Systematically assessing the risk of cross-infection
Practices need to repeatedly reassess and manage risk as circumstances change. The broad steps are as follows:
- Communicate and consult.
- Establish the context.
- Identify risks.
- Analyse risks and evaluate risks.
- Manage risks and identify potential safeguards.
- Monitor and review.
- Record key information.
Step 1. Communicate and consult
Ongoing communication with all practice staff is important to keep people informed and to identify emerging risks.
Owners, managers and infection prevention and control coordinators need to develop a culture that encourages and supports staff members to identify risks and report them.
Step 2. Establish the context
The nature and size of the risks of (cross-) infection depend on the context in which the practice operates.
Relevant factors may include:
- access or lack of access to an infectious diseases unit
- infrastructure in the local community that affects patients’ ability to maintain good hygiene
- current local or national disease outbreaks
- the types of procedures performed in the practice
- whether the practice uses disposable equipment (such as instruments) or reusable medical devices that require reprocessing on site or off site
- staff members’ level of training and experience in infection prevention and control
- financial constraints affecting the quality of equipment, availability of labour or conduct of infection prevention and control protocols.
Step 3. Identify risks
The practice needs to make a comprehensive list of the sources of risk, and the events that might prevent, delay or increase the achievement of effective management of the risk of (cross-) infection. This could be incorporated into the practice’s work health and safety hazard identification and risk-control processes.
This involves infection risk in three areas:
- What can happen? – consider the range of activities undertaken in the practice and any associated risks
- When and where? – look around the practice building and consider risks in each area (waiting area, treatment room, consulting rooms, reprocessing area, waste area). Consider vulnerable patients such as unimmunised neonates and immunocompromised people.
- How and why? – consider any previous incidents or near-misses. Common sources of cross-infection in general practices and other office-based practices include poor ventilation or poor respiratory hygiene/cough etiquette by patients or staff. Less common events include failure of the sterilisation process.
Step 4. Analyse and evaluate risks
Generally, there are two dimensions to consider:
- magnitude of impact of an infection prevention and control incident
- the probability of the event occurring and the probability of various potential consequences of the event.
A risk matrix (Table 1.1. Sample risk matrix) can be used to map identified risks and consequences.
The practice must determine which risks have mitigation strategies in place and are determined by risk assessment to be ‘controlled’.
The practice then needs to determine which infection prevention and control strategies will make the most impact on the identified high-priority risks.
Step 5. Treat risks and identify potential safeguards
Most practices have existing policies, procedures and equipment that can assist in providing safeguards against error. Despite this, a reassessment of the situation (for example, after a ‘near miss’) can identify vulnerabilities in these systems and processes.
Start with the potential solutions/safeguards that are easy to do and expected to have a high impact (for example, repositioning sharps containers at point of use, placing alcohol-based handrub in all patient care areas to improve hand-hygiene compliance and reduce the risk of cross-infection).
Then work through strategies that are more complex or more difficult to implement.
Step 6. Monitor and review
The infection prevention and control coordinator must keep up to date with local infection outbreaks (see Disease surveillance and outbreak response).
The team member conducting infection prevention and control risk assessment and management should also stay informed of staff members’ and patients’ actual day-to-day behaviour.
Set up systems to monitor and review behaviour among staff members, such as regular infection prevention and control audits, recording and reviewing the results of the sterilisation cycle, or including infection prevention and control as a discussion point in a clinical meeting after changes to policy. For example, strategies for monitoring staff members’ adherence to hand-hygiene protocols might include direct observation, and monitoring the volume of hand-hygiene products used over a period of time.
Breaches in infection prevention and control procedures must be reported to the person in the practice who has the responsibility to investigate them (and report to public health authorities, if required). All breaches must be followed up and appropriate measures taken to minimise the risk of recurrence (see Criterion QI3.1 – Managing clinical risks in the Standards). Failure to act may also be considered a breach.
Step 7. Record key information
When setting up a system for recording information relevant to infection prevention and control risk assessment and management in the practice, the practice needs to determine which is useful and how it will be used.
Documentation of performance indicators might serve as a baseline for assessing the effectiveness of infection prevention and control systems.
An incident log of breaches and near-misses might be useful for feedback and training, to improve systems. However, any recorded data may be used in legal proceedings.
RACGP’s Clinical risk management in general practice provides guidance on risk management, including on medicolegal risk.