Safety barrier analysis and defense in depth
What is Safety barrier analysis and defense in depth?
Safety barrier analysis applies the Swiss cheese model — James Reason's foundational contribution to patient safety theory — as a practical analytical tool for understanding why multiple layers of defense failed to prevent an adverse event. The Swiss cheese model describes complex systems as having multiple layers of protection, each imperfect (with holes, like Swiss cheese), but collectively sufficient to prevent harm when the holes don't align. Adverse events occur when a series of failures — in different barriers, at different levels of the system — line up to create an unobstructed pathway from threat to harm.
Barrier analysis systematically identifies the defenses that should have prevented a specific adverse event, determines whether each defense was present, whether it functioned as designed, whether it was bypassed, or whether it was absent entirely, and traces the reasons for each barrier failure back through the system. This produces a defense-in-depth picture: not just 'what failed?' but 'which of our barriers failed, why did each one fail, and what does the pattern of barrier failures tell us about systemic weaknesses in our defense structure?'
Modern patient safety programs distinguish between preventive barriers (which prevent the initiating event from reaching the patient) and recovery barriers (which limit harm after an initiating event has occurred). A complete barrier analysis addresses both: it identifies which preventive barriers failed to stop the event and which recovery barriers failed to limit the harm after the event began. This distinction is particularly important for healthcare events that were initially limited in severity but escalated — where the recovery barrier analysis reveals why the harm was not contained once the initial failure occurred.
When to use it
Use barrier analysis for events where multiple safety checks, protocols, or verification steps should have prevented the adverse outcome but did not — medication events that bypassed barcode medication administration and pharmacist review, patient identification failures that bypassed multiple verification points, surgical events that bypassed the time-out protocol. Barrier analysis is also valuable proactively: auditing whether the barriers in a high-risk process are actually functioning as designed, or whether degradation is occurring before an adverse event makes it visible. Use barrier analysis in conjunction with bow-tie diagrams to translate barrier effectiveness findings into a format that communicates clearly to leadership and governance bodies.
Healthcare example
A patient safety team conducted a barrier analysis following a medication event in which a patient received a dose of heparin intended for a different patient in the same room. The process had four barriers designed to prevent this type of event: nurse confirmation of patient identity at medication preparation, barcode medication administration (BCMA) scanning at the bedside, a second nurse independent double-check for high-alert medications, and automated pharmacy verification before dispensing. The barrier analysis found that all four barriers had either failed or been bypassed: the bedside identity confirmation was not documented (barrier absent for this event), BCMA scanning was bypassed using an override code that generated a non-verified alert rather than a hard stop, the double-check was completed but both nurses were looking at the same label rather than independently verifying against the MAR, and the pharmacy verification had flagged the weight-based dose as within normal range because the weight in the system was from a previous admission rather than current. Each barrier had failed in a different way — absence, bypass, process execution failure, and data accuracy failure — illustrating that a barrier's presence on paper does not equal barrier effectiveness in practice.
How ImprovementFlow supports Safety barrier analysis and defense in depth
ImprovementFlow's event reporting captures which safety protocols were active, which were bypassed, and which were absent at the time of the event — providing the structured data that barrier analysis requires rather than relying on post-event recall.
Process reliability tracking monitors compliance rates for critical barrier processes — BCMA scanning, patient identification verification, high-alert medication double-checks — over time, revealing degradation trends before they manifest as adverse events.
When event data shows that a specific barrier is being bypassed or is performing below target compliance rates, ImprovementFlow's improvement project framework provides the structure to investigate the cause of the barrier degradation and design a targeted intervention.
Barrier effectiveness trending allows quality leaders to see, over a rolling time period, which defenses are strengthening and which are weakening — rather than discovering barrier degradation only after an adverse event.
Integration between safety event data, process compliance data, and improvement project records enables a closed-loop barrier management approach: identify degrading barriers through event and compliance data, investigate root causes, implement improvements, and verify that barrier effectiveness is restored.
See how ImprovementFlow supports your analysis work
Most customers begin with safety reporting or huddle boards and expand from there. No enterprise commitment required.