The DCB 0129/0160 Standards call for risk to be mitigated to As Low As Reasonably Practicable (ALARP). But what on earth does this mean in the real world?
It turns out that the concept of ALARP, like the DCB 0129/0160 Standards themselves, is as British as fish and chips and the humble Yorkshire pudding. Historically it has its origins in a 1949 court case between a Mr Edwards and the National Coal Board. It’s been 70 years since Mr Edwards’ tragic accident but the principles established in the case still stand today.
Now, technically ALARP is not actually written into the DCB 0129/0160 Standard Specifications but a discussion of it is provided in the related Implementation Guidance and NHS Digital regularly propose the principle in setting the risk acceptability bar. The Guidance presents the frequently cited ‘ALARP Triangle’ but, as commonly seems to happen, the document fails to label the axes correctly and the explanation is largely unsatisfactory. So, let’s look at the idea a different way:
Risk cannot be eliminated, but it can be mitigated or controlled. The more effort you put in to controlling it, the lower the risk gets – but it’s not a linear relationship.
The shape of the curve tells us that the true correlation is one of a law of diminishing returns. A small amount of risk management initially results in a precipitous fall in risk (a lesson in its own right of course). But this hedonistic journey towards ultimate safety is short-lived. The lower the risk, the harder it becomes to mitigate that risk further. Very soon we have to expend more and more effort to get the same gains in risk reduction.
Frankly, at some point, even the most risk-averse of individuals will throw their hands in the air and declare that enough is enough. Further risk reduction would require a disproportionate amount of effort, cost or technological complexity. We reach a point where we can construct an argument to justify an end to the risk mitigation activities. Often we will find that any further risk reduction in one area might be impossible without introducing risk in another.
But surely ALARP is a subjective measure I hear you say. Well…perhaps. By constructing a Safety Case, one of the mandatory deliverables of DCB 0129 and 0160, this provides the Clinical Safety Officer with the opportunity to build and communicate the justification through narrative and explanation. It’s for readers, including the key decision-makers, to decide whether the rationale holds up and that the product can ultimately go live. Through reasoning, consensus and evidence, subjectivity can be transformed into justified objectivity.
Just a word of caution – don’t be too quick to jump to that ALARP position. If a modification to a digital health system would significantly lower the risk, but doing so would be a little inconvenient, not on the roadmap or just a bit awkward, well that’s probably not good enough. The Edwards versus NCB case also reminds us that a defence of poverty doesn’t stack up – just because your organisation can’t afford the change doesn’t make it justifiable.
Whether you picture ALARP as an acceptability triangle or as a law of diminishing returns, this key principle represents an important cornerstone of risk mitigation in digital health and other industries. It should be applied wisely, without bias and be backed by solid evidence.
Dr Adrian Stavert-Dobson is the Managing Partner of Safehand, independent consultants in DCB 0129/0160 compliance, and the author of Health Information Systems: Managing Clinical Risk.