Difference between revisions of "Journal:Identifying risk management challenges in laboratories"

From LIMSWiki
Jump to navigationJump to search
(Saving and adding more)
(Finished adding rest of content.)
 
Line 18: Line 18:
|website      = [https://link.springer.com/article/10.1007/s00769-023-01540-3 https://link.springer.com/article/10.1007/s00769-023-01540-3]
|website      = [https://link.springer.com/article/10.1007/s00769-023-01540-3 https://link.springer.com/article/10.1007/s00769-023-01540-3]
|download    = [https://link.springer.com/content/pdf/10.1007/s00769-023-01540-3.pdf?pdf=button%20sticky https://link.springer.com/content/pdf/10.1007/s00769-023-01540-3.pdf] (PDF)
|download    = [https://link.springer.com/content/pdf/10.1007/s00769-023-01540-3.pdf?pdf=button%20sticky https://link.springer.com/content/pdf/10.1007/s00769-023-01540-3.pdf] (PDF)
}}
{{ombox
| type      = notice
| image    = [[Image:Emblem-important-yellow.svg|40px]]
| style    = width: 500px;
| text      = This article should be considered a work in progress and incomplete. Consider this article incomplete until this notice is removed.
}}
}}
==Abstract==
==Abstract==
Line 37: Line 31:
The difference between modern risk analysts and the Ašipu of ancient Babylon is that the former express their results as mathematical probabilities and intervals of confidence, while the latter with certainty, confidence, and power. However, to determine the causal relationship between cause and effect, both the ancient ancestors and current researchers rely on observational methods.<ref name=":0" /> After World War II, large companies with diversified portfolios of physical assets began to develop self-insurance, which covered the financial consequences of an adverse event or accidental losses.<ref>{{Cite journal |last=Ehrlich |first=Isaac |last2=Becker |first2=Gary S. |date=1972-07 |title=Market Insurance, Self-Insurance, and Self-Protection |url=https://www.journals.uchicago.edu/doi/10.1086/259916 |journal=Journal of Political Economy |language=en |volume=80 |issue=4 |pages=623–648 |doi=10.1086/259916 |issn=0022-3808}}</ref><ref>{{Cite journal |last=Dionne |first=Georges |last2=Eeckhoudt |first2=Louis |date=1985-01 |title=Self-insurance, self-protection and increased risk aversion |url=https://linkinghub.elsevier.com/retrieve/pii/0165176585901235 |journal=Economics Letters |language=en |volume=17 |issue=1-2 |pages=39–42 |doi=10.1016/0165-1765(85)90123-5}}</ref> Modern risk management was implemented after 1955 and was first applied in the insurance industry.<ref>{{Cite journal |last=Dionne |first=Georges |date=2013-09 |title=Risk Management: History, Definition, and Critique: Risk Management |url=https://onlinelibrary.wiley.com/doi/10.1111/rmir.12016 |journal=Risk Management and Insurance Review |language=en |volume=16 |issue=2 |pages=147–166 |doi=10.1111/rmir.12016}}</ref>
The difference between modern risk analysts and the Ašipu of ancient Babylon is that the former express their results as mathematical probabilities and intervals of confidence, while the latter with certainty, confidence, and power. However, to determine the causal relationship between cause and effect, both the ancient ancestors and current researchers rely on observational methods.<ref name=":0" /> After World War II, large companies with diversified portfolios of physical assets began to develop self-insurance, which covered the financial consequences of an adverse event or accidental losses.<ref>{{Cite journal |last=Ehrlich |first=Isaac |last2=Becker |first2=Gary S. |date=1972-07 |title=Market Insurance, Self-Insurance, and Self-Protection |url=https://www.journals.uchicago.edu/doi/10.1086/259916 |journal=Journal of Political Economy |language=en |volume=80 |issue=4 |pages=623–648 |doi=10.1086/259916 |issn=0022-3808}}</ref><ref>{{Cite journal |last=Dionne |first=Georges |last2=Eeckhoudt |first2=Louis |date=1985-01 |title=Self-insurance, self-protection and increased risk aversion |url=https://linkinghub.elsevier.com/retrieve/pii/0165176585901235 |journal=Economics Letters |language=en |volume=17 |issue=1-2 |pages=39–42 |doi=10.1016/0165-1765(85)90123-5}}</ref> Modern risk management was implemented after 1955 and was first applied in the insurance industry.<ref>{{Cite journal |last=Dionne |first=Georges |date=2013-09 |title=Risk Management: History, Definition, and Critique: Risk Management |url=https://onlinelibrary.wiley.com/doi/10.1111/rmir.12016 |journal=Risk Management and Insurance Review |language=en |volume=16 |issue=2 |pages=147–166 |doi=10.1111/rmir.12016}}</ref>


The English term “risk” comes from the Greek word “rhiza,” which refers to the dangers of sailing around a cliff.<ref name=":0" /> According to Kumamoto and Henley<ref>{{Cite book |last=Kumamoto |first=Hiromitsu |last2=Henley |first2=Ernest J. |last3=Henley |first3=Ernest J. |date=1996 |title=Probabilistic risk assessment and management for engineers and scientists |edition=2nd ed |publisher=IEEE Press |place=New York |isbn=978-0-7803-1004-9}}</ref>, the term “risk” is defined as a combination of five factors: probability, outcome, significance, causal scenario, and affected population. As far as a [[laboratory]] is concerned, “risk” is the probability of a laboratory error which may have adverse consequences [9], as it includes factors that threaten health and safety of staff, environment, organization's facilities, organization's financial sustainability, operational productivity, and service quality. [10] Therefore, for testing laboratories, as risk can be considered the inability to meet customer needs, the provision of incorrect analytical results and failure to meet accreditation requirements damage laboratory's reputation. [11]
The English term “risk” comes from the Greek word “rhiza,” which refers to the dangers of sailing around a cliff.<ref name=":0" /> According to Kumamoto and Henley<ref>{{Cite book |last=Kumamoto |first=Hiromitsu |last2=Henley |first2=Ernest J. |last3=Henley |first3=Ernest J. |date=1996 |title=Probabilistic risk assessment and management for engineers and scientists |edition=2nd ed |publisher=IEEE Press |place=New York |isbn=978-0-7803-1004-9}}</ref>, the term “risk” is defined as a combination of five factors: probability, outcome, significance, causal scenario, and affected population. As far as a [[laboratory]] is concerned, “risk” is the probability of a laboratory error which may have adverse consequences<ref name=":1">{{Cite journal |last=Nichols |first=James H. |date=2011-05 |title=Laboratory Quality Control Based on Risk Management |url=http://www.annsaudimed.net/doi/10.4103/0256-4947.81526 |journal=Annals of Saudi Medicine |language=en |volume=31 |issue=3 |pages=223–228 |doi=10.4103/0256-4947.81526 |issn=0256-4947 |pmc=PMC3119960 |pmid=21623049}}</ref>, as it includes factors that threaten health and safety of staff, environment, organization's facilities, organization's financial sustainability, operational productivity, and service quality.<ref name=":2">{{Cite journal |last=Dror |first=Itiel E. |last2=Pierce |first2=Michal L. |date=2020-05 |title=ISO Standards Addressing Issues of Bias and Impartiality in Forensic Work |url=https://onlinelibrary.wiley.com/doi/10.1111/1556-4029.14265 |journal=Journal of Forensic Sciences |language=en |volume=65 |issue=3 |pages=800–808 |doi=10.1111/1556-4029.14265 |issn=0022-1198}}</ref> Therefore, for testing laboratories, as risk can be considered the inability to meet customer needs, the provision of incorrect analytical results and failure to meet accreditation requirements damage laboratory's reputation.<ref name=":3">{{Cite journal |last=Wong |first=Siu-kay |date=2017-04 |title=Risk-based thinking for chemical testing |url=http://link.springer.com/10.1007/s00769-017-1256-x |journal=Accreditation and Quality Assurance |language=en |volume=22 |issue=2 |pages=103–108 |doi=10.1007/s00769-017-1256-x |issn=0949-1775}}</ref>


Plebani [12] defines risk management as the process by which risk is assessed and strategies are developed to manage it. The goal of any risk management process is to identify, evaluate, address, and reduce the risk to an acceptable level. [13] According to Dikmen ''et al.'' [14], risk management involves identifying sources of uncertainty ([[Risk assessment|risk identification]]) and assessing the consequences of uncertain events/conditions (risk analysis), thus creating response strategies based on expected results and, finally, based on the feedback received from the actual results and the emerging risk, the steps of identification, analysis and repetitive response events are performed throughout the life cycle of a project to ensure that the project objectives are achieved. Kang ''et al.'' [15] define risk management as an act of classification, analysis, and response to unforeseen risks, which are involved during the implementation of a project. Risk management involves maximizing the opportunity and impact of positive events and reducing the likelihood and impact of negative events to achieve the project objectives.
Plebani<ref name=":4">{{Cite journal |last=Plebani |first=Mario |date=2006-01-01 |title=Errors in clinical laboratories or errors in laboratory medicine? |url=https://www.degruyter.com/document/doi/10.1515/CCLM.2006.123/html |journal=Clinical Chemistry and Laboratory Medicine (CCLM) |volume=44 |issue=6 |doi=10.1515/CCLM.2006.123 |issn=1434-6621}}</ref> defines risk management as the process by which risk is assessed and strategies are developed to manage it. The goal of any risk management process is to identify, evaluate, address, and reduce the risk to an acceptable level.<ref name=":5">{{Citation |last=Lemos |first=T. |last2=Almeida |first2=L. T. |date=2001 |editor-last=Linkov |editor-first=Igor |editor2-last=Palma-Oliveira |editor2-first=Jose |title=Whole Life Cycle Risk Management |url=http://link.springer.com/10.1007/978-94-010-0987-4_44 |work=Assessment and Management of Environmental Risks |publisher=Springer Netherlands |place=Dordrecht |pages=401–407 |doi=10.1007/978-94-010-0987-4_44 |isbn=978-1-4020-0024-9 |accessdate=2023-05-16}}</ref> According to Dikmen ''et al.''<ref name=":6">{{Cite journal |last=Dikmen |first=I. |last2=Birgonul |first2=M.T. |last3=Anac |first3=C. |last4=Tah |first4=J.H.M. |last5=Aouad |first5=G. |date=2008-12 |title=Learning from risks: A tool for post-project risk assessment |url=https://linkinghub.elsevier.com/retrieve/pii/S0926580508000691 |journal=Automation in Construction |language=en |volume=18 |issue=1 |pages=42–50 |doi=10.1016/j.autcon.2008.04.008}}</ref>, risk management involves identifying sources of uncertainty ([[Risk assessment|risk identification]]) and assessing the consequences of uncertain events/conditions (risk analysis), thus creating response strategies based on expected results and, finally, based on the feedback received from the actual results and the emerging risk, the steps of identification, analysis and repetitive response events are performed throughout the life cycle of a project to ensure that the project objectives are achieved. Kang ''et al.''<ref>{{Cite journal |last=Kang |first=Leen Seok |last2=Kim |first2=Sung-Keun |last3=Moon |first3=Hyoun Seok |last4=Kim |first4=Hyeon Seung |date=2013-05 |title=Development of a 4D object-based system for visualizing the risk information of construction projects |url=https://linkinghub.elsevier.com/retrieve/pii/S0926580512002336 |journal=Automation in Construction |language=en |volume=31 |pages=186–203 |doi=10.1016/j.autcon.2012.11.038}}</ref> define risk management as an act of classification, analysis, and response to unforeseen risks, which are involved during the implementation of a project. Risk management involves maximizing the opportunity and impact of positive events and reducing the likelihood and impact of negative events to achieve the project objectives.


The concept of risk is already known to laboratories as it was indirectly included and in previous versions of [[International Organization for Standardization]] (ISO) standard [[ISO 9000|ISO 9001]] and, mainly via preventive measures to eliminate possible non-compliances and prevent their recurrence (i.e., ISO 9001:2008 [16], [[ISO/IEC 17025|ISO/IEC 17025:2005]] [17]). In the new versions of ISO 9001:2015 [18] and ISO/IEC 17025:2017 [19], however, the presence of risk-based thinking is more pronounced and imperative.
The concept of risk is already known to laboratories as it was indirectly included and in previous versions of [[International Organization for Standardization]] (ISO) standard [[ISO 9000|ISO 9001]] and, mainly via preventive measures to eliminate possible non-compliances and prevent their recurrence (i.e., ISO 9001:2008<ref>{{Cite web |last=International Organization for Standardization |date=November 2008 |title=ISO 9001:2008 Quality management systems — Requirements |url=https://www.iso.org/standard/46486.html |publisher=International Organization for Standardization}}</ref>, [[ISO/IEC 17025|ISO/IEC 17025:2005]]<ref>{{Cite web |last=International Organization for Standardization |date=May 2005 |title=ISO/IEC 17025:2005 General requirements for the competence of testing and calibration laboratories |url=https://www.iso.org/standard/39883.html |publisher=International Organization for Standardization}}</ref>). In the new versions of ISO 9001:2015<ref>{{Cite web |last=International Organization for Standardization |date=September 2015 |title=ISO 9001:2015 Quality management systems — Requirements |url=https://www.iso.org/standard/62085.html |publisher=International Organization for Standardization}}</ref> and ISO/IEC 17025:2017<ref name=":7">{{Cite web |last=International Organization for Standardization |date=November 2017 |title=ISO/IEC 17025:2017 General requirements for the competence of testing and calibration laboratories |url=https://www.iso.org/standard/66912.html |publisher=International Organization for Standardization}}</ref>, however, the presence of risk-based thinking is more pronounced and imperative.


As the revised version of ISO/IEC 17025 is in line with ISO 9001 in terms of management requirements, a laboratory should examine the impact of threats as well as seize opportunities to increase management system efficiency to achieve improved results and to avoid negative effects. [20] There is no longer a separate clause on preventive measures, and the concept of preventive action is expressed through the application of the risk and opportunities approach. The concept of risk is implied in each paragraph of the standard related to the factors that affect the validity of the results. Such factors are staff, facilities, environmental conditions, equipment, metrological traceability, technical records, etc. In addition, the creation of a formal risk management system is not a requirement of the standard, but each laboratory can choose the approach which is satisfactory and can be implemented for its needs. [19, 20]
As the revised version of ISO/IEC 17025 is in line with ISO 9001 in terms of management requirements, a laboratory should examine the impact of threats as well as seize opportunities to increase management system efficiency to achieve improved results and to avoid negative effects.<ref name=":8">{{Cite web |last=International Organization for Standardization |date=September 2015 |title=ISO 14001:2015 Environmental management systems — Requirements with guidance for use |url=https://www.iso.org/standard/60857.html |publisher=International Organization for Standardization}}</ref> There is no longer a separate clause on preventive measures, and the concept of preventive action is expressed through the application of the risk and opportunities approach. The concept of risk is implied in each paragraph of the standard related to the factors that affect the validity of the results. Such factors are staff, facilities, environmental conditions, equipment, metrological traceability, technical records, etc. In addition, the creation of a formal risk management system is not a requirement of the standard, but each laboratory can choose the approach which is satisfactory and can be implemented for its needs.<ref name=":7" /><ref name=":8" />


The revised ISO 14001 [20] is also in line with ISO 9001. Risk-based thinking provides a structured approach to managing environmental issues that are likely to affect the organization. Identifying environmental risks and potential opportunities is vital to an organization's success.
The revised ISO 14001<ref name=":8" /> is also in line with ISO 9001. Risk-based thinking provides a structured approach to managing environmental issues that are likely to affect the organization. Identifying environmental risks and potential opportunities is vital to an organization's success.


Finally, in ISO 31000:2018 [21], risk management is considered to be the coordinated activities carried out for the management and control of an organization in relation to risk. Therefore, in order for a laboratory to comply with the new versions of the standards, it is important to understand the risk-based thinking and to examine the functions, procedures, and activities related to risks and opportunities. To address the concern, this paper aims to explore the implementation of a risk-based thinking framework in testing or [[Calibration laboratory|calibration laboratories]] and highlight the challenges that arise as part of that implementation.
Finally, in ISO 31000:2018<ref>{{Cite web |last=International Organization for Standardization |date=February 2018 |title=ISO 31000:2018 Risk management — Guidelines |url=https://www.iso.org/standard/65694.html |publisher=International Organization for Standardization}}</ref>, risk management is considered to be the coordinated activities carried out for the management and control of an organization in relation to risk. Therefore, in order for a laboratory to comply with the new versions of the standards, it is important to understand the risk-based thinking and to examine the functions, procedures, and activities related to risks and opportunities. To address the concern, this paper aims to explore the implementation of a risk-based thinking framework in testing or [[Calibration laboratory|calibration laboratories]] and highlight the challenges that arise as part of that implementation.


==The risk management process==
==The risk management process==
The risk management process can be applied at all levels of an organization, from strategy to project implementation. In addition, it must be an integral part of management and decision making and integrated into the structure, functions, and processes of the organization. [9] The integrated risk management process relies on a well-structured risk-based thinking which encompasses the whole [[quality management system]] (QMS).
The risk management process can be applied at all levels of an organization, from strategy to project implementation. In addition, it must be an integral part of management and decision making and integrated into the structure, functions, and processes of the organization.<ref name=":1" /> The integrated risk management process relies on a well-structured risk-based thinking which encompasses the whole [[quality management system]] (QMS).


In this context, the risk assessment stage consists of three sub-stages: risk identification, risk analysis, and risk evaluation. The purpose of risk identification is to find, recognize, and describe the risks that positively or negatively affect the achievement of the objectives of the organization, even those whose sources are not under its control. [9] According to Elkington and Smallman [22], risk identification is the most important phase of risk analysis, and emphasis is given in the fact that potential risks should be identified at each stage. Hallikas ''et al.'' [23] also state that the identification phase is fundamental to implement risk management, as by recognizing sources of risk, future uncertainties can be identified, and preventive measures can be taken. During risk analysis, the impact of a risk is assessed while during risk evaluation any additional action is determined.
In this context, the risk assessment stage consists of three sub-stages: risk identification, risk analysis, and risk evaluation. The purpose of risk identification is to find, recognize, and describe the risks that positively or negatively affect the achievement of the objectives of the organization, even those whose sources are not under its control.<ref name=":1" /> According to Elkington and Smallman<ref name=":9">{{Cite journal |last=Elkington |first=Paul |last2=Smallman |first2=Clive |date=2002-01 |title=Managing project risks: a case study from the utilities sector |url=https://linkinghub.elsevier.com/retrieve/pii/S026378630000034X |journal=International Journal of Project Management |language=en |volume=20 |issue=1 |pages=49–57 |doi=10.1016/S0263-7863(00)00034-X}}</ref>, risk identification is the most important phase of risk analysis, and emphasis is given in the fact that potential risks should be identified at each stage. Hallikas ''et al.''<ref>{{Cite journal |last=Hallikas |first=Jukka |last2=Karvonen |first2=Iris |last3=Pulkkinen |first3=Urho |last4=Virolainen |first4=Veli-Matti |last5=Tuominen |first5=Markku |date=2004-07 |title=Risk management processes in supplier networks |url=https://linkinghub.elsevier.com/retrieve/pii/S0925527304000477 |journal=International Journal of Production Economics |language=en |volume=90 |issue=1 |pages=47–58 |doi=10.1016/j.ijpe.2004.02.007}}</ref> also state that the identification phase is fundamental to implement risk management, as by recognizing sources of risk, future uncertainties can be identified, and preventive measures can be taken. During risk analysis, the impact of a risk is assessed while during risk evaluation any additional action is determined.


After completing the risk assessment stage, the risk is addressed by avoiding risk, taking or increasing risk to pursue an opportunity, removing the risk source, changing the likelihood, changing the consequences, sharing the risk (e.g., through contracts, insurance), or maintaining the risk with a documented decision. All the above steps should be monitored and reviewed to ensure and improve the [[Quality (business)|quality]] and effectiveness of risk management. The results of the process should be recorded and reported throughout the organization to provide information for decision making, for the improvement of risk management activities and for the interaction with stakeholders [9].
After completing the risk assessment stage, the risk is addressed by avoiding risk, taking or increasing risk to pursue an opportunity, removing the risk source, changing the likelihood, changing the consequences, sharing the risk (e.g., through contracts, insurance), or maintaining the risk with a documented decision. All the above steps should be monitored and reviewed to ensure and improve the [[Quality (business)|quality]] and effectiveness of risk management. The results of the process should be recorded and reported throughout the organization to provide information for decision making, for the improvement of risk management activities and for the interaction with stakeholders.<ref name=":1" />


==Risk assessment techniques==
==Risk assessment techniques==
Risk assessment—which is often expressed in relation to sources, possible events, consequences, and likelihood—can be a very difficult process, especially when these relationships are complex. A variety of risk assessment techniques is depicted in Table 1. Though the choice of techniques is not random, some factors must be first taken into account, such as the purpose of the assessment, the needs of stakeholders, any legal, regulatory and contractual requirements, the operating environment and the scenario, how much important is the decision to be made, any defined decision criteria and their form, the time available before a decision is made, the given information and expertise, and the complexity of the situation. [24]
Risk assessment—which is often expressed in relation to sources, possible events, consequences, and likelihood—can be a very difficult process, especially when these relationships are complex. A variety of risk assessment techniques is depicted in Table 1. Though the choice of techniques is not random, some factors must be first taken into account, such as the purpose of the assessment, the needs of stakeholders, any legal, regulatory and contractual requirements, the operating environment and the scenario, how much important is the decision to be made, any defined decision criteria and their form, the time available before a decision is made, the given information and expertise, and the complexity of the situation.<ref name=":10">{{Cite web |last=International Organization for Standardization |date=June 2019 |title=IEC 31010:2019 Risk management — Risk assessment techniques |url=https://www.iso.org/standard/72140.html |publisher=International Organization for Standardization}}</ref>


{|  
{|  
Line 101: Line 95:
|}
|}


The most used techniques for identifying risk are the failure modes and effects analysis (FMEA), as well as the failure modes, effects, and criticality analysis (FMECA). FMEA/FMECA can be applied at all levels of an organization and performed at any level of analysis of a system, from block diagrams to detailed elements of a system or steps of a process. [25] This fact leads to several sub-types of FMEA such as system FMEA, design FMEA, process FMEA, and service delivery FMEA. As defined by its name, FMEA is a systematic method designed to identify potential failure modes for a product or process before it occurs and to assess the risk. In FMEA, the system or process under consideration is broken down into individual components. For each element, the ways in which it may fail, the causes and effects of failure are examined. FMECA is a FMEA followed by criticality analysis, which means that for each failure its importance is also assessed. The calculation of the risk in FMEA method includes the multiplication of the three risk parameters severity (S), occurrence (O), and detection (D) in order to produce a risk priority number (RPN, RPN = S × O × D). However, in FMECA, failure modes are classified by their criticality. [26] A quantitative measure of criticality can be derived from actual failure rates and a quantitative measure of consequences, if known. FMEA can be used to provide information for analysis to other techniques such as fault tree analysis (FTA). FTA is a commonly used technique for understanding consequences and likelihood of risk. It is a logic diagram that represents the relationships between an adverse event, which is typically a system failure, and the causes of the event which are the component of failure. It uses logic gates and events to model the above-mentioned relationships. FTA can be used both qualitatively to identify the potential causes and pathways to the peak event and quantitatively to calculate the probability that the peak event will occur. [27, 28]
The most used techniques for identifying risk are the failure modes and effects analysis (FMEA), as well as the failure modes, effects, and criticality analysis (FMECA). FMEA/FMECA can be applied at all levels of an organization and performed at any level of analysis of a system, from block diagrams to detailed elements of a system or steps of a process.<ref>{{Cite journal |last=Huang |first=Jia |last2=You |first2=Jian-Xin |last3=Liu |first3=Hu-Chen |last4=Song |first4=Ming-Shun |date=2020-07 |title=Failure mode and effect analysis improvement: A systematic literature review and future research agenda |url=https://linkinghub.elsevier.com/retrieve/pii/S095183201930105X |journal=Reliability Engineering & System Safety |language=en |volume=199 |pages=106885 |doi=10.1016/j.ress.2020.106885}}</ref> This fact leads to several sub-types of FMEA such as system FMEA, design FMEA, process FMEA, and service delivery FMEA. As defined by its name, FMEA is a systematic method designed to identify potential failure modes for a product or process before it occurs and to assess the risk. In FMEA, the system or process under consideration is broken down into individual components. For each element, the ways in which it may fail, the causes and effects of failure are examined. FMECA is a FMEA followed by criticality analysis, which means that for each failure its importance is also assessed. The calculation of the risk in FMEA method includes the multiplication of the three risk parameters severity (S), occurrence (O), and detection (D) in order to produce a risk priority number (RPN, RPN = S × O × D). However, in FMECA, failure modes are classified by their criticality.<ref>{{Cite journal |last=Pillay |first=Anand |last2=Wang |first2=Jin |date=2003-01 |title=Modified failure mode and effects analysis using approximate reasoning |url=https://linkinghub.elsevier.com/retrieve/pii/S0951832002001795 |journal=Reliability Engineering & System Safety |language=en |volume=79 |issue=1 |pages=69–85 |doi=10.1016/S0951-8320(02)00179-5}}</ref> A quantitative measure of criticality can be derived from actual failure rates and a quantitative measure of consequences, if known. FMEA can be used to provide information for analysis to other techniques such as fault tree analysis (FTA). FTA is a commonly used technique for understanding consequences and likelihood of risk. It is a logic diagram that represents the relationships between an adverse event, which is typically a system failure, and the causes of the event which are the component of failure. It uses logic gates and events to model the above-mentioned relationships. FTA can be used both qualitatively to identify the potential causes and pathways to the peak event and quantitatively to calculate the probability that the peak event will occur.<ref>{{Cite journal |last=Bhattacharyya |first=S.K. |last2=Cheliyan |first2=A.S. |date=2019-05 |title=Optimization of a subsea production system for cost and reliability using its fault tree model |url=https://linkinghub.elsevier.com/retrieve/pii/S0951832017314515 |journal=Reliability Engineering & System Safety |language=en |volume=185 |pages=213–219 |doi=10.1016/j.ress.2018.12.030}}</ref><ref>{{Cite journal |last=Zio |first=E. |date=2009-02 |title=Reliability engineering: Old problems and new challenges |url=https://linkinghub.elsevier.com/retrieve/pii/S0951832008001749 |journal=Reliability Engineering & System Safety |language=en |volume=94 |issue=2 |pages=125–141 |doi=10.1016/j.ress.2008.06.002}}</ref>


Another technique which is commonly used in organizations is failure reporting, analysis and corrective action system (FRACAS). It is a technique for identifying and correcting identfied deficiencies in a system or a product and, thus, prevent further occurrence of them. [29] It is based upon the systematic reporting and analysis of failures, making maintenance of historical data a crucial issue. It is also necessary for the organization to have a database management system. The database is established to store all the required data, which include records on all reported failures, failure analyses, and corrective actions. [30]
Another technique which is commonly used in organizations is failure reporting, analysis and corrective action system (FRACAS). It is a technique for identifying and correcting identfied deficiencies in a system or a product and, thus, prevent further occurrence of them.<ref>{{Cite journal |last=Chang |first=Jeonghyun |last2=Yoo |first2=Soo Jin |last3=Kim |first3=Sollip |date=2021-05-11 |title=Development and Application of Computerized Risk Registry and Management Tool Based on FMEA and FRACAS for Total Testing Process |url=https://www.mdpi.com/1648-9144/57/5/477 |journal=Medicina |language=en |volume=57 |issue=5 |pages=477 |doi=10.3390/medicina57050477 |issn=1648-9144 |pmc=PMC8151538 |pmid=34065022}}</ref> It is based upon the systematic reporting and analysis of failures, making maintenance of historical data a crucial issue. It is also necessary for the organization to have a database management system. The database is established to store all the required data, which include records on all reported failures, failure analyses, and corrective actions.<ref>{{Cite journal |last=Lee |first=Jae Hoon |last2=Chan |first2=SungIl |last3=Jang |first3=Joong Soon |date=2010-07-05 |title=Process-Oriented Development of Failure Reporting, Analysis, and Corrective Action System |url=https://www.hindawi.com/journals/jqre/2010/213690/ |journal=International Journal of Quality, Statistics, and Reliability |language=en |volume=2010 |pages=1–8 |doi=10.1155/2010/213690 |issn=1687-7144}}</ref>


==Risk identification and treatment in laboratories==
==Risk identification and treatment in laboratories==
Risk identification is the first and most important phase of risk management. [22] In the identification phase, the possible sources of risk which concern the entire activity of the laboratory are recorded. [31]
Risk identification is the first and most important phase of risk management.<ref name=":9" /> In the identification phase, the possible sources of risk which concern the entire activity of the laboratory are recorded.<ref>{{Citation |last=Vasilnakova |first=Andrea |date=2018 |editor-last=Katalinic |editor-first=Branko |title=Risk Management in Accredited Testing Laboratories |url=http://www.daaam.info/Downloads/Pdfs/proceedings/proceedings_2018/153.pdf |work=DAAAM Proceedings |edition=1 |publisher=DAAAM International Vienna |volume=1 |pages=1071–1075 |doi=10.2507/29th.daaam.proceedings.153 |isbn=978-3-902734-20-4 |accessdate=2023-05-16}}</ref>


To identify potential sources of risk associated with the testing process, laboratories should create a process map outlining the steps in the testing process from generating the request for test to reporting the testing result. This map should include all stages of the pre-analytical, analytical, and post-analytical process. [10] An example of such a map is given in Fig. 1.
To identify potential sources of risk associated with the testing process, laboratories should create a process map outlining the steps in the testing process from generating the request for test to reporting the testing result. This map should include all stages of the pre-analytical, analytical, and post-analytical process.<ref name=":2" /> An example of such a map is given in Fig. 1.




Line 118: Line 112:
{| border="0" cellpadding="5" cellspacing="0" width="900px"
{| border="0" cellpadding="5" cellspacing="0" width="900px"
  |-
  |-
   | style="background-color:white; padding-left:10px; padding-right:10px;" |<blockquote>'''Figure 1.''' Process map of the main functions of a testing laboratory. [10]</blockquote>
   | style="background-color:white; padding-left:10px; padding-right:10px;" |<blockquote>'''Figure 1.''' Process map of the main functions of a testing laboratory.<ref name=":2" /></blockquote>
  |-  
  |-  
|}
|}
|}
|}


According to the research of both Plebani and Carraro [32] and Plebani [13], most errors occur during the pre-analytical stages, ranging between 46 to 68%, followed by post-analytical errors, ranging from 19 to 47%, while during the analytical stage the fewest errors occur, ranging from 7 to 13%. Table 2 outlines the main sources of risk in each of these three stages.
According to the research of both Plebani and Carraro<ref name=":11">{{Cite journal |last=Plebani |first=Mario |last2=Carraro |first2=Paolo |date=1997-08-01 |title=Mistakes in a stat laboratory: types and frequency |url=https://academic.oup.com/clinchem/article/43/8/1348/5641004 |journal=Clinical Chemistry |language=en |volume=43 |issue=8 |pages=1348–1351 |doi=10.1093/clinchem/43.8.1348 |issn=0009-9147}}</ref> and Plebani<ref name=":4" />, most errors occur during the pre-analytical stages, ranging between 46 to 68%, followed by post-analytical errors, ranging from 19 to 47%, while during the analytical stage the fewest errors occur, ranging from 7 to 13%. Table 2 outlines the main sources of risk in each of these three stages.


{|  
{|  
Line 141: Line 135:
   | style="background-color:white; padding-left:10px; padding-right:10px;" |• Procedural non-conformity<br />• Wrong test<br />• Use of expired reagents<br />• Improper use of reagents<br />• Equipment malfunction<br />• Equipment failure<br />• Incorrect equipment calibration<br />• Incorrect sample dilutions<br />• Mixing samples<br />• Deviation in the results of the internal control sample<br />• Incorrect calculation of dilution factor<br />• Delay in sample analysis<br />• Unspecified [[quality control]] (QC) failure<br />• Improper management of chemicals<br />• Inadequate disposal of chemicals<br />• Inadequate disposal and management of liquid waste
   | style="background-color:white; padding-left:10px; padding-right:10px;" |• Procedural non-conformity<br />• Wrong test<br />• Use of expired reagents<br />• Improper use of reagents<br />• Equipment malfunction<br />• Equipment failure<br />• Incorrect equipment calibration<br />• Incorrect sample dilutions<br />• Mixing samples<br />• Deviation in the results of the internal control sample<br />• Incorrect calculation of dilution factor<br />• Delay in sample analysis<br />• Unspecified [[quality control]] (QC) failure<br />• Improper management of chemicals<br />• Inadequate disposal of chemicals<br />• Inadequate disposal and management of liquid waste
   | style="background-color:white; padding-left:10px; padding-right:10px;" |• Incorrect results<br />• Incorrect entry of results or related entry in the [[laboratory information management system]] (LIMS)<br />• Send results to another customer<br />• Ambiguous way of communicating the results<br />• Lack of information about the limits regarding the interpretation of the results<br />• Delayed reporting of results
   | style="background-color:white; padding-left:10px; padding-right:10px;" |• Incorrect results<br />• Incorrect entry of results or related entry in the [[laboratory information management system]] (LIMS)<br />• Send results to another customer<br />• Ambiguous way of communicating the results<br />• Lack of information about the limits regarding the interpretation of the results<br />• Delayed reporting of results
   | style="background-color:white; padding-left:10px; padding-right:10px;" |[10,13,32,33,34,35,36]
   | style="background-color:white; padding-left:10px; padding-right:10px;" |<ref name=":2" /><ref name=":5" /><ref name=":11" /><ref>{{Cite journal |last=Piton |first=Alain |date=2008 |title=Risk-based assessment applied to QA GLP audits. How to fulfill regulatory requirements while making the best use of our common sense, knowledge, talents, and resources? |url=https://pubmed.ncbi.nlm.nih.gov/19352000 |journal=Annali dell'Istituto Superiore Di Sanita |volume=44 |issue=4 |pages=379–384 |issn=2384-8553 |pmid=19352000}}</ref><ref name=":12">{{Cite journal |last=Kuo, Y.C.; Lin, C.W.; Wu, H.C. |year=2004 |title=Investigation on the Fires and Explosions in Chemicals-related University Laboratories |journal=Chemical Technology |volume=137 |issue=8 |pages=195–208}}</ref><ref name=":13">{{Cite journal |last=Da Rin |first=Giorgio |date=2009-06 |title=Pre-analytical workstations: A tool for reducing laboratory errors |url=https://linkinghub.elsevier.com/retrieve/pii/S0009898109001454 |journal=Clinica Chimica Acta |language=en |volume=404 |issue=1 |pages=68–74 |doi=10.1016/j.cca.2009.03.024}}</ref><ref name=":14">{{Cite web |last=Kuo, T.-Y. |date=07 September 2006 |title=Discussion of waste liquid flowing arrangement and control system in lab of college |url=http://ir.lib.ncu.edu.tw/handle/987654321/3318 |publisher=National Central University Library}}</ref>
  |-
  |-
|}
|}
|}
|}


After completing the risk assessment stage, the laboratory is asked to select an appropriate treatment to maintain the risk at an acceptable level. [37] The measures taken should be monitored for their effectiveness to evaluate the success of any failure reduction effort. This evaluation is achieved by monitoring the values of the quality indicators set by the laboratory. [35] Examples of quality indicators are given in Table 3. According to Lippi ''et al.'' [38], the most effective strategy to reduce uncertainties in [[Reference laboratory|diagnostic laboratories]] is to develop and implement an integrated QMS. The success of efforts to reduce errors must be monitored to assess the effectiveness of the measures taken. [39]
After completing the risk assessment stage, the laboratory is asked to select an appropriate treatment to maintain the risk at an acceptable level.<ref name=":15">{{Cite journal |last=Eliza |first=David Remona |last2=Minodora |first2=Dobreanu |date=2015-12-01 |title=Risk Management in Clinical Laboratory: from Theory to Practice |url=https://www.sciendo.com/article/10.1515/amma-2015-0086 |journal=Acta Medica Marisiensis |language=en |volume=61 |issue=4 |pages=372–377 |doi=10.1515/amma-2015-0086 |issn=2247-6113}}</ref> The measures taken should be monitored for their effectiveness to evaluate the success of any failure reduction effort. This evaluation is achieved by monitoring the values of the quality indicators set by the laboratory.<ref name=":13" /> Examples of quality indicators are given in Table 3. According to Lippi ''et al.''<ref>{{Cite journal |last=Lippi |first=Giuseppe |last2=Simundic |first2=Ana-Maria |last3=Mattiuzzi |first3=Camilla |date=2010 |title=Overview on patient safety in healthcare and laboratory diagnostics |url=http://www.biochemia-medica.com/en/journal/20/2/10.11613/BM.2010.015 |journal=Biochemia Medica |pages=131–143 |doi=10.11613/BM.2010.015}}</ref>, the most effective strategy to reduce uncertainties in [[Reference laboratory|diagnostic laboratories]] is to develop and implement an integrated QMS. The success of efforts to reduce errors must be monitored to assess the effectiveness of the measures taken.<ref>{{Cite journal |last=Fragkaki |first=A.G. |last2=Leontiou |first2=I.-P. |last3=Kioukia-Fougia |first3=N. |last4=Tsivou |first4=M. |last5=Spyridaki |first5=M.-Η.Ε. |last6=Georgakopoulos |first6=C.G. |date=2006-10 |title=Organization of the doping control laboratory in the Athens 2004 Olympic Games: A case study |url=https://linkinghub.elsevier.com/retrieve/pii/S0166497205001197 |journal=Technovation |language=en |volume=26 |issue=10 |pages=1162–1169 |doi=10.1016/j.technovation.2005.09.003}}</ref>


{|  
{|  
Line 160: Line 154:
   | style="background-color:white; padding-left:10px; padding-right:10px;" |Error in sample identification
   | style="background-color:white; padding-left:10px; padding-right:10px;" |Error in sample identification
   | style="background-color:white; padding-left:10px; padding-right:10px;" |Number of samples with incorrect sample recording × 100/Total number of samples
   | style="background-color:white; padding-left:10px; padding-right:10px;" |Number of samples with incorrect sample recording × 100/Total number of samples
   | rowspan="9" style="background-color:white; padding-left:10px; padding-right:10px;" |[37,40,41,42]
   | rowspan="9" style="background-color:white; padding-left:10px; padding-right:10px;" |<ref name=":15" /><ref>{{Cite journal |last=Gimenez-Marin |first=Angeles |last2=Rivas-Ruiz |first2=Francisco |last3=Perez-Hidalgo |first3=Maria del Mar |last4=Molina-Mendoza |first4=Pedro |date=2014 |title=Pre-analytical errors management in the clinical laboratory: a five-year study |url=http://www.biochemia-medica.com/en/journal/24/2/10.11613/BM.2014.027 |journal=Biochemia Medica |volume=24 |issue=2 |pages=248–257 |doi=10.11613/BM.2014.027 |pmc=PMC4083576 |pmid=24969918}}</ref><ref>{{Cite journal |last=Plebani |first=Mario |last2=Sciacovelli |first2=Laura |last3=Aita |first3=Ada |last4=Chiozza |first4=Maria Laura |date=2014 |title=Harmonization of pre-analytical quality indicators |url=http://www.biochemia-medica.com/en/journal/24/1/10.11613/BM.2014.012 |journal=Biochemia Medica |pages=105–113 |doi=10.11613/BM.2014.012 |pmc=PMC3936970 |pmid=24627719}}</ref><ref>{{Cite journal |last=Sciacovelli |first=Laura |last2=Plebani |first2=Mario |date=2009-06 |title=The IFCC Working Group on laboratory errors and patient safety |url=https://linkinghub.elsevier.com/retrieve/pii/S0009898109001478 |journal=Clinica Chimica Acta |language=en |volume=404 |issue=1 |pages=79–85 |doi=10.1016/j.cca.2009.03.025}}</ref>
  |-
  |-
   | style="background-color:white; padding-left:10px; padding-right:10px;" |Error in sample transcription
   | style="background-color:white; padding-left:10px; padding-right:10px;" |Error in sample transcription
Line 188: Line 182:


===Sample===
===Sample===
Samples are the items sent by customers to the laboratory for testing or [[Calibration laboratory|calibration]] in order for detailed and reliable results to be provided in a predefined time scale. Therefore, the consequences can be serious if there is loss or any other inconsistency with the samples, their analysis, and related procedures. Normally, samples taken from the laboratory go through a sampling process prior to analytical procedures. Heterogeneous samples must be homogenized before sampling, otherwise the results obtained are not reliable, especially when the analytes are contained in traces in the sample under study. [12]
Samples are the items sent by customers to the laboratory for testing or [[Calibration laboratory|calibration]] in order for detailed and reliable results to be provided in a predefined time scale. Therefore, the consequences can be serious if there is loss or any other inconsistency with the samples, their analysis, and related procedures. Normally, samples taken from the laboratory go through a sampling process prior to analytical procedures. Heterogeneous samples must be homogenized before sampling, otherwise the results obtained are not reliable, especially when the analytes are contained in traces in the sample under study.<ref name=":4" />


Sample-related inconsistencies of the pre-analytical phase have already been summarized in Table 2. The strategy to prevent pre-analytical errors consists of five interrelated steps [43,44,45]:
Sample-related inconsistencies of the pre-analytical phase have already been summarized in Table 2. The strategy to prevent pre-analytical errors consists of five interrelated steps<ref>{{Cite journal |last=Bates |first=David W. |last2=Gawande |first2=Atul A. |date=2003-06-19 |title=Improving Safety with Information Technology |url=http://www.nejm.org/doi/abs/10.1056/NEJMsa020847 |journal=New England Journal of Medicine |language=en |volume=348 |issue=25 |pages=2526–2534 |doi=10.1056/NEJMsa020847 |issn=0028-4793}}</ref><ref>{{Cite journal |last=Plebani |first=Mario |last2=Bonini |first2=Pierangelo |date=2002-02-16 |title=Wrong biochemistry results. Interdepartmental cooperation may help avoid errors in medical laboratories |url=https://pubmed.ncbi.nlm.nih.gov/11855391 |journal=BMJ (Clinical research ed.) |volume=324 |issue=7334 |pages=423–424 |issn=1756-1833 |pmid=11855391}}</ref><ref>{{Cite journal |last=Lippi |first=Giuseppe |last2=Guidi |first2=Gian Cesare |date=2007-01-01 |title=Risk management in the preanalytical phase of laboratory testing |url=https://www.degruyter.com/document/doi/10.1515/CCLM.2007.167/html |journal=Clinical Chemical Laboratory Medicine |volume=45 |issue=6 |doi=10.1515/CCLM.2007.167}}</ref>:


#Develop clear written procedures.
#Develop clear written procedures.
Line 198: Line 192:
#Improve communication between professionals and encourage interservice collaboration.
#Improve communication between professionals and encourage interservice collaboration.


The written procedures should clearly describe how the sample is analyzed, collected, labeled, transported, and prepared. To ensure that written procedures are followed consistently, those performing the pre-analytical activities must be well-trained to understand, in addition to the appropriate procedures, their important steps and the consequences of not following the instructions faithfully. [46]
The written procedures should clearly describe how the sample is analyzed, collected, labeled, transported, and prepared. To ensure that written procedures are followed consistently, those performing the pre-analytical activities must be well-trained to understand, in addition to the appropriate procedures, their important steps and the consequences of not following the instructions faithfully.<ref>{{Cite journal |last=Da Rin |first=Giorgio |date=2009-06 |title=Pre-analytical workstations: A tool for reducing laboratory errors |url=https://linkinghub.elsevier.com/retrieve/pii/S0009898109001454 |journal=Clinica Chimica Acta |language=en |volume=404 |issue=1 |pages=68–74 |doi=10.1016/j.cca.2009.03.024}}</ref>


Modern technologies, such as [[laboratory automation|robotics]] and [[Information management|information management systems]], should also help reduce errors. A LIMS is a computerized system that collects, processes, and stores [[information]] produced by the laboratory. Although originally created solely to automate experimental data, it is nowadays used in many laboratory activities. [47,48,49,50] The typical LIMS will have sample management functions such as sample registration, [[barcode]] labeling, and sample tracking. Using an integrated LIMS, the [[chain of custody]] (CoC) and [[audit trail]] records of the samples can be systematically kept, and operations can be improved by adding features such as model management and sample testing, while statistics concerning the number and type of samples, analytical findings, reporting time, number and origin of customers, and many other attributes can be very easily estimated or tracked. [12, 51]. Thus, by automating certain steps at pre-analytic workstations, the number of people participating in this phase and the number of manual steps required are reduced. In addition, barcodes simplify the routing and tracking of samples. For example, a [[Computerized physician order entry|computerized order entry system]] (COES) simplifies the examination order by eliminating the need for the order to be transcribed by a second person. [35]
Modern technologies, such as [[laboratory automation|robotics]] and [[Information management|information management systems]], should also help reduce errors. A LIMS is a computerized system that collects, processes, and stores [[information]] produced by the laboratory. Although originally created solely to automate experimental data, it is nowadays used in many laboratory activities.<ref>{{Cite journal |last=Gibbon |first=Gerst A. |date=1996-05 |title=A brief history of LIMS |url=https://linkinghub.elsevier.com/retrieve/pii/1381141X9500024K |journal=Laboratory Automation & Information Management |language=en |volume=32 |issue=1 |pages=1–5 |doi=10.1016/1381-141X(95)00024-K}}</ref><ref>{{Cite journal |last=Goodman |first=N. |last2=Rozen |first2=S. |last3=Stein |first3=L. D. |date=1998 |title=The LabFlow system for workflow management in large scale biology research laboratories |url=https://pubmed.ncbi.nlm.nih.gov/9783211 |journal=Proceedings. International Conference on Intelligent Systems for Molecular Biology |volume=6 |pages=69–77 |issn=1553-0833 |pmid=9783211}}</ref><ref name=":16">{{Cite journal |last=Skobelev |first=D. O. |last2=Zaytseva |first2=T. M. |last3=Kozlov |first3=A. D. |last4=Perepelitsa |first4=V. L. |last5=Makarova |first5=A. S. |date=2011-01 |title=Laboratory information management systems in the work of the analytic laboratory |url=http://link.springer.com/10.1007/s11018-011-9638-7 |journal=Measurement Techniques |language=en |volume=53 |issue=10 |pages=1182–1189 |doi=10.1007/s11018-011-9638-7 |issn=0543-1972}}</ref><ref>{{Cite journal |last=Casey |first=Eoghan |date=2020-03 |title=Standardization of forming and expressing preliminary evaluative opinions on digital evidence |url=https://linkinghub.elsevier.com/retrieve/pii/S1742287619303147 |journal=Forensic Science International: Digital Investigation |language=en |volume=32 |pages=200888 |doi=10.1016/j.fsidi.2019.200888}}</ref> The typical LIMS will have sample management functions such as sample registration, [[barcode]] labeling, and sample tracking. Using an integrated LIMS, the [[chain of custody]] (CoC) and [[audit trail]] records of the samples can be systematically kept, and operations can be improved by adding features such as model management and sample testing, while statistics concerning the number and type of samples, analytical findings, reporting time, number and origin of customers, and many other attributes can be very easily estimated or tracked.<ref name=":4" /><ref>{{Cite journal |last=Sun |first=Dingzhong |last2=Wu |first2=Linhuan |last3=Fan |first3=Guomei |date=2021-06 |title=Laboratory information management system for biosafety laboratory: Safety and efficiency |url=https://linkinghub.elsevier.com/retrieve/pii/S2588933821000042 |journal=Journal of Biosafety and Biosecurity |language=en |volume=3 |issue=1 |pages=28–34 |doi=10.1016/j.jobb.2021.03.001}}</ref> Thus, by automating certain steps at pre-analytic workstations, the number of people participating in this phase and the number of manual steps required are reduced. In addition, barcodes simplify the routing and tracking of samples. For example, a [[Computerized physician order entry|computerized order entry system]] (COES) simplifies the examination order by eliminating the need for the order to be transcribed by a second person.<ref name=":13" />


To avoid problems caused by a lack of adequate storage space, the laboratory should regularly assess its capacity to handle samples, including available storage space. Therefore, the laboratory should know or proactively estimate the number of samples it can handle and store at a given time, in a manner that whenever the number of incoming samples exceeds its handling capacity, measures such as temporary reassignment of personnel or arrangement of makeshift storage areas can be taken in a timely manner. [12]
To avoid problems caused by a lack of adequate storage space, the laboratory should regularly assess its capacity to handle samples, including available storage space. Therefore, the laboratory should know or proactively estimate the number of samples it can handle and store at a given time, in a manner that whenever the number of incoming samples exceeds its handling capacity, measures such as temporary reassignment of personnel or arrangement of makeshift storage areas can be taken in a timely manner.<ref name=":4" />


===Personnel===
===Personnel===
The human factor is present at every stage of the pre-analytical, analytical, and post-analytical process. According to Ho and Chen [52], human error is the leading cause of laboratory accidents. Wurtz ''et al.'' [53] reported that reduced mental and physical condition, due to exhaustion, is often the cause of laboratory accidents. However, apart from causing accidents, the human factor is also responsible for any mistake that can occur at any stage of the analytical process, from the collection and recording of samples to the processing of results. The occurrence of human error and its subsequent outcome usually cannot be predicted. [12]
The human factor is present at every stage of the pre-analytical, analytical, and post-analytical process. According to Ho and Chen<ref name=":17">{{Cite journal |last=Ho |first=Chao-Chung |last2=Chen |first2=Ming-Shu |date=2018-01 |title=Risk assessment and quality improvement of liquid waste management in Taiwan University chemical laboratories |url=https://linkinghub.elsevier.com/retrieve/pii/S0956053X17306979 |journal=Waste Management |language=en |volume=71 |pages=578–588 |doi=10.1016/j.wasman.2017.09.029}}</ref>, human error is the leading cause of laboratory accidents. Wurtz ''et al.''<ref>{{Cite journal |last=Wurtz |first=N. |last2=Papa |first2=A. |last3=Hukic |first3=M. |last4=Di Caro |first4=A. |last5=Leparc-Goffart |first5=I. |last6=Leroy |first6=E. |last7=Landini |first7=M. P. |last8=Sekeyova |first8=Z. |last9=Dumler |first9=J. S. |last10=Bădescu |first10=D. |last11=Busquets |first11=N. |date=2016-08 |title=Survey of laboratory-acquired infections around the world in biosafety level 3 and 4 laboratories |url=http://link.springer.com/10.1007/s10096-016-2657-1 |journal=European Journal of Clinical Microbiology & Infectious Diseases |language=en |volume=35 |issue=8 |pages=1247–1258 |doi=10.1007/s10096-016-2657-1 |issn=0934-9723 |pmc=PMC7088173 |pmid=27234593}}</ref> reported that reduced mental and physical condition, due to exhaustion, is often the cause of laboratory accidents. However, apart from causing accidents, the human factor is also responsible for any mistake that can occur at any stage of the analytical process, from the collection and recording of samples to the processing of results. The occurrence of human error and its subsequent outcome usually cannot be predicted.<ref name=":4" />


The techniques used to assess the human factor's contribution to the reliability and security of a system are called the human factor reliability analysis (HRA). [24] The first industry to develop and implement HRA was the nuclear industry [54], concluding that most accidents were due to human error rather than equipment malfunction. Since then, HRA has been applied to many “high risk” industries, such as the aerospace, railways, shipping, automotive, oil, gas, chemical, military components, and air traffic control industries. HRA has been also applied in the healthcare sector, in the installation of telecommunications equipment, in the design of computer software and hardware, as well as in many manual operations such as lathe operation.
The techniques used to assess the human factor's contribution to the reliability and security of a system are called the human factor reliability analysis (HRA).<ref name=":10" /> The first industry to develop and implement HRA was the nuclear industry<ref>{{Cite book |last=Kirwan |first=B. |date=1994 |title=A guide to practical human reliability assessment |publisher=Taylor & Francis |place=Bristol, PA |isbn=978-0-7484-0052-2}}</ref>, concluding that most accidents were due to human error rather than equipment malfunction. Since then, HRA has been applied to many “high risk” industries, such as the aerospace, railways, shipping, automotive, oil, gas, chemical, military components, and air traffic control industries. HRA has been also applied in the healthcare sector, in the installation of telecommunications equipment, in the design of computer software and hardware, as well as in many manual operations such as lathe operation.


To avoid unpleasant consequences occurred by human factor, personnel throughout the organization should be trained appropriately and effectively to be able to perform procedures in accordance with the requirements of ISO standards or other regulations. [35] Furthermore, to avoid staff burnout, some laboratory automation systems should be installed and implemented in laboratories, including electric wheeled vehicle systems to transport the samples and systems with automatic result verification procedures. [55] McDonald ''et al.'' [56] argue that using a LIMS with highly automated laboratory equipment, researchers can perform repeatable experiments without human intervention. Finally, another measure that can reduce the occurrence of human errors is the continuous supervision of staff, followed by raising staff awareness of errror causes through regular training. [12]
To avoid unpleasant consequences occurred by human factor, personnel throughout the organization should be trained appropriately and effectively to be able to perform procedures in accordance with the requirements of ISO standards or other regulations.<ref name=":13" /> Furthermore, to avoid staff burnout, some laboratory automation systems should be installed and implemented in laboratories, including electric wheeled vehicle systems to transport the samples and systems with automatic result verification procedures.<ref>{{Cite journal |last=Lou |first=Amy H. |last2=Elnenaei |first2=Manal O. |last3=Sadek |first3=Irene |last4=Thompson |first4=Shauna |last5=Crocker |first5=Bryan D. |last6=Nassar |first6=Bassam A. |date=2017-10 |title=Multiple pre- and post-analytical lean approaches to the improvement of the laboratory turnaround time in a large core laboratory |url=https://linkinghub.elsevier.com/retrieve/pii/S0009912017303284 |journal=Clinical Biochemistry |language=en |volume=50 |issue=15 |pages=864–869 |doi=10.1016/j.clinbiochem.2017.04.019}}</ref> McDonald ''et al.''<ref>{{Cite journal |last=McDonald |first=Michael J. |last2=Rice |first2=Daniel P. |last3=Desai |first3=Michael M. |date=2016-03 |title=Sex speeds adaptation by altering the dynamics of molecular evolution |url=http://www.nature.com/articles/nature17143 |journal=Nature |language=en |volume=531 |issue=7593 |pages=233–236 |doi=10.1038/nature17143 |issn=0028-0836 |pmc=PMC4855304 |pmid=26909573}}</ref> argue that using a LIMS with highly automated laboratory equipment, researchers can perform repeatable experiments without human intervention. Finally, another measure that can reduce the occurrence of human errors is the continuous supervision of staff, followed by raising staff awareness of error causes through regular training.<ref name=":4" />


===Reagents and waste===
===Reagents and waste===
The ever-increasing number of laboratories in recent years has led to an increase in industrial waste, such as solid waste, liquid waste, and sewage. Most liquid waste is hazardous industrial waste, which affects human health and causes environmental pollution. The management of this waste therefore involves many risks. There have been, for example, many accidents and injuries due to mismanagement of chemical waste. [34, 52] Yu and Chou [57] reported that the most common risk in laboratories is chemical reagents because they can cause immediate damage or cumulative pathological changes to the inside and outside of the human body, as they can cause fire, explosion, poisoning, and corrosion. Additionally, Lin ''et al.'' [34], following their research on university laboratories-related fires and explosions related to chemical reagents, state that many causes of accidents were based on improper chemical management, including improper storage, use, transportation, and disposal of chemicals.
The ever-increasing number of laboratories in recent years has led to an increase in industrial waste, such as solid waste, liquid waste, and sewage. Most liquid waste is hazardous industrial waste, which affects human health and causes environmental pollution. The management of this waste therefore involves many risks. There have been, for example, many accidents and injuries due to mismanagement of chemical waste.<ref name=":12" /><ref name=":17" /> Yu and Chou<ref>{{Cite book |last=Yu, S.W.; Chou, K.S. |year=2001 |title=Introduction to Chemical Process Safety |publisher=GauLih Book Co., Ltd}}</ref> reported that the most common risk in laboratories is chemical reagents because they can cause immediate damage or cumulative pathological changes to the inside and outside of the human body, as they can cause fire, explosion, poisoning, and corrosion. Additionally, Lin ''et al.''<ref name=":12" />, following their research on university laboratories-related fires and explosions related to chemical reagents, state that many causes of accidents were based on improper chemical management, including improper storage, use, transportation, and disposal of chemicals.


To mitigate or even avoid the adverse risks of chemicals, their proper management is required. For example, the storage of chemical reagents should be done by category, in a controlled environment and in well-ventilated areas. Flammable materials should be separated from non-flammable materials and stored in areas that provide protection from projectiles, while stock checks should be frequent. Special care should be also taken when transporting them. For example, wooden trays could be used for transport, and always with the use of personal protective equipment. [58]
To mitigate or even avoid the adverse risks of chemicals, their proper management is required. For example, the storage of chemical reagents should be done by category, in a controlled environment and in well-ventilated areas. Flammable materials should be separated from non-flammable materials and stored in areas that provide protection from projectiles, while stock checks should be frequent. Special care should be also taken when transporting them. For example, wooden trays could be used for transport, and always with the use of personal protective equipment.<ref name=":18">{{Cite journal |last=Oliveira Marques |first=Karuliny Cristie |last2=Yoshida |first2=Lucas Silva |last3=Teixeira de Siqueira Neto |first3=Abilio |last4=Dias |first4=Acires |date=2017 |title=Risk analysis in chemistry laboratory |url=http://abcm.org.br/anais-de-eventos/COB17/1364 |journal=Procceedings of the 24th ABCM International Congress of Mechanicl Engineering |publisher=ABCM |doi=10.26678/ABCM.COBEM2017.COB17-1364}}</ref>


Waste should be recycled and disposed of properly. For example, chemicals should be neutralized before disposal. It is necessary to install smoke alarms, fire extinguishers, surveillance cameras, showers, and eyewash stations, as well as signs clearly marking escape corridors, collective protection, and personal protection. Detailed procedures, clear instructions, and appropriate training are also of crucial importance. [52, 58]
Waste should be recycled and disposed of properly. For example, chemicals should be neutralized before disposal. It is necessary to install smoke alarms, fire extinguishers, surveillance cameras, showers, and eyewash stations, as well as signs clearly marking escape corridors, collective protection, and personal protection. Detailed procedures, clear instructions, and appropriate training are also of crucial importance.<ref name=":17" /><ref name=":18" />


===Environmental conditions===
===Environmental conditions===
Laboratories are exposed to various types of hazards (e.g., biological, chemical, radioactive, and others), making them highly hazardous environments. [59] Moreover, the work environment of the laboratories may be exposed to more than one hazard at the same time, which further increases risk. Marque ''et al.'' [58] emphasize that chemistry laboratories, for example, are unhealthy and dangerous environments, and those involved in research work are exposed to many potential sources of risk as they not only treat chemical reagents but also encounter equipment that is a source of heat and electricity. In chemical laboratories, there are many potential risks as they contain flammable, explosive, and poisonous chemicals. There are also risks in biological laboratories, especially for laboratory staff who treat pathogens, as they are much more likely to be infected with an infectious disease than anyone else. [60]
Laboratories are exposed to various types of hazards (e.g., biological, chemical, radioactive, and others), making them highly hazardous environments.<ref>{{Cite journal |last=Raab |first=Stephen S. |date=2006-05-01 |title=Improving Patient Safety Through Quality Assurance |url=https://meridian.allenpress.com/aplm/article/130/5/633/459841/Improving-Patient-Safety-Through-Quality-Assurance |journal=Archives of Pathology & Laboratory Medicine |language=en |volume=130 |issue=5 |pages=633–637 |doi=10.5858/2006-130-633-IPSTQA |issn=1543-2165}}</ref> Moreover, the work environment of the laboratories may be exposed to more than one hazard at the same time, which further increases risk. Marque ''et al.''<ref name=":18" /> emphasize that chemistry laboratories, for example, are unhealthy and dangerous environments, and those involved in research work are exposed to many potential sources of risk as they not only treat chemical reagents but also encounter equipment that is a source of heat and electricity. In chemical laboratories, there are many potential risks as they contain flammable, explosive, and poisonous chemicals. There are also risks in biological laboratories, especially for laboratory staff who treat pathogens, as they are much more likely to be infected with an infectious disease than anyone else.<ref>{{Cite journal |last=Skinhoj |first=P |last2=Soeby |first2=M |date=1981-04-01 |title=Viral hepatitis in Danish health care personnel, 1974-78. |url=http://jcp.bmj.com/cgi/doi/10.1136/jcp.34.4.408 |journal=Journal of Clinical Pathology |language=en |volume=34 |issue=4 |pages=408–411 |doi=10.1136/jcp.34.4.408 |issn=0021-9746 |pmc=PMC493301 |pmid=7240429}}</ref>


Exposure to chemicals in the workplace can have adverse, acute, or long-term health effects. The dangers from potential exposure to chemicals are many and various, as some substances are toxic, carcinogenic, or irritating, and others are flammable or pose a risk of biological contamination. [61, 62] In 2006, Chiozza and Plebani [63] reported that two decades ago, laboratory workers performed their work without following any safety procedures and, thus, put themselves in danger. Ho and Chen [52] noted that poor management of chemical waste in universities and non-profit laboratories has caused many accidents over the years. Poor management of chemical waste can harm laboratory workers and lead to environmental pollution. [36]
Exposure to chemicals in the workplace can have adverse, acute, or long-term health effects. The dangers from potential exposure to chemicals are many and various, as some substances are toxic, carcinogenic, or irritating, and others are flammable or pose a risk of biological contamination.<ref>{{Cite journal |last=Hollensead |first=Sandra C. |last2=Lockwood |first2=William B. |last3=Elin |first3=Ronald J. |date=2004-12-01 |title=Errors in pathology and laboratory medicine: Consequences and prevention |url=https://onlinelibrary.wiley.com/doi/10.1002/jso.20125 |journal=Journal of Surgical Oncology |language=en |volume=88 |issue=3 |pages=161–181 |doi=10.1002/jso.20125 |issn=0022-4790}}</ref><ref>{{Cite web |last=U.S. Food and Drug Administration |date=2020 |title=Investigations Operations Manual |url=https://www.fda.gov/inspections-compliance-enforcement-and-criminal-investigations/inspection-references/investigations-operations-manual |publisher=U.S. Food and Drug Administration}}</ref> In 2006, Chiozza and Plebani<ref>{{Cite journal |last=Chiozza |first=Maria Laura |last2=Plebani |first2=Mario |date=2006-01-01 |title=Clinical Governance: from clinical risk management to continuous quality improvement |url=https://www.degruyter.com/document/doi/10.1515/CCLM.2006.127/html |journal=Clinical Chemistry and Laboratory Medicine (CCLM) |volume=44 |issue=6 |doi=10.1515/CCLM.2006.127 |issn=1434-6621}}</ref> reported that two decades ago, laboratory workers performed their work without following any safety procedures and, thus, put themselves in danger. Ho and Chen<ref name=":17" /> noted that poor management of chemical waste in universities and non-profit laboratories has caused many accidents over the years. Poor management of chemical waste can harm laboratory workers and lead to environmental pollution.<ref name=":14" />


The U.S. Commission on Chemical Safety and Hazard Investigation has studied 120 laboratory accidents that occurred at various universities across the country from 2001 to 2011. [64] From 2000 to 2015, there were 34 laboratory accidents, which caused 49 deaths. These accidents were caused by explosion, exposure to biological agents, exposure to toxic substances, suffocation, electric shock, fire, exposure to ionizing radiation, and various other causes.
The U.S. Commission on Chemical Safety and Hazard Investigation has studied 120 laboratory accidents that occurred at various universities across the country from 2001 to 2011.<ref>{{Cite web |last=U.S. Chemical Safety Board |date=19 October 2011 |title=Texas Tech University Chemistry Lab Explosion, No. 2010-05-I-TX |url=https://www.csb.gov/texas-tech-university-chemistry-lab-explosion/ |publisher=U.S. Chemical Safety Board}}</ref> From 2000 to 2015, there were 34 laboratory accidents, which caused 49 deaths. These accidents were caused by explosion, exposure to biological agents, exposure to toxic substances, suffocation, electric shock, fire, exposure to ionizing radiation, and various other causes.


In addition to the risk to human health, of environmental pollution, and of destruction of laboratory property, there are other risk factors such as the production of unreliable results and customer dissatisfaction, which also lead to the laboratory's bad reputation, making the application of risk management process imperative to the sustainability of the laboratory. [12]
In addition to the risk to human health, of environmental pollution, and of destruction of laboratory property, there are other risk factors such as the production of unreliable results and customer dissatisfaction, which also lead to the laboratory's bad reputation, making the application of risk management process imperative to the sustainability of the laboratory.<ref name=":4" />


In order to tackle risk effectively, estimates based on effective risk management must be integrated into the analytical framework. [14] A prerequisite for the operation under appropriate environmental conditions, in a safe and competent laboratory, is the management by executives who can apply the theory of risk to reduce it to an acceptable level. Each laboratory should be able to assess the possible occurrence of errors and describe the steps needed to detect and prevent them to avoid any future adverse events. [65]
In order to tackle risk effectively, estimates based on effective risk management must be integrated into the analytical framework.<ref name=":6" /> A prerequisite for the operation under appropriate environmental conditions, in a safe and competent laboratory, is the management by executives who can apply the theory of risk to reduce it to an acceptable level. Each laboratory should be able to assess the possible occurrence of errors and describe the steps needed to detect and prevent them to avoid any future adverse events.<ref>{{Cite book |last=Mortimer |first=Sharon T. |last2=Mortimer |first2=David |date=2015-02-28 |title=Quality and Risk Management in the IVF Laboratory |url=https://www.cambridge.org/core/product/identifier/9781139680936/type/book |edition=2 |publisher=Cambridge University Press |doi=10.1017/cbo9781139680936 |isbn=978-1-139-68093-6}}</ref>


===Test methods===
===Test methods===
It is common practice that appropriate standards or formal methods, whenever available and after verification, be preferred over methods developed internally in laboratories. Otherwise, in-house methods shall be fully validated. In this case, the risk is hidden in non-properly or partially validated methods instead of fully validated methods. In addition, an analytical method may have critical test steps or parameters, such as the quantity of reagents to be added in a particular step, the reaction time, or a specific step to proceed without delay. The absence of critical steps leads to erroneous results.
It is common practice that appropriate standards or formal methods, whenever available and after verification, be preferred over methods developed internally in laboratories. Otherwise, in-house methods shall be fully validated. In this case, the risk is hidden in non-properly or partially validated methods instead of fully validated methods. In addition, an analytical method may have critical test steps or parameters, such as the quantity of reagents to be added in a particular step, the reaction time, or a specific step to proceed without delay. The absence of critical steps leads to erroneous results.


To avoid the risk arisen from the use of internal analytical methods that are not properly validated, the laboratory should ensure that the method developed is fully validated for its intended use. To achieve this, a general method validation procedure shall exist, based on relevant international protocols, compiled from certified analysts involved in the design of method validation having extensive experience in related issues. In addition, according to the latest version of the ISO/IEC 17025 standard, the specification of the method requirements must be recorded in detail during the method validation phase. Moreover, checks should be carried out to ensure that all requirements are met and, afterward, the declaration of method validity should be signed. Critical steps and parameters of the test methods should be appropriately marked in the respective written procedures to avoid any misunderstanding or omission by the analysts. Additionally, during staff methodological training, the importance of these points should be clearly explained. [12]
To avoid the risk arisen from the use of internal analytical methods that are not properly validated, the laboratory should ensure that the method developed is fully validated for its intended use. To achieve this, a general method validation procedure shall exist, based on relevant international protocols, compiled from certified analysts involved in the design of method validation having extensive experience in related issues. In addition, according to the latest version of the ISO/IEC 17025 standard, the specification of the method requirements must be recorded in detail during the method validation phase. Moreover, checks should be carried out to ensure that all requirements are met and, afterward, the declaration of method validity should be signed. Critical steps and parameters of the test methods should be appropriately marked in the respective written procedures to avoid any misunderstanding or omission by the analysts. Additionally, during staff methodological training, the importance of these points should be clearly explained.<ref name=":4" />


===Measurement===
===Measurement===
In the measurement process, issues that have been already mentioned above, such as sample treatment, environmental conditions, personnel ,and test methods affect the measurement results.
In the measurement process, issues that have been already mentioned above, such as sample treatment, environmental conditions, personnel ,and test methods affect the measurement results.


Another critical aspect is the need for appropriate and valid (certified, if applicable) reference materials that must be used to determine the metrological traceability of the analytical results in accordance with the requirements of ISO/IEC 17025. There are two types of reference materials involved in chemical testing which are the matrix reference materials for the validation of the methods and the pure reference standards used for the calibration of the equipment. The laboratory should retain procedures for safe handling, transport, storage, and use of reference materials to avoid possible contamination or deterioration. In addition, the laboratory should have studies on the stability of the solutions of the working standards prepared from reference standards. Matrix reference materials must be stored strictly in accordance with the storage conditions recommended by the manufacturers, and relevant records should be kept appropriately. Before use, at least a visual inspection should be performed to confirm that the materials are intact. [12]
Another critical aspect is the need for appropriate and valid (certified, if applicable) reference materials that must be used to determine the metrological traceability of the analytical results in accordance with the requirements of ISO/IEC 17025. There are two types of reference materials involved in chemical testing which are the matrix reference materials for the validation of the methods and the pure reference standards used for the calibration of the equipment. The laboratory should retain procedures for safe handling, transport, storage, and use of reference materials to avoid possible contamination or deterioration. In addition, the laboratory should have studies on the stability of the solutions of the working standards prepared from reference standards. Matrix reference materials must be stored strictly in accordance with the storage conditions recommended by the manufacturers, and relevant records should be kept appropriately. Before use, at least a visual inspection should be performed to confirm that the materials are intact.<ref name=":4" />


Although the occurrence and subsequent outcome of human error during test execution is usually unpredictable, it can nevertheless be minimized by strengthening personnel supervision and increasing awareness. Actions toward this effort include on-site monitoring, verbal review, and control of experimental records, including sampling, sample analysis, data handling, and reporting. The results of the monitoring actions should be maintained, and whenever a deviation is found, corrective actions should be immediately taken. To avoid the risk that may arise from any inappropriate environmental conditions during measurement, the critical requirements for environmental conditions should be clearly indicated in the written procedures of the method to raise the awareness of the involved analysts. In addition, the continuous monitoring and periodic review of environmental conditions and the maintenance of relevant records are significant prerequisites. These actions not only allow subsequent inspection or evaluation, but they also encourage analysts to stay aware of the appropriate environmental conditions when performing tests. [20, 66]
Although the occurrence and subsequent outcome of human error during test execution is usually unpredictable, it can nevertheless be minimized by strengthening personnel supervision and increasing awareness. Actions toward this effort include on-site monitoring, verbal review, and control of experimental records, including sampling, sample analysis, data handling, and reporting. The results of the monitoring actions should be maintained, and whenever a deviation is found, corrective actions should be immediately taken. To avoid the risk that may arise from any inappropriate environmental conditions during measurement, the critical requirements for environmental conditions should be clearly indicated in the written procedures of the method to raise the awareness of the involved analysts. In addition, the continuous monitoring and periodic review of environmental conditions and the maintenance of relevant records are significant prerequisites. These actions not only allow subsequent inspection or evaluation, but they also encourage analysts to stay aware of the appropriate environmental conditions when performing tests.<ref name=":8" /><ref>{{Cite journal |last=Lemos |first=Janaína |last2=Gaspar |first2=Pedro D. |last3=Lima |first3=Tânia M. |date=2022-08-17 |title=Environmental Risk Assessment and Management in Industry 4.0: A Review of Technologies and Trends |url=https://www.mdpi.com/2075-1702/10/8/702 |journal=Machines |language=en |volume=10 |issue=8 |pages=702 |doi=10.3390/machines10080702 |issn=2075-1702}}</ref>


===Quality control===
===Quality control===
The laboratory must have quality control procedures to monitor the validity of the tests performed and the quality of the results. Procedures are divided into internal and external quality control procedures. The main objective of internal quality control is to ensure the reliability of the results of the analytical process. [67] Internal quality control should be applied daily in the laboratory and for each laboratory test, to identify random and systematic errors as well as trends. For example, in each laboratory test, working standards of known concentration should be used to check the validity and accuracy of the test results through control charts, testing of internal blind samples, replicate tests using the same or different methods, or intermediate checks on measurement equipment. It is also useful for the laboratory to retain appropriate control of its  QMS documents (e.g., procedures, instructions, calibration tables, specifications, alerts, etc.) for the purpose of updating and checking their validity, the control of the files, the control of the actions to treat threats and seizing opportunities, the control of corrective actions, etc.
The laboratory must have quality control procedures to monitor the validity of the tests performed and the quality of the results. Procedures are divided into internal and external quality control procedures. The main objective of internal quality control is to ensure the reliability of the results of the analytical process.<ref>{{Cite journal |last=van Rossum |first=Huub H. |date=2022-11-17 |title=Technical quality assurance and quality control for medical laboratories: a review and proposal of a new concept to obtain integrated and validated QA/QC plans |url=https://www.tandfonline.com/doi/full/10.1080/10408363.2022.2088685 |journal=Critical Reviews in Clinical Laboratory Sciences |language=en |volume=59 |issue=8 |pages=586–600 |doi=10.1080/10408363.2022.2088685 |issn=1040-8363}}</ref> Internal quality control should be applied daily in the laboratory and for each laboratory test, to identify random and systematic errors as well as trends. For example, in each laboratory test, working standards of known concentration should be used to check the validity and accuracy of the test results through control charts, testing of internal blind samples, replicate tests using the same or different methods, or intermediate checks on measurement equipment. It is also useful for the laboratory to retain appropriate control of its  QMS documents (e.g., procedures, instructions, calibration tables, specifications, alerts, etc.) for the purpose of updating and checking their validity, the control of the files, the control of the actions to treat threats and seizing opportunities, the control of corrective actions, etc.


External quality control, on the other hand, is performed by analyzing blind control samples sent to the laboratory by external, inter-laboratory comparison providers, to check the accuracy of results independently and objectively. The laboratory participating in an external quality control program must state the tests it performs, as well as the methods and instruments it uses, if required. [68, 69] The successful participation of a laboratory in external quality control programs provides objective proof of the adequacy of the laboratory to its customers, as well as to the accreditation and regulatory bodies the lab answeres to. [70] Non-valid results, however, indicate the existence of inconsistencies in the analysis chain of the samples, e.g., in the used test method, equipment, or personnel [71], and they must be carefully reviewed and appropriately corrected. Although tests must be performed in the same way as routine samples, the pre-analytical procedure, however, often differs as the samples sent may be in a different form (e.g., in a lyophilized form) or in different containers (e.g., in different types of tubes) and require different pre-analytical treatment. Therefore, the program organizer must provide clear instructions on the maintenance and preparation of external quality control samples. [72]
External quality control, on the other hand, is performed by analyzing blind control samples sent to the laboratory by external, inter-laboratory comparison providers, to check the accuracy of results independently and objectively. The laboratory participating in an external quality control program must state the tests it performs, as well as the methods and instruments it uses, if required.<ref>{{Cite journal |last=Buratta, A. |year=1995 |title=External quality assessment programs in Lombardy, Italy |url=https://chemport-n.cas.org//chemport-n/?APP=ftslink&action=reflink&origin=npg&version=1.0&coi=1%3ACAS%3A528%3ADyaK2MXps1CrsL4%3D&md5=56d3b0432762c6ffc0cc078edf26b8a5 |journal=Annali dell'Istituto Superiore di Sanita |volume=31 |issue=1 |pages=157–61}}</ref><ref>{{Cite journal |last=Badrick |first=Tony |date=2021-09 |title=Integrating quality control and external quality assurance |url=https://linkinghub.elsevier.com/retrieve/pii/S0009912021001442 |journal=Clinical Biochemistry |language=en |volume=95 |pages=15–27 |doi=10.1016/j.clinbiochem.2021.05.003}}</ref> The successful participation of a laboratory in external quality control programs provides objective proof of the adequacy of the laboratory to its customers, as well as to the accreditation and regulatory bodies the lab answers to.<ref>{{Cite book |last=World Health Organization |date= |year=2016 |title=WHO manual for organizing a national external quality assessment programme for health laboratories and other testing sites |url=https://apps.who.int/iris/handle/10665/250117 |language=en |edition= |publisher=World Health Organization |place=Geneva |isbn=9789241549677}}</ref> Non-valid results, however, indicate the existence of inconsistencies in the analysis chain of the samples, e.g., in the used test method, equipment, or personnel<ref>{{Cite journal |last=Libeer |first=Jean-Claude |date=2001-04-02 |title=External quality assurance programmes in medical laboratories |url=http://link.springer.com/10.1007/PL00013513 |journal=Accreditation and Quality Assurance |language=en |volume=6 |issue=4-5 |pages=151–153 |doi=10.1007/PL00013513 |issn=0949-1775}}</ref>, and they must be carefully reviewed and appropriately corrected. Although tests must be performed in the same way as routine samples, the pre-analytical procedure, however, often differs as the samples sent may be in a different form (e.g., in a lyophilized form) or in different containers (e.g., in different types of tubes) and require different pre-analytical treatment. Therefore, the program organizer must provide clear instructions on the maintenance and preparation of external quality control samples.<ref>{{Citation |last=Sturgeon |first=Catharine |date=2013 |editor-last=Wheeler |editor-first=Michael J. |title=External Quality Assessment Schemes for Immunoassays |url=https://link.springer.com/10.1007/978-1-62703-616-0_19 |work=Hormone Assays in Biological Fluids |language=en |publisher=Humana Press |place=Totowa, NJ |volume=1065 |pages=291–305 |doi=10.1007/978-1-62703-616-0_19 |isbn=978-1-62703-615-3 |accessdate=2023-05-16}}</ref>


===Results reporting===
===Results reporting===
The final step in the testing process is results reporting. The risk of this stage may be the incorrect sending of results to the customer due to some falsification or even loss of data that may occur during the receipt, transfer, processing, and storage of data. Even if data handling software is used, data can be violated or modified by error or deceit. [73]
The final step in the testing process is results reporting. The risk of this stage may be the incorrect sending of results to the customer due to some falsification or even loss of data that may occur during the receipt, transfer, processing, and storage of data. Even if data handling software is used, data can be violated or modified by error or deceit.<ref name=":19">{{Cite journal |last=Casey |first=Eoghan |last2=Souvignet |first2=Thomas R. |date=2020-11 |title=Digital transformation risk management in forensic science laboratories |url=https://linkinghub.elsevier.com/retrieve/pii/S0379073820303480 |journal=Forensic Science International |language=en |volume=316 |pages=110486 |doi=10.1016/j.forsciint.2020.110486}}</ref>


To avoid the risk of reporting incorrect results to clients, the laboratory shall have two- or even three-level data control procedures in place. When software is used to manipulate the data, these programs should be verified before use with appropriate protection to prevent tampering or accidental modification. However, for further improvement, these recording processes could be integrated into a LIMS which minimizes the need to manually transcribe data, and through appropriate electronic controls, [[data integrity]] can be ensured. The system could also record any failure as well as the corrective actions taken for reference. In cases where a declaration of conformity of the test to a specification or to a standard is requested, the laboratory is recommended to document the decision rules considering the relevant risk. This enhances the consistency of the results provided and avoids the risk of false acceptance or rejection. [12]
To avoid the risk of reporting incorrect results to clients, the laboratory shall have two- or even three-level data control procedures in place. When software is used to manipulate the data, these programs should be verified before use with appropriate protection to prevent tampering or accidental modification. However, for further improvement, these recording processes could be integrated into a LIMS which minimizes the need to manually transcribe data, and through appropriate electronic controls, [[data integrity]] can be ensured. The system could also record any failure as well as the corrective actions taken for reference. In cases where a declaration of conformity of the test to a specification or to a standard is requested, the laboratory is recommended to document the decision rules considering the relevant risk. This enhances the consistency of the results provided and avoids the risk of false acceptance or rejection.<ref name=":4" />


To prevent late reporting of results to the client, the combination of a LIMS with a web-based reporting system can be used. This combination is an important tool with which clinical and analytical laboratories can significantly speed up the process of presenting their test results to their customers, increasing their satisfaction and trust with the laboratory. [49]
To prevent late reporting of results to the client, the combination of a LIMS with a web-based reporting system can be used. This combination is an important tool with which clinical and analytical laboratories can significantly speed up the process of presenting their test results to their customers, increasing their satisfaction and trust with the laboratory.<ref name=":16" />


===Impartiality and confidentiality===
===Impartiality and confidentiality===
Impartiality and confidentiality are two aspects that are included in the general requirements of the latest edition of ISO/IEC 17025, giving special attention to the importance of effective risk management resulting from the lack of these aspects. In particular, the laboratory is obliged to identify the risk associated with its impartiality on an ongoing basis and to demonstrate how to eliminate or minimize this risk. For example, it should identify the risk arising from its activities, relationships with stakeholders (e.g., top management representatives, clients, service providers, etc.) or staff relationships. Impartiality is defined in ISO/IEC 17025:2017 as the existence of subjectivity in relationships that may affect the laboratory's impartiality and are based on ownership, governance, administration, staff, shared resources, finances, contracts, and more.
Impartiality and confidentiality are two aspects that are included in the general requirements of the latest edition of ISO/IEC 17025, giving special attention to the importance of effective risk management resulting from the lack of these aspects. In particular, the laboratory is obliged to identify the risk associated with its impartiality on an ongoing basis and to demonstrate how to eliminate or minimize this risk. For example, it should identify the risk arising from its activities, relationships with stakeholders (e.g., top management representatives, clients, service providers, etc.) or staff relationships. Impartiality is defined in ISO/IEC 17025:2017 as the existence of subjectivity in relationships that may affect the laboratory's impartiality and are based on ownership, governance, administration, staff, shared resources, finances, contracts, and more.


However, impartiality is not always intentional; most of the time it is done unintentionally by hard-working, dedicated, honest, and competent employees who try to do their job impartially but still fail. It is then considered as cognitive bias, which is widespread and implicit. [74, 75] The impact of such implicit bias is significant, as it affects not only the examiner's judgment, but also it creates phenomena known as “bias cascade” and “bias snowball.” The “bias cascade” effect occurs when irrelevant information spills from one stage to another, thereby creating bias. In the “snowball bias” effect, bias is not only simply carried over from one stage to the next but sequentially grows as unrelated information from a variety of sources integrate and influence one another. [76,77,78,79] Therefore, it is extremely important to take the necessary steps to prevent and address bias.
However, impartiality is not always intentional; most of the time it is done unintentionally by hard-working, dedicated, honest, and competent employees who try to do their job impartially but still fail. It is then considered as cognitive bias, which is widespread and implicit.<ref>{{Cite journal |last=Dror |first=Itiel E. |date=2018-04-20 |title=Biases in forensic experts |url=https://www.science.org/doi/10.1126/science.aat8443 |journal=Science |language=en |volume=360 |issue=6386 |pages=243–243 |doi=10.1126/science.aat8443 |issn=0036-8075}}</ref><ref>{{Cite journal |last=Dror |first=Itiel E. |date=2016-06 |title=A hierarchy of expert performance. |url=http://doi.apa.org/getdoi.cfm?doi=10.1016/j.jarmac.2016.03.001 |journal=Journal of Applied Research in Memory and Cognition |language=en |volume=5 |issue=2 |pages=121–127 |doi=10.1016/j.jarmac.2016.03.001 |issn=2211-369X}}</ref> The impact of such implicit bias is significant, as it affects not only the examiner's judgment, but also it creates phenomena known as “bias cascade” and “bias snowball.” The “bias cascade” effect occurs when irrelevant information spills from one stage to another, thereby creating bias. In the “snowball bias” effect, bias is not only simply carried over from one stage to the next but sequentially grows as unrelated information from a variety of sources integrate and influence one another.<ref>{{Cite journal |last=Dror, I. |year=2012 |title=Cognitive bias in forensic science |url=https://www.accessscience.com/content/article/aYB120321 |journal= |language=en |pages=43–5 |doi=10.1036/1097-8542.yb120321}}</ref><ref>{{Cite journal |last=Kassin |first=Saul M. |last2=Dror |first2=Itiel E. |last3=Kukucka |first3=Jeff |date=2013-03 |title=The forensic confirmation bias: Problems, perspectives, and proposed solutions. |url=http://doi.apa.org/getdoi.cfm?doi=10.1016/j.jarmac.2013.01.001 |journal=Journal of Applied Research in Memory and Cognition |language=en |volume=2 |issue=1 |pages=42–52 |doi=10.1016/j.jarmac.2013.01.001 |issn=2211-369X}}</ref><ref>{{Citation |last=Dror |first=Itiel E. |last2=Stoel |first2=Reinoud D. |date=2014 |editor-last=Bruinsma |editor-first=Gerben |editor2-last=Weisburd |editor2-first=David |title=Cognitive Forensics: Human Cognition, Contextual Information, and Bias |url=https://link.springer.com/10.1007/978-1-4614-5690-2_147 |work=Encyclopedia of Criminology and Criminal Justice |language=en |publisher=Springer New York |place=New York, NY |pages=353–363 |doi=10.1007/978-1-4614-5690-2_147 |isbn=978-1-4614-5689-6 |accessdate=2023-05-16}}</ref><ref>{{Cite journal |last=Edmond |first=G. |last2=Tangen |first2=J. M. |last3=Searston |first3=R. A. |last4=Dror |first4=I. E. |date=2015-03-01 |title=Contextual bias and cross-contamination in the forensic sciences: the corrosive implications for investigations, plea bargains, trials and appeals |url=https://academic.oup.com/lpr/article-lookup/doi/10.1093/lpr/mgu018 |journal=Law, Probability and Risk |language=en |volume=14 |issue=1 |pages=1–25 |doi=10.1093/lpr/mgu018 |issn=1470-8396}}</ref> Therefore, it is extremely important to take the necessary steps to prevent and address bias.


The laboratory is also obliged to ensure the protection of confidential information concerning its customers and is responsible for managing all information received or generated during the execution of its activities. As impartiality and confidentiality adversely affect the laboratory's goals and compliance with the requirements of the ISO/IEC 17025 standard, they should be treated like any other risk. Therefore, an effective risk management system is required to deal with these risks. [11, 80]
The laboratory is also obliged to ensure the protection of confidential information concerning its customers and is responsible for managing all information received or generated during the execution of its activities. As impartiality and confidentiality adversely affect the laboratory's goals and compliance with the requirements of the ISO/IEC 17025 standard, they should be treated like any other risk. Therefore, an effective risk management system is required to deal with these risks.<ref name=":3" /><ref>{{Cite journal |last=Mianes |first=Rodrigo Leão |last2=ten Caten |first2=Carla Schwengber |date=2017-06 |title=Organisation of proficiency schemes by testing and calibration laboratories |url=http://link.springer.com/10.1007/s00769-017-1260-1 |journal=Accreditation and Quality Assurance |language=en |volume=22 |issue=3 |pages=119–123 |doi=10.1007/s00769-017-1260-1 |issn=0949-1775}}</ref>


The above is achieved by upper management's commitment to impartiality and adopting appropriate policies, procedures, and best practices to monitor the risk of bias and, where necessary, taking action to prevent or mitigate it. Undoubtedly, appropriate training is a critical parameter to assure impartiality and confidentiality. Staff must be trained in relation to cognitive bias so that they understand the existence and importance of appropriate policies, procedures, and practices. [11] Ensuring confidentiality in laboratories also requires an effective and clearly defined laboratory management system that provides all relevant information, in an accessible format, including documentation of the laboratory's confidentiality policies, procedures, and guidelines. By extension, a written confidentiality policy is essential, providing clear instructions to all laboratory workers and being signed by them. A confidentiality agreement is a standard practice for many businesses and can remain in place indefinitely, protecting the laboratory even after staff leave, as well as from outside partners. There should be also a plan that outlines exactly how laboratory personnel should react in case that workplace confidentiality policies or procedures are being violated.
The above is achieved by upper management's commitment to impartiality and adopting appropriate policies, procedures, and best practices to monitor the risk of bias and, where necessary, taking action to prevent or mitigate it. Undoubtedly, appropriate training is a critical parameter to assure impartiality and confidentiality. Staff must be trained in relation to cognitive bias so that they understand the existence and importance of appropriate policies, procedures, and practices.<ref name=":3" /> Ensuring confidentiality in laboratories also requires an effective and clearly defined laboratory management system that provides all relevant information, in an accessible format, including documentation of the laboratory's confidentiality policies, procedures, and guidelines. By extension, a written confidentiality policy is essential, providing clear instructions to all laboratory workers and being signed by them. A confidentiality agreement is a standard practice for many businesses and can remain in place indefinitely, protecting the laboratory even after staff leave, as well as from outside partners. There should be also a plan that outlines exactly how laboratory personnel should react in case that workplace confidentiality policies or procedures are being violated.


Paper documents and records should be kept in a secure location inaccessible to non-laboratory personnel, and when no longer needed, are destroyed before disposal. Special care should be also taken with mobile phones to avoid pictures of classified documents to be taken for unintended use. In addition, the electronic documentation is stored on a secure network and viewed only on secure devices.
Paper documents and records should be kept in a secure location inaccessible to non-laboratory personnel, and when no longer needed, are destroyed before disposal. Special care should be also taken with mobile phones to avoid pictures of classified documents to be taken for unintended use. In addition, the electronic documentation is stored on a secure network and viewed only on secure devices.


===Digitalization===
===Digitalization===
Modern laboratories are increasingly dependent on computers and other electronic devices for both their administrative and analytical functions. For example, the results obtained from the laboratory equipment are automatically stored in raw data files. While these technological developments create new opportunities, they also create risks. [73] Potential risks are data loss, the possibility of breaching and modifying raw data files generated by laboratory equipment, and incorrect input of information into the LIMS. According to Tully ''et al.'' [81], the main risks faced by digital forensic laboratories that use quality standards include:
Modern laboratories are increasingly dependent on computers and other electronic devices for both their administrative and analytical functions. For example, the results obtained from the laboratory equipment are automatically stored in raw data files. While these technological developments create new opportunities, they also create risks.<ref name=":19" /> Potential risks are data loss, the possibility of breaching and modifying raw data files generated by laboratory equipment, and incorrect input of information into the LIMS. According to Tully ''et al.''<ref>{{Cite journal |last=Tully |first=Gillian |last2=Cohen |first2=Neil |last3=Compton |first3=David |last4=Davies |first4=Gareth |last5=Isbell |first5=Roy |last6=Watson |first6=Tim |date=2020-03 |title=Quality standards for digital forensics: Learning from experience in England & Wales |url=https://linkinghub.elsevier.com/retrieve/pii/S2666282519300374 |journal=Forensic Science International: Digital Investigation |language=en |volume=32 |pages=200905 |doi=10.1016/j.fsidi.2020.200905}}</ref>, the main risks faced by digital forensic laboratories that use quality standards include:


*The existence of inaccurate or insufficient information in the technical files and the absence of a mechanism to detect subsequent changes in the files.
*The existence of inaccurate or insufficient information in the technical files and the absence of a mechanism to detect subsequent changes in the files.
Line 274: Line 268:
Computer systems used to store the data generated (raw and processed) by the laboratory can deal with problems that lead to information loss. Under some circumstances, the original data files can be recovered from hard drives using appropriate digital methods, but these can be costly and time consuming. However, even if digital data can be preserved, it is malleable and subject to undetectable changes in its content or metadata. The lack of proper data retention procedures makes it more difficult or even impossible to retrieve the original files and verify their integrity. In addition, standard backup procedures do not have the fidelity of digital forensic mechanisms.
Computer systems used to store the data generated (raw and processed) by the laboratory can deal with problems that lead to information loss. Under some circumstances, the original data files can be recovered from hard drives using appropriate digital methods, but these can be costly and time consuming. However, even if digital data can be preserved, it is malleable and subject to undetectable changes in its content or metadata. The lack of proper data retention procedures makes it more difficult or even impossible to retrieve the original files and verify their integrity. In addition, standard backup procedures do not have the fidelity of digital forensic mechanisms.


One way to preserve digital data is to create [[backup]]s. However, routine backup procedures do not have the fidelity of digital preservation mechanisms for some critical data, such as those of [[Forensic laboratory|forensic laboratories]]. Data files created by laboratory equipment and stored on computers can be modified by mistake or intentionally. Depending on the data type and the modification method, it may be possible to detect changes or amendments. Normal backup procedures, even those updated to preserve digital forensics data, are not foolproof. Data can be falsified, and the computer system can be refreshed to make it appear that the change was made at some point in the past. [73]
One way to preserve digital data is to create [[backup]]s. However, routine backup procedures do not have the fidelity of digital preservation mechanisms for some critical data, such as those of [[Forensic laboratory|forensic laboratories]]. Data files created by laboratory equipment and stored on computers can be modified by mistake or intentionally. Depending on the data type and the modification method, it may be possible to detect changes or amendments. Normal backup procedures, even those updated to preserve digital forensics data, are not foolproof. Data can be falsified, and the computer system can be refreshed to make it appear that the change was made at some point in the past.<ref name=":19" />


To manage the risks of inadvertent alteration, as well as intentional breach, the solution is to update the traditional practices of tracking data provenance and use digitized ledgers of global custody. [82, 83] These ledgers can be implemented in such a way that they are inviolable and independently verifiable.
To manage the risks of inadvertent alteration, as well as intentional breach, the solution is to update the traditional practices of tracking data provenance and use digitized ledgers of global custody.<ref>{{Cite journal |last=Burri |first=Xavier |last2=Casey |first2=Eoghan |last3=Bollé |first3=Timothy |last4=Jaquet-Chiffelle |first4=David-Olivier |date=2020-06 |title=Chronological independently verifiable electronic chain of custody ledger using blockchain technology |url=https://linkinghub.elsevier.com/retrieve/pii/S2666281720300780 |journal=Forensic Science International: Digital Investigation |language=en |volume=33 |pages=300976 |doi=10.1016/j.fsidi.2020.300976}}</ref><ref>{{Cite journal |last=Jaquet-Chiffelle |first=David-Olivier |last2=Casey |first2=Eoghan |last3=Bourquenoud |first3=Jonathan |date=2020-06 |title=Tamperproof timestamped provenance ledger using blockchain technology |url=https://linkinghub.elsevier.com/retrieve/pii/S2666281720300834 |journal=Forensic Science International: Digital Investigation |language=en |volume=33 |pages=300977 |doi=10.1016/j.fsidi.2020.300977}}</ref> These ledgers can be implemented in such a way that they are inviolable and independently verifiable.


The use of automated systems by specialized laboratory staff who interpret the results of the analyses can help maintain consistency and increase the effectiveness of the analysis. However, these systems—including those with [[artificial intelligence]] (AI) and [[machine learning]] (ML)—can have errors, resulting in invalid results. [84] In addition, they are sensitive to bias due to poorly selected data sets, as well as lead to misinterpretations when the results are not fully understood. [85] For example, when automated AI/ML systems are used to support forensic research and forensic analysis, such as comparing faces in digital video or photographs, false-positive algorithms can lead to erroneous results. [73]
The use of automated systems by specialized laboratory staff who interpret the results of the analyses can help maintain consistency and increase the effectiveness of the analysis. However, these systems—including those with [[artificial intelligence]] (AI) and [[machine learning]] (ML)—can have errors, resulting in invalid results.<ref>{{Cite web |last=Murray, D. |date=20 March 2015 |title=Queensland authorities confirm ‘miscode’ affects DNA evidence in criminal cases |work=The Courier Mail |url=https://www.couriermail.com.au/news/queensland/queensland-authorities-confirm-miscode-affects-dna-evidence-in-criminal-cases/news-story/833c580d3f1c59039efd1a2ef55af92b |accessdate=10 November 2022}}</ref> In addition, they are sensitive to bias due to poorly selected data sets, as well as lead to misinterpretations when the results are not fully understood.<ref>{{Cite journal |last=Margagliotti |first=Giulia |last2=Bollé |first2=Timothy |date=2019-05 |title=Machine learning & forensic science |url=https://linkinghub.elsevier.com/retrieve/pii/S0379073819300726 |journal=Forensic Science International |language=en |volume=298 |pages=138–139 |doi=10.1016/j.forsciint.2019.02.045}}</ref> For example, when automated AI/ML systems are used to support forensic research and forensic analysis, such as comparing faces in digital video or photographs, false-positive algorithms can lead to erroneous results.<ref name=":19" />


===Financial risk===
===Financial risk===

Latest revision as of 15:43, 16 May 2023

Full article title Identifying risk management challenges in laboratories
Journal Accreditation and Quality Assurance
Author(s) Tziakou, Evdoxia; Fragkaki, Argyro G.; Platis, Agapios N.
Author affiliation(s) Hellenic Open University, National Centre for Scientific Research “Demokritos”, University of the Aegean
Primary contact fragkaki at bio dot demokritos dot gr
Year published 2023
Volume and issue 28(3)
DOI 10.1007/s00769-023-01540-3
ISSN 1432-0517
Distribution license Creative Commons Attribution 4.0 International
Website https://link.springer.com/article/10.1007/s00769-023-01540-3
Download https://link.springer.com/content/pdf/10.1007/s00769-023-01540-3.pdf (PDF)

Abstract

Over the years, risk management has gained significant importance in laboratories of every kind. The safety of workers, the accuracy and reliability of laboratory results, issues of financial sustainability, and protection of the environment play an important role in decision-making in both industry and service-based labs. In order for a laboratory to be considered reliable and safe, and therefore competitive, it is recommended to comply with the requirements of international standards and other regulatory documents, as well as use tools and risk management procedures.

In this paper, information is summarized concerning the terms “risk” and “risk management,” which are then approached through the latest International Organization for Standardization (ISO) standard ISO 9001, ISO/IEC 17025, and ISO 14001 standards. The process of risk management based on the ISO 31000 standard is described, and the options for treatment and the techniques that can be applied in the risk management process based on the latest ISO 31010 standard are grouped and indicated. Additionally, a literature review examines the reasons that have led laboratories to integrate risk management techniques into their quality management systems, the most common mistakes that occur in the various phases of laboratory tests, their causes, and their consequences, as well as the proposed treatments. The aim of this work is to highlight significant challenges concerning the need to implement management procedures in the daily routine, while warning, raising awareness of, and informing about existing risk management methods that can be implemented, methodologically and technically, to laboratories, under internationally recognized and updated standards.

Keywords: risk-based thinking, risk management, risk assessment techniques, laboratories, control measures

Introduction

The issue of risk management has existed for thousands of years.[1] The first noted practice of risk management is in the Tigris-Euphrates valley in 3200 BC by the Ašipu, who are considered to be, among others, an early example of risk management consultants.[2][3] The Ašipu carried out risk analysis for each alternative action related to the risky event to be studied, and after the completion of the analysis they proposed the most favorable alternative. The last step was to issue a final report engraved on a clay tablet that was given to the customer.[4]

The difference between modern risk analysts and the Ašipu of ancient Babylon is that the former express their results as mathematical probabilities and intervals of confidence, while the latter with certainty, confidence, and power. However, to determine the causal relationship between cause and effect, both the ancient ancestors and current researchers rely on observational methods.[2] After World War II, large companies with diversified portfolios of physical assets began to develop self-insurance, which covered the financial consequences of an adverse event or accidental losses.[5][6] Modern risk management was implemented after 1955 and was first applied in the insurance industry.[7]

The English term “risk” comes from the Greek word “rhiza,” which refers to the dangers of sailing around a cliff.[2] According to Kumamoto and Henley[8], the term “risk” is defined as a combination of five factors: probability, outcome, significance, causal scenario, and affected population. As far as a laboratory is concerned, “risk” is the probability of a laboratory error which may have adverse consequences[9], as it includes factors that threaten health and safety of staff, environment, organization's facilities, organization's financial sustainability, operational productivity, and service quality.[10] Therefore, for testing laboratories, as risk can be considered the inability to meet customer needs, the provision of incorrect analytical results and failure to meet accreditation requirements damage laboratory's reputation.[11]

Plebani[12] defines risk management as the process by which risk is assessed and strategies are developed to manage it. The goal of any risk management process is to identify, evaluate, address, and reduce the risk to an acceptable level.[13] According to Dikmen et al.[14], risk management involves identifying sources of uncertainty (risk identification) and assessing the consequences of uncertain events/conditions (risk analysis), thus creating response strategies based on expected results and, finally, based on the feedback received from the actual results and the emerging risk, the steps of identification, analysis and repetitive response events are performed throughout the life cycle of a project to ensure that the project objectives are achieved. Kang et al.[15] define risk management as an act of classification, analysis, and response to unforeseen risks, which are involved during the implementation of a project. Risk management involves maximizing the opportunity and impact of positive events and reducing the likelihood and impact of negative events to achieve the project objectives.

The concept of risk is already known to laboratories as it was indirectly included and in previous versions of International Organization for Standardization (ISO) standard ISO 9001 and, mainly via preventive measures to eliminate possible non-compliances and prevent their recurrence (i.e., ISO 9001:2008[16], ISO/IEC 17025:2005[17]). In the new versions of ISO 9001:2015[18] and ISO/IEC 17025:2017[19], however, the presence of risk-based thinking is more pronounced and imperative.

As the revised version of ISO/IEC 17025 is in line with ISO 9001 in terms of management requirements, a laboratory should examine the impact of threats as well as seize opportunities to increase management system efficiency to achieve improved results and to avoid negative effects.[20] There is no longer a separate clause on preventive measures, and the concept of preventive action is expressed through the application of the risk and opportunities approach. The concept of risk is implied in each paragraph of the standard related to the factors that affect the validity of the results. Such factors are staff, facilities, environmental conditions, equipment, metrological traceability, technical records, etc. In addition, the creation of a formal risk management system is not a requirement of the standard, but each laboratory can choose the approach which is satisfactory and can be implemented for its needs.[19][20]

The revised ISO 14001[20] is also in line with ISO 9001. Risk-based thinking provides a structured approach to managing environmental issues that are likely to affect the organization. Identifying environmental risks and potential opportunities is vital to an organization's success.

Finally, in ISO 31000:2018[21], risk management is considered to be the coordinated activities carried out for the management and control of an organization in relation to risk. Therefore, in order for a laboratory to comply with the new versions of the standards, it is important to understand the risk-based thinking and to examine the functions, procedures, and activities related to risks and opportunities. To address the concern, this paper aims to explore the implementation of a risk-based thinking framework in testing or calibration laboratories and highlight the challenges that arise as part of that implementation.

The risk management process

The risk management process can be applied at all levels of an organization, from strategy to project implementation. In addition, it must be an integral part of management and decision making and integrated into the structure, functions, and processes of the organization.[9] The integrated risk management process relies on a well-structured risk-based thinking which encompasses the whole quality management system (QMS).

In this context, the risk assessment stage consists of three sub-stages: risk identification, risk analysis, and risk evaluation. The purpose of risk identification is to find, recognize, and describe the risks that positively or negatively affect the achievement of the objectives of the organization, even those whose sources are not under its control.[9] According to Elkington and Smallman[22], risk identification is the most important phase of risk analysis, and emphasis is given in the fact that potential risks should be identified at each stage. Hallikas et al.[23] also state that the identification phase is fundamental to implement risk management, as by recognizing sources of risk, future uncertainties can be identified, and preventive measures can be taken. During risk analysis, the impact of a risk is assessed while during risk evaluation any additional action is determined.

After completing the risk assessment stage, the risk is addressed by avoiding risk, taking or increasing risk to pursue an opportunity, removing the risk source, changing the likelihood, changing the consequences, sharing the risk (e.g., through contracts, insurance), or maintaining the risk with a documented decision. All the above steps should be monitored and reviewed to ensure and improve the quality and effectiveness of risk management. The results of the process should be recorded and reported throughout the organization to provide information for decision making, for the improvement of risk management activities and for the interaction with stakeholders.[9]

Risk assessment techniques

Risk assessment—which is often expressed in relation to sources, possible events, consequences, and likelihood—can be a very difficult process, especially when these relationships are complex. A variety of risk assessment techniques is depicted in Table 1. Though the choice of techniques is not random, some factors must be first taken into account, such as the purpose of the assessment, the needs of stakeholders, any legal, regulatory and contractual requirements, the operating environment and the scenario, how much important is the decision to be made, any defined decision criteria and their form, the time available before a decision is made, the given information and expertise, and the complexity of the situation.[24]

Table 1. Risk assessment techniques
Technique for ... Examples
Eliciting views Brainstorming, Delfi technique, nominal group technique, structural or semi-structural interviews, surveys
Identifying risk Checklists, classifications, and taxonomies; failure modes and effects analysis (FMEA); failure modes, effects, and criticality analysis (FMECA); hazard and operability analysis (HAZOP); scenario analysis; structured what-if technique (SWIFT)
Determining sources, causes, and drivers of risk Cindynic approach, Ishikawa analysis
Analyzing controls Bow tie analysis, hazard analysis and critical control points (HACCP), layers of protection analysis (LOPA)
Understanding consequences and likelihood Bayesian analysis, Bayesian network and influence diagrams, business impact analysis, cause-consequence analysis, event tree analysis, fault tree analysis, human reliability analysis, Markov analysis, Monte Carlo simulation, Privacy impact analysis/data protection impact analysis
Analyzing dependencies and interactions Causal mapping, cross impact analysis
Provide a measure of risk Toxicological risk assessment, value at risk, conditional value at risk or expected shortfall
Evaluating the significance of risk As low as reasonably practicable (ALARP)/so far as is reasonably practicable (SFAIRP), frequency-number diagrams, Pareto chart, reliability centered maintenance, risk indices
Selecting between options Cost/benefit analysis, decision tree analysis, game theory, multi-criteria analysis
Reporting and recording Risk registers, consequence/likelihood matrix, S-curves

The most used techniques for identifying risk are the failure modes and effects analysis (FMEA), as well as the failure modes, effects, and criticality analysis (FMECA). FMEA/FMECA can be applied at all levels of an organization and performed at any level of analysis of a system, from block diagrams to detailed elements of a system or steps of a process.[25] This fact leads to several sub-types of FMEA such as system FMEA, design FMEA, process FMEA, and service delivery FMEA. As defined by its name, FMEA is a systematic method designed to identify potential failure modes for a product or process before it occurs and to assess the risk. In FMEA, the system or process under consideration is broken down into individual components. For each element, the ways in which it may fail, the causes and effects of failure are examined. FMECA is a FMEA followed by criticality analysis, which means that for each failure its importance is also assessed. The calculation of the risk in FMEA method includes the multiplication of the three risk parameters severity (S), occurrence (O), and detection (D) in order to produce a risk priority number (RPN, RPN = S × O × D). However, in FMECA, failure modes are classified by their criticality.[26] A quantitative measure of criticality can be derived from actual failure rates and a quantitative measure of consequences, if known. FMEA can be used to provide information for analysis to other techniques such as fault tree analysis (FTA). FTA is a commonly used technique for understanding consequences and likelihood of risk. It is a logic diagram that represents the relationships between an adverse event, which is typically a system failure, and the causes of the event which are the component of failure. It uses logic gates and events to model the above-mentioned relationships. FTA can be used both qualitatively to identify the potential causes and pathways to the peak event and quantitatively to calculate the probability that the peak event will occur.[27][28]

Another technique which is commonly used in organizations is failure reporting, analysis and corrective action system (FRACAS). It is a technique for identifying and correcting identfied deficiencies in a system or a product and, thus, prevent further occurrence of them.[29] It is based upon the systematic reporting and analysis of failures, making maintenance of historical data a crucial issue. It is also necessary for the organization to have a database management system. The database is established to store all the required data, which include records on all reported failures, failure analyses, and corrective actions.[30]

Risk identification and treatment in laboratories

Risk identification is the first and most important phase of risk management.[22] In the identification phase, the possible sources of risk which concern the entire activity of the laboratory are recorded.[31]

To identify potential sources of risk associated with the testing process, laboratories should create a process map outlining the steps in the testing process from generating the request for test to reporting the testing result. This map should include all stages of the pre-analytical, analytical, and post-analytical process.[10] An example of such a map is given in Fig. 1.


Fig1 Tziakou AccredQualAss23 28-3.png

Figure 1. Process map of the main functions of a testing laboratory.[10]

According to the research of both Plebani and Carraro[32] and Plebani[12], most errors occur during the pre-analytical stages, ranging between 46 to 68%, followed by post-analytical errors, ranging from 19 to 47%, while during the analytical stage the fewest errors occur, ranging from 7 to 13%. Table 2 outlines the main sources of risk in each of these three stages.

Table 2. The main sources of risk during the pre-analytical, analytical, and post-analytical stage in a laboratory
Main sources of risk during the ... References
Pre-analytical stage Analytical stage Post-analytical stage
• Incorrect sample identification
• Absence of sample identification
• Incorrect sample labeling
• Insufficient homogenization of the sample
• Incorrect sampling
• Improper sampling container or sample storage
• Inadequate transport conditions
• Non-compliant sample
• Sample contamination
• Absence of sample or inappropriate test request
• Insufficient sample
• Inadequate storage of chemicals
• Improper transport of chemicals
• Missing or destroyed sample
• Procedural non-conformity
• Wrong test
• Use of expired reagents
• Improper use of reagents
• Equipment malfunction
• Equipment failure
• Incorrect equipment calibration
• Incorrect sample dilutions
• Mixing samples
• Deviation in the results of the internal control sample
• Incorrect calculation of dilution factor
• Delay in sample analysis
• Unspecified quality control (QC) failure
• Improper management of chemicals
• Inadequate disposal of chemicals
• Inadequate disposal and management of liquid waste
• Incorrect results
• Incorrect entry of results or related entry in the laboratory information management system (LIMS)
• Send results to another customer
• Ambiguous way of communicating the results
• Lack of information about the limits regarding the interpretation of the results
• Delayed reporting of results
[10][13][32][33][34][35][36]

After completing the risk assessment stage, the laboratory is asked to select an appropriate treatment to maintain the risk at an acceptable level.[37] The measures taken should be monitored for their effectiveness to evaluate the success of any failure reduction effort. This evaluation is achieved by monitoring the values of the quality indicators set by the laboratory.[35] Examples of quality indicators are given in Table 3. According to Lippi et al.[38], the most effective strategy to reduce uncertainties in diagnostic laboratories is to develop and implement an integrated QMS. The success of efforts to reduce errors must be monitored to assess the effectiveness of the measures taken.[39]

Table 3. Examples of pre-analytical indicators and their mathematical formulas
Quality indicator Mathematical formula References
Error in sample identification Number of samples with incorrect sample recording × 100/Total number of samples [37][40][41][42]
Error in sample transcription Number of requests with incorrect data logging (incorrect test) × 100/Total number of requests
Wrong container Number of wrong containers for each sample type × 100/Total number of requests
Insufficient sample Number of samples with insufficient quantity × 100/Total number of samples
Inappropriate transport and storage conditions Number of samples with inappropriate storage conditions before analysis × 100/Total number of samples
Number of samples missing during transport × 100/Total number of samples
Number of samples destroyed during transport × 100/Total number of samples
Number of samples with improper temperature during transport × 100/Total number of samples
Number of samples with extended transfer time × 100/Total number of samples

Possible risks in laboratories are identified below in more detail along with their appropriate treatment.

Sample

Samples are the items sent by customers to the laboratory for testing or calibration in order for detailed and reliable results to be provided in a predefined time scale. Therefore, the consequences can be serious if there is loss or any other inconsistency with the samples, their analysis, and related procedures. Normally, samples taken from the laboratory go through a sampling process prior to analytical procedures. Heterogeneous samples must be homogenized before sampling, otherwise the results obtained are not reliable, especially when the analytes are contained in traces in the sample under study.[12]

Sample-related inconsistencies of the pre-analytical phase have already been summarized in Table 2. The strategy to prevent pre-analytical errors consists of five interrelated steps[43][44][45]:

  1. Develop clear written procedures.
  2. Enhance professionals' training.
  3. Automate both support functions and executive functions.
  4. Monitor quality indicators.
  5. Improve communication between professionals and encourage interservice collaboration.

The written procedures should clearly describe how the sample is analyzed, collected, labeled, transported, and prepared. To ensure that written procedures are followed consistently, those performing the pre-analytical activities must be well-trained to understand, in addition to the appropriate procedures, their important steps and the consequences of not following the instructions faithfully.[46]

Modern technologies, such as robotics and information management systems, should also help reduce errors. A LIMS is a computerized system that collects, processes, and stores information produced by the laboratory. Although originally created solely to automate experimental data, it is nowadays used in many laboratory activities.[47][48][49][50] The typical LIMS will have sample management functions such as sample registration, barcode labeling, and sample tracking. Using an integrated LIMS, the chain of custody (CoC) and audit trail records of the samples can be systematically kept, and operations can be improved by adding features such as model management and sample testing, while statistics concerning the number and type of samples, analytical findings, reporting time, number and origin of customers, and many other attributes can be very easily estimated or tracked.[12][51] Thus, by automating certain steps at pre-analytic workstations, the number of people participating in this phase and the number of manual steps required are reduced. In addition, barcodes simplify the routing and tracking of samples. For example, a computerized order entry system (COES) simplifies the examination order by eliminating the need for the order to be transcribed by a second person.[35]

To avoid problems caused by a lack of adequate storage space, the laboratory should regularly assess its capacity to handle samples, including available storage space. Therefore, the laboratory should know or proactively estimate the number of samples it can handle and store at a given time, in a manner that whenever the number of incoming samples exceeds its handling capacity, measures such as temporary reassignment of personnel or arrangement of makeshift storage areas can be taken in a timely manner.[12]

Personnel

The human factor is present at every stage of the pre-analytical, analytical, and post-analytical process. According to Ho and Chen[52], human error is the leading cause of laboratory accidents. Wurtz et al.[53] reported that reduced mental and physical condition, due to exhaustion, is often the cause of laboratory accidents. However, apart from causing accidents, the human factor is also responsible for any mistake that can occur at any stage of the analytical process, from the collection and recording of samples to the processing of results. The occurrence of human error and its subsequent outcome usually cannot be predicted.[12]

The techniques used to assess the human factor's contribution to the reliability and security of a system are called the human factor reliability analysis (HRA).[24] The first industry to develop and implement HRA was the nuclear industry[54], concluding that most accidents were due to human error rather than equipment malfunction. Since then, HRA has been applied to many “high risk” industries, such as the aerospace, railways, shipping, automotive, oil, gas, chemical, military components, and air traffic control industries. HRA has been also applied in the healthcare sector, in the installation of telecommunications equipment, in the design of computer software and hardware, as well as in many manual operations such as lathe operation.

To avoid unpleasant consequences occurred by human factor, personnel throughout the organization should be trained appropriately and effectively to be able to perform procedures in accordance with the requirements of ISO standards or other regulations.[35] Furthermore, to avoid staff burnout, some laboratory automation systems should be installed and implemented in laboratories, including electric wheeled vehicle systems to transport the samples and systems with automatic result verification procedures.[55] McDonald et al.[56] argue that using a LIMS with highly automated laboratory equipment, researchers can perform repeatable experiments without human intervention. Finally, another measure that can reduce the occurrence of human errors is the continuous supervision of staff, followed by raising staff awareness of error causes through regular training.[12]

Reagents and waste

The ever-increasing number of laboratories in recent years has led to an increase in industrial waste, such as solid waste, liquid waste, and sewage. Most liquid waste is hazardous industrial waste, which affects human health and causes environmental pollution. The management of this waste therefore involves many risks. There have been, for example, many accidents and injuries due to mismanagement of chemical waste.[34][52] Yu and Chou[57] reported that the most common risk in laboratories is chemical reagents because they can cause immediate damage or cumulative pathological changes to the inside and outside of the human body, as they can cause fire, explosion, poisoning, and corrosion. Additionally, Lin et al.[34], following their research on university laboratories-related fires and explosions related to chemical reagents, state that many causes of accidents were based on improper chemical management, including improper storage, use, transportation, and disposal of chemicals.

To mitigate or even avoid the adverse risks of chemicals, their proper management is required. For example, the storage of chemical reagents should be done by category, in a controlled environment and in well-ventilated areas. Flammable materials should be separated from non-flammable materials and stored in areas that provide protection from projectiles, while stock checks should be frequent. Special care should be also taken when transporting them. For example, wooden trays could be used for transport, and always with the use of personal protective equipment.[58]

Waste should be recycled and disposed of properly. For example, chemicals should be neutralized before disposal. It is necessary to install smoke alarms, fire extinguishers, surveillance cameras, showers, and eyewash stations, as well as signs clearly marking escape corridors, collective protection, and personal protection. Detailed procedures, clear instructions, and appropriate training are also of crucial importance.[52][58]

Environmental conditions

Laboratories are exposed to various types of hazards (e.g., biological, chemical, radioactive, and others), making them highly hazardous environments.[59] Moreover, the work environment of the laboratories may be exposed to more than one hazard at the same time, which further increases risk. Marque et al.[58] emphasize that chemistry laboratories, for example, are unhealthy and dangerous environments, and those involved in research work are exposed to many potential sources of risk as they not only treat chemical reagents but also encounter equipment that is a source of heat and electricity. In chemical laboratories, there are many potential risks as they contain flammable, explosive, and poisonous chemicals. There are also risks in biological laboratories, especially for laboratory staff who treat pathogens, as they are much more likely to be infected with an infectious disease than anyone else.[60]

Exposure to chemicals in the workplace can have adverse, acute, or long-term health effects. The dangers from potential exposure to chemicals are many and various, as some substances are toxic, carcinogenic, or irritating, and others are flammable or pose a risk of biological contamination.[61][62] In 2006, Chiozza and Plebani[63] reported that two decades ago, laboratory workers performed their work without following any safety procedures and, thus, put themselves in danger. Ho and Chen[52] noted that poor management of chemical waste in universities and non-profit laboratories has caused many accidents over the years. Poor management of chemical waste can harm laboratory workers and lead to environmental pollution.[36]

The U.S. Commission on Chemical Safety and Hazard Investigation has studied 120 laboratory accidents that occurred at various universities across the country from 2001 to 2011.[64] From 2000 to 2015, there were 34 laboratory accidents, which caused 49 deaths. These accidents were caused by explosion, exposure to biological agents, exposure to toxic substances, suffocation, electric shock, fire, exposure to ionizing radiation, and various other causes.

In addition to the risk to human health, of environmental pollution, and of destruction of laboratory property, there are other risk factors such as the production of unreliable results and customer dissatisfaction, which also lead to the laboratory's bad reputation, making the application of risk management process imperative to the sustainability of the laboratory.[12]

In order to tackle risk effectively, estimates based on effective risk management must be integrated into the analytical framework.[14] A prerequisite for the operation under appropriate environmental conditions, in a safe and competent laboratory, is the management by executives who can apply the theory of risk to reduce it to an acceptable level. Each laboratory should be able to assess the possible occurrence of errors and describe the steps needed to detect and prevent them to avoid any future adverse events.[65]

Test methods

It is common practice that appropriate standards or formal methods, whenever available and after verification, be preferred over methods developed internally in laboratories. Otherwise, in-house methods shall be fully validated. In this case, the risk is hidden in non-properly or partially validated methods instead of fully validated methods. In addition, an analytical method may have critical test steps or parameters, such as the quantity of reagents to be added in a particular step, the reaction time, or a specific step to proceed without delay. The absence of critical steps leads to erroneous results.

To avoid the risk arisen from the use of internal analytical methods that are not properly validated, the laboratory should ensure that the method developed is fully validated for its intended use. To achieve this, a general method validation procedure shall exist, based on relevant international protocols, compiled from certified analysts involved in the design of method validation having extensive experience in related issues. In addition, according to the latest version of the ISO/IEC 17025 standard, the specification of the method requirements must be recorded in detail during the method validation phase. Moreover, checks should be carried out to ensure that all requirements are met and, afterward, the declaration of method validity should be signed. Critical steps and parameters of the test methods should be appropriately marked in the respective written procedures to avoid any misunderstanding or omission by the analysts. Additionally, during staff methodological training, the importance of these points should be clearly explained.[12]

Measurement

In the measurement process, issues that have been already mentioned above, such as sample treatment, environmental conditions, personnel ,and test methods affect the measurement results.

Another critical aspect is the need for appropriate and valid (certified, if applicable) reference materials that must be used to determine the metrological traceability of the analytical results in accordance with the requirements of ISO/IEC 17025. There are two types of reference materials involved in chemical testing which are the matrix reference materials for the validation of the methods and the pure reference standards used for the calibration of the equipment. The laboratory should retain procedures for safe handling, transport, storage, and use of reference materials to avoid possible contamination or deterioration. In addition, the laboratory should have studies on the stability of the solutions of the working standards prepared from reference standards. Matrix reference materials must be stored strictly in accordance with the storage conditions recommended by the manufacturers, and relevant records should be kept appropriately. Before use, at least a visual inspection should be performed to confirm that the materials are intact.[12]

Although the occurrence and subsequent outcome of human error during test execution is usually unpredictable, it can nevertheless be minimized by strengthening personnel supervision and increasing awareness. Actions toward this effort include on-site monitoring, verbal review, and control of experimental records, including sampling, sample analysis, data handling, and reporting. The results of the monitoring actions should be maintained, and whenever a deviation is found, corrective actions should be immediately taken. To avoid the risk that may arise from any inappropriate environmental conditions during measurement, the critical requirements for environmental conditions should be clearly indicated in the written procedures of the method to raise the awareness of the involved analysts. In addition, the continuous monitoring and periodic review of environmental conditions and the maintenance of relevant records are significant prerequisites. These actions not only allow subsequent inspection or evaluation, but they also encourage analysts to stay aware of the appropriate environmental conditions when performing tests.[20][66]

Quality control

The laboratory must have quality control procedures to monitor the validity of the tests performed and the quality of the results. Procedures are divided into internal and external quality control procedures. The main objective of internal quality control is to ensure the reliability of the results of the analytical process.[67] Internal quality control should be applied daily in the laboratory and for each laboratory test, to identify random and systematic errors as well as trends. For example, in each laboratory test, working standards of known concentration should be used to check the validity and accuracy of the test results through control charts, testing of internal blind samples, replicate tests using the same or different methods, or intermediate checks on measurement equipment. It is also useful for the laboratory to retain appropriate control of its QMS documents (e.g., procedures, instructions, calibration tables, specifications, alerts, etc.) for the purpose of updating and checking their validity, the control of the files, the control of the actions to treat threats and seizing opportunities, the control of corrective actions, etc.

External quality control, on the other hand, is performed by analyzing blind control samples sent to the laboratory by external, inter-laboratory comparison providers, to check the accuracy of results independently and objectively. The laboratory participating in an external quality control program must state the tests it performs, as well as the methods and instruments it uses, if required.[68][69] The successful participation of a laboratory in external quality control programs provides objective proof of the adequacy of the laboratory to its customers, as well as to the accreditation and regulatory bodies the lab answers to.[70] Non-valid results, however, indicate the existence of inconsistencies in the analysis chain of the samples, e.g., in the used test method, equipment, or personnel[71], and they must be carefully reviewed and appropriately corrected. Although tests must be performed in the same way as routine samples, the pre-analytical procedure, however, often differs as the samples sent may be in a different form (e.g., in a lyophilized form) or in different containers (e.g., in different types of tubes) and require different pre-analytical treatment. Therefore, the program organizer must provide clear instructions on the maintenance and preparation of external quality control samples.[72]

Results reporting

The final step in the testing process is results reporting. The risk of this stage may be the incorrect sending of results to the customer due to some falsification or even loss of data that may occur during the receipt, transfer, processing, and storage of data. Even if data handling software is used, data can be violated or modified by error or deceit.[73]

To avoid the risk of reporting incorrect results to clients, the laboratory shall have two- or even three-level data control procedures in place. When software is used to manipulate the data, these programs should be verified before use with appropriate protection to prevent tampering or accidental modification. However, for further improvement, these recording processes could be integrated into a LIMS which minimizes the need to manually transcribe data, and through appropriate electronic controls, data integrity can be ensured. The system could also record any failure as well as the corrective actions taken for reference. In cases where a declaration of conformity of the test to a specification or to a standard is requested, the laboratory is recommended to document the decision rules considering the relevant risk. This enhances the consistency of the results provided and avoids the risk of false acceptance or rejection.[12]

To prevent late reporting of results to the client, the combination of a LIMS with a web-based reporting system can be used. This combination is an important tool with which clinical and analytical laboratories can significantly speed up the process of presenting their test results to their customers, increasing their satisfaction and trust with the laboratory.[49]

Impartiality and confidentiality

Impartiality and confidentiality are two aspects that are included in the general requirements of the latest edition of ISO/IEC 17025, giving special attention to the importance of effective risk management resulting from the lack of these aspects. In particular, the laboratory is obliged to identify the risk associated with its impartiality on an ongoing basis and to demonstrate how to eliminate or minimize this risk. For example, it should identify the risk arising from its activities, relationships with stakeholders (e.g., top management representatives, clients, service providers, etc.) or staff relationships. Impartiality is defined in ISO/IEC 17025:2017 as the existence of subjectivity in relationships that may affect the laboratory's impartiality and are based on ownership, governance, administration, staff, shared resources, finances, contracts, and more.

However, impartiality is not always intentional; most of the time it is done unintentionally by hard-working, dedicated, honest, and competent employees who try to do their job impartially but still fail. It is then considered as cognitive bias, which is widespread and implicit.[74][75] The impact of such implicit bias is significant, as it affects not only the examiner's judgment, but also it creates phenomena known as “bias cascade” and “bias snowball.” The “bias cascade” effect occurs when irrelevant information spills from one stage to another, thereby creating bias. In the “snowball bias” effect, bias is not only simply carried over from one stage to the next but sequentially grows as unrelated information from a variety of sources integrate and influence one another.[76][77][78][79] Therefore, it is extremely important to take the necessary steps to prevent and address bias.

The laboratory is also obliged to ensure the protection of confidential information concerning its customers and is responsible for managing all information received or generated during the execution of its activities. As impartiality and confidentiality adversely affect the laboratory's goals and compliance with the requirements of the ISO/IEC 17025 standard, they should be treated like any other risk. Therefore, an effective risk management system is required to deal with these risks.[11][80]

The above is achieved by upper management's commitment to impartiality and adopting appropriate policies, procedures, and best practices to monitor the risk of bias and, where necessary, taking action to prevent or mitigate it. Undoubtedly, appropriate training is a critical parameter to assure impartiality and confidentiality. Staff must be trained in relation to cognitive bias so that they understand the existence and importance of appropriate policies, procedures, and practices.[11] Ensuring confidentiality in laboratories also requires an effective and clearly defined laboratory management system that provides all relevant information, in an accessible format, including documentation of the laboratory's confidentiality policies, procedures, and guidelines. By extension, a written confidentiality policy is essential, providing clear instructions to all laboratory workers and being signed by them. A confidentiality agreement is a standard practice for many businesses and can remain in place indefinitely, protecting the laboratory even after staff leave, as well as from outside partners. There should be also a plan that outlines exactly how laboratory personnel should react in case that workplace confidentiality policies or procedures are being violated.

Paper documents and records should be kept in a secure location inaccessible to non-laboratory personnel, and when no longer needed, are destroyed before disposal. Special care should be also taken with mobile phones to avoid pictures of classified documents to be taken for unintended use. In addition, the electronic documentation is stored on a secure network and viewed only on secure devices.

Digitalization

Modern laboratories are increasingly dependent on computers and other electronic devices for both their administrative and analytical functions. For example, the results obtained from the laboratory equipment are automatically stored in raw data files. While these technological developments create new opportunities, they also create risks.[73] Potential risks are data loss, the possibility of breaching and modifying raw data files generated by laboratory equipment, and incorrect input of information into the LIMS. According to Tully et al.[81], the main risks faced by digital forensic laboratories that use quality standards include:

  • The existence of inaccurate or insufficient information in the technical files and the absence of a mechanism to detect subsequent changes in the files.
  • Problems with computer systems security, energy supply, use of passwords for files opening or computers use, and data backup processes.
  • Absence or insufficiency of detailed procedures for the processing of digital data, or the documented procedures are not followed consistently by the staff.
  • Lack of strong quality control mechanisms and problems with validation of methods.

Computer systems used to store the data generated (raw and processed) by the laboratory can deal with problems that lead to information loss. Under some circumstances, the original data files can be recovered from hard drives using appropriate digital methods, but these can be costly and time consuming. However, even if digital data can be preserved, it is malleable and subject to undetectable changes in its content or metadata. The lack of proper data retention procedures makes it more difficult or even impossible to retrieve the original files and verify their integrity. In addition, standard backup procedures do not have the fidelity of digital forensic mechanisms.

One way to preserve digital data is to create backups. However, routine backup procedures do not have the fidelity of digital preservation mechanisms for some critical data, such as those of forensic laboratories. Data files created by laboratory equipment and stored on computers can be modified by mistake or intentionally. Depending on the data type and the modification method, it may be possible to detect changes or amendments. Normal backup procedures, even those updated to preserve digital forensics data, are not foolproof. Data can be falsified, and the computer system can be refreshed to make it appear that the change was made at some point in the past.[73]

To manage the risks of inadvertent alteration, as well as intentional breach, the solution is to update the traditional practices of tracking data provenance and use digitized ledgers of global custody.[82][83] These ledgers can be implemented in such a way that they are inviolable and independently verifiable.

The use of automated systems by specialized laboratory staff who interpret the results of the analyses can help maintain consistency and increase the effectiveness of the analysis. However, these systems—including those with artificial intelligence (AI) and machine learning (ML)—can have errors, resulting in invalid results.[84] In addition, they are sensitive to bias due to poorly selected data sets, as well as lead to misinterpretations when the results are not fully understood.[85] For example, when automated AI/ML systems are used to support forensic research and forensic analysis, such as comparing faces in digital video or photographs, false-positive algorithms can lead to erroneous results.[73]

Financial risk

Over the last years and due to the outbreak of the economic and health crises worldwide, the tight financial policy in many laboratories either of the public or the private sector, along with various bureaucratic obstacles, may have negative impacts on their overall technological or economic growth. Laboratories should made efforts for cost cutting assuming that accurate knowledge of their test costs exists. It is common sense that many laboratories do not exactly know the cost of services they provide or, additionally, do not take early measures to timely upgrade their equipment and analytical instruments as well as to restore staff losses from resignations or retirements maybe due to reduced financial budget or state subsidies.

Adequate test cost accounting requires a joint effort between financial experts and those with a broad knowledge of laboratory testing. The absence of a solid cost accounting may lead to a risky incremental costing. As such, up-to-date cost information to price laboratory services, along with adequate programming of laboratory's financial and human needs (e.g., compiling a business plan), can prove to be efficient control measures for their financial sustainability and future development. Furthermore, top management representatives play a crucial role in finding or securing financial resources to cover the laboratory's human and infrastructure needs.

Conclusion

The complex activities and the operational framework of a modern laboratory involve many risks with adverse consequences for the testing outcomes, the health of workers, and the environment. For this reason, risk management procedures should be integrated into the laboratory's QMS procedures and become an integral part of their daily routine. Many methods have been developed to identify and assess risk. Most of them are described in ISO 31010:2019, while the general method instructions are referred to in ISO 31000:2018.

The major sources of risk in a laboratory are the personnel themselves, samples to be analyzed, chemical reagents and waste, equipment, test methods, measurements, non-updated quality control procedures, results reporting, impartiality and confidentiality, digitalization of data and information, and financial aspects. Implementing an efficient QMS, the laboratory can reduce the risks to a tolerable level when clear procedures, continuous supervision, inspections, timely training and continuous education of its staff, and upgrades of its equipment with systems automation are maintained. A continuous management of risks is necessary for the emergence of new priorities and the continuous implementation of necessary actions for the purpose of safety and prevention.

Risk management is fundamental to ensure a safe internal and external laboratory environment, as well as to assure the delivery of reliable and competent services. Moreover, the implementation of risk-based thinking can positively affect the outcome of regular assessments in order to explore opportunities for increasing the effectiveness of the QMS and preventing further negative effects.

Abbreviations, acronyms, and initialisms

  • AI: artificial intelligence
  • ALARP: as low as reasonably practicable
  • CoC: chain of custody
  • COES: computerized order entry system
  • FMEA: failure modes and effects analysis
  • FMECA: failure modes, effects, and criticality analysis
  • FRACAS: failure reporting, analysis and corrective action system
  • FTA: fault tree analysis
  • HACCP: hazard analysis and critical control points
  • HAZOP: hazard and operability analysis
  • HRA: human factor reliability analysis
  • ISO: International Organization for Standardization
  • LIMS: laboratory information management system
  • LOPA: layers of protection analysis
  • ML: machine learning
  • QMS: quality management system
  • SFAIRP: so far as is reasonably practicable
  • SWIFT: structured what-if technique

Acknowledgements

Author contributions

ET wrote the main manuscript text. AGF contributed to the writing process while both AGF and ANP made critical corrections. All authors reviewed the manuscript.

Funding

Open access funding provided by HEAL-Link Greece.

Conflict of interest

The authors declare no competing interests.

References

  1. Dallas, Michael (2006). Value and risk management: a guide to best practice. Oxford ; Malden, MA: Blackwell Pub. ISBN 978-1-4051-2069-2. OCLC ocm59879826. https://www.worldcat.org/title/mediawiki/oclc/ocm59879826. 
  2. 2.0 2.1 2.2 Covello, Vincent T.; Mumpower, Jeryl (1 June 1985). "Risk Analysis and Risk Management: An Historical Perspective" (in en). Risk Analysis 5 (2): 103–120. doi:10.1111/j.1539-6924.1985.tb00159.x. ISSN 0272-4332. https://onlinelibrary.wiley.com/doi/10.1111/j.1539-6924.1985.tb00159.x. 
  3. Grier, B. (1981). "The Early History of the Theory and Management of Risk". Paper presented at the Judgment and Decision Making Group Meeting, Philadelphia, Pennsylvania, 1981. 
  4. Oppenheim, A. Leo (1977) (in en). Ancient Mesopotamia. University of Chicago Press. doi:10.7208/chicago/9780226177670.001.0001. ISBN 978-0-226-63187-5. https://doi.org/10.7208/chicago/9780226177670.001.0001. 
  5. Ehrlich, Isaac; Becker, Gary S. (1 July 1972). "Market Insurance, Self-Insurance, and Self-Protection" (in en). Journal of Political Economy 80 (4): 623–648. doi:10.1086/259916. ISSN 0022-3808. https://www.journals.uchicago.edu/doi/10.1086/259916. 
  6. Dionne, Georges; Eeckhoudt, Louis (1 January 1985). "Self-insurance, self-protection and increased risk aversion" (in en). Economics Letters 17 (1-2): 39–42. doi:10.1016/0165-1765(85)90123-5. https://linkinghub.elsevier.com/retrieve/pii/0165176585901235. 
  7. Dionne, Georges (1 September 2013). "Risk Management: History, Definition, and Critique: Risk Management" (in en). Risk Management and Insurance Review 16 (2): 147–166. doi:10.1111/rmir.12016. https://onlinelibrary.wiley.com/doi/10.1111/rmir.12016. 
  8. Kumamoto, Hiromitsu; Henley, Ernest J.; Henley, Ernest J. (1996). Probabilistic risk assessment and management for engineers and scientists (2nd ed ed.). New York: IEEE Press. ISBN 978-0-7803-1004-9. 
  9. 9.0 9.1 9.2 9.3 Nichols, James H. (1 May 2011). "Laboratory Quality Control Based on Risk Management" (in en). Annals of Saudi Medicine 31 (3): 223–228. doi:10.4103/0256-4947.81526. ISSN 0256-4947. PMC PMC3119960. PMID 21623049. http://www.annsaudimed.net/doi/10.4103/0256-4947.81526. 
  10. 10.0 10.1 10.2 10.3 Dror, Itiel E.; Pierce, Michal L. (1 May 2020). "ISO Standards Addressing Issues of Bias and Impartiality in Forensic Work" (in en). Journal of Forensic Sciences 65 (3): 800–808. doi:10.1111/1556-4029.14265. ISSN 0022-1198. https://onlinelibrary.wiley.com/doi/10.1111/1556-4029.14265. 
  11. 11.0 11.1 11.2 Wong, Siu-kay (1 April 2017). "Risk-based thinking for chemical testing" (in en). Accreditation and Quality Assurance 22 (2): 103–108. doi:10.1007/s00769-017-1256-x. ISSN 0949-1775. http://link.springer.com/10.1007/s00769-017-1256-x. 
  12. 12.00 12.01 12.02 12.03 12.04 12.05 12.06 12.07 12.08 12.09 12.10 Plebani, Mario (1 January 2006). "Errors in clinical laboratories or errors in laboratory medicine?". Clinical Chemistry and Laboratory Medicine (CCLM) 44 (6). doi:10.1515/CCLM.2006.123. ISSN 1434-6621. https://www.degruyter.com/document/doi/10.1515/CCLM.2006.123/html. 
  13. 13.0 13.1 Lemos, T.; Almeida, L. T. (2001), Linkov, Igor; Palma-Oliveira, Jose, eds., "Whole Life Cycle Risk Management", Assessment and Management of Environmental Risks (Dordrecht: Springer Netherlands): 401–407, doi:10.1007/978-94-010-0987-4_44, ISBN 978-1-4020-0024-9, http://link.springer.com/10.1007/978-94-010-0987-4_44. Retrieved 2023-05-16 
  14. 14.0 14.1 Dikmen, I.; Birgonul, M.T.; Anac, C.; Tah, J.H.M.; Aouad, G. (1 December 2008). "Learning from risks: A tool for post-project risk assessment" (in en). Automation in Construction 18 (1): 42–50. doi:10.1016/j.autcon.2008.04.008. https://linkinghub.elsevier.com/retrieve/pii/S0926580508000691. 
  15. Kang, Leen Seok; Kim, Sung-Keun; Moon, Hyoun Seok; Kim, Hyeon Seung (1 May 2013). "Development of a 4D object-based system for visualizing the risk information of construction projects" (in en). Automation in Construction 31: 186–203. doi:10.1016/j.autcon.2012.11.038. https://linkinghub.elsevier.com/retrieve/pii/S0926580512002336. 
  16. International Organization for Standardization (November 2008). "ISO 9001:2008 Quality management systems — Requirements". International Organization for Standardization. https://www.iso.org/standard/46486.html. 
  17. International Organization for Standardization (May 2005). "ISO/IEC 17025:2005 General requirements for the competence of testing and calibration laboratories". International Organization for Standardization. https://www.iso.org/standard/39883.html. 
  18. International Organization for Standardization (September 2015). "ISO 9001:2015 Quality management systems — Requirements". International Organization for Standardization. https://www.iso.org/standard/62085.html. 
  19. 19.0 19.1 International Organization for Standardization (November 2017). "ISO/IEC 17025:2017 General requirements for the competence of testing and calibration laboratories". International Organization for Standardization. https://www.iso.org/standard/66912.html. 
  20. 20.0 20.1 20.2 20.3 International Organization for Standardization (September 2015). "ISO 14001:2015 Environmental management systems — Requirements with guidance for use". International Organization for Standardization. https://www.iso.org/standard/60857.html. 
  21. International Organization for Standardization (February 2018). "ISO 31000:2018 Risk management — Guidelines". International Organization for Standardization. https://www.iso.org/standard/65694.html. 
  22. 22.0 22.1 Elkington, Paul; Smallman, Clive (1 January 2002). "Managing project risks: a case study from the utilities sector" (in en). International Journal of Project Management 20 (1): 49–57. doi:10.1016/S0263-7863(00)00034-X. https://linkinghub.elsevier.com/retrieve/pii/S026378630000034X. 
  23. Hallikas, Jukka; Karvonen, Iris; Pulkkinen, Urho; Virolainen, Veli-Matti; Tuominen, Markku (1 July 2004). "Risk management processes in supplier networks" (in en). International Journal of Production Economics 90 (1): 47–58. doi:10.1016/j.ijpe.2004.02.007. https://linkinghub.elsevier.com/retrieve/pii/S0925527304000477. 
  24. 24.0 24.1 International Organization for Standardization (June 2019). "IEC 31010:2019 Risk management — Risk assessment techniques". International Organization for Standardization. https://www.iso.org/standard/72140.html. 
  25. Huang, Jia; You, Jian-Xin; Liu, Hu-Chen; Song, Ming-Shun (1 July 2020). "Failure mode and effect analysis improvement: A systematic literature review and future research agenda" (in en). Reliability Engineering & System Safety 199: 106885. doi:10.1016/j.ress.2020.106885. https://linkinghub.elsevier.com/retrieve/pii/S095183201930105X. 
  26. Pillay, Anand; Wang, Jin (1 January 2003). "Modified failure mode and effects analysis using approximate reasoning" (in en). Reliability Engineering & System Safety 79 (1): 69–85. doi:10.1016/S0951-8320(02)00179-5. https://linkinghub.elsevier.com/retrieve/pii/S0951832002001795. 
  27. Bhattacharyya, S.K.; Cheliyan, A.S. (1 May 2019). "Optimization of a subsea production system for cost and reliability using its fault tree model" (in en). Reliability Engineering & System Safety 185: 213–219. doi:10.1016/j.ress.2018.12.030. https://linkinghub.elsevier.com/retrieve/pii/S0951832017314515. 
  28. Zio, E. (1 February 2009). "Reliability engineering: Old problems and new challenges" (in en). Reliability Engineering & System Safety 94 (2): 125–141. doi:10.1016/j.ress.2008.06.002. https://linkinghub.elsevier.com/retrieve/pii/S0951832008001749. 
  29. Chang, Jeonghyun; Yoo, Soo Jin; Kim, Sollip (11 May 2021). "Development and Application of Computerized Risk Registry and Management Tool Based on FMEA and FRACAS for Total Testing Process" (in en). Medicina 57 (5): 477. doi:10.3390/medicina57050477. ISSN 1648-9144. PMC PMC8151538. PMID 34065022. https://www.mdpi.com/1648-9144/57/5/477. 
  30. Lee, Jae Hoon; Chan, SungIl; Jang, Joong Soon (5 July 2010). "Process-Oriented Development of Failure Reporting, Analysis, and Corrective Action System" (in en). International Journal of Quality, Statistics, and Reliability 2010: 1–8. doi:10.1155/2010/213690. ISSN 1687-7144. https://www.hindawi.com/journals/jqre/2010/213690/. 
  31. Vasilnakova, Andrea (2018), Katalinic, Branko, ed., "Risk Management in Accredited Testing Laboratories", DAAAM Proceedings (DAAAM International Vienna) 1: 1071–1075, doi:10.2507/29th.daaam.proceedings.153, ISBN 978-3-902734-20-4, http://www.daaam.info/Downloads/Pdfs/proceedings/proceedings_2018/153.pdf. Retrieved 2023-05-16 
  32. 32.0 32.1 Plebani, Mario; Carraro, Paolo (1 August 1997). "Mistakes in a stat laboratory: types and frequency" (in en). Clinical Chemistry 43 (8): 1348–1351. doi:10.1093/clinchem/43.8.1348. ISSN 0009-9147. https://academic.oup.com/clinchem/article/43/8/1348/5641004. 
  33. Piton, Alain (2008). "Risk-based assessment applied to QA GLP audits. How to fulfill regulatory requirements while making the best use of our common sense, knowledge, talents, and resources?". Annali dell'Istituto Superiore Di Sanita 44 (4): 379–384. ISSN 2384-8553. PMID 19352000. https://pubmed.ncbi.nlm.nih.gov/19352000. 
  34. 34.0 34.1 34.2 Kuo, Y.C.; Lin, C.W.; Wu, H.C. (2004). "Investigation on the Fires and Explosions in Chemicals-related University Laboratories". Chemical Technology 137 (8): 195–208. 
  35. 35.0 35.1 35.2 35.3 Da Rin, Giorgio (1 June 2009). "Pre-analytical workstations: A tool for reducing laboratory errors" (in en). Clinica Chimica Acta 404 (1): 68–74. doi:10.1016/j.cca.2009.03.024. https://linkinghub.elsevier.com/retrieve/pii/S0009898109001454. 
  36. 36.0 36.1 Kuo, T.-Y. (7 September 2006). "Discussion of waste liquid flowing arrangement and control system in lab of college". National Central University Library. http://ir.lib.ncu.edu.tw/handle/987654321/3318. 
  37. 37.0 37.1 Eliza, David Remona; Minodora, Dobreanu (1 December 2015). "Risk Management in Clinical Laboratory: from Theory to Practice" (in en). Acta Medica Marisiensis 61 (4): 372–377. doi:10.1515/amma-2015-0086. ISSN 2247-6113. https://www.sciendo.com/article/10.1515/amma-2015-0086. 
  38. Lippi, Giuseppe; Simundic, Ana-Maria; Mattiuzzi, Camilla (2010). "Overview on patient safety in healthcare and laboratory diagnostics". Biochemia Medica: 131–143. doi:10.11613/BM.2010.015. http://www.biochemia-medica.com/en/journal/20/2/10.11613/BM.2010.015. 
  39. Fragkaki, A.G.; Leontiou, I.-P.; Kioukia-Fougia, N.; Tsivou, M.; Spyridaki, M.-Η.Ε.; Georgakopoulos, C.G. (1 October 2006). "Organization of the doping control laboratory in the Athens 2004 Olympic Games: A case study" (in en). Technovation 26 (10): 1162–1169. doi:10.1016/j.technovation.2005.09.003. https://linkinghub.elsevier.com/retrieve/pii/S0166497205001197. 
  40. Gimenez-Marin, Angeles; Rivas-Ruiz, Francisco; Perez-Hidalgo, Maria del Mar; Molina-Mendoza, Pedro (2014). "Pre-analytical errors management in the clinical laboratory: a five-year study". Biochemia Medica 24 (2): 248–257. doi:10.11613/BM.2014.027. PMC PMC4083576. PMID 24969918. http://www.biochemia-medica.com/en/journal/24/2/10.11613/BM.2014.027. 
  41. Plebani, Mario; Sciacovelli, Laura; Aita, Ada; Chiozza, Maria Laura (2014). "Harmonization of pre-analytical quality indicators". Biochemia Medica: 105–113. doi:10.11613/BM.2014.012. PMC PMC3936970. PMID 24627719. http://www.biochemia-medica.com/en/journal/24/1/10.11613/BM.2014.012. 
  42. Sciacovelli, Laura; Plebani, Mario (1 June 2009). "The IFCC Working Group on laboratory errors and patient safety" (in en). Clinica Chimica Acta 404 (1): 79–85. doi:10.1016/j.cca.2009.03.025. https://linkinghub.elsevier.com/retrieve/pii/S0009898109001478. 
  43. Bates, David W.; Gawande, Atul A. (19 June 2003). "Improving Safety with Information Technology" (in en). New England Journal of Medicine 348 (25): 2526–2534. doi:10.1056/NEJMsa020847. ISSN 0028-4793. http://www.nejm.org/doi/abs/10.1056/NEJMsa020847. 
  44. Plebani, Mario; Bonini, Pierangelo (16 February 2002). "Wrong biochemistry results. Interdepartmental cooperation may help avoid errors in medical laboratories". BMJ (Clinical research ed.) 324 (7334): 423–424. ISSN 1756-1833. PMID 11855391. https://pubmed.ncbi.nlm.nih.gov/11855391. 
  45. Lippi, Giuseppe; Guidi, Gian Cesare (1 January 2007). "Risk management in the preanalytical phase of laboratory testing". Clinical Chemical Laboratory Medicine 45 (6). doi:10.1515/CCLM.2007.167. https://www.degruyter.com/document/doi/10.1515/CCLM.2007.167/html. 
  46. Da Rin, Giorgio (1 June 2009). "Pre-analytical workstations: A tool for reducing laboratory errors" (in en). Clinica Chimica Acta 404 (1): 68–74. doi:10.1016/j.cca.2009.03.024. https://linkinghub.elsevier.com/retrieve/pii/S0009898109001454. 
  47. Gibbon, Gerst A. (1 May 1996). "A brief history of LIMS" (in en). Laboratory Automation & Information Management 32 (1): 1–5. doi:10.1016/1381-141X(95)00024-K. https://linkinghub.elsevier.com/retrieve/pii/1381141X9500024K. 
  48. Goodman, N.; Rozen, S.; Stein, L. D. (1998). "The LabFlow system for workflow management in large scale biology research laboratories". Proceedings. International Conference on Intelligent Systems for Molecular Biology 6: 69–77. ISSN 1553-0833. PMID 9783211. https://pubmed.ncbi.nlm.nih.gov/9783211. 
  49. 49.0 49.1 Skobelev, D. O.; Zaytseva, T. M.; Kozlov, A. D.; Perepelitsa, V. L.; Makarova, A. S. (1 January 2011). "Laboratory information management systems in the work of the analytic laboratory" (in en). Measurement Techniques 53 (10): 1182–1189. doi:10.1007/s11018-011-9638-7. ISSN 0543-1972. http://link.springer.com/10.1007/s11018-011-9638-7. 
  50. Casey, Eoghan (1 March 2020). "Standardization of forming and expressing preliminary evaluative opinions on digital evidence" (in en). Forensic Science International: Digital Investigation 32: 200888. doi:10.1016/j.fsidi.2019.200888. https://linkinghub.elsevier.com/retrieve/pii/S1742287619303147. 
  51. Sun, Dingzhong; Wu, Linhuan; Fan, Guomei (1 June 2021). "Laboratory information management system for biosafety laboratory: Safety and efficiency" (in en). Journal of Biosafety and Biosecurity 3 (1): 28–34. doi:10.1016/j.jobb.2021.03.001. https://linkinghub.elsevier.com/retrieve/pii/S2588933821000042. 
  52. 52.0 52.1 52.2 52.3 Ho, Chao-Chung; Chen, Ming-Shu (1 January 2018). "Risk assessment and quality improvement of liquid waste management in Taiwan University chemical laboratories" (in en). Waste Management 71: 578–588. doi:10.1016/j.wasman.2017.09.029. https://linkinghub.elsevier.com/retrieve/pii/S0956053X17306979. 
  53. Wurtz, N.; Papa, A.; Hukic, M.; Di Caro, A.; Leparc-Goffart, I.; Leroy, E.; Landini, M. P.; Sekeyova, Z. et al. (1 August 2016). "Survey of laboratory-acquired infections around the world in biosafety level 3 and 4 laboratories" (in en). European Journal of Clinical Microbiology & Infectious Diseases 35 (8): 1247–1258. doi:10.1007/s10096-016-2657-1. ISSN 0934-9723. PMC PMC7088173. PMID 27234593. http://link.springer.com/10.1007/s10096-016-2657-1. 
  54. Kirwan, B. (1994). A guide to practical human reliability assessment. Bristol, PA: Taylor & Francis. ISBN 978-0-7484-0052-2. 
  55. Lou, Amy H.; Elnenaei, Manal O.; Sadek, Irene; Thompson, Shauna; Crocker, Bryan D.; Nassar, Bassam A. (1 October 2017). "Multiple pre- and post-analytical lean approaches to the improvement of the laboratory turnaround time in a large core laboratory" (in en). Clinical Biochemistry 50 (15): 864–869. doi:10.1016/j.clinbiochem.2017.04.019. https://linkinghub.elsevier.com/retrieve/pii/S0009912017303284. 
  56. McDonald, Michael J.; Rice, Daniel P.; Desai, Michael M. (1 March 2016). "Sex speeds adaptation by altering the dynamics of molecular evolution" (in en). Nature 531 (7593): 233–236. doi:10.1038/nature17143. ISSN 0028-0836. PMC PMC4855304. PMID 26909573. http://www.nature.com/articles/nature17143. 
  57. Yu, S.W.; Chou, K.S. (2001). Introduction to Chemical Process Safety. GauLih Book Co., Ltd. 
  58. 58.0 58.1 58.2 Oliveira Marques, Karuliny Cristie; Yoshida, Lucas Silva; Teixeira de Siqueira Neto, Abilio; Dias, Acires (2017). "Risk analysis in chemistry laboratory". Procceedings of the 24th ABCM International Congress of Mechanicl Engineering (ABCM). doi:10.26678/ABCM.COBEM2017.COB17-1364. http://abcm.org.br/anais-de-eventos/COB17/1364. 
  59. Raab, Stephen S. (1 May 2006). "Improving Patient Safety Through Quality Assurance" (in en). Archives of Pathology & Laboratory Medicine 130 (5): 633–637. doi:10.5858/2006-130-633-IPSTQA. ISSN 1543-2165. https://meridian.allenpress.com/aplm/article/130/5/633/459841/Improving-Patient-Safety-Through-Quality-Assurance. 
  60. Skinhoj, P; Soeby, M (1 April 1981). "Viral hepatitis in Danish health care personnel, 1974-78." (in en). Journal of Clinical Pathology 34 (4): 408–411. doi:10.1136/jcp.34.4.408. ISSN 0021-9746. PMC PMC493301. PMID 7240429. http://jcp.bmj.com/cgi/doi/10.1136/jcp.34.4.408. 
  61. Hollensead, Sandra C.; Lockwood, William B.; Elin, Ronald J. (1 December 2004). "Errors in pathology and laboratory medicine: Consequences and prevention" (in en). Journal of Surgical Oncology 88 (3): 161–181. doi:10.1002/jso.20125. ISSN 0022-4790. https://onlinelibrary.wiley.com/doi/10.1002/jso.20125. 
  62. U.S. Food and Drug Administration (2020). "Investigations Operations Manual". U.S. Food and Drug Administration. https://www.fda.gov/inspections-compliance-enforcement-and-criminal-investigations/inspection-references/investigations-operations-manual. 
  63. Chiozza, Maria Laura; Plebani, Mario (1 January 2006). "Clinical Governance: from clinical risk management to continuous quality improvement". Clinical Chemistry and Laboratory Medicine (CCLM) 44 (6). doi:10.1515/CCLM.2006.127. ISSN 1434-6621. https://www.degruyter.com/document/doi/10.1515/CCLM.2006.127/html. 
  64. U.S. Chemical Safety Board (19 October 2011). "Texas Tech University Chemistry Lab Explosion, No. 2010-05-I-TX". U.S. Chemical Safety Board. https://www.csb.gov/texas-tech-university-chemistry-lab-explosion/. 
  65. Mortimer, Sharon T.; Mortimer, David (28 February 2015). Quality and Risk Management in the IVF Laboratory (2 ed.). Cambridge University Press. doi:10.1017/cbo9781139680936. ISBN 978-1-139-68093-6. https://www.cambridge.org/core/product/identifier/9781139680936/type/book. 
  66. Lemos, Janaína; Gaspar, Pedro D.; Lima, Tânia M. (17 August 2022). "Environmental Risk Assessment and Management in Industry 4.0: A Review of Technologies and Trends" (in en). Machines 10 (8): 702. doi:10.3390/machines10080702. ISSN 2075-1702. https://www.mdpi.com/2075-1702/10/8/702. 
  67. van Rossum, Huub H. (17 November 2022). "Technical quality assurance and quality control for medical laboratories: a review and proposal of a new concept to obtain integrated and validated QA/QC plans" (in en). Critical Reviews in Clinical Laboratory Sciences 59 (8): 586–600. doi:10.1080/10408363.2022.2088685. ISSN 1040-8363. https://www.tandfonline.com/doi/full/10.1080/10408363.2022.2088685. 
  68. Buratta, A. (1995). "External quality assessment programs in Lombardy, Italy". Annali dell'Istituto Superiore di Sanita 31 (1): 157–61. https://chemport-n.cas.org//chemport-n/?APP=ftslink&action=reflink&origin=npg&version=1.0&coi=1%3ACAS%3A528%3ADyaK2MXps1CrsL4%3D&md5=56d3b0432762c6ffc0cc078edf26b8a5. 
  69. Badrick, Tony (1 September 2021). "Integrating quality control and external quality assurance" (in en). Clinical Biochemistry 95: 15–27. doi:10.1016/j.clinbiochem.2021.05.003. https://linkinghub.elsevier.com/retrieve/pii/S0009912021001442. 
  70. World Health Organization (2016) (in en). WHO manual for organizing a national external quality assessment programme for health laboratories and other testing sites. Geneva: World Health Organization. ISBN 9789241549677. https://apps.who.int/iris/handle/10665/250117. 
  71. Libeer, Jean-Claude (2 April 2001). "External quality assurance programmes in medical laboratories" (in en). Accreditation and Quality Assurance 6 (4-5): 151–153. doi:10.1007/PL00013513. ISSN 0949-1775. http://link.springer.com/10.1007/PL00013513. 
  72. Sturgeon, Catharine (2013), Wheeler, Michael J., ed., "External Quality Assessment Schemes for Immunoassays" (in en), Hormone Assays in Biological Fluids (Totowa, NJ: Humana Press) 1065: 291–305, doi:10.1007/978-1-62703-616-0_19, ISBN 978-1-62703-615-3, https://link.springer.com/10.1007/978-1-62703-616-0_19. Retrieved 2023-05-16 
  73. 73.0 73.1 73.2 73.3 Casey, Eoghan; Souvignet, Thomas R. (1 November 2020). "Digital transformation risk management in forensic science laboratories" (in en). Forensic Science International 316: 110486. doi:10.1016/j.forsciint.2020.110486. https://linkinghub.elsevier.com/retrieve/pii/S0379073820303480. 
  74. Dror, Itiel E. (20 April 2018). "Biases in forensic experts" (in en). Science 360 (6386): 243–243. doi:10.1126/science.aat8443. ISSN 0036-8075. https://www.science.org/doi/10.1126/science.aat8443. 
  75. Dror, Itiel E. (1 June 2016). "A hierarchy of expert performance." (in en). Journal of Applied Research in Memory and Cognition 5 (2): 121–127. doi:10.1016/j.jarmac.2016.03.001. ISSN 2211-369X. http://doi.apa.org/getdoi.cfm?doi=10.1016/j.jarmac.2016.03.001. 
  76. Dror, I. (2012) (in en). Cognitive bias in forensic science. pp. 43–5. doi:10.1036/1097-8542.yb120321. https://www.accessscience.com/content/article/aYB120321. 
  77. Kassin, Saul M.; Dror, Itiel E.; Kukucka, Jeff (1 March 2013). "The forensic confirmation bias: Problems, perspectives, and proposed solutions." (in en). Journal of Applied Research in Memory and Cognition 2 (1): 42–52. doi:10.1016/j.jarmac.2013.01.001. ISSN 2211-369X. http://doi.apa.org/getdoi.cfm?doi=10.1016/j.jarmac.2013.01.001. 
  78. Dror, Itiel E.; Stoel, Reinoud D. (2014), Bruinsma, Gerben; Weisburd, David, eds., "Cognitive Forensics: Human Cognition, Contextual Information, and Bias" (in en), Encyclopedia of Criminology and Criminal Justice (New York, NY: Springer New York): 353–363, doi:10.1007/978-1-4614-5690-2_147, ISBN 978-1-4614-5689-6, https://link.springer.com/10.1007/978-1-4614-5690-2_147. Retrieved 2023-05-16 
  79. Edmond, G.; Tangen, J. M.; Searston, R. A.; Dror, I. E. (1 March 2015). "Contextual bias and cross-contamination in the forensic sciences: the corrosive implications for investigations, plea bargains, trials and appeals" (in en). Law, Probability and Risk 14 (1): 1–25. doi:10.1093/lpr/mgu018. ISSN 1470-8396. https://academic.oup.com/lpr/article-lookup/doi/10.1093/lpr/mgu018. 
  80. Mianes, Rodrigo Leão; ten Caten, Carla Schwengber (1 June 2017). "Organisation of proficiency schemes by testing and calibration laboratories" (in en). Accreditation and Quality Assurance 22 (3): 119–123. doi:10.1007/s00769-017-1260-1. ISSN 0949-1775. http://link.springer.com/10.1007/s00769-017-1260-1. 
  81. Tully, Gillian; Cohen, Neil; Compton, David; Davies, Gareth; Isbell, Roy; Watson, Tim (1 March 2020). "Quality standards for digital forensics: Learning from experience in England & Wales" (in en). Forensic Science International: Digital Investigation 32: 200905. doi:10.1016/j.fsidi.2020.200905. https://linkinghub.elsevier.com/retrieve/pii/S2666282519300374. 
  82. Burri, Xavier; Casey, Eoghan; Bollé, Timothy; Jaquet-Chiffelle, David-Olivier (1 June 2020). "Chronological independently verifiable electronic chain of custody ledger using blockchain technology" (in en). Forensic Science International: Digital Investigation 33: 300976. doi:10.1016/j.fsidi.2020.300976. https://linkinghub.elsevier.com/retrieve/pii/S2666281720300780. 
  83. Jaquet-Chiffelle, David-Olivier; Casey, Eoghan; Bourquenoud, Jonathan (1 June 2020). "Tamperproof timestamped provenance ledger using blockchain technology" (in en). Forensic Science International: Digital Investigation 33: 300977. doi:10.1016/j.fsidi.2020.300977. https://linkinghub.elsevier.com/retrieve/pii/S2666281720300834. 
  84. Murray, D. (20 March 2015). "Queensland authorities confirm ‘miscode’ affects DNA evidence in criminal cases". The Courier Mail. https://www.couriermail.com.au/news/queensland/queensland-authorities-confirm-miscode-affects-dna-evidence-in-criminal-cases/news-story/833c580d3f1c59039efd1a2ef55af92b. Retrieved 10 November 2022. 
  85. Margagliotti, Giulia; Bollé, Timothy (1 May 2019). "Machine learning & forensic science" (in en). Forensic Science International 298: 138–139. doi:10.1016/j.forsciint.2019.02.045. https://linkinghub.elsevier.com/retrieve/pii/S0379073819300726. 

Notes

This presentation is faithful to the original, with changes to presentation, spelling, and grammar as needed. The PMCID and DOI were added when they were missing from the original reference.