Swiss cheese model
The Swiss cheese model of accident causation is a model used in risk analysis and risk management, including aviation safety, engineering, healthcare, emergency service organizations, and as the principle behind layered security, as used in computer security and defense in depth. It likens human systems to multiple slices of Swiss cheese, stacked side by side, in which the risk of a threat becoming a reality is mitigated by the differing layers and types of defenses which are "layered" behind each other. Therefore, in theory, lapses and weaknesses in one defense do not allow a risk to materialize, since other defenses also exist, to prevent a single point of failure. The model was originally formally propounded by James T. Reason of the University of Manchester, and has since gained widespread acceptance. It is sometimes called the "cumulative act effect".
Although the Swiss cheese model is respected and considered to be a useful method of relating concepts, it has been subject to criticism that it is used too broadly, and without enough other models or support.
Reason hypothesized that most accidents can be traced to one or more of four failure domains: organizational influences, supervision, preconditions, and specific acts. For example, in aviation, preconditions for unsafe acts include fatigued air crew or improper communications practices. Unsafe supervision encompasses for example, pairing inexperienced pilots on a night flight into known adverse weather. Organizational influences encompass such things as reduction in expenditure on pilot training in times of financial austerity.
Holes and slicesEdit
In the Swiss cheese model, an organisation's defenses against failure are modeled as a series of barriers, represented as slices of cheese, specifically Swiss cheese with holes known as "eyes", such as Emmental cheese. The holes in the slices represent weaknesses in individual parts of the system and are continually varying in size and position across the slices. The system produces failures when a hole in each slice momentarily aligns, permitting (in Reason's words) "a trajectory of accident opportunity", so that a hazard passes through holes in all of the slices, leading to a failure.
Active and latent failuresEdit
The model includes active and latent failures. Active failures encompass the unsafe acts that can be directly linked to an accident, such as (in the case of aircraft accidents) a navigation error. Latent failures include contributory factors that may lie dormant for days, weeks, or months until they contribute to the accident. Latent failures span the first three domains of failure in Reason's model.
In the early days of the Swiss Cheese model, late 1980 to about 1992, attempts were made to combine two theories: James Reason's multi-layer defence model and Willem Albert Wagenaar's tripod theory of accident causation. This resulted in a period in which the Swiss Cheese diagram was represented with the slices of cheese labels as Active Failures, Preconditions and latent failures.
These attempts to combine two theories still causes confusion today. A more correct version of the combined theories is shown with the Active Failures (now called immediate causes) Precondition and Latent Failure (now called underlying causes) shown as the reason each barrier (slice of cheese) has a hole in it and the slices of cheese as the barriers.
The same framework can be applicable in some areas of healthcare. For example, a latent failure could be the similar packaging of two drugs that are then stored close to each other in a pharmacy. Such a failure would be a contributory factor in the administration of the wrong drug to a patient. Such research led to the realization that medical error can be the result of "system flaws, not character flaws", and that greed, ignorance, malice or laziness are not the only causes of error.
Lubnau, Lubnau, and Okray apply the model to the engineering of firefighting systems, aiming to reduce human errors by "inserting additional layers of cheese into the system", namely the techniques of Crew Resource Management.
This is one of the many models listed, with references, in Taylor et al (2004).
Kamoun and Nicho found the Swiss cheese model to be a useful theoretical model to explain the multifaceted (human, organizational and technological) aspects of healthcare data breaches.
- Reason 1990.
- "Revisiting the Swiss cheese model of accidents" (PDF). Eurocontrol. October 2006.
- Doran, J.A.; van der Graaf, G.C. (1996). Tripod-BETA: Incident investigation and analysis. SPE Health, Safety and Environment in Oil and Gas Exploration and Production Conference, 9–12 June 1996. New Orleans, Louisiana: Society of Petroleum Engineers. doi:10.2118/35971-MS.
- Gower-Jones, A.D.; van der Graf, G.C. (1998). Experience with Tripod BETA Incident Analysis. SPE International Conference on Health, Safety, and Environment in Oil and Gas Exploration and Production, 7–10 June 1998. Caracas, Venezuela: Society of Petroleum Engineers. doi:10.2118/46659-MS.
- Douglas A. Wiegmann & Scott A. Shappell (2003). A human error approach to aviation accident analysis: the human factors analysis and classification system. Ashgate Publishing. pp. 48–49. ISBN 0754618730.
- Stranks, J. (2007). Human Factors and Behavioural Safety. Butterworth-Heinemann. pp. 130–31. ISBN 9780750681551.
- Daryl Raymond Smith; David Frazier; L W Reithmaier & James C Miller (2001). Controlling Pilot Error. McGraw-Hill Professional. p. 10. ISBN 0071373187.
- Jo. H. Wilson; Andrew Symon; Josephine Williams & John Tingle (2002). Clinical Risk Management in Midwifery: the right to a perfect baby?. Elsevier Health Sciences. pp. 4–6. ISBN 0750628510.
- Tim Amos & Peter Snowden (2005). "Risk management". In Adrian J. B. James; Tim Kendall & Adrian Worrall (eds.). Clinical Governance in Mental Health and Learning Disability Services: A Practical Guide. Gaskell. p. 176. ISBN 1904671128.
- Robert A. Frosch (2006). "Notes toward a theory of the management of vulnerability". In Philip E Auerswald; Lewis M Branscomb; Todd M La Porte; Erwann Michel-Kerjan (eds.). Seeds of Disaster, Roots of Response: How Private Action Can Reduce Public Vulnerability. Cambridge University Press. p. 88. ISBN 0521857961.
- Wiles, Siouxsie (22 October 2020). "Siouxsie Wiles & Toby Morris: Covid-19 and the Swiss cheese system". The Spinoff. Retrieved 28 October 2020.
- Patricia Hinton-Walker; Gaya Carlton; Lela Holden & Patricia W. Stone (2006-06-30). "The intersection of patient safety and nursing research". In Joyce J. Fitzpatrick & Patricia Hinton-Walker (eds.). Annual Review of Nursing Research Volume 24: Focus on Patient Safety. Springer Publishing. pp. 8–9. ISBN 0826141366.
- Thomas Lubnau II; Randy Okray & Thomas Lubnau (2004). Crew Resource Management for the Fire Service. PennWell Books. pp. 20–21. ISBN 1593700067.
- Taylor, G. A.; Easter, K. M.; Hegney, R. P. (2004). Enhancing Occupational Safety and Health. Elsevier. pp. 140–41, 147–53, 241–45. ISBN 0750661976.
- Faouzi Kamoun & Mathew Nicho (2014). Human and Organizational Factors of Healthcare Data Breaches: The Swiss Cheese Model of Data Breach Causation And Prevention, International Journal of Healthcare Information Systems and Informatics, 9(1). IGI Global. pp. 42–60.
- Reason, James (1990-04-12). "The Contribution of Latent Human Failures to the Breakdown of Complex Systems". Philosophical Transactions of the Royal Society of London. Series B, Biological Sciences. 327 (1241): 475–84. Bibcode:1990RSPTB.327..475R. doi:10.1098/rstb.1990.0090. JSTOR 55319. PMID 1970893.
This further reading section may contain inappropriate or excessive suggestions that may not follow Wikipedia's guidelines. Please ensure that only a reasonable number of balanced, topical, reliable, and notable further reading suggestions are given; removing less relevant or redundant publications with the same point of view where appropriate. Consider utilising appropriate texts as inline sources or creating a separate bibliography article. (March 2019)
- Bayley, Carol (2004). "What medical errors can tell us about management mistakes". In Paul B. Hofmann and Frankie Perry (ed.). Management Mistakes in Healthcare: Identification, Correction, and Prevention. Cambridge University Press. pp. 74–75. ISBN 0521829003.
- Garland, Daniel J.; Westrum, Ron; Adamski, Anthony J. (1998). "Organizational factors associated with safety and mission success in aviation environments". Handbook of Aviation Human Factors. Lawrence Erlbaum Associates. p. 84. ISBN 0805816801. – Westrum and Adamski relate Reason's Swiss Cheese model to Westrum's "human envelope" model, where "around every complex operation there is a human envelope that develops, operates, maintains, interfaces, and evaluates the function of the sociotechnological system" and where the system "depends on the integrity of this envelope, on its thickness and strength". Westrum models latent failures as voids within this envelope, and active failures as factors external to the envelope that are acting to breach it.
- Horn, John R.; Hansten, Philip D. (2004). "Sources of Error in Drug Interactions: The Swiss Cheese Model". Pharmacy Times.
- Howell, Elizabeth A.; Chassin, Mark R. (May 2006). "Right? Left? Neither!". Morbidity & Mortality Rounds on the Web. Agency for Healthcare Research and Quality. Archived from the original on 2011-10-16. – the application of the Swiss Cheese model to a specific case of medical error
- Luxhøj, James T.; Kauffeld, Kimberlee (2003). "Evaluating the Effect of Technology Insertion into the National Airspace System". The Rutgers Scholar. 3.
- Nance, John J. (2005-04-12). "Just How Secure Is Airline Security?: The Swiss Cheese Model and What We've Really Accomplished Since 9/11". ABC News.
- Perneger, Thomas V. (2005-11-09). "The Swiss cheese model of safety incidents: are there holes in the metaphor?". BMC Health Services Research. BioMed Central Ltd. 5 (71): 71. doi:10.1186/1472-6963-5-71. PMC 1298298. PMID 16280077.
- Reason, James (1995). "A System Approach to Organizational Error". Ergonomics. 38 (8): 1708–21. doi:10.1080/00140139508925221.
- Reason, James (1997). Managing the risks of organizational accidents. Aldershot: Ashgate. ISBN 1840141042.
- Reason, James (2000-03-18). "Human error: models and management". British Medical Journal. 320 (7237): 768–70. doi:10.1136/bmj.320.7237.768. PMC 1117770. PMID 10720363.
- Shappell, Scott A.; Wiegmann, Douglas A. (February 2000). "The Human Factors Analysis and Classification System – HFACS: The "Swiss cheese" model of accident causation". National Technical Information Service.
- Young, M.S.; Shorrock, S.T.; Faulkner, J.P.E (2005-06-14). "Seeking and finding organisational accident causes: Comments on the Swiss cheese model". Department of Aviation, University of New South Wales. (also available on-line here) – a reminder that while Reason's model extends causation to latent failures, this is not at the expense of eliminating active failure entirely.