The Severity Assessment Code (SAC) Matrix is a risk assessment tool widely used in healthcare to evaluate and categorize the severity of incidents, near misses, and adverse events. By assigning numerical scores to events, SAC helps healthcare organizations prioritize responses, allocate resources, maintain patient care standards, and ensure operational resilience.
Table of Contents
Purposes of the SAC Matrix
The SAC Matrix plays a critical role in healthcare organizations by offering a structured approach to managing incidents and events. Its main purposes and benefits include:
1. Risk Prioritization and Incident Classification
The primary purpose of the SAC Matrix is to prioritize incidents based on their severity and likelihood of occurrence. This allows healthcare organizations to differentiate between high-risk and low-risk incidents, ensuring that serious events receive immediate attention. Prioritizing incidents helps allocate resources effectively and ensures that critical incidents undergo thorough investigation.
2. Standardization of Incident Reporting
The SAC Matrix provides a consistent and objective framework for assessing incidents across all departments. This uniform approach eliminates subjective decision-making in incident evaluation. Standardization enhances transparency, fairness, reduces bias in assessments, and improves communication across multidisciplinary teams.
3. Compliance with Regulatory Requirements
Healthcare regulatory bodies, such as the Australian Commission on Safety and Quality in Health Care (ACSQHC) and The Joint Commission (USA), mandate the reporting of certain incidents. The SAC Matrix helps organizations determine which incidents are reportable and the required level of investigation, avoids penalties, and maintains accreditation.
4. Enhancing Patient Safety and Quality Improvement
The SAC Matrix supports proactive patient safety initiatives by identifying risks and areas needing improvement. Incidents categorized under higher SAC scores trigger in-depth investigations like Root Cause Analysis (RCA), which lead to the implementation of corrective and preventive actions. This systematic approach helps prevent recurrence of incidents, fostering a culture of continuous improvement.
5. Resource Allocation and Decision-Making
By categorizing incidents according to their severity and likelihood, the SAC Matrix assists in allocating resources for investigation and corrective actions. High-severity incidents receive more immediate and comprehensive responses. Efficient resource allocation prevents wastage and ensures that high-risk events are addressed swiftly, while lower-risk events are managed appropriately without overburdening staff.
Key Components of the SAC Matrix
The SAC methodology comprises of three key components:
- Severity (Consequence) Level – This component assesses the potential impact or level of harm of the incident on patients, staff, operations, and reputation. Severity can have four levels (e.g. minor, moderate, major, severe/critical) or five levels (e.g. minimum, minor, moderate, major, severe/critical).
These categories apply to actual incidents and near misses (close calls). For actual patient safety incidents, assign severity based on the patient’s actual condition. If the event is a near miss, assign severity based on the most likely “worst case” scenario. - Probability (Likelihood) Level – This component evaluates the probability of the incident occurring or recurring. Like severity, the probability level can be four levels (e.g. rare, unlikely, possible, likely) or five levels (rare, unlikely, possible, likely, frequent). The latter offers greater granularity.
To assign a probability rating for an incident or near miss, it is ideal to have data on how often it occurs at your facility. If data is not available, then seek informal opinion from staff who are familiar with those events, or it will have to be your best educated guess. - SAC Score – The combined assessment of severity and likelihood results in a SAC score (e.g., SAC 1, 2, 3 or SAC 1, 2, 3, 4), which determines the level of response, types of investigation, and action required. SAC score also defines which incidents are reportable to government health agencies.
Variations in SAC Scoring: SAC 1-3 vs. SAC 1-4
Some healthcare systems use a three-level SAC scale (1-3), while others use a four-level SAC scale (1-4). Usually, a scale of 1 means it is a high risk and SAC 3 or SAC 4 mean low risk. However, some organizations may use the scale in a reversed order.
SAC 1-3 Model
- SAC 1 – High risk (severe impact)
- SAC 2 – Medium risk (moderate impact)
- SAC 3 – Low risk (Minor harm or negligible impact)
| SAC 1-3 | |||||
| SEVERITY | |||||
| Critical | Major | Moderate | Minor | ||
| POSSIBILITY | Likely | 1 | 1 | 2 | 3 |
| Possible | 1 | 2 | 3 | 3 | |
| Unlikely | 1 | 2 | 3 | 3 | |
| Rare | 1 | 2 | 3 | 3 | |
SAC 1-4 Model
- SAC 1 – Extreme risk (catastrophic / critical impact)
- SAC 2 – High risk (major impact)
- SAC 3 – Medium risk (moderate impact)
- SAC 4 – Low risk (minor or no harm)
The SAC 1-4 model offers more granularity, particularly for medium and low-risk events, making it more suitable for environments where a more detailed risk assessment is required.
| SAC 1-4 | ||||||
| SEVERITY | ||||||
| Critical | Major | Moderate | Minor | Minimum | ||
| POSSIBILITY | Frequent | 1 | 1 | 2 | 3 | 3 |
| Likely | 1 | 1 | 2 | 3 | 4 | |
| Possible | 1 | 2 | 2 | 3 | 4 | |
| Unlikely | 1 | 2 | 3 | 4 | 4 | |
| Rare | 2 | 3 | 3 | 4 | 4 | |
| SAC Score | Risk Level | Action Required |
| SAC 1 | Extreme risk | Immediate action required. Externally reportable incident within a short timeline. Thorough investigation and RCA required. Notify relevant agencies and submit detailed report. |
| SAC 2 | High risk | Notify senior management. Urgent corrective actions needed. Detailed investigation and RCA required. |
| SAC 3 | Medium risk | Management responsibility must be specified. Undertake all necessary corrective actions. Initiate improvement project. |
| SAC 4 | Low risk | Manage by routine procedure. Aggregate data on incidents of similar nature and undertake an improvement project. |
It is essential to note that the SAC Matrix, along with the criteria for reportable incidents and the necessary actions, may differ depending on health agency guidelines or organization policies.
Use Cases of SAC Matrix in Healthcare
| Use Case | Description | Severity | Probability | SAC Score | Action Priority |
|---|---|---|---|---|---|
| 1. Wrong medication administered to patient in a complex medication regime | Patient given incorrect drug causing severe adverse reaction resulting in permanent harm | Critical | Possible | SAC 1 (Extreme Risk) | Immediate action required, external reporting, thorough investigation and root cause analysis |
| 2. An elderly patient falls and sustains in Injury | Patient falls and fractures hip despite using a fall risk protocol | Major | Unlikely | SAC 2 (High Risk) | Incident review, implement enhanced fall-prevention strategies, notify senior management |
| 3. Near-Miss in laboratory results | Critical potassium level nearly misreported but caught in time; previous similar near miss reported | Minor | Possible | SAC 3 (Medium Risk) | Management responsibilities must be specified. Staff reminder of double-checking protocols. Aggregate data for improvement initiative |
| 4. Data breach exposing patient information | Data breach due to inadequate security measures | Critical | Likely | SAC 1 (Extreme Risk) | Immediate action to secure the affected systems, notify impacted individuals, external reporting on PDPA agency required |
| 5. Equipment Malfunction | A critical equipment fails during a procedure. Equipment is regularly maintained | Critical | Rare | SAC 2 (High Risk) | Urgent repair/replacement, equipment maintenance checks, notify senior management, external reporting required |
| 6. Incorrect patient meal served | A diabetic patient is mistakenly given a high carbohydrate meal but notice the error and does not eat it. No similar case reported | Minor | Unlikely | SAC 4 (Low Risk) | Manage by routine procedures. Staff training on dietary restrictions, implementation of barcode meal scanning, and internal review. |
The SAC Heat Map below shows the severity and probability of the six use cases listed in the table above.
| SAC 1-4 | ||||||
| SEVERITY | ||||||
| Critical | Major | Moderate | Minor | Minimum | ||
| POSSIBILITY | Frequent | |||||
| Likely | 4 | |||||
| Possible | 1 | 3 | ||||
| Unlikely | 2 | 6 | ||||
| Rare | 5 | |||||
Conclusion
The Severity Assessment Code (SAC) is an essential tool for evaluating incidents within healthcare organizations. By providing a clear and standardized assessment method, SAC scores help in prioritizing responses, allocating resources, ensuring compliance, and efficiently notifying stakeholders. Understanding and utilizing SAC scores is essential for ensuring high standards of patient care, safeguarding sensitive data, and minimizing operational disruptions.
Related blog: Proactive Risk Assessment Methods You Should Know
Risk assessment is one of the key steps in QUASR incident management workflow. Quality team can use the severity and probability sliders to determine the SAC score of 1 to 4 for each incident. Contact us to learn more.
Start your 14-day free trial or get a demo of our premium software.
