Never Events framework consultation

Responding to the consultation:

We are asking whether, on balance, you think the Never Events framework is an effective mechanism to drive patient safety improvement; and bearing in mind the evidence in this consultation document, which one of the following options you prefer for its future. 

  • Option 1: No change; continue with the current framework
  • Option 2: Abolish the Never Events framework and list
  • Option 3: Revise the list of Never Events to only include those with current barriers that are ‘strong, systemic, protective’
  • Option 4: Revise the definition of and process for Never Events to create a new system that does not require all relevant incidents to be ‘wholly preventable’.

The consultation will close at midnight on 5 May 2024.


Never Events are currently defined as patient safety incidents that are “wholly preventable because guidance or safety recommendations that provide strong systemic protective barriers are available at a national level and should have been implemented by all healthcare providers” (Never Events policy and framework, revised 2018).

The Never Events framework defines a strong systemic protective barrier as one that is “successful, reliable and represents comprehensive safeguards or remedies that stop a particular safety concern from occurring and causing harm to a patient”; for example, a uniquely designed connector between a syringe/giving device and a line or needle that stops a medicine being given by the wrong route.

However, two reports have highlighted that controls are not strong enough for some types and subtypes of Never Events:

“NHS Improvement [now part of NHS England] should work with professional regulators and royal colleges to review the Never Events framework, focusing on leadership and safety culture, and exploring the barriers to preventing errors such as human behaviours.”

  • The Healthcare Safety Investigation Branch’s (HSIB) Never Events: analysis of HSIB’s national investigations (2021), which used the Systems Engineering Initiative for Patient Safety (SIEPS) (Carayon et al, 2006) to analyse its 10 investigations (covering 7 Never Event categories) into Never Events (HSIB 2018a–c, 2019a–c, 2020a–c, 2022). HSIB found some barriers were neither strong nor systemic and concluded that the events were not wholly preventable and therefore did not meet the Never Event’s definition. HSIB made two key recommendations: first to review and revise the Never Events lists; and second to commission programmes of work to find strong and systemic barriers in relevant areas.

These findings and recommendations prompted the national Patient Safety Team at NHS England to run focus groups with relevant experts, including leading clinicians and patient safety partners (patient and lay representatives), to assess the strength of existing controls, consider the potential for future controls and better understand the impact of the Never Events list on improving patient safety.

Given our findings from these focus groups, alongside those of relevant CQC, HSIB and NHS England’s reports, we are now undertaking a public consultation on four options for the future of the framework.

Why are we considering change?

Since its inception in 2009, the Never Events list and framework has been regularly reviewed and updated, in response to evolving safety intelligence and the development of new equipment and technologies. For example, wrong tooth extraction was removed from the wrong site surgery category in 2018 following feedback from stakeholders that the controls were not robust enough to make the incident wholly preventable.

The consultation proposals will not affect how services are delivered to patients; it aims to clarify the definition of Never Events and asks whether the current Never Event framework is an effective mechanism to drive patient safety improvement.

The hierarchy of controls

We know from HSIB’s report in 2021 that some Never Event controls do not wholly prevent the event and therefore the event does not meet the Never Event’s definition.

The hierarchy of controls is a system of determining which actions will best control exposure to a hazard, or mitigate the risk of an incident occurring. It is used most often in the context of health and safety (Centre for Disease Control and Prevention, 2015), and we adopted and adapted its principles to examine clinical safety risks in the context of Never Events.

From the most to the least effective, the five levels in the hierarchy are:

  1. Elimination: the hazard is physically removed and with this the risk is eliminated.
  2. Substitution: the hazard is replaced with one less likely to cause patient harm, thereby preventing the event occurring.
  3. Engineering controls: the environment is redesigned to restrict or limit access to the hazard (eg storage in controlled drugs cupboard) or equipment is changed to make it harder for harm to occur (eg connectors that are compatible only with the correct device).
  4. Administrative and behavioural controls: these rely on changing the way people work and therefore human interactions. For example, where harm results from knowledge or rule-based errors, controls could include restricting a procedure to specific skilled staff, by creating a competency-based framework to manage who can perform certain tasks or to require a senior review of a task to confirm it has been conducted appropriately. Where the error is a result of lapses in concentration, controls could include memory aids, checklists and minimising distractions. Whereas for routine violations, the focus would be making the desired action easier to do, such as placing hand sanitising gel at the point of care.
  5. General behavioural advice: such as hand hygiene campaigns and encouraging staff to take breaks.

The first three controls are system focused* and only these constitute a strong, systemic protective barrier. However, the prevention of many current Never Events, including the surgical Never Events (wrong site, wrong implant, retained foreign object) relies on administrative and behavioural controls (see analysis below), which are people-focused. With such controls the event is not ‘wholly preventable’ and therefore does not meet the definition of a Never Event. Both CQC and HSIB give that as a key reason in their reports for why certain types of Never Events were proving intractable.

* The concept of people-based controls being distinct from system-based controls is reflected in the hierarchy of intervention effectiveness (Cafazzo and St-Cyr, 2012) used by HSIB. This hierarchy is a tool for ranking the effectiveness of measures used to reduce the risk of a safety event. Measures that rely on human actions are considered to be less effective.

Impact on staff

We also know from the CQC and HSIB reports that the current Never Events’ definition implies some events classified as Never Events are more ‘preventable’ than they actually are. If an event is not wholly preventable, it will inevitably occur despite adherence to recommended controls.

Normal accident theory supports this: “…no matter how hard we try there will be serious accidents because of the interactive complexity (which allows the inevitable errors to interact in unexpected ways and defeat safety systems) and tight coupling (in which small errors propagate into major ones) of most risky systems” (Perrow, 1984).

Considering this theory and the over-reliance on people-focused controls identified by HSIB and CQC, the use of the term ‘Never Event’ for incidents that will inevitably occur seems misplaced, and the subsequent scrutiny can have significant negative impact on staff wellbeing and their careers. We know staff are often subject to significant scrutiny in the aftermath of a Never Event by both their organisation and regulatory bodies, and national policy requirements mean that these events trigger intensive responses regardless of the potential for learning and improvement (Moppett, 2016).

Put another way, some Never Events under the current definition occur despite the staff involved doing what they are asked to do. However, the signal sent when a Never Event occurs is that staff failed to do so. This is not consistent with a Just Culture.

Effectiveness of the Never Events framework

Assessment of trends in the occurrence of Never Events is challenging because the Never Events list and definition have been reviewed and updated regularly since their introduction.

Data indicates that the prevalence of some Never Events has reduced and these are largely those with stronger controls, such as elimination, substitution and engineering controls. The occurrence of those with weaker controls remains relatively static, indicating that their inclusion on the framework does not drive down their frequency.

This is important because the widely held view is that inclusion of an incident type in the Never Events framework provides a significant lever to drive safety improvement. This is referenced in the framework itself:

“[Never Events] may highlight potential weaknesses in how an organisation manages fundamental safety processes and so this policy and framework provide the NHS with an essential lever for improving patient safety” (Never Events framework, 2018).

If we assume the controls associated with each Never Event do make that event ‘wholly preventable’, then the occurrence of that Never Event should be a strong indicator that the relevant control has not been correctly implemented and it is this that needs to be addressed. While this appears to be borne out for some Never Event types such as unintentional connection to an air flowmeter, it is notably not the case for other Never Event types as highlighted by HSIB and CQC.

It can also be argued that the driver of improvement it is not the inclusion of an event type on the list, but the creation and promotion of effective controls. For example, for unintentional connection to an airflow meter, the driver of improvement was likely the mandate to remove all airflow meters via a National Patient Safety Alert, not the inclusion of the event type in the Never Events list (see further discussion below).

Air flowmeters attached to piped medical air outlets are primarily used to drive the administration of nebulised medication; typically for short periods to manage respiratory conditions. Due to the proximity of the piped medical air and oxygen outlets at the bedside, and the similarity in design of flowmeters, there is a significant risk when using air flowmeters that patients may be inadvertently connected to medical air instead of oxygen.
The National Patient Safety Alert asked providers to purchase alternative devices that do not require medical air to be delivered via an air flowmeter, and following this, to discard all medical air flowmeters except those tethered to equipment for niche use, and to reversibly cap off all medical air outlets that are no longer required. These actions eliminate the risk and create a strong barrier.

Safety intelligence data gathered from incident reporting since the first alert was issued in 2016 showed a continuous reduction in the number of gas misconnections from 50 in 2018/19 to 8 in 2022/23.

As improvement is the purpose of the Never Events framework, what we do next will require finely balanced judgement, supporting the need for a national consultation.

Assessing the strength of the controls

Following publication of the CQC and HSIB reports questioning the strength of the barriers/controls referenced in the Never Events framework, the national patient safety team examined those controls, starting with a review of published research, including all relevant HSIB national investigation reports, and followed by focus groups with key stakeholders. Each of these groups focused on a specific category or subcategory of Never Event (where relevant), to consider if the existing controls are strong enough to prevent occurrence, if they meet the definition of a strong, systemic barrier under the hierarchy of controls, and if there are any opportunities to strengthen existing controls or any new systems-based controls in development.

The controls were then also assessed against the hierarchy of controls to stratify their relative strength and distinguish between system-focused and people-focused controls. Each type of Never Event was assigned a primary control type, recognising that additional safeguards would also likely be in place as part of a comprehensive approach to risk management.

The table below summarises this assessment. Further detail on the current controls and rationale for inclusion against the control type is given in the appendix.

 Primary control typeType/subtype of Never Event
System-focusedElimination Physically remove the hazardUnintentional connection of a patient requiring oxygen to an air flowmeter
Substitution Replace the hazardMis-selection of high strength midazolam during conscious (moderate) sedation
Redesign and engineering controls Design-out the hazard or restrict access to the hazardUnintended administration of concentrated potassium chloride
Administration of medication by the wrong route: intravenous chemotherapy by the intrathecal route
Overdose of methotrexate for non-cancer treatment
Overdose of insulin due to abbreviations in an electronic prescribing system
Overdose of insulin due to withdrawing insulin from an insulin pen
Failure to install functional collapsible shower or curtain rails
Falls from poorly restricted windows
Chest or neck entrapment in bed rails
Scalding of patients
Controls that do not meet the criteria for a ‘strong systemic barrier’
People-focusedAdministrative and behavioural controls that are appropriate to the error type Change the way people workWrong site surgery
Wrong implant/prosthesis
Retained foreign object post procedure
Misplaced naso- or oro-gastric tubes*
Transfusion or transplantation of ABO-incompatible blood components or organs
Administration of medication by the wrong route: oral/enteral medication or feed/flush by any parenteral route*
Overdose of insulin due to incorrect device (ie insulin syringe or insulin pen)*

* Redesign and engineering controls exist but only as part of a two-stage process; the first step relies on administrative or behavioural controls.


As shown in the above table, a number of the Never Event types specified in the national framework do not meet the current definition of a Never Event, as previously noted by CQC and HSIB in their respective reports. To ensure that the Never Events strategy continues to evolve effectively and is fit for purpose, four options are presented below for national consultation.

Option 1: No change; continue with the current framework

This option would mean continuing with the current Never Event list and framework unchanged. The existing framework, terminology and definition are widely understood and the application of the framework is well embedded as ‘business as usual’ across the NHS. Various governance and oversight processes in place in providers and systems use the reporting of a Never Event to trigger defined responses and as a mechanism for assuring the safety of services.

This option would mean not responding to the recommendations from CQC, HSIB and the focus groups, and therefore not take account of our current understanding of safety science. The potential for unintended consequences for members of staff involved in Never Events would remain.

Option 2: Abolish the Never Events framework and list

There is an argument that in the context of our current understanding of safety science, the designation of some patient safety incidents as ‘Never Events’ is not evidence-based and does not drive improvement, and exposes staff to undue scrutiny.  

However, there are counter arguments that the Never Events framework serves as a strong lever to improve patient safety by drawing attention to, and triggering a significant response to, a subset of patient safety incidents. An organisation’s response to Never Events can also serve as a good indicator of its overall patient safety culture, so some argue that to remove the Never Events framework may be perceived as a shift away from making patient safety a priority.

It is certainly the case that the 400 or so Never Events reported annually do attract significant attention, particularly when considered in the context of the total number of patient safety incidents reported annually; around 2.4 million. Some suggest this attention is disproportionate and resources would be better allocated to those patient safety incidents that result in more significant harm or are more widespread.

Option 3: Revise the list of Never Events to only include those events with current barriers that are ‘strong, systemic, protective’

This option would retain the current framework for Never Events, but with a list revised to only include events that have barriers classified as elimination, substitution or engineering and redesign controls, as these constitute a strong system-focused barrier. Never Events that have people-focused barriers (that is, administrative or behavioural controls) would be removed, as per the outcomes table above. This option meets the recommendations from HSIB and CQC.

This option represents a significant change and would mean removal from the list of several incident types that could be considered ‘architypes’ for the concept of Never Events.

We anticipate that this option would significantly reduce the number of incidents in the NHS that can risk unintended consequences for staff; that is, those incidents that are considered ‘wholly preventable’ and require investigation by being on the list, but do not have strong enough controls to be ‘wholly preventable’.

Significant focus would continue on the occurrence of those Never Event types remaining on the list, and the list should more closely represent the existing intent of the Never Events framework, which is to highlight incidents that indicate “potential weaknesses in how an organisation manages fundamental safety processes” (Never Events policy and framework, 2018).

Option 4: Revise the definition of and process for Never Events to create a new system of reportable events that does not require all relevant incidents to be ‘wholly preventable’

This option would require a change in our approach to the identification of reportable events and selection of incident types to include on the list. It would allow us to define and require a specific focus on patient safety incidents that occur despite all known controls being put in place. This means that events that are mitigated only by people-focused controls such as standardised checklists could meet revised criteria for inclusion.

It is worth noting that without the definition of a Never Event requiring there to be strong system-focused barriers, this option has the potential to lead to many more types of incident being in scope for inclusion on the list. It would necessitate a new process and criteria for considering which incident types are designated as ‘reportable events’ with a regular review period, and consideration of a name change to move away from the implied meaning of the term ‘Never Event’.

Of note, the Patient Safety Incident Response Framework (PSIRF) requires that organisations follow national requirements for mandated incident types, so this option would not change the application of PSIRF.

Further consultation and discussion would likely be required to determine the specific operation of this new framework as this option would be an overhaul of the existing framework. However, two likely implementation models are offered for consideration:

  1. Never Events could be redefined as ‘serious, largely preventable and harmful clinical events’ (in line with the US system known as serious reportable events). Events could be placed on the list to identify areas of particular interest within the system and these regularly reviewed (for example, every 3 years) by the national Patient Safety Team. The list could be capped at a maximum number of incident types (for example, 10), and criteria for inclusion could be based on intelligence from patient safety incident data and opportunity to drive safety improvement in priority areas. While the hierarchy of controls would still be considered in terms of the effectiveness of controls, the criteria for inclusion would focus on national safety priorities. Reporting would provide insights into how fundamental system safety processes can be improved. With this option, it could be appropriate to no longer refer to Never Events but to ‘Priority Safety Events’ or similar.
  2. A two-tiered system based on the hierarchy of controls could be introduced, one which continues to recognise a small number of Never Events that through system-focused barriers are ‘wholly preventable’, as well as a list of ‘serious, largely preventable and harmful clinical events’ as described in option A. There would be a cap on the number of second-tier events on the list, but not on events meeting the criteria of ‘wholly preventable’.

We recognise the need to ensure that any new approach to the national identification of reportable events does not expose staff to additional scrutiny and follows the principles of Just Culture. 

Responding to the consultation

As mentioned at the start of this document, you can contribute to the consultation by sharing your preferred option for the future of the Never Events framework. You can do this by completing our consultation questionnaire:, which closes at midnight on 5 May 2024. Following the consultation closure, we will review the responses and engage further with stakeholders including patient safety partners on next steps.