“On the Eighth Day of ISO….”

“On the Eighth Day of ISO….”

It is our strong recommendation organizations do not make changes to their quality management systems until the formal standard is released in 2015.

My Management Rep. gave to me . . . . No significant changes!  This fact alone will make many people, primarily those in that actual patient care processes, very excited!  Currently, remember the Standard is not final, in the ISO 9001:2015 Standard in Section eight; Operations, there are limited changes to what is asked of an organization.  So rest at ease and enjoy the holiday season knowing that the Eight Maids a Milking will continue to Milk just as they always have.

However, there are the “Five Golden Rings” for operations that you may want to take a peek at before the holiday rush.

The planning of service provision will have precise requirements for implementation. The intent is to resolve the risks to an organization defined in section six of the Standard.  What we do as we implement our processes must now be inclusive of planning, and carrying out our processes to deter issues within the organization. (8.1) 

One unique change in determining the requirements related to patient service provision is a distinct call out for the organization to ensure they meet the defined requirement, and substantiate any claims they make for service provision.  I am not sure how this will shake out in the healthcare world, but organizations should begin to think about what they promise patients, in regards to the services they provide. (8.2.2)

The materials or purchasing process in the new standard is now inclusive of outsourced processes, just as if they were a supplier of any other stock item.  This means that the criteria for evaluation, selection, performance monitoring and re-evaluation apply to all product or service providers.  This goes even one step further in including suppliers that provide product or service directly to your patients on your behalf.  This is where those six geese might lay an egg that we are not fully prepared for.  So how do we deal with these six geese?  Here are the six eggs the ISO standard is asking you to communicate to “ANY” supplier: (8.4)

·         Product or Service we are purchasing

·         How said product or service is approved

·         Any qualification service providers need

·         Any interaction with the QMS that the vendor may need to control

·         How their performance is going to be monitored

·         Any onsite inspections/surveys the organization intends to perform at the vendors premise

Customer Property has now been expanded to include property of external providers.  Simply put, if we damage customer or vendor product we are responsible to let them know.  I would hold off on setting up any kind of processes to notify vendors of damaged product due to the fact that this may be one of those areas that may fall off in the final draft of the standard. (8.5.3)

I told you that there were no significant changes to operations, however, if you will recall in the 2008 Standard, Nonconforming Product was not a part of operations. It was included in the measuring, monitoring and improvement section of the Standard.  It has moved into the operations section and with one significant change.  Let me caution you as you read this next section not to get too scared, overwhelmed, excited or exacerbated.  This is a section that is going to cause a lot of discussion as to the intent and the expectations and implementation for the Standard is in a certified organization.  Let the dust settle and wait, wait, wait, for the final version to be released. Remember a bird in the hand is better than two in a pear tree.

Let me outline this for you so as to present clear understanding:

·         ISO 9001:2008            NCP required identification and segregation of bad product and                                        product means product.

·         ISO 9001:2008            NCP requires a record of the actions taken for nonconforming                                           product to be maintained but that was for product only.

                                   (1 Record)

·         ISO 9001:2008            Process failure was governed by 8.2.3 Measuring and Monitoring                                     of Processes and subsequently 8.5.2 Corrective Action.

                                   System failure was governed by 8.2.2 Internal Audits and                                                   subsequently 8.5.2 Corrective Action.

                                   Service failure was governed by customer complaints and                                                 subsequently 8.5.2 Corrective Action.

                                   These last three only required a record if the magnitude level                                      was such that formal and complete corrective action was                                                         determined to be necessary by the organization.

·         ISO 9001:2015            Is not only inclusive of all the requirements for nonconforming                                          “product” but is also inclusive of Nonconforming process                                                   outputs and Nonconforming services.

Here is where the new Standard is going to get all the ISO lords a leaping.  Question? “So does that mean that I have to have both a NCP records and a corrective action record for every nonconforming product?  Process Failure?  Process Performance Failure? Customer Complaint?  System Failure?   

The Answer is simple, but requires patience.  The answer; wait until the dust settles. Most likely there will be some significant changes and/or clarification to this portion.  If it were my QMS, I would not touch NCP or Corrective Action until I had the final “Gospel” version-gave to me. (8.7)

Putting all the Pieces Together

It is our strong recommendation that organizations do not make changes to their quality management systems until the formal standard is released in 2015.

I love jigsaw puzzles.  Almost every vacation my family takes includes a brand new puzzle, which my family and I will spend the quiet moments assembling.  I have a confession to make; I steal the last piece long before the puzzle is ever done.  There is just something about bringing all the pieces together, that in and of themselves’ has no true image or meaning, but when combined make a beautiful picture.  The reality is that each of my children and my wife contribute to the masterpiece just as much as I, but as the family’s “TOP MANAGEMENT” person I get to put in the last piece. It probably wouldn’t surprise anyone that my children have begun to replicate the process of stealing a piece, so at the end there are six pieces missing and a battle ensues for the placement of that final piece.

In section 7 “Support” of the ISO 9001:2015 standard we see the same puzzle coming together to help present the organization in its best light.  The good news is that, as far as significant changes in implementation, there are few.  Infrastructure and Work Environment remain virtually unchanged.  If you are an ISO geek like me, you may have noticed the note in 7.1.4 that Environment can include physical, social, psychological, environmental and other factor.  Don’t get too excited about trying to maintain and control social and psychological factors at this point.  They tried to put this same language into the 2000 revision of the ISO standard, but it never made the cut.  I suspect that it will quickly disappear in this version as well.  

Calibration remains primarily the same with the exception of the defining characteristics of when an organization implements full and traceable calibration.  In the 2008 standard the deciding factor is, “Where necessary to ensure valid results…..” in the 2015 standard the factor is, “Where measurement traceability is: a statutory, regulatory, customer, interested party, or organizational requirement.”

Training and competency remains the same, although the 2015 standard has extended the language.  The new standard incorporates items such as the quality policy, relevant objects, etc., into this section called Organizational knowledge, Competence and Awareness.  

The very end of section 7 is where one would find the most significant change to the standard.  Document Control and Record Control no longer exist as two separate requirements, but have been combined into what the standard is calling “Documented Information”.  Don’t let this throw you off.  Here are a few clarifying notes, “a peak at the puzzle box” to help you put it all together.

1.      There are only two statements directing the organization as to what documented information needs to be controlled.  (ISO required & Organization Required)

2.      There is no formal requirement for a Quality Manual or the ISO 9001:2008 six required procedures.

3.      The only definitive (called out by name) requirement is for a Quality Policy and Quality Objectives.

4.      The term “documented information” has replaced “documented procedure” as the identifier as to when the requirements for the control of documents and records is to be implemented.

5.      All the requirements in section 7.5 “Documented Information” can be applied to either a Document or a Record, however, as you are reading this section you will see that section 7.5.1,2,&3 most closely resembles the old document control and section 7.5.3.2 most closely resembles the old record control.

As you read through the new standard and begin to turn the pieces over from the blank side to the picture side, I am confident that you will breathe a sigh of relief. Before your eyes the puzzle will begin to show a picture that the intent of the standard has not really changed much.  The box of pieces has been shuffled, but the picture on the box remains the same. 

What we must keep in mind is that there is just something about bringing all the pieces together, that in and of themselves’ has no true image or meaning, but when combined in the right place, makes a beautiful picture. Each member of your team will contribute and hopefully you will not have any “piece thieves” along the way. This puzzle will require all members of the “family” to work together in contributing to the final piece of the puzzle placement! 

Last Piece Thief

Woody

Avoid Titanic Failures with ISO 9001

Titanic Failures

             ISO 9001:2015 standard:ISO 2015 Life Preservers-On Sale Now!

It is our strong recommendation that organization do not make changes to their quality management systems until the formal standard is released in 2015.

White Star Line: Titanic

The story of the Titanic is amazing and great movie. So many things could and do go wrong and have such cataclysmic effects. When you look deeply into the story and history of the Titanic, the question surfaces, "What were they thinking?" Here are just a few of the things that went wrong some you may know, some you may find quite prophetic as you and your organization plan for the ISO 9001:2015 transition.

-Only 20 lifeboats.

-Compliant with code for a 10,000 ton ship, there was no documented code for a ship of 46,000 tons like the Titanic.

-There was only 6 - 7 hours of testing and never at any testing at top speed for maneuvering.

-Life safety training only involved lowering two life boats, giving an inaccurate time of evacuation.

-Binoculars and Searchlights were in short supply.

-State of the art Marconi wireless telegraph system had just a few people trained to operate and/or receive messages.

-There was a fire in the coal bunker that started just prior to the voyage and took several days to extinguish. It is believed the fire may have weakened part of the ship's hull, which aided in the sinking.

-Four cautionary warnings of ice were received between one to six hours prior to the collision.

So why all the statistics and the history lesson? It's in the history that we learn what mistakes not to make.

The ISO 9001:2015 standard has gone to great lengths to encourage an organization to take a long hard look at what the risks and opportunities are and then to proactively respond to them. Section 6 of the ISO standard ties all risk and opportunity assessments together into the planning process for mitigation or continual improvement. We can no longer only look within our organization for threats and opportunities for advancement; we must also look at the empirical data that surrounds our context for avenues of success.

The very first requirement of section 6, requires organizations to include issues (Risks and Opportunities) identified in 4.1, understanding the organization and its context and 4.2 needs and expectations, or interested parties in their quality management system planning. If you had been on the board of directors for the White Star Line, the creators of the Titanic, what would have gone into your planning process?

6.1.1 a) Would 6-7 hours of testing at partial speed given you the assurance that your organization could achieve its intended results? The assurance the ship would safely arrive?

6.1.1 b) Would 20 lifeboats although very much compliant with the "Codes and Standards" of the day, met your criteria to prevent, or reduce, undesired effects?

6.1.1 c) Would the revolutionary Marconi wireless telegraph system have shown evidence of achieving continual improvement?

What would you and your organization have done differently, given the opportunity? What would your strategic plan for success have addressed?

6.1.2 a) Would you have taken actions to address these risks and opportunities, maybe purchased a few more binoculars and search lights?

6.1.2 b) Would you have delayed the launch to integrate, implement and evaluate the effectiveness of the lifesaving protocols?

Any one singular action take to address the known risks would have either decreased the number of lives lost or could have potentially prevented the collision with the iceberg altogether. Section 6.1 closes out the section on Quality Management System Planning with a wonderfully freeing statement. "Actions taken to address risk and opportunities shall be proportionate to the potential impact on the conformity of products and service".

You may feel your organization is just waiting for an iceberg to come floating along and all is lost. However, all is not lost, yet; can you take just one small step today? Start by identifying the biggest risk and begin to address it. Find the easiest risk to correct and address it.

Prior to the voyage, if the Titanic had adequate equipment and supplies, proper testing and training, cautionary warnings heeded and safety plans practiced, many lives could have been saved. If the voyage had been delayed to extinguish the fire in the coal bunker of the Titanic, the great movie may have had a much different ending!

The ISO 9001:2015 standard is only asking you to assess and address those things that could sink you and your organization, to ensure a desired ending.

ISO 2015 Life Preservers-On Sale Now
Woody Conway, ICH Lead Trainer
RABQSA Certified Lead Auditor

I Don’t Have a Clue Why Anyone Would Do ISO!

Over the last five years ISO 9001 has been whispered across the Healthcare Industry, as the latest

flavor in quality management and improvement.  Many healthcare professionals are asking the same question, “Why ISO?”  CEO’s, Nurse Executives, Quality Managers, Accreditation Directors and the like have had one common theme that recurs,  “With all these programs, regulations, standards, audits and quality tools, why are we still seeing the same problems again and again over the course of time?”  Audit after audit, tool after tool, program upon program end with the same results in the same fundamental problems or fires that the management team continues to try and put out.”  

The second question Healthcare Professionals ask is, “How is ISO going to change what the others haven’t accomplished?”  The answer is management has to stop putting out the fires of the past and install a sustainable system to identify and control fires before the smoke can be seen on the horizon. 

When an organization does not have a strong quality business management system supporting the activities and processes of their organization, top management has relegated themselves to putting out fires from the past.  One CEO stated, “The best thing about ISO is we have to get creative in current mistakes, because the issues/fires of the past are gone.”  Organizational committees, management oversight committees, executive councils and board of directors have found themselves comfortable in their role as fire fighters. What if we could install an early warning system when and where the fires were igniting?  What if we began to put the fire hose into the hands of our process owners to extinguish the fire before it requires involvement and resources from top management?

Initial implementation of ISO 9001 installs an early warning and control mechanism to ensure issues

within the organization no longer get out of control. They begin to place these early fire warning devices across their organization based on the risk and impact to the patient, to highly susceptible processes, potential financial loss or gain centers, and even areas where the organization may be in jeopardy of legal, statutory or regulatory findings.  One of the most exciting evolutions in this system is top management is no longer the only ones identifying fires.  The entire organization is tasked with sounding the alarm and the front line process owner is able to extinguish the flare up before top management ever arrives on the scene.  

In ISO language we call this top management responsibility for establishment of the quality management system, effective goals and objectives, corrective action and management review.  ISO drives an organization even further in the development of processes that can actually detect and extinguish fires (issues) before they even flare up.   

As an organization’s quality management system begins to mature, the natural growth is reflected in the organizations ability to install applications of control for all the past fires across the entire organization.  

Top management reports not only identify the issues and problems within the department, but also the

solution and application of control applied. This reporting would provide confidence that the issue will not reappear.  Instead of a fire brigade of a dozen (management team) now we have a virtual army of fire fighters.  In ISO language top management has established the goals and objectives of the organization.  Process or department managers now measure and monitor their process to do their part to see the organizational objectives are achieved.  This information is used on the department or process level to implement corrective action, analyze for future potential issues, and plan to eliminate fires of tomorrow. With the loss of top management’s firefighting duties, more time is available to lead the organization into the future. 

Finally a fully mature quality management system has reached the point where systems are set in place to identify current potential failures and the risks associated with them.  Top management now relies on their staff to firefight and they now look to the future for the success of the organization, not the maintenance of the organization.  The ISO standard in its fullest implementation is a system of risk (fire) identification, risk control, risk mitigation, risk prevention and risk preparation. 

Why do ISO?  Healthcare needs a sustainable system of risk management because healthcare inherently has great risk.