Steps for conducting a root cause analysis (RCA)

Outlined below is a sequence of steps for conducting an RCA in response to an incident of suicide or serious self-harm in correctional facilities. These steps draw on examples from criminal justice systems that have used RCAs to respond to adverse events, as well as on guidance documents produced by the Center for Medicare & Medicaid Services (CMS), the Joint Commission, and the Veterans Health Administration (VHA) National Patient Safety Improvement Handbook.32 However, the suggested steps are meant to be illustrative rather than prescriptive. The goal is to demonstrate how conducting an RCA in a correctional setting could result in a set of recommendations and reforms aimed at reducing the frequency of suicide and self-harm. The procedure outlined below can be modified to fit the needs of individual correctional facilities.

1. Identify the sentinel event

The first step in any sentinel event review, including ones that use RCA, is defining what constitutes a sentinel event for the particular organization. In its policy, the Joint Commission requires that accredited organizations review patient safety events that fall under their basic definition of a sentinel event (resulting in death, permanent harm, or serious temporary harm) or that fall within a list of additional events (such as suicide, unanticipated death of a full-term infant, and discharge of an infant to the wrong family). However, it also specifies that organizations are expected to decide how to respond to patient safety events that do not meet the definition of a sentinel event but may nonetheless be worthy of review—for example a “near-miss” case.33 Applied to correctional settings, agencies thus have the responsibility for deciding what constitutes a sentinel event within a facility and what criteria they will use to identify reviewable events.

            While identifying a suicide within a correctional facility as a reviewable sentinel event may be relatively straightforward since the seriousness of death is so obvious, an important step for leadership in correctional settings will be to evaluate what incidents of self-harm should trigger an interdisciplinary review. Correctional settings might focus on incidents which were nearly lethal or which required significant medical intervention to save the life of a person in custody. Or they might decide that frequency of self-harm is an appropriate trigger. Reviewed events need not be the biggest or most notorious; sometimes, smaller events or “near-misses” yield the most informative accounts because they have less acute liability concerns. (For more information on liability concerns, see "Concerns about Legal Liability," located under "Potential challenges for implementation in correctional facilities.") Stakeholders may also consider “near-misses” successful, because they can cast it as a potential error that was ultimately avoided.34

2. Gather a multidisciplinary team

Once a review process has been triggered for a sentinel event, the next step is to select the team members who will be responsible for conducting the RCA. The team generally consists of a leader who has knowledge of the event and authority in the organization, a facilitator, and team members (normally a maximum of six).35 The facilitator, once properly trained in how to conduct a review, assembles and manages the team, guides the analysis, documents findings, and reports findings to internal stakeholders such as leadership or units that might wish to apply lessons from the work.36

            It is important that review teams are multidisciplinary, with staff from all relevant departments (including health and corrections), and involve those in leadership who have decision-making authority as well as staff members with knowledge about the processes and systems of the organization. Some guidelines suggest including, on a case-by-case basis, individuals who have been directly involved with the incident in the review process, because they have detailed information of the event, but excluding people who cannot be unbiased because they are experiencing difficult emotions related to the event.37 Indeed, VHA guidelines indicate that including any of the people affected by the incident in the RCA is contraindicated, because their ability to be objective may be compromised, thus inhibiting the RCA’s credibility. However, VHA guidelines go on to indicate that individuals who are directly involved should be interviewed during the RCA process, so that their knowledge and suggestions for the future are included.38

            There is, of course, a careful balance to be constructed in making decisions about who to include in the process. For example, the presence of leadership is necessary for bringing people together and facilitating buy-in, but the inclusion of multiple managers or supervisory staff may discourage open and honest sharing by lower-level staff. On the other hand, in correctional facilities that have a strong sense of hierarchy and protocol, lower-level staff such as correctional officers may be unwilling to share without the explicit permission or inclusion of leadership. In addition, for organizational and administrative purposes, it may be helpful to have a staff member who does not participate in the review but acts as a note-taker, recording minutes, compiling documentation, and tracking “homework” assigned to team members as well as recommendations made by the team.39 In any case, the people who make up the RCA team need to have the time to commit to the process, the desire to make improvements, the ability to cooperate, listen, and communicate, and the authority to ensure that recommendations are implemented.

3. Describe the event/create a timeline

The first task of the assembled review team is to gather information about the incident and craft a detailed description and timeline of the event. Information gathering should begin as soon as feasible after the sentinel event to ensure that witnesses recall the event accurately and that the results of the review are relevant.40 Review team members can gather information by interviewing staff members involved in the event, reviewing written documents such as medical records or policy and procedure manuals, and collecting other available data, such as physical evidence and video recordings. It is important during this stage that leadership guarantee to staff that the RCA is confidential and will not be used for disciplinary purposes.41

            The information the team gathers will be used to create a preliminary timeline of the event. The timeline is a linear display of the steps that led up to the adverse event and accurately conveys the “story” of the event. Every step leading to the event is pertinent. Team members should agree on the accuracy of the timeline and ensure that any missing information or inconsistencies have been addressed. Guidance from the field emphasizes that team members should focus on the facts at this stage and not try to skip ahead to identifying root causes. According to the Center for Medicare & Medicaid Services, “Jumping to conclusions about root causes increases the likelihood the team will end up with ‘quick-fix’ solutions that do not address the underlying systems gaps, or contributing factors, and fail to prevent similar events in the future."42

4. Identify contributing factors

With a complete description of the adverse event, the review team can move forward with identifying the range of contributing factors. This step is “an inherently creative type of task” since it involves “generating as extensive a list as possible of potential causes that could have led to, or contributed to, the occurrence of the event."43 The idea here is not to initially zero in on the root cause specifically but to brainstorm with the goal of ensuring the team comes away with a broad overview of possible contributing factors. Thus, it is important that everyone on the team is heard during this phase and that no sorting or screening of contributing factors takes place.

            A list of contributing factors is included below along with examples relevant to criminal justice settings where appropriate:

  • Human: Individual limitations and capabilities, such as fatigue or distraction, and sufficiency of staffing.
  • Patient assessment: Timeliness, accuracy, documentation, and communication.
  • Equipment: Availability, function, and condition.
  • Environment: Lighting, accessibility, safety of cell, and observation/surveillance capacity.
  • Information: Accessibility, accuracy, and completeness.
  • Communication: Technology, documentation, timing, and hand-off.
  • Training/competency: Education, scope of practice, competency assessment, qualifications, effectiveness, and frequency of training.
  • Procedural compliance: Compliance, availability of procedures and policies, and barriers.
  • Care planning: Individualization and effectiveness.
  • Organizational culture: Response to risk and safety issues, communication of safety priorities, and prevention of adverse outcomes.44

            Organizations may choose to use different processes for identifying the range of possible factors that contributed to the adverse event. One possibility is to describe the event as well as the social and environmental context within which it occurred, and then brainstorm with the aid of a fishbone diagram. A fishbone diagram is a tool used to understand the cause and effect relationship between an event and its antecedents. The event is placed at the right end of a large arrow and the team then writes main categories of causes on branches that lead off from the arrow. All possible causes in each category are then listed at relevant branches, with the understanding that not all of these causes will ultimately be identified as root causes or be deemed worthy of further attention. Figure 1 below shows a hypothetical example of a fishbone diagram noting contributing factors for a suicide in a correctional facility. The goal of completing this exercise is for the team to walk away feeling confident they have identified all possible contributing factors to the event and are ready to proceed with looking for the root cause.

Sentinel 1 01

5. Identify the root cause(s)

Having identified the contributing factors to an event, the next stage is for the team to drill down until they find the root cause or the most fundamental causal factor of the event. There may be more than one root cause for an event. There are multiple tools available to facilitate this process for teams but the “Five Whys” is widely available and relatively easy to use.45 As shown in Figure 2, the structured process involves asking a cascading series of “why” questions to discover organizational, systemic, and individual-level factors that explain why an incident occurred. The team starts by identifying the adverse event and asking the question, “Why did this happen?” They then continue asking “why” until no new answers have been found.

Sentinel 1 02

Figures 3 and 4 below provide two hypothetical examples of how this might occur—the first in the case of a suicide related to inadequate screening at intake and the second in the case of an incarcerated person who is hospitalized due to poisoning.

Sentinel 1 03
Sentinel 1 04

As the examples above suggest, teams must push themselves to continue asking “why” in order to ensure that they do not stop the exercise prematurely and fail to uncover the root cause. The Joint Commission suggests that a team has identified the root cause of the event when they can answer “No” to all of the following questions: 1) “Is it likely that the problem would have occurred if the cause had not been present?” 2) “Is the problem likely to recur due to the same causal factor if the cause is corrected?” and 3) “Is it likely that a similar condition will recur if the cause is corrected or eliminated?"46

            Once the root cause has been identified, the team constructs a succinct root cause statement. The VA National Center for Patient Safety (VA NCPS) and the Joint Commission recommend that organizations consider a series of guidelines when developing their root cause statement in order to avoid focusing on individuals and instead seek out system-level causations:

  • Clearly show the cause-and-effect relationship;
  • Use specific and accurate descriptors for what occurred, rather than negative and vague words;
  • Every human error has a preceding cause;
  • Violations of procedure are not root causes, but must have a preceding cause; and     
  • Failure to act is only causal if there is a preexisting duty to act.47

            As an example, the root cause statement in the example in Figure 4 might read, “Because the infrastructure in Facility C has not been adequately maintained in recent years, and there are a large number of emergency repairs that occupy the time of existing maintenance staff, maintenance staff were unable to respond to a non-emergency repair request in a timely fashion.”

6. Develop an action plan

After the root cause(s) have been identified, the team must formulate an action plan for each root cause.48 The goal of the action plan is to ensure that the same adverse event does not re-occur in the future. Actions should be concrete and easily understood. Reviewers assign responsibility for implementing each action, develop a timeline for implementation, and outline metrics for evaluating their effectiveness. Teams may consider pilot testing actions so that necessary modifications can be made.49

            The VA NCPS has identified a “root cause analysis hierarchy of actions” in which actions are ranked as stronger or weaker based on their likelihood for reducing vulnerability. Stronger actions offer systemic fixes through, for example, changes to the physical environment or the standardization of a procedure; intermediate actions use systemic fixes but also rely on individual action (such as checklists or increased staffing); and weaker actions rely on changes in policies and additional training.50 Teams should aim for corrective actions with stronger or intermediate ratings. Importantly, the team must consider issues related to costs, resources, long-term sustainability, and barriers to implementation.51 This is one reason why it is essential for management to be involved in the development of corrective action plans.

7. Share lessons learned

Once the review is complete, the team prepares a summary report that includes a brief description of the event, the analysis, the root cause, contributing factors, and the action plan.52 The report identifies what was learned, who needs to know the information, and how they will be made aware of it. Such transparency is important for building the culture of safety and for demonstrating to staff that RCAs are not meant to result in punitive action. Over time, reports can be compiled in a database that tracks the types of sentinel events that occur, the root causes, and the action plans that were implemented. This database would allow a correctional facility to look for trends over time and further refine its safety procedures.

8. Measure the success of corrective actions

Concurrent with the implementation of an action plan, the final step is to ensure there are mechanisms in place to measure the effectiveness of the actions. The sentinel events review team will want to monitor whether the corrective actions were put in place, whether people complied with the recommendations, and whether the changes have made a difference.53 For correctional facilities that have standing Suicide Prevention Committees or Quality Assurance Programs, this might be an appropriate time for the sentinel event review team to hand off its work and allow the standing committees to provide long-term oversight and monitoring.