When a nurse recently asked me, “How does this interact with PSIRF?”, I knew we were onto something. Not because it was an unexpected question — but because it was the right question, asked by someone who lives the reality of what happens when patient safety incidents span more than one organisation.
The Patient Safety Incident Response Framework replaced the old Serious Incident Framework in 2022, and it represented a genuine philosophical shift. Move away from blame. Focus on systems. Understand how things happen, not just who was involved. Learn, improve, repeat.
It’s good policy. But it has an infrastructure problem that nobody is talking about.
The Cross-Provider Blind Spot in PSIRF Investigations
In October 2025, the Healthcare Services Safety Investigations Body published a report that laid it bare: investigations involving multiple providers are difficult for a single organisation to coordinate, and Integrated Care Boards haven’t always been able to provide the support needed for cross-provider investigations.
This shouldn’t surprise anyone working in healthcare. PSIRF asks investigators to take a system-based approach — to trace how an incident unfolded across the full patient journey. But what happens when that journey crosses two trusts, a private provider, and a GP practice?
Each organisation has its own incident reporting system, its own clinical records, its own governance structure. The investigator is left trying to reconstruct a system-level picture from fragments held in separate silos, each with different access controls, different data standards, and different institutional incentives around disclosure.
You can’t do systems-based investigation without systems-based data. And right now, that data infrastructure doesn’t exist.
What a PSIRF Investigation Actually Needs
Think about what an investigator needs to understand when a patient safety incident crosses organisational boundaries:
Who held clinical responsibility, and when did it transfer? Not just who the patient saw, but who was accountable for their care at each stage. In complex pathways — triage to virtual consultation to referral to treatment — responsibility can transfer multiple times, and the handover points are often where things go wrong.
What was the clinical intent behind each decision? A referral isn’t just a routing action. It carries clinical reasoning. If that reasoning isn’t captured and traceable, the investigator can’t assess whether the system supported good decision-making or undermined it.
Was consent valid and continuous? Consent isn’t a one-time checkbox. As care moves between providers, consent context needs to travel with it. An investigator needs to know not just that consent was obtained, but that it was appropriate to the context at each stage.
What alerts were raised, and who received them? If a deterioration alert fires in one system but the receiving organisation never sees it, that’s a system failure — not a human one. But you can only identify it if the alert pathway is traceable end to end.
What was the provenance of the clinical data? When records have been transformed, summarised, or re-entered as they move between systems, investigators need to know what the original data said, where it came from, and what happened to it in transit.
These aren’t exotic requirements. They’re the basic questions any competent investigation would ask. The problem is that the infrastructure to answer them — reliably, across organisational boundaries, in a standards-compliant way — simply isn’t there.
The Missing Layer: Continuous Clinical Safety Infrastructure
At Inference Clinical, we’ve been building what we call the Seven Flows — a framework for healthcare data governance that maps the essential information flows that must be traceable for safe inter-organisation care:
- Identity — verified, portable patient identity across providers
- Consent — dynamic, context-aware consent that travels with the patient
- Provenance — immutable lineage of clinical data as it moves between systems
- Clinical Intent — structured capture of the reasoning behind clinical decisions
- Alert & Responsibility — traceable accountability chains and escalation pathways
- Service Routing — auditable care pathway navigation
- Outcome — linked outcomes that close the loop on whether care achieved its aims
These aren’t theoretical constructs. They’re the data infrastructure that PSIRF investigations need but don’t currently have.
When all seven flows are instrumented, a PSIRF investigation doesn’t require months of cross-organisational archaeology. The provenance trail exists. The responsibility transfers are documented. The clinical intent is captured at source. The investigator can focus on understanding systemic factors rather than spending weeks just establishing what happened.
How PSIRF Interacts with DCB 0129 and DCB 0160
There’s an important relationship between PSIRF and DCB 0129/0160 — the clinical safety standards for health IT systems — that’s worth making explicit.
DCB 0129 and 0160 are about ensuring systems are designed safely. They require clinical risk management throughout the lifecycle of health IT. PSIRF is about what happens when things go wrong despite that — how organisations respond, investigate, and learn.
Both frameworks assume something that doesn’t yet exist at scale: traceable, standards-compliant data infrastructure that works across organisational boundaries.
Our platform sits underneath both. It provides the continuous data layer that makes DCB compliance demonstrable in operation — not just in documentation — and gives PSIRF investigators the cross-provider evidence trail they need to conduct genuine systems-based investigations.
Compliance as infrastructure, not overhead.
From Silos to Systems
The nurse who asked the PSIRF question understood something instinctively: you can’t investigate a system you can’t see. Every clinician who’s been through a cross-provider incident investigation knows the frustration of incomplete pictures, missing context, and conclusions that address symptoms rather than causes.
PSIRF got the philosophy right. The shift to systems thinking, compassionate engagement, and proportionate response is exactly what healthcare safety needs. But philosophy without infrastructure is aspiration. And right now, the infrastructure gap between organisations is where learning goes to die.
The good news is that this is a solvable problem. Not by building another monolithic national system, but by instrumenting the flows between existing systems — making the inter-organisational space visible, traceable, and safe.
That’s what we’re building. And if you’re a Clinical Safety Officer, a PSIRF lead, or anyone who’s tried to investigate a patient safety incident across organisational boundaries, we’d love to hear your story.
