Background. The current US national discussions on patient safety are not based on a common language. This hinders systematic application of data obtained from incident reports, and learning from near misses and adverse events.
Objective. To develop a common terminology and classification schema (taxonomy) for collecting and organizing patient safety data.
Methods. The project comprised a systematic literature review; evaluation of existing patient safety terminologies and classifications, and identification of those that should be included in the core set of a standardized taxonomy; assessment of the taxonomy’s face and content validity; the gathering of input from patient safety stakeholders in multiple disciplines; and a preliminary study of the taxonomy’s comparative reliability.
Results. Elements (terms) and structures (data fields) from existing classification schemes and reporting systems could be grouped into five complementary root nodes or primary classifications: impact, type, domain, cause, and prevention and mitigation. The root nodes were then divided into 21 subclassifications which in turn are subdivided into more than 200 coded categories and an indefinite number of uncoded text fields to capture narrative information. An earlier version of the taxonomy (n = 111 coded categories) demonstrated acceptable comparability with the categorized data requirements of the ICU safety reporting system.
Conclusions. The results suggest that the Joint Commission on Accreditation of Healthcare Organizations (JCAHO) Patient Safety Event Taxonomy could facilitate a common approach for patient safety information systems. Having access to standardized data would make it easier to file patient safety event reports and to conduct root cause analyses in a consistent fashion.
Concerns about safety in patient care have called attention to the need for governmental agencies and private sector accrediting bodies to work together with health care organizations to coordinate the monitoring, reporting, and analysis of medical errors. The 2003 Institute of Medicine report, Patient Safety: Achieving a New Standard of Care , recommends that standardization and better management of information on patient safety—including near misses and adverse events—are needed to inform the development of strategies that reduce the risk of preventable medical incidents. However, patient safety incident reporting systems differ in design and therefore in their ability to define, count, and track adverse events . Among reporting systems, there are often disparate data fields, conflicting patient safety terminologies, classifications, characteristics, and uses that make standardization difficult. In addition, each source of data on near misses and adverse events usually requires different methods for interpreting and deconstructing these events . Finally, misused terminology in the research literature, conference papers and presentations, and media contributes to widespread misunderstandings about the language of patient safety.
The proliferation of reporting systems has created a pressing need for organization of patient safety information systems and terminology. Unfortunately, much of the work to date has fallen short in meeting identified needs for epidemiological data . Given the current state of the art, it is extremely difficult to achieve broad-based and timely improvements in patient safety, since there is no standard determination as to which events to capture and report [5,6]. Additionally, the lack of a common patient safety terminology is a critical obstacle to sharing and aggregating data to support patient safety.
The concept of a taxonomy combines terminology and the science of classification—in the case of patient safety, the identification and classification of things that go wrong in health care, the reasons why they occur, and the preventive strategies that can minimize their future occurrence. There is consensus that standardization of patient safety data would facilitate improvements in incident reporting, tracking, and analysis [7,8]. The core set of terms in patient safety, like other health disciplines, should incorporate both theoretical concepts and generally accepted vocabulary.
Several methods have been developed to define and classify medical errors, adverse events, near misses, and other patient safety concepts and terms [9,10]. However, these methods have tended to be, with notable exceptions, narrowly and predominantly focused on specific areas of health care—medication errors [11–13], transfusion reactions , primary care [15,16], and nursing care [17,18].
In this project we developed and applied a method of classification that is based on evaluations of extant taxonomies and reporting systems with feedback from individuals who would use the taxonomy. This approach sought to identify similarities and gaps in the terminology and classification to create a multidimensional taxonomy that encompasses diverse health care settings and incident reporting systems.
Terms and definitions used in patient safety were gathered from a wide range of print and web resources (e.g. book glossaries, published journals). Current, practical, and colloquial terms that underlie the communication among users were listed in a comparative glossary. Because the terms and their definitions are extensive, they are not reproduced herein. However, this patient safety dictionary is available electronically from the authors.
A comprehensive literature search was performed in Medline (PubMed) and Excerpta Medica (Embase). Literature that describes approaches to the definition of medical errors, adverse events, near misses, and other patient safety concepts and terms, including existing classification schemes on patient safety, was retrieved. The searches were not limited to articles published in the English language or within a particular geographical area. The databases were searched for articles with publication dates between January 1993 and June 2003. In addition to database searches, the Internet sites of Departments of Public Health, Ministries of Health, and Patient Safety Organizations and Groups in Africa, Asia, Australia, Europe, and North America were searched. The reference lists of major reports were also scanned for relevant publications that date from the 1980s.
A total of 512 distinct references were identified from the Medline search. The Embase search resulted in 15 additional unique references. The titles and/or abstracts of these articles were initially scanned, and inclusion/exclusion decisions made. Based on the review of the abstracts, we eliminated 429 articles on the following criteria: (i) not relevant to the field of patient safety/medical error/adverse event classification; (ii) relevant to the field of patient safety/medical error/adverse event classification but did not provide adequate description of the components needed to define a coherent classification scheme; (iii) classifications that are in the early stages of development; (iv) unpublished classifications. The very few exceptions to this are classifications that hold particular conceptual or methodological interest in the development of the field.
Of the 96 full articles that were reviewed, 73 were eliminated according to the above criteria. Eleven formal classification schemes identified in the remaining 23 articles that address the frequencies, types, causes and contributing factors, consequences, and prevention of medical/medication errors are summarized in a report prepared for the World Health Organization .
The 11 classifications of medical and medication errors, patient safety events, and incident reporting systems were reviewed and compared for homogeneity. The semantic relationships, equivalent categories, and linkages among these classifications schemes were identified and used to construct the overarching framework of a preliminary taxonomy. This version also referenced human factors and safety research.
We reviewed data collected by the Joint Commission’s Sentinel Event Program from January 1995 to December 2002 to validate the construct of the preliminary taxonomy. This was supplemented by recommendations from a nominal expert advisory taxonomy workgroup (see Acknowledgements for composition of workgroup). We asked the workgroup to assess the content and face validity of an initial iteration of the taxonomy. They offered a checklist of five attributes to be used in judging appropriateness of the elements of the taxonomy; these judgments involved subjective assessments rather than statistical analyses. Input was also solicited from medical specialty societies, business groups, government health care agencies, and health care organizations.
Since it is difficult, if not impossible, to prove formally that the items chosen were representative of all relevant terms and classifications, subjective tests of linguistic clarity were used to indicate whether the terminology of the classifications was clear. In the absence of a ‘gold standard’ to test criterion validity, we conducted a simplified item analysis of each variable of the taxonomy against those found in an established classification in one US hospital. Responses were coded as follows: ‘unmatched’ = 0, ‘extrapolated’ = 1, ‘related’ = 2, ‘synonymous’ = 3, and ‘identical’ = 4. Results of this work were used to inform the development of a beta version of the patient safety event taxonomy.
Our review of the literature reinforces the fact that various approaches used in the health care sector to define and classify near misses, adverse events, and other patient safety concepts have generally been fragmented . Early efforts to define and classify ‘error’ or ‘mistakes’ were burdened by theoretical and methodological flaws. The model of medical error was largely unspecified. Where classification instruments were described, their validity was found to be modest and their reliability not reported. A systematic review of classification schemes used in primary care by Elder and Dovey , found a limited number of studies that attempted to categorize medical errors, including near misses and adverse events [21–25]. Most of these studies were not designed with the development of a functional classification scheme in mind; thus, they did not offer a conceptual explanation of what they had classified.
Busse and Wright  proposed a more promising classification methodology and an enhanced evaluation approach for the Edinburgh Incident Classification. Focusing on in-depth analysis and a search for multiple levels of causation and contributing factors, including the identification of active and latent failures, this classification model exemplifies a theory-driven analytical framework that integrates, functionally and technically, with an incident reporting system. This systematic approach to classification in patient safety did not become the de facto standard for quite some time, and is still often neglected.
The classification of error types framework and theoretical and technical foundation for in-depth analysis of root causes of adverse events did not materialize until after the publication of the seminal works by Reason , Rasmussen , and Hale . Contributions from aviation  and high-technology/high-risk industries have also been instrumental in advancing the reporting, analysis, and classification of adverse events in health care. A few more theoretically based studies—such as those reported by Makeham , Battles , and Victoroff —have focused on more rigorous classification schemes and give greater consideration to validity and reliability issues. Like the earlier classifications, however, the process and outcome ‘root causes’ of adverse events in these schemes were only described where a significant impact was recorded .
Finally, Runciman and colleagues  have developed a structured approach based on Reason’s model and framework of contributory and causative factors to draw out all of the relevant information about an incident and to describe patient safety phenomena in terms that can be analyzed statistically.
Homogeneous elements of these models—which comprise terms and the relationships between terms that make up the building blocks of a classification scheme—were categorized into five complementary root nodes, or primary classifications.
Impact—the outcome or effects of medical error and systems failure, commonly referred to as harm to the patient.
Type—the implied or visible processes that were faulty or failed.
Domain—the characteristics of the setting in which an incident occurred and the type of individuals involved.
Cause—the factors and agents that led to an incident.
Prevention and mitigation—the measures taken or proposed to reduce incidence and effects of adverse occurrences.
The root nodes were then divided into 21 subclassifications, which were in turn subdivided into more than 200 coded categories and an indefinite number of non-coded text fields to capture narrative information about specific incidents.
The ‘Impact’ classification (shown in Figure 1) comprised three subclassifications that could discriminate between 18 types of outcomes or effects (harm). The harm index was based on the NCC-MERP Medication Error Taxonomy , and is characterized by the degree of harm—ranging from no harm to temporary or permanent impairment of physical or psychological function. Broad distinctions were also made between medical (psychological or physical) and non-medical (legal, social, or economic) impacts.
The ‘Type’ classification included three levels that address communication, patient management, and clinical performance (see Figure 2). The ‘communication’ subclassification identified communication problems that exist between provider and patient, provider and patient’s proxy, provider and non-medical staff, and among providers. The ‘patient management’ node classified substandard patient management that involved improper delegation, failure in tracking or follow-up, wrong referral or consultation, or questionable use of resources. The ‘clinical performance’ subclassification included the full range of failures that could lead to iatrogenic events during the pre-intervention, intervention, and post-intervention phases of care. Analysis of Joint Commission sentinel event data (reported from 1995 to 2002) related to wrong-site surgeries (n = 209) showed that these adverse events could be classified in the following principal groups: (i) Communication—including communication with the patient and among members of the surgical team; availability of information; and operating room hierarchy; (ii) Patient management—such as preoperative assessment of the patient; and (iii) Clinical performance—including orientation and training, the procedures used to verify the operative site, and distraction. Alternatively, these areas could represent the clinical or management processes that are associated with events without any judgments about root causes within those processes.
The ‘Domain’ classification included the types of health care professionals commonly involved in patient care and the demographics of patients in a variety of health care settings where events might have occurred (see Figure 3). Analysis of voluntarily reported sentinel events showed that they occur most frequently in the following settings: general hospital (64%); psychiatric hospital (13%); psychiatric unit (6%); outpatient behavioral health (5%); emergency department (4%); long-term care facility (4%); home care service (3%); and ambulatory care setting (1.5%). From this, we postulated a link between where the event took place (>10 coded categories) and which medical specialty was involved (>21 coded categories). In addition, we specified the intended patient care intervention (eight coded categories—therapeutic, diagnostic, rehabilitative, preventive, palliative, research, cosmetic, and other), which pre-existing conditions the patient had (ICD-9-CM coded categories), and the associated causes and outcomes delineated in the other four primary classifications.
The classification of ‘Causes’ is shown in Figure 4. Root cause analyses of sentinel events in all categories showed that the underlying causes of these events could be classified into two principal groupings: system failures and human failures. The principal nodes of the ‘Cause’ classification comprised two subclassifications: system (process/structure) failures and human failures. System failures are remote from the direct control of the clinician and are usually the distal cause of structure and process failures among reported sentinel events (e.g. orientation/training, availability of information, staffing levels; physical environment, alarm systems, organizational culture). System failures are errors in the design, organization, training, or maintenance that lead to operator errors. Those failures involving direct contact with the patient—human failures—are often part of the proximate cause of an event . The root cause analysis data yielded groupings that included communication, patient assessment, and continuum of care, among others. The subclassification, ‘latent organizational failure’, included five coded categories: (i) management, (ii) organizational culture, (iii) protocols and processes, (iv) transfer of knowledge, and (v) external factors. Two categories for latent technical failure—facilities and external factors—were derived from the Eindhoven Classification System .
Terminology for the ‘Prevention and Mitigation’ classification was adopted from the definitions proposed by Gordon  for physical disease prevention. In this classification, three types of prevention and mitigation were identified: universal, selective, and indicated. The ‘universal’ subclassification covered preventive and corrective measures that are designed for everyone in the eligible population. Prevention and mitigation measures that are directed toward a subgroup of the population whose risk of adverse events is above average were grouped in the ‘selective’ subclassification. Lastly, the ‘indicated’ subclassification combined interventions that are targeted to specific high-risk individuals identified as having a minimal but detectable risk for sustaining an adverse event. Figure 5 illustrates how the preventive strategies of the Joint Commission’s 2004 National Patient Safety Goals  could be classified according to this scheme.
The proposed interrelationships depicted in Figure 6 show the assumptions underlying the Taxonomy framework. The linkages in this visual analytical framework provide an organized approach to guide the retrospective process of identifying the factors (causes) that contribute to systems failures (type) and adverse events, or to prospectively identify potential risk factors and devise preventive strategies (prevention) and corrective actions (mitigation) to protect the patient (in a domain) from harm (impact). The linkages are not meant to lead to premature conclusions about an event, nor are they intended as the only analytical framework. Although the linkages define the specific types of queries, they do not identify precise data sources nor which units of data should populate the taxonomy.
A preliminary test of the alpha version taxonomy conducted at one hospital with an active incident reporting system (Stanford’s ICUsrs) demonstrated acceptable correlation between its coded categories (n = 111) and the categorized data requirements of the system. Thirteen (12%) categories were identical, 42 (38%) were synonymous, 45 (41%) were related, and six (5%) had to be extrapolated. Five (4%) categories were unmatched—date and time of incident, patient or family dissatisfaction, and two patient identifiers—and were therefore omitted from the taxonomy.
Using the desirable attributes of patient safety taxonomy identified by the expert advisory workgroup (see Box 1), the face validity of the terminology and classifications inferred from the comments of the experts who reviewed their clarity and completeness was judged to be high. The workgroup recommended inclusion of external factors that are perceived to influence patient safety. The workgroup concluded that the Taxonomy was well suited to meet the need for integration of patient safety data from disparate sources. A variety of patient safety stakeholders concurred in the taxonomy’s suitability and feasibility for application in incident investigation, reporting, tracking, and analysis at US hospitals and elsewhere.
Based on unambiguous and generally agreed terminologies and classifications.
Useful for analyzing the processes and outcomes that underlie an event, including its root causes and contributing factors.
Facilitates consistent collection and analysis of near miss and adverse event data across the continuum of health care delivery settings.
Facilitates expedient data exchange and dissemination of patient safety information.
Useful for identifying priority areas for remedial attention and opportunities to improve patient safety.
The Patient Safety Event Taxonomy developed and tested in this study represents a synthesis of traditional, hierarchical classifications represented by single topic areas and settings and the heuristic, multidimensional/multisetting classifications that rely on a systems approach to understanding patient safety . It includes all events that are not due to an underlying physiological or pathological process and is sensitive to minor variations among similar events. This approach compels the user to make explicit, a priori decisions about the key variations in structure and process that relate to any given patient safety event. It also allows others to judge whether important variables were overlooked. Finally, it makes explicit the relationships between these variables and their relevance as valid markers of patient safety.
The number of relevant categories constituting the optimum classification scheme or how best to deconstruct an adverse event will always be subject to debate . Hobgood , using a modified Delphi process to differentiate between specific classes of medical error common to emergency medicine practice, found that cognitive errors in medical decision-making can be difficult to identify, and suggested that consensus on terminology and classification may be challenging. One source of difficulty we encountered in choosing logical data variables to link disparate terminologies and classifications is that they are all loosely attached in an intricate network of information characterized by events, settings, individuals, and teams of people, protocols, procedures, policies, and communications that function in an uncertain environment. Understanding these relationships could provide a useful basis to guide the development and improvement of information about near misses and adverse events, and use of the information to make health care safer for patients.
We critiqued existing taxonomies on several grounds. Most were developed in relative isolation from other classification approaches for a specific medical specialty, and few were improvements of earlier work. In this regard, we believe that research that compares different classification schemas constitutes a crucial stage in consolidating the discipline of patient safety event reporting.
Aggregating data gathered through different measurement methods into the framework of a standardized taxonomy has been used successfully by epidemiologists to detect nosocomial infections , and is likely to be useful in detecting trends and patterns in patient safety. In a number of studies, there appears to be an evolving effort to build a science of patient safety measurement that is equivalent to health measurement or psychometrics. This is important because decisions affecting the welfare of patients and the expenditure of public funds are based on the results of patient safety measurements .
The potential applications for patient safety event information vary widely depending on the identity of the user—e.g. internal evaluations, oversight bodies, patient safety managers, patients, ethicists, and lawyers, among others. In order to meet the needs of these diverse audiences it is essential to identify a common language that is widely applicable and straightforward. The vocabulary adopted for the Taxonomy closely resembles the lexicon commonly used among various users today, and avoids pejorative terms.
In its simplest form, the Taxonomy’s classifications can represent individual fields for the front end of paper-based or electronic reporting systems with individual incidents comprising the records. At its broadest application, the Taxonomy describes processes that determine the quality of incident reports, the effectiveness of reporting systems, and the success of intervention strategies. The significance is that the Taxonomy could potentially be used as a common backbone when mapped to disparate reporting systems unifying terminologies and classifications. This allows aggregated data to be combined and tracked over time, provides for consistency across reporting systems, and structures data documentation and presentation using a standardized format. Applied to an electronic health record system, the taxonomy offers a means for interoperability, facilitating exchange of patient safety data across systems.
A decentralized approach to patient safety reporting, using a standardized terminology and classification framework, would simplify the development and maintenance of a coding structure for reporting. Reconciling the data collected by local or focused reporting programs to a national standard would provide a means to integrate the already existing data collection efforts relating to health care errors and systems failures. The framework of the Taxonomy will also lessen the burden on patient safety organizations that operate in multiple states and/or must be responsive to multiple government agencies, private oversight bodies, and group purchasers, without requiring expensive re-engineering of existing reporting systems.
Health care error classification systems are not free of their own problems. For example, they partition categories more coarsely than do keywords, and users, who are accustomed to the everyday colloquial language of patient safety used in the workplace environment, may not be fluent in the terminology of the classifications. The finite number of elements in the Taxonomy nevertheless encompasses a broad range of areas that could possibly be classified, but there are still likely many areas that could escape detection and reporting. Furthermore, because the anatomy of an event is multidimensional, its deconstructed components may not be mutually exclusive to each of the classifications, subclassifications, coded categories, and narrative fields in the taxonomy. In addition, the multi-tiered features may be too complicated for some audiences to use. For example, wrong-site surgery not only results in physical harm, but may also affect the emotional (psychological) and functional status of the patient, and his or her ability to return to work (economics). Near misses in the taxonomy are assumed to have the same root causes as the much smaller subset that actually develops into adverse events. Arguably, the very advantage of using near-miss data to provide information on how an incident ‘recovered’ from a potential adverse event also has a downside. Adverse events are by definition near misses that failed to be recovered in time . By contrast, the events that a hospital successfully prevents from occurring will be just those events that will never be identified in a near-miss information system. Thus, the Taxonomy must be clear on just what near misses have in common, or not, with adverse events. Notwithstanding the potential limitations of near-miss data, near misses are sufficiently clear precursors of adverse events to point the way to identification of specific individual and systems failures.
The Joint Commission Patient Safety Event Taxonomy focuses on the most salient terminologies and classifications. Its design will permit the progressive incorporation of new patient safety data and information over time. However, additional field-testing will be required to bring the taxonomy to full maturity and permit it to realize its overall objectives.
The authors gratefully acknowledge the Joint Commission Corporate Members Planning Group on Patient Safety, which included representatives of the American College of Physicians (ACP), the American College of Surgeons (ACS), the American Dental Association (ADA), the American Hospital Association (AHA), and the American Medical Association (AMA), for their continuing assistance in this initiative. The authors also wish to thank Jeanne P. Altieri, D.D.S. (ADA), Jim Battles, Ph.D. (AHRQ), William A. Bornstein, M.D., Ph.D. (ACS), Karen S. Ehrat, Ph.D., R.N. (AHA), Thomas Houston, M.D. (AMA), and Don M. Nielsen, M.D. (AHA), who served as members of the Patient Safety Taxonomy Workgroup. Gerry Castro, M.P.H. (Joint Commission) provided beneficial editorial assistance. The U.S. Agency for Healthcare Research and Quality (AHRQ) provided specific expertise and encouragement which made this effort possible. The opinions expressed in this paper are those of the authors and do not reflect the policies of the Corporate Members.