Hazard catalogue
A structured library of reusable clinical safety hazards and standard controls, organised by what a system does. This is a demonstration of how I approach a hazard log, not a commercial product or a substitute for a Clinical Safety Officer's judgement.
Start from a structured base, not a blank page
Every Clinical Safety Officer writing a hazard log starts by rebuilding the same hazards from scratch. The catalogue captures them once, organised by capability, so the starting point is structured and the time goes into the judgement that actually needs a clinician.
Describe the system
Identify which capabilities a system has: data display, prescribing, clinical decision support, integration, AI, and so on.
Surface the hazards
The relevant hazards come forward, each with causes, clinical impact, suggested scoring, and a standard control.
Adapt and own it
A clinician picks what applies, adjusts for context, chooses controls, and signs off. The catalogue speeds the draft; it does not replace the review.
Hazard categories
Grouped by what a system does rather than by abstract risk type, so the relevant hazards are easy to find.
Data Display
DD-001 to DD-010
Clinical Decision Support
CDS-001 to CDS-010
Prescribing & Medications
RX-001 to RX-010
Authentication & Access
AUTH-001 to AUTH-010
Integration & Interoperability
INT-001 to INT-010
Audit & Logging
AUD-001 to AUD-010
Communication & Messaging
COM-001 to COM-010
Data Entry & Capture
DE-001 to DE-010
Reporting & Analytics
RPT-001 to RPT-010
AI & Machine Learning
AI-001 to AI-010
Infrastructure & Availability
INF-001 to INF-010
Deployment & Go-Live
DEP-001 to DEP-010
5x5 risk matrix
Hazards are scored using the standard NHS clinical risk matrix, with acceptability following ALARP principles.
| Minor (1) | Significant (2) | Considerable (3) | Major (4) | Catastrophic (5) | |
|---|---|---|---|---|---|
| Very High (5) | 5 | 10 | 15 | 20 | 25 |
| High (4) | 4 | 8 | 12 | 16 | 20 |
| Medium (3) | 3 | 6 | 9 | 12 | 15 |
| Low (2) | 2 | 4 | 6 | 8 | 10 |
| Very Low (1) | 1 | 2 | 3 | 4 | 5 |
Acceptable (1-4)
Acceptable with current controls. Document and monitor.
Tolerable (5-9)
Tolerable only with ALARP justification. Reduce as low as reasonably practicable.
Unacceptable (10-25)
Must be eliminated or reduced. In standard NHS practice, a system would not go live with these still open.
Controls library
Reusable, clearly-written control descriptions that map to common health IT mitigations.
Access & Authentication
RBAC, individual auth, session timeout, break-the-glass, access review
Data Quality & Validation
Input validation, mandatory fields, duplicate detection, freshness, provenance
Audit & Traceability
Full logging, integrity protection, monitoring, searchable interface
Integration & Data Exchange
Acknowledged messaging, reconciliation, health monitoring, identity verification, mapping validation
Clinical Safety
Patient identity, allergy verification, CDS advisory, safety data visibility, error reporting
Testing & QA
Automated testing, clinical scenarios, UAT, penetration testing, release management
Availability & Resilience
High-availability architecture, backup and recovery, business continuity, incident response, performance monitoring
Need a hazard log for your system?
This catalogue shows the approach. The real work is adapting it to your system and context, with a Clinical Safety Officer who owns the judgement. If that is what you need, let's talk.
Get in Touch