Abstract
The practice of safety is to prevent accidents, and yet we spend a lot of time analyzing accidents and trying to learn from them. Why do we do this? That is the exact question that Erik Hollnagel 1 asked and came up with the concept of safety I and safety II. He wrote, “An unintended but unavoidable consequence of associating safety with things that go wrong is a creeping lack of attention to things that go right.”
Safety I, also called the old view of safety, states that safety is a state where few things go wrong and that when they do go wrong it is due to failure or malfunctions of the sociotechnical system we work in. Humans, who are viewed as the most unreliable component of this sociotechnical system, are considered a liability. In the early days, the starting point for safety concerns was always an accident, especially a major one. When an accident occurred, an investigation was performed, and when the investigators “found” the cause(s), the stop-rule was applied, and the search ended. Often, human error was found to be the cause! 2
What is this sociotechnical system? It refers to the interrelatedness of social (human) and technical (machinery, engineering design, processes, legal framework, organization structure, etc) aspects of an organization. Leading from that is the sociotechnical theory, which is based on 2 principles. First is that it is the interactions between the social and technical factors in the system that creates the conditions for successful or unsuccessful system performance. Second is that separate optimization of each aspect (social or technical) of the system tends to increase the quantity of unpredictable and unintended relationships, which are harmful to the system’s performance. Therefore, sociotechnical theory is about joint optimization, that is, designing the social system and technical system together such that they work smoothly together. 3
In view of the complex sociotechnical systems that we work in today, the concept of safety I was not able to address safety adequately. As systems became more complex, a fundamentally new method of thinking safety was desperately needed. Thus came the birth of a concept called the new view of safety or safety II with the term old view or safety I given to the previous thinking. Safety I says that human error is the cause of accidents; safety II on the other hand says that human error is a symptom of other problems in the entire sociotechnical system. Safety II says that people do not come to work intending to cause an accident. So if there is an accident, don’t assume it’s the people that caused it but look beyond because many factors would have contributed to the person’s action. 4 Safety II is not something that one should resort to only when an accident occurs, but it is a proactive approach to managing safety even when there are no accidents and should become an everyday approach to managing safety.
In safety II, safety is the presence of positive outcomes of not having an accident or injury and not the absence of negative outcomes. So if there is an accident, the questions asked should be about why people did what they did and not about what they failed to do. This way the deeper story, also called the “second story,” can be assessed and acted on. Safety II is now applied in many fields, including aviation and nuclear industries, and more recently, health care industries are also in the process of adopting it. 5
Sydney Dekker 4 in his book, The Field Guide to Understanding Human Error, draws the analogy with being inside a tunnel. The person doing the work is considered as being within a tunnel and at the time of the accident they would not have known that their actions would cause it. When analyzing that accident, it is important to view the event from inside the tunnel as if the investigator were the person performing the task that led to the accident. Another important aspect of safety II is that safety is not the responsibility of a safety department that is far removed from the workers, but should pervade into all aspects of the organization, especially the workers, supervisors, managers, and senior management.
The older concept, safety I, is that safety is the absence of accidents and injuries; that is, absence of negative outcomes. The aim of the safety management is to prevent accidents, and this is done by constraining people’s behavior and making them adhere strictly to standards. The newer concept of safety II, on the other hand, is that safety is the presence of positive outcomes of not having an accident or injuries. This latter concept is about the resilience of the system to make adjustments to deal with expected and unexpected situations by using the variability and diversity of the workers and their ability to respond to such situations. Safety II is about supporting the people to do their work in the right way such that accidents occur rarely.
Applying Safety II to Laboratory Biological Safety
In biological safety, the sociotechnical system typically includes the workers; the engineering, like biosafety cabinets and autoclaves; the facility; processes and procedures; and the rules and regulations. The worker is just 1 component of the entire system and has to be cognizant of safety as well as productivity, because being safe without being productive is totally not acceptable. The purpose of running an organization is to produce something, like a diagnostic laboratory has to provide accurate diagnosis for certain number of samples, and a research laboratory has to publish. These goals may sometimes conflict with the goal of safety, and workers are constantly making judgements and sacrifices to remain both productive and safe. Understanding how they achieve this and supporting them in improving how they achieve this will be consistent with the safety II concept.
As with any industry, the tendency to focus on what goes wrong is reinforced in many ways in the field of biological safety too. The authorities require it, organizations report it, there are many graphs and statistics devoted to it, there is reporting and detailed analysis of every near miss and accident, but there is no demand to report about what goes right. In this attempt to analyze and reanalyze what goes wrong, we fail to strengthen what goes right and support the workers that make it go right. This does not mean that it is not important to study what goes wrong; this simply means that we should study both what goes wrong and what goes right to prevent the former and strengthen that latter.
The Duke-NUS Medical School, located in Singapore, is a US-style medical school, which has enrolled over 600 students in the MD and PhD programs. The school’s strong biomedical research emphasis is evident in its 5 research programs and 7 research centers that accommodate over 60 research teams. The school has established a school-wide occupational health and safety management system (OHSMS) that includes prescriptive predefined elements consisting of processes, legal compliance, and standard operating procedures, the success of which is predominantly measured by the low number of accidents. This follows the concept of safety I, which is avoiding what goes wrong; as opposed to safety II, which looks at what goes right. In 2016, there were no major injuries and the rate of minor injuries was very low when plotted against the approximate man hours of work done in the school’s laboratories. Figure 1 shows the rate of minor injuries, and it can be seen that 99.9% of the time, things went right. 6 So what is it that the workers did to make things go right so much more than wrong, and how can we support this? To understand this, a study was undertaken (unpublished data) by interviewing biomedical researchers.
Injury statistics (shows the injury per hour of work in the school for 2016).
Biomedical research laboratories are under extreme pressure to be the first to publish in high-impact journals, and their entire career and existence depend on this. Therefore, it is natural that researchers will strive to remain productive and safe at the same time, often making calculated sacrifices for one or the other. The results of the study showed workers had adopted methods to anticipate and prevent accidents as well as productivity failures. Teamwork, extensive planning, quick mental risk assessment, and experience and familiarity were used to anticipate and prevent safety as well as productivity failures. As they became more experienced and familiar with the procedure, they would omit certain steps to ensure good experimental results, especially when the experiments were time sensitive. Mentoring was a key method to gain experience and familiarity. Other methods were open and informal communication without the fear of blame or reprisal for both safety and productivity failures.
These methods bring to mind the concept of resilience, which is the ability to anticipate and manage unexpected or expected demands in the workplace. 7 The unexpected demand can be an accident, changing pressure to produce results, increase in workload, or other disruptions, all of which require the workers to be adept at anticipating and responding to these demands. The results of this study provide valuable information that can be used to apply safety II concepts of supporting the workers in what they do right, thereby strengthening the resilience building methods.
Traditional methods of safety training include classroom or online courses that are required to be successfully completed before they are able to work in the laboratory. By building on these already existing methods, we can enhance the traditional safety training to improve researchers understanding and management of complex situations and errors and mental risk assessment techniques. Such solutions, when supplemented with the traditional training methods, can improve safety because simply increasing the emphasis on strict adherence to procedures and training based on those procedures is not adequate. 8 Training should focus on making the workers more conscious of hazardous work environments and be able to plan and anticipate failures-similar to how firefighters assess and engage hazardous situations.
Mentorship and teamwork are methods to build resilience. They were greatly dependent on the mentors for learning techniques and safety. In fact, they did not seem to use other resources much. For example, almost no one read the standard operating procedures, but instead learned from their mentors. Mentors should be used as a conduit to reach to the individual laboratory members to teach them resilience building methods. Emphasis should be placed on small group discussions where people discuss how they dealt with situations and share their experience without any fear of reprisal. Woods 9 talked of four concepts of resilience—rebound, robust, graceful extensibility, and sustained adaptability—these characteristics of a team can only be evaluated by observing how they work. However, this study only examined resilience in the form of anticipation and avoidance and not rebound after a disruption. One example of graceful extensibility involved how workers handled the unexpected delivery of a highly radioactive substance that was new to them by bringing temporary shielding and working as a team. These abilities are not learned in a formal training class; it is gained through experience and know-how, and it is through open communications that this knowledge can be propagated.
The study also showed that open communication and willingness to share was very helpful. An accident was the best teacher and etches in their mind forever. Training should include recognizing errors and the ways to deal with them. Every mistake and near miss should be shared and discussed without prohibitive paperwork, shame, and reprisal. After all, an incident-free system becomes mute and no longer offers any learning opportunities; these opportunities are what the safety training should create.
Several training methods are available and being used in many fields to develop situational awareness; resource management through learning labs and small group discussion should be developed for biological safety. Training should be developed on risk assessment strategies using scenario-based small group discussions or role play so that the resilience building methods they currently practice can be strengthened through tailored training. Biomedical researchers are already highly educated and well trained, but by pointing out the reasoning and structure in the intuitive methods they already use, their knowledge can strengthened.
Resilience cannot be achieved by adding more rules to deal with every situation, but rather by giving the right tools and knowledge to deal with and monitor the expected and unexpected situations that they face every day. 10 Traditional training based on rules and procedures needs to be supplemented with newer methods of training that will enhance other resilience building practices. Being able to do a quick mental risk assessment without the need to write everything in a lengthy document would go a long way in anticipating and preventing not only safety but productivity failures too. Rules and regulations will always lack the requisite variety needed to deal with constantly changing work demands, which need to be dealt with using local risk-based approaches. Safety training should not be about safety alone, but combined with productivity so workers can avoid safety and productivity failures at the same time. Also, sacrifices made to prevent 1 type of failure will not make them walk right into another type of failure. Safety really is simply the way we work.
Footnotes
Declaration of Conflicting Interests
The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.
Funding
The author(s) received no financial support for the research, authorship, and/or publication of this article.