Culture Follows Structure

19 Jun 2026

Structural change must come before cultural change in patient safety.

Professor Ted Baker, Chair of the Health Services Safety Investigations Body (HSSIB) and the Independent Advisory Group for the HQIP-hosted Medical & Surgical Clinical Outcome Review Programme, is a key speaker during Clinical Audit Awareness Week 2026; featuring in the Data-Informed Improvement: From Insight to Impact morning webinar on Friday 26th June 2026. In this article, he explains more about his presentation, and the lessons that can be learned from regulatory and safety bodies in using audit data for improvement.

The exhortation problem

Read the recommendations of any major patient safety inquiry of the past thirty years and you will find, somewhere near the end, a call for cultural change. Each was followed by initiatives, frameworks, leadership programmes and organisational pledges to improve. And in each case, the same cultural failures have recurred, sometimes within the same organisations.

This is not because those leading the initiatives were wrong or lacking in commitment. It is because culture cannot be changed by telling people to change. Culture is an emergent property of the structural conditions in which people work. Change those conditions and culture tends to follow. Leave them intact and culture reverts, regardless of how many training days, values statements or staff engagement programmes are deployed. Healthcare has spent the better part of three decades trying to change culture by exhortation while leaving the structural conditions that produce bad culture largely intact. The result is a system that generates the same inquiries, produces the same recommendations, and regularly experiences the same failures.

Structural conditions

By structural conditions, I mean something specific, the formal systems, accountabilities, processes and incentives within which clinical work takes place, who is responsible for what, how risks are identified and managed, how learning is protected and shared, and what behaviours the organisation rewards or sanctions in practice rather than in theory.

During my time as Chief Inspector of Hospitals at the CQC, I visited hundreds of NHS organisations. The ones with the strongest safety cultures were not the ones with the most impressive values statements. They were the ones where accountability was clear, where risk was actively managed rather than defensively reported, where leaders asked hard questions rather than sought reassurance, and where staff genuinely believed that raising a concern would make a difference. Those are structural features, the conditions from which a genuine learning culture can grow.

Where those conditions are absent, the culture of silence and self-protection is not a failure of values. It is a rational adaptation to the environment. Staff are not telling us something about their character when they stay quiet. They are telling us something about the system they are working in.

What other industries learned

Aviation, nuclear power and rail achieved transformative reductions in harm by building safety management into the formal structure of how organisations operate, and making those structures a regulatory requirement. A safety management system has four elements. Safety policy establishes clear organisational intent with named accountabilities at the most senior level. Risk management proactively identifies hazards and implements controls before harm occurs. Safety assurance checks that those controls are working honestly, not to produce comforting dashboards but to surface genuine risk. Safety promotion creates the culture of learning, honest reporting and continuous improvement.

You cannot promote a culture of learning if risk management is not honestly identifying what needs to be learned from. You cannot promote a culture of candour if safety policy is vague about who is responsible when things go wrong. In aviation, a safety management system is a regulatory requirement without which an airline cannot operate.

The healthcare gap

Healthcare lacks an equivalent mandate, and the consequences are specific and observable. Accountability is unclear. When harm occurs, the system struggles to identify whether it was a policy failure, a risk management failure, an assurance failure or a cultural failure, because these functions are not clearly defined or owned. The result is the familiar pattern, inquiry, recommendations, partial implementation, and recurrence. Each inquiry attributes the failure, at least in part, to culture. None can fully explain why the structural conditions that produce that culture persist.

Quality improvement and safety management are treated as separate activities. In many NHS organisations, QI sits in one directorate, clinical governance in another, risk management in a third. The feedback that would allow learning from one function to inform another is weak or absent. National audit findings sit in HQIP programme reports. Investigation findings sit in HSSIB reports. Incident data sits in local risk management systems. Nobody is consistently joining the dots.

The implications for clinical audit are clear. Audit is, in SMS terms, a safety assurance function, but assurance in its fullest sense, not the production of evidence that things are as they should be, but the active search for evidence that they are not. A compliance-driven reading of audit asks whether care meets a standard. A learning-driven reading asks what the data reveals about where risk lies and where practice needs to change. Audit findings are only useful if organisations approach them in that second spirit, and if those findings flow into a risk management process with the accountability to act on them.

Where those connections are absent, audit will often produce insight without impact. The data improves; the practice does not.

Safety promotion is being asked to do the work the other three SMS elements should be doing. Staff are told to speak up, but risk management systems do not consistently act on what they say. Duty of candour is mandated, but the protected learning environments that make candour possible are not structurally secured. Freedom to Speak Up Guardians are appointed, but the conditions that determine whether speaking up is genuinely safe remain unaddressed.

Transparency of outcomes has been pursued vigorously for twenty-five years, and with genuine results. But transparency without safe space produces disclosure without understanding. When organisations believe that poor data may trigger regulatory consequence, the rational response is to manage the data rather than engage honestly with what it reveals. Outlier signals are explained away. Accounts of what happened become performances designed to satisfy scrutiny rather than honest descriptions designed to generate learning. The structural protections that make honest disclosure possible, including the statutory safe space under which HSSIB investigations operate, are not a soft cultural indulgence. They are a precondition for the truthful accounting that a functioning SMS depends on.

What a safety management system in healthcare would look like

HSSIB has recommended a national initiative to develop safety management systems in healthcare as a regulatory requirement. The Dash review recommended developing a quality and safety management system. These commitments need to be made concrete. A healthcare SMS does not require inventing new concepts, the four elements map directly onto activities NHS organisations are already expected to perform. What is needed is coherent connection between those activities, with clear accountability for each element.

Safety policy means named board-level accountability for safety and policies specifying what will happen when responsibilities are not met. Not a framework to aspire to, but an expectation to be held to.

Risk management means proactive identification of safety risks, drawing on all available intelligence, audit data, investigation findings, incident reports, staff concerns, near-miss analysis. This is where national audit programmes belong, not just as benchmarking exercises, but as a source of risk intelligence. An organisation that receives an alert-level outlier notification should connect it to its risk register as part of its SMS.

Safety assurance means genuine scrutiny that surfaces risk, not comfort-seeking assurance for boards and regulators. The alert and alarm distinction in audit outlier analysis belongs here. Alert-level signals belong in a protected learning space. local inquiry, honest discussion, improvement action, no immediate external sanction. Alarm-level signals belong in the formal accountability space. Using the same mechanism for both purposes destroys the learning function. As Onora O’Neill argued in her work on intelligent accountability, systems built on disclosure requirements rather than genuine communication produce organisations that appear fully accountable without being genuinely understood. Audit data is only as useful as the culture in which it is received, and that culture depends on whether organisations believe the purpose is to support learning or to trigger sanction.

Safety promotion is the cultural element the other three make possible. Protected learning environments and statutory safe space, of the kind HSSIB operates, allow honest accounts of failure to be given without fear, not merely for staff wellbeing but for the integrity of the information the system depends on. Transparency of outcomes is necessary and valuable; but without a genuine learning space it produces reassurance rather than understanding, disclosure rather than insight.

Co-development of recommendations with intended recipients ensures learning produces actionable change rather than compliance obligations. A national recommendations repository, connecting audit, investigation and incident analysis, ensures learning is shared across the system rather than siloed.

An SMS is not a checklist of separate activities. It is a system in which each element supports the others. Remove any element, or leave the connections weak, and the system defaults to performance rather than learning.

What is needed

The NHS’s growing commitment to quality and safety management systems is welcome. The question is whether it will be backed by the structural mandate that makes it real, or whether it will become another framework sitting alongside the many others that already exist, adopted voluntarily by some organisations and ignored by others.

Real structural change means defined SMS elements mandated across the NHS with clear board-level accountability for each; CQC’s regulatory framework mapped to those elements so that external assurance and internal safety management reinforce rather than duplicate each other; and protected learning environments, backed by statute where necessary, so that the honest accounts on which genuine learning depends can actually be given.

What has been absent is the will to mandate the structure rather than merely encourage the culture. Culture needs a helping hand. The hand it needs is structural. The moment to build that structure, with a national plan committed to it and a regulatory framework that could embed it, is now.

Clinical Audit Awareness week, hosted by the Healthcare Quality Improvement Partnership, HQIP, runs from 22-26 June 2026 this year – FIND OUT MORE: www.hqip.org.uk/caaw26