Mitigating Safety Risks Through Human Centered Design 2
Cority Flipbook | RELAYTO
Cority Flipbook on Mitigating Safety Risks Through Human-Centered Design. Check out Cority interactive with RELAYTO
eBook Mitigating Safety Risks Through Human-Centered Design
Interactive Experience | RELAYTO - CORITY
Check out Cority interactive with RELAYTO.
Table of Contents Introduction 03 The Impact of Poor Design on Safety Outcomes 04 The Role of Human Factors in Safety 08 The Human-Centered Design Process 12 Final Thoughts 19 Sources 20
Interactive Experience | RELAYTO - CORITY
RELAYTO interactive experiWhen an adverse safety event occurs, our ultimate goal should be to determine
Introduction When an adverse safety event occurs, our people involved. This viewpoint can be limiting ultimate goal should be to determine what - skewing the type of corrective action we take happened, how it happened, and how to to address operational weaknesses and, in prevent a similar occurrence in the future. turn, never truly addressing what caused the Yet, in far too many cases, organizations are event in the 昀椀rst place. Putting too much focus too focused on who was involved and what on the worker prevents us from examining they did or didn’t do that contributed to the the underlying design 昀氀aws, process gaps, or incident. O昀琀en, we become overly 昀椀xated on organizational issues that may have played a the operator, trying to understand if human signi昀椀cant role in the event at hand. error played a role in the event, and how we can ‘昀椀x the worker’. But taking such a narrow In this ebook, we’ll review how to view of accident causation has a downside. embrace a broader, more design-oriented approach to safety management. One By 昀椀xating on individual actions, decisions, that enhances overall e昀케cacy of a safety and behaviors, organizations may overlook program and boosts organizational safety systemic issues and latent conditions that culture, for a more stable and sustainable in昀氀uence the actions and decisions of the performance outcome. © CORITY SOFTWARE INC. 3
Chapter 1 The Impact of Poor Design on Safety Outcomes
Case Study: Japanese Flight 907 On January 31, 2001, shortly a昀琀er takeo昀昀 from Tokyo’s Haneda airport, Japan Airlines Flight 907 received instructions from air tra昀케c control (ATC) to begin descending – a common instruction given to pilots to keep multiple aircra昀琀 at a safe distance and avoid dangerous collisions. Shortly a昀琀er receiving that message, the plane’s Tra昀케c Control Avoidance System (TCAS) – an automated collision-avoidance system equipped on the aircra昀琀 and independent of ATC, instructed the pilots to continue ascending, contrary to ATC’s guidance. TCAS uses transponder signals emitted between multiple in-昀氀ight aircra昀琀 to detect the potential danger of a mid-air collision based on aircra昀琀 speed and altitude. The system will automatically notify each of the a昀昀ected aircra昀琀 if it detects they’re too close to one another and provide audible and visual instructions to the crews on how they need to maneuver to prevent collision. © CORITY SOFTWARE INC. 5
This is a modal window.
Unfortunately, the crew of Japan Airlines Flight reach the crew. Then, a supervisor jumped in The Swiss Cheese Model 907 were receiving con昀氀icting messages from and intended to instruct Flight 907 to climb, ATC and TCAS. Ultimately, the crew decided to but they accidentally addressed Flight 957, The Swiss Cheese Model of accident causation follow ATC’s instruction to begin descending, another 昀氀ight number that wasn’t involved in was developed by renowned psychologist unknowingly putting the plane on a collision this scenario at all! James T. Reason in the late 1990s.2 It’s a course with another aircra昀琀 nearby. If it weren’t popular model that provides one way to for a last second maneuver from the crew of Taken together, the event demonstrates visualize and explain the occurrence of Flight 907, a collision would have occurred, that a series of overlapping errors were systematic process failures, like observed in the and hundreds of lives would have been lost. 1 identi昀椀ed as contributing factors for the near story of Flight 907. mid-air collision. Aside from the con昀氀icting What happened here? instructions, there was little to no guidance Picture a slice of Swiss cheese. It’s covered with given to the crew on what to do if they received holes of varying diameters located randomly. At the time of the event, TCAS was functioning two opposing messages from ATC and TCAS. Each slice serves as a barrier (or control properly on each aircra昀琀 and, according measure) blocking the path from a known to their 昀氀ight plans, the two planes were When addressing accountability in situations hazard to an exposure that leads to failure or supposed to pass each other with more than like this, the question of responsibility loss (the accident trajectory). The more slices 2,000 feet of vertical separation - nearly twice becomes pivotal. In the context of the Japan of cheese between the hazard and the receiver the height of the Empire State Building. Airlines Flight 907 near miss, legal action was (individual), the less likely an adverse event will taken against the air tra昀케c controller, who occur. But like a slice of Swiss cheese, barriers Subsequent investigations into the event was undergoing training at the time, and their used to protect individuals from hazards have revealed that air tra昀케c controllers had supervisor, both facing charges of professional inherent 昀氀aws and systemic weaknesses (holes intended to instruct Flight 958 to descend negligence. Following an extensive trial in the cheese slices). System failure occurs but gave that instruction to Flight 907 by within the Tokyo District Court, the air tra昀케c when these holes momentarily align, allowing accident. A昀琀er detecting the error, ATC sent controller and supervisor were ultimately a hazard to pass through and reach a receiver, another message to Flight 907 to turn their deemed guilty and received sentences of 12 creating an exposure. plane to the right, but the message didn’t and 18 months of imprisonment, respectively.1 © CORITY SOFTWARE INC. 6
In the example of Flight 907, the TCAS system, pilot to comply with the rules. Anyone who conditions. That’s why it’s so important the air tra昀케c controller working on duty, and the works closely with safety systems knows to consider how humans interact with decisions and actions of the crew of Flight 907 that mistakes happen and that can result the systems in order for an optimal safety all represented slices of cheese. However, each in dangerous consequences under certain strategy.2 slice was subject to inherent 昀氀aws (holes) which undermined the reliability and e昀昀ectiveness of those controls, and nearly all aligned to result in a catastrophic system failure. Swiss Cheese Model When investigating an incident like this, one might consider how to adjust the size or position of the holes in each individual system to make them stronger and/or adding more systems in place (layers of cheese) to ultimately make the overall system stronger. For example, this incident helped lead to revisions to the TCAS rulebook in 2003. Originally, TCAS was regarded as a back-up system to ATC. Now, there are clear guidelines for pilots to always follow the guidance of TCAS if TCAS and ATC instructions are con昀氀icting. Hazards Accident/ However, even this control in isolation isn’t Losses perfect; it has holes, because it relies on the © CORITY SOFTWARE INC. 7
Chapter 2 The Role of Human Factors in Safety
The Human Factor and how those systems can in昀氀uence our Human Behavior & the Hierarchy of Controls When an adverse event occurs, it’s a natural actions and decisions in the moment. By better The Hierarchy of Controls is a model used tendency to focus on the individuals involved. understanding these factors, we can design to identify and prioritize the application of What did or didn’t they do to lead to that systems that not only reduce the chances safeguards to protect individuals from hazard event? In the case of Flight 907, we might of human error, but also ones that are more exposure. be inclined to ask: “Why didn’t the air tra昀케c resilient to those errors, if and when they occur. controllers give the correct instructions? Why didn’t the pilots trust the automated system? E Mos Why didn’t the crews recognize the con昀氀icting 昀昀 e c t messages and respond more quickly?” In these Elimination tiv circumstances, many organizations would e be quick to chalk the cause of an incident up to ‘human error’. In safety investigations, these conclusions are o昀琀en phrased as Substitution operator carelessness, lack of attention, lack of situational awareness, or even non-compliance. When this type of conclusion is drawn, and Engineering Controls a system failure is attributed solely to the individual level, our focus is restricted. It Administrative causes us to potentially ignore a deeper issue Controls or weakness within the operating system that Human Behavior & led to the individual’s decisions and actions. E L the Hierarchy of Controls 昀昀 eas PPE e c t To better understand how safety systems tiv work – and how they can fail – we must Source: National Institute for Occupational Safety and Health (2023) e explore how humans interact with systems © CORITY SOFTWARE INC. 9
The hierarchy is structured with the most ultimately in昀氀uence human performance and e昀昀ective controls at the top, descending in failure, otherwise known as ‘Human Factors’. order of e昀昀ectiveness. Measures that eliminate hazards or exposures thereto are most e昀昀ective. In its most simple terms, Human Factors Measures that protect individuals without the considers the interaction of humans need of their conscious action or decisions (e.g., with multiple variables in a system. The physical barriers) are considered more e昀昀ective International Ergonomics Association than measures that require careful attention and de昀椀nes human factors as: perfect execution (e.g., following instructions or wearing personal protective equipment). “The scienti昀椀c discipline concerned with the understanding of interactions among The Hierarchy of Controls underscores the humans and other elements of a system, and concept that countermeasures dependent on the profession that applies theory, principles, human behavior tend to be less e昀昀ective when data, and methods to design in order to compared to more strategic system design.3 optimize human well-being and overall system Yet, those less-e昀昀ective controls are more performance” commonly used, o昀琀en because they are less expensive or less complicated to implement, This discipline revolves around examining especially in the short term. Most importantly, if interactions between humans and various incident investigations are focused on ‘昀椀xing the elements within a system. Human factors worker’, then organizations will unsurprisingly encompass three principal domains, shaping invest in measures that focus on controls at the it into a truly holistic 昀椀eld of study.4 bottom of the hierarchy. Physical An Introduction to Human Factors › Primarily concerned with the correlation E昀昀ective design of safety systems must between human anatomical characteristics account for the multiple variables that and biomechanics in relation to physical activity. © CORITY SOFTWARE INC. 10
› In the context of human factors in industry, organizations typically concentrate on how the design of work and processes can impact musculoskeletal health. What is Human Factors (HF)? Cognitive › Explores how mental processes, including perception, memory, reasoning, and motor response, in昀氀uence interactions among humans and other elements of a system. De昀椀nition: Cognitive › Pertinent topics include decision-making, Factors skilled performance, and human-computer "The scienti昀椀c discipline concerned with the interaction. understanding of interactions among Organizational humans and other HF elements of a system, › Devoted to optimizing sociotechnical and the profession systems, encompassing organizational that applies theory, Physical Organizational principles, data, and Factors Factors structures, policies, and processes to methods to design in enhance interactions between people and order to optimize human their systems. well-being and overall system performance." › Relevant functions include optimizing modes of communication and the high- Domains of HF level design of various programs and Source: International Ergonomics Association, (2000) processes. © CORITY SOFTWARE INC. 11
Chapter 3 The Human- Centered Design Process
Applying Human-Centered Design Principles to Safety Introducing: The Iterative Design Process It’s important to note that the three primary domains of human factors are relevant when it comes to designing safe systems of work and optimizing overall risk management practices. De昀椀ne the Not only does human-centered design re昀椀ne Problem approaches to prevent physical harm and/or associated loss, but it also prompts teams to scrutinize people-related factors that might in- Re-evaluate Collect & troduce vulnerabilities to safety systems. In the Analyze investigation of a safety incident, it's imperative Information to move beyond merely identifying the individ- Design ual responsible for the accident. Instead, we Process must delve deeper to understand how a per- son's interactions with a system may have con- tributed to the occurrence of the event. Test Develop Solutions The Iterative Design Process One way to look at the application of human Implement factors for safety is by considering how work processes and overall systems are designed. Adopting an iterative design process can help challenge organizations to continually move Source: Process adapted from: Nielsen Norman Group, Design Thinking 101 (2016) . processes and safety systems towards a state of optimization. As new information emerges during the investigation, teams can re昀椀ne the design recommendations accordingly. © CORITY SOFTWARE INC. 13
Here are six key stages in human factors design for safety systems:5 1. De昀椀ne the problem How Technology Can Help 2. Collect & analyze information 3. Brainstorm and develop solutions At this stage, so昀琀ware can be used 4. Implement solution(s) to collect, aggregate, and analyze 5. Test solutions data to create visibility around 6. Re-evaluate the problem common system weaknesses By methodically following these steps and latent conditions that can 2. Collect & Analyze Information while taking a holistic view at the design of introduce risk. It’s important to When collecting data to determine what the entire system, organizations can move have a good understanding of happened, it’s also important to understand why towards building more error tolerant designs the safety system under review and how it happened. What speci昀椀cally led to a that anticipate and accept failures without because those metrics will be breakdown of the safety system or control, and resulting in catastrophic losses. used as the baseline when testing how did that failure occur? What mechanisms or proposed solutions. Utilizing processes failed and what evidence is available 1. De昀椀ne the Problem so昀琀ware to collect and aggregate to explain why and how it failed? De昀椀ning the problem e昀昀ectively is a crucial leading and lagging indicator data To make the most of this step, be sure to collect step in the iterative design process because it will make it easier for organizations data from a variety of sources. Include objective lays the foundation for the entire initiative and to determine how pervasive the data plus qualitative information from the helps ensure that relevant activities remain problem is and guide next steps in workforce - both those directly involved with the focused and productive. Before de昀椀ning the design review process. incident along with others who regularly work the problem, it's essential to have a clear in the area and/or perform the task involved. understanding of the system, product, or Investigate what physical, environmental, and organizational factors might have led to process under investigation. the worker’s decision or behavior (building a detailed timeline might help here). © CORITY SOFTWARE INC. 14
Questions to Ask: › What information was available to the worker? How Technology Can Help › What goals was the worker pursuing? › What was going on in the process at that Technology can help streamline e昀昀orts at the Collect/Analyze stage by enabling teams time? to record and report on key safety program metrics, all from one place. O昀琀en, organi- › What were other employees nearby doing? zations 昀椀nd themselves inundated with data, scattered across various sources, making › What constraints was the worker facing? the accurate collation of information a daunting task. Integrating all safety program › Why did it make sense for the worker to take data into a single so昀琀ware solution streamlines the data management process and en- that action at that time? hances the precision of conclusions drawn. Consider the design of the overall system, Consider the utility of natural language processing (NLP). This innovative tool, embed- including equipment, processes, procedures, and ded in many commercial so昀琀ware applications, empowers teams to transform unstruc- human factors. Identify any potential design 昀氀aws tured data on a massive scale into a more organized model. This approach facilitates or gaps that may have contributed to the failure. easier analysis and decision-making in the process. NLP establishes connections be- tween written text and other data points, enabling the identi昀椀cation of trends, within documents like incident reports, without the need for manual scrutiny and association. This capability allows teams to e昀케ciently analyze larger volumes of data in less time. Moreover, so昀琀ware can be harnessed to elevate stakeholder involvement in this stage in the design process. It provides organizations with a streamlined means to collect information from a diverse array of stakeholders, fostering a broader and more holistic perspective compared to insights gathered from a smaller cohort of participants. © CORITY SOFTWARE INC. 15
3. Brainstorm and Develop Solutions recovering from errors if they do occur? Developing e昀昀ective solutions in a safety › Does the solution introduce measures to design investigation requires a systematic and prevent errors from occurring in the 昀椀rst How Technology Can Help thoughtful approach. At this point, the team place? should have an idea of what factors caused › To what extent does the design solution Technology can help optimize and/or contributed to the system failure. empower users to make informed e昀昀orts at this stage as well. Engaging with multiple stakeholders across decisions related to safety? a variety of relevant departments is key for › How does the design account for variations Consider the utility of what-if e昀昀ective brainstorming. Including members in environmental conditions or work scenario analysis, a powerful across departments and disciplines (e.g., situations? technique enabling the modeling engineering, facilities, and production, etc.) of unmitigated risks, and the will make it much easier to prioritize possible potential impact of various solutions based on e昀昀ectiveness and feasibility. controls or interventions. This digital modeling feature allows When evaluating the e昀昀ectiveness of a teams to simulate a work scenario potential design solution, consider if and how and project likely outcomes with or without risk mitigation it will impact human interactions with the measures. Consequently, teams system to ultimately prevent incidents related can compare various interventions, to human factors and behavior. evaluating which design solutions o昀昀er optimal risk mitigation Questions to ask when evaluating a and resource use. By providing potential design solution: a pre-modeled assessment, decision-makers gain a pragmatic › Will the solution reduce the severity perspective on implementing of impact when an error results in an design changes, making the most incident? e昀昀ective use of limited resources. › How does the solution support operators in 16
4. Implement Solutions 5. Test Solutions design process. For instance, one might aim When it comes to implementing a solution, When it comes to testing or trialing a solution, to assess the impact of a proposed change it’s key to have an e昀昀ective way for disparate trials should be set up to test a speci昀椀c on factors such as risk, usability, or cognitive teams to communicate, since multiple problem statement. This underscores the workload. This strategic approach ensures departments will typically be involved. signi昀椀cance of establishing a baseline for a focused and purposeful evaluation of the measuring success in the initial stages of the solution's e昀昀ectiveness. Understanding cognitive workload is Cognitive the Air Tra昀케c Controller’s cognitive How Technology Can Help crucial when designing systems aimed Workload 101 workload might have included the at optimizing human performance, number of 昀氀ights they were required Harnessing a digital solution preventing errors, and enhancing overall to monitor at one time (i.e. multi- workforce safety. tasking) and the amount of time they designed for safety program had been working in that position management enables safety Cognitive workload refers to the mental (i.e. experience). teams to automate the assignment e昀昀ort, resources, and processing of actions necessary for capacity required by an individual There are a variety of common to perform a speci昀椀c task or set of ways to assess the cognitive implementing a design change. tasks. It encompasses the cognitive workload of a job or task When using so昀琀ware, one can demands imposed on the brain including using standard tools closely monitor the status of these during activities such as problem- such as the NASA Task Load actions, ensuring comprehensive solving, decision-making, information Index (NASA-TLX), or by collecting processing, and multitasking. objective data related to error visibility into open tasks. This rates or task completion time, facilitates smoother follow-up, Risks associated with cognitive for instance. Since the study enhances accountability, and workload are in昀氀uenced by factors of cognitive workload is highly such as task complexity, the complex and nuanced, it's enables a prompter response at novelty of the information, time o昀琀en bene昀椀cial to combine the earliest indication of potential pressure, and an employee’s skill and multiple methods to obtain a issues. experience. In the case of Japanese comprehensive understanding Airlines Flight 907, factors impacting that considers both subjective and objective measures. © CORITY SOFTWARE INC. 17
How Technology Can Help During testing, organizations can leverage so昀琀ware to manage the recording of test parameters, test results, observations, and any relevant notes in a structured and easily accessible format. 6. Re-evaluate the Problem When testing is completed, it’s important to re-evaluate whether the problem has been eliminated or reduced, or if new problems have been introduced due to the solutions implemented. Where a problem persists, it’s recommended to put it through the iterative design process as many times as needed until the problem has been eliminated. This iterative approach ensures a thorough and re昀椀ned solution, promoting continuous improvement and resilience in addressing complex challenges. © CORITY SOFTWARE INC. 18
Final Thoughts When adverse events occur, it’s considering how human factors might impact important that we avoid focusing solely the safety of a task, process, or system can on the individual involved, and take a enable safety teams to develop more e昀昀ective broader perspective on the environment, risk management solutions. context, and systems in which these individuals are operating. Decisions and Taking a human factors-oriented approach to actions aren’t made in a vacuum; they are understanding how systems are designed and in昀氀uenced by what’s going on around us, can be optimized is critical to building safety and how we are interacting with multiple programs that are more e昀昀ective in avoiding elements of a system. failure and reducing risk. Incorporating We are a global enterprise iterative design thinking into a safety EHS so昀琀ware provider that Focusing too narrowly on what individuals strategy is a way to continuously improve developed industry leading technology. We make it easy did, or failed to do, may feel as though we are safety programs and systems. Leveraging to harness the power of our enforcing accountability, but we risk missing technology throughout the iterative design so昀琀ware to create higher levels of operational and sustainable broader system issues and organizational process can help streamline e昀昀orts and guide performance to help people weaknesses that in昀氀uence employee actions smarter decision making. and businesses thrive. and behaviors. Humans aren’t perfect, and © CORITY SOFTWARE INC.
Sources 1. Tokyo Weekender (2021): On this Day in Japan: JAL’s Near Miss Collision Above Suruga Bay. 2. Reason, James (1990): The Contribution of Latent Human Failures to the Breakdown of Complex Systems. 3. National Institute for Occupational Safety and Health (2023): Hierarchy of Controls. 4. International Ergonomics Association (2000): What Is Ergonomics (HFE)? 5. Nielsen Norman Group (2016): Design Thinking 101 © CORITY SOFTWARE INC. 20
It’s time to think di昀昀erently about the future. Introducing Cority One™. The human centered enterprise EHS SaaS platform—designed by industry experts for EHS experts and business leaders to empower healthier, safer, and more sustainable organizations that ful昀椀ll the business imperative of building the better enterprise of tomorrow. Schedule a Demo © CORITY SOFTWARE INC.
™ ONE ™ Introducing Cority One . The human centered enterprise EHS SaaS platform—designed by industry experts for EHS experts and business leaders to empower healthier, safer, and more sustainable organizations that ful昀椀ll the business imperative of building the better enterprise of tomorrow. Learn More Protect employees health and Keep workforces safe and Accurately track and clearly Meet environmental goals with Observe and maintain Drive better performance boost performance. sound with risk protection. report sustainability work and more precise control. quality at every level of the everywhere. ESG programs. organization. © CORITY SOFTWARE INC.
