steps.
  2. It should highlight the goal or a problem statement. In this case - to measure if two patient identifier are being used in the emergency department or broadly in the organization at the point of care.
  3. A criteria / standard should be outlined - in this case it would include when to do the patient identification verification? (e.g. at the registration, bed-side before starting IV etc etc.)
  4. A criteria / standard should be outlined regarding how to do the verification? (e.g.  Acceptable vs Unacceptable IDs, Active response vs Passive response).  
  5. Policy / procedure should include information regarding how often an observation / audit will be conducted. The procedure should outline information such as who is responsible for the audit, where the data will be stored and how the data will be used?
  6. The next step in the process would be to outline what do when standards are not met. How it will be communicated and what will be done to address any identified barriers.
  7. As the ultimate goal in this case would be to increase compliance, any non-compliance would require implementing a change. What would that PDSA (Plan, Do, Study, Act) look like?
  8. A policy / procedure should mention training plan, training documentation and retraining frequency. 
Reference Policy:

The identified situation is an example of operational risks that can easily become a reputation and strategic risks in an event a high profile case is surfaced in  the media potentially tarnishing organization's reputation and its leaders. The organization is taking a reactive but a correct approach to rectify the situation and to prevent a recurrence.




Popular posts from this blog

How to benefit from a Fishbone or Ishikawa Diagram for Root Cause Analysis

What is root cause analysis?Root cause analysis is a structured process that helps healthcare, manufacturing and service sector managers and leaders in identifying contributing factors or causes of an accident, error, problem, event or occurrence. An accident, error, problem, event or occurrence are usually a result of a system rather than an individual mistakes. Understanding the system itself and contributing factors or causes of a system failure can help in preventing recurrences. Actions that are taken to address system failure helps in sustaining the improvements or corrective actions. What is a fishbone or ishikawa diagram? Each and every outcome or effect is an end result of actions taken/omitted or in general causes/ A cause and effect diagram representing this relationship between cause and effect is called a called a fishbone or ishikawa diagram. A fishbone diagram is a visual way to represent cause and effect. It is a more structured approach for brainstorming causes of a pro…

Essential elements of ERM

Essential elements of ERM

Create your own and tailored #ERM #framework with ease! We have worked hard to incorporate changes from #COSO and #ISO #31000 so that you can benefit without having to invest a lot of time and resources. 

Email us at for more details.