Dr Mark Charny discusses how to manage records, and the difference between critical incident and significant event audits


Q Are there any guidelines on how long clinical audit reports should be kept? We are establishing a centralised audit department for our trust and are aware that any patient-identifiable information should be destroyed as soon as the report is completed, but it is the actual audit report I am concerned with.

A There is no legal requirement to carry out clinical audit, and therefore, contrary to the position regarding clinical care, there is no requirement to maintain and keep records. There appear to be no guidelines on how long clinical audit reports should be kept. There is no legal privilege in respect of information about clinical audit. Therefore, if records are kept, patients or their representatives can require disclosure of the material if, for example, it appears to be relevant to a legal action. If records are not kept, they cannot be disclosed. Provided the records have not been destroyed in order to frustrate the legal process, this is not a matter for which the clinicians, or the organisation, can be criticised. If, as your question suggests, patient-identifiable information has been removed, disclosure may be impossible in any case.

Every organisation should have its own records management policy (which should cover clinical audit), and records should be held or destroyed in accordance with that policy. Where there is discretion, as with clinical audit, the policy should reflect the purposes for which records are made.

For many clinical audits, there is no reason why records should be maintained once the peer review process has been completed. However, in some cases, such as audits involving before-and-after comparisons (for example before and after the introduction of an integrated care pathway or a departmental reorganisation), the records for the initial or baseline audit will need to be kept so that they can form part of the peer review once the repeat audit has taken place.

In order to support good clinical care, and to show patients and professional bodies that audit is competently carried out, some records might be kept for as long as patient records: a list of what audits have taken place, and what actions were taken as a result (in the form of, say, an annual report) might be kept for some years.

The records management policy should distinguish between different types of record associated with audit: patient-identifiable information, details of peer-review discussions and actions, and an overall statement about audits that have been undertaken and the outcome of those audits.

Q What is the difference between a critical incident audit and a significant event audit?

A Methodologically, these two forms of audit are the same. In both audits, you define a situation that merits attention. When this situation occurs, the care of the patient is reviewed. The only difference is that in a critical incident audit the event had, or could have had, serious consequences for the patient: for example, loss of a large amount of blood following childbirth (even if the outcome was satisfactory because of good emergency care), or the failure to diagnose meningococcal meningitis in a child at the first consultation. In the case of a significant event audit, the event is not necessarily so dramatic, and can even be positive: for example, you might review all cases in which the door-to-needle time for thrombolytic therapy is particularly short.

Guidelines in Practice, February 2003, Volume 6(2)
© 2003 MGP Ltd
further information | subscribe