PSIRF and Systemic Learning: The Analytical Gap — and How to Fill It
The Patient Safety Incident Response Framework (PSIRF) asks every NHS trust to move from investigating individual incidents to learning systemically from patterns across their incident profile. It is the right ambition. But PSIRF does not specify the analytical tools that make systemic learning honest rather than asserted. This page fills that gap — step by step.
- How do I know if my incident profile is genuinely improving or just varying normally?
- How do I move from a pattern I can see to the structural cause producing it?
- How do I know whether my intervention changed the system or just completed an action?
- What is the difference between a proportionate response and no response?
- How do I identify the structural issue — not the proximate cause — that PSIRF asks me to address?
Upload your incident series. The Analyzer will tell you whether your profile has structurally changed — or whether what you are seeing is normal variation.
☰ Contents — click to expand
- What PSIRF actually requires
- The analytical gap PSIRF leaves open
- The evidence that the previous approach failed
- The six-step analytical framework
- PSIRF questions — with analytical answers
- Analysing your patient safety incident profile
- Worked example — Never Events
- How Bootstrap CUSUM provides the honest test
- References
1. What PSIRF actually requires
The Patient Safety Incident Response Framework was published by NHS England in August 2022 and became mandatory for all NHS secondary care providers from April 2024, replacing the Serious Incident Framework (2015). It is now being piloted in primary care for 2025/26.
PSIRF makes four substantive demands of NHS organisations that are directly relevant to how they analyse data:
| PSIRF aim | What this requires analytically |
|---|---|
| Compassionate engagement with those affected | Understanding what actually happened — which requires reaching the structural cause, not stopping at proximate cause or human error |
| System-based approaches to learning | Analysing patterns across multiple incidents, not just individual event investigation — which requires time-series analysis of the incident profile |
| Considered and proportionate responses | Knowing whether a pattern is signal or noise before committing resources — which requires distinguishing common cause variation from structural change |
| Supportive oversight focused on improvement | Demonstrating that the incident profile has actually changed — not just that actions were completed |
PSIRF also requires each provider to publish a Patient Safety Incident Response Plan (PSIRP) that describes their patient safety incident profile and how they intend to respond to and learn from incidents over the next 12–18 months. The profile must be reviewed continuously for emerging trends and hotspots.
Describing a profile. Identifying trends. Demonstrating that improvement work is having the desired effect. These are data analysis tasks. PSIRF mandates them. It does not specify how to do them honestly.
2. The analytical gap PSIRF leaves open
HSSIB — the national body responsible for PSIRF implementation — published a report in October 2025 based on interviews with NHS investigation leads and patient safety specialists across England. Its findings confirm the gap precisely.
“Currently there is a gap between staff’s awareness that there are tools and guides in the PSIRF toolkit and having the necessary support and expertise to be able to use them in practice.”
“Using system-based tools is a skilled activity. Expertise builds over time with practice, support and guidance from those with existing expertise and experience.”
“Greater oversight of PSIRF implementation in organisations is needed to help ensure consistency in how PSIRF is understood and applied in NHS trusts.”
Source: HSSIB, Investigating under PSIRF: sharing HSSIB learning for future development. October 2025. hssib.org.uk
The specific analytical gap has three parts. PSIRF tells organisations to analyse their incident profile — but does not specify how to distinguish a genuine change in that profile from normal variation. PSIRF tells organisations to identify systemic issues — but does not specify how to move from a pattern visible in the data to the structural feature of the system that is producing it. PSIRF tells organisations to demonstrate that improvement work is having the desired effect — but does not specify the test that would constitute honest demonstration rather than asserted improvement.
These are not small operational details. They are the core analytical questions that make PSIRF either transformative or another iteration of the same activity-without-verified-outcome cycle that the Serious Incident Framework produced.
3. The evidence that the previous approach failed
The case for a different analytical approach is not theoretical. The NHS has conducted thousands of patient safety investigations every year under the Serious Incident Framework. Bootstrap CUSUM applied to NHS Never Events data — the most serious category of preventable patient safety incidents — produces a finding that makes the analytical failure concrete.
📊 Wrong-route medication Never Events — what Bootstrap CUSUM finds
Wrong-route medication administration is a Never Event: a preventable patient safety incident that should never occur if available safeguards are in place. Every occurrence triggers a formal investigation under the Serious Incident Framework.
Bootstrap CUSUM on the annual event rate series finds: 17.5 events per year. No structural change point detected across 15 years. Thousands of individual investigations. Thousands of corrective action plans completed and signed off. The system continued producing wrong-route events at exactly the same rate throughout.
The investigations were not wrong. The root causes they identified were real. The actions that were implemented were genuine. What was missing was a Joiner Level 3 fix — a structural change to what was physically possible in the system — and a pre-committed Bootstrap CUSUM test to verify that the rate had actually changed.
This is what PSIRF is designed to change. Its explicit shift from individual event investigation to systemic pattern learning is the right diagnosis of what failed. What it needs to make that shift operational is an analytical method that can detect genuine structural change in an incident profile — and distinguish it from normal variation.
4. The six-step analytical framework
The framework below provides the analytical sequence that makes PSIRF’s systemic learning ambition operational. Each step answers a specific question that PSIRF raises but does not resolve. The steps are sequential — each one uses the output of the previous step as its input.
The framework is grounded in three bodies of work: Deming’s “Production viewed as a system” (the principle that you must measure inputs and process, not just outputs); Carol Weiss’s Theory of Change (the principle that you must make intermediate steps explicit before you can evaluate whether they are working); and Joiner’s levels of fix (the diagnostic tool for identifying whether an intervention is operating at the right level of the system).
Map your incident profile as a time series. Apply Bootstrap CUSUM to detect whether the rate has structurally changed or is stable. A stable rate with no change point tells you the system is producing incidents routinely — individual investigation of each event is missing the pattern entirely.
Tool: Bootstrap CUSUM on your incident series · Open the StepChange AnalyzerOnce the pattern is confirmed as genuine (not noise), map the causal chain from intervention point to outcome. Identify the structural condition — the physical design, the procurement decision, the accountability gap — that is producing the pattern. This is distinct from the proximate cause of any individual event.
Tools: Root cause analysis · Causal loop diagrams · RCA guide · Finding the real constraintEvery persistent structural problem has a belief keeping it there — a Joiner Level 3 Deep assumption held by the people with authority to change the structure. Naming that assumption is the pre-condition for designing an intervention that will actually dissolve it, rather than one that works around it temporarily.
Tools: Joiner’s levels of fix · 5 Whys to mindset level · Joiner guideDesign the intervention at the right Joiner level. A Level 1 fix (retraining, alert, reminder) applied to a Level 3 structural problem will not change the incident rate — as the Never Events data confirms across 15 years. The intervention must change what is structurally possible, not just what is procedurally required.
Tools: Joiner levels of fix · Evaporating Cloud · Evaporating Cloud guide · Moonshot ProcessBefore implementing the intervention, state in writing: we expect a Bootstrap CUSUM change point in [the incident rate series] within [N] time periods at [Y]% confidence. After implementation, run Bootstrap CUSUM periodically. A downward change point at the predicted confidence level confirms the intervention worked. No change point within the expected window means the structural cause was not reached — return to Step 2.
Tool: Bootstrap CUSUM · Open the StepChange Analyzer · See a live pre-committed predictionA confirmed structural change point raises new questions. The system has changed — what does it now produce that it didn’t before? What adjacent pattern has emerged? What does the Bootstrap CUSUM on the broader incident profile now show? The improvement cycle does not end at verification — it restarts with a harder question.
Tools: Bootstrap CUSUM on updated series · Bright Spots analysis · Stratify and disaggregate5. PSIRF questions — with analytical answers
The questions below are the ones patient safety managers implementing PSIRF are actually asking. Each one has a specific analytical answer.
6. Analysing your patient safety incident profile
The PSIRP requires each trust to describe its patient safety incident profile and show how it is monitoring for emerging trends. The following steps apply the six-step framework specifically to profile analysis.
Step 1 — Choose the right series. Separate your incident data by type. A combined count of all incident types is almost never the right series — different types have different structural causes and will show different patterns. Wrong-route medication, pressure ulcers, falls, and delayed diagnoses are all produced by different structural features and need separate Bootstrap CUSUM analysis.
Step 2 — Build the time series. Express each incident type as a rate per relevant denominator — events per 1,000 bed-days, events per 10,000 patient contacts, events per quarter — not raw counts. Raw counts move with activity levels. Rates show whether the underlying system is changing.
Step 3 — Apply Bootstrap CUSUM. Upload each series to the StepChange Analyzer. The output shows whether the rate is in a stable process (common cause variation — the system is producing events routinely) or has experienced a structural change point (the system has fundamentally changed — either improved or deteriorated).
Step 4 — Interpret correctly. A stable series with no change point means individual investigation of each event has not produced system change. The structural cause has not been reached. This is a signal to apply Steps 2–4 of the framework: find the structural feature, name the belief keeping it in place, design a Level 3 intervention.
Step 5 — Report honestly. Report the Bootstrap CUSUM finding, not just the action completion rate. If the series shows no change point despite improvement actions, report that finding and state what it implies: the structural cause has not been addressed. That is the honest picture PSIRF asks for.
7. Worked example — Never Events
The Never Events analysis on this site provides the most direct worked example of the framework applied to an NHS patient safety incident series. Wrong-route medication administration is chosen because it has the clearest structural cause and the longest available data series.
| Framework step | Applied to wrong-route Never Events |
|---|---|
| Step 1 — See the pattern | Bootstrap CUSUM on annual wrong-route event rates finds a stable process: 17.5 events per year, no structural change point across 15 years. The individual investigations have not changed the system rate. |
| Step 2 — Find the structural feature | The structural cause is physical connector interoperability: enteral and parenteral administration sets can be connected to each other. The wrong connection is physically possible with standard equipment. Training and protocol cannot prevent an error that the physical system makes possible. |
| Step 3 — Name the belief keeping it in place | The belief: “this is a procurement and equipment standardisation problem that is outside the boundary of clinical governance investigation.” The investigation authority stops at the ward. The structural cause sits in procurement and supply chain — outside that boundary. The belief keeps the boundary in place. |
| Step 4 — Design the Level 3 fix | ENFit — a new connector standard that makes wrong-route connection physically impossible. This is a Level 3 fix: it changes what the system can produce, not just what the protocol requires. NHS England mandated ENFit rollout. Rollout is incomplete as of 2026. |
| Step 5 — Verify with Bootstrap CUSUM | The pre-committed prediction: a downward Bootstrap CUSUM change point in the wrong-route event rate series should appear within 24–36 months of complete ENFit rollout at 95% confidence. If it does not, rollout is incomplete or a second structural cause exists. |
| Step 6 — What is now invisible? | Once wrong-route events eliminate, what does the broader enteral/parenteral medication safety profile look like? What adjacent harm pattern emerges? The loop restarts. |
Read the full Never Events Bootstrap CUSUM analysis →
8. How Bootstrap CUSUM provides the honest test
Run charts and Statistical Process Control (SPC) charts are widely used in NHS improvement and are valuable for monitoring variation in real time. Bootstrap CUSUM provides something different: a statistically rigorous test for whether a structural change point has occurred in a historical series, with a specified confidence level.
The distinction matters for PSIRF. A run chart tells you visually whether something looks different. Bootstrap CUSUM tells you, at 95% or 99% confidence, whether the process that generated the data has structurally changed — or whether what you are seeing is within the normal range of variation the system has always produced. For a governance framework that requires demonstrated improvement, the rigorous test is what is needed.
The StepChange Analyzer is free, browser-based, and requires no software installation. No data is uploaded to any server. Upload a CSV of your incident rate series and the Analyzer returns the Bootstrap CUSUM result, including the change point date and confidence level if one is detected.
Test your incident profile now
Upload your patient safety incident rate series as a CSV. The Analyzer will tell you whether your profile has structurally changed — or whether the variation you are seeing is within the normal range.
▶ Open the StepChange Analyzer