Siirry sisältöön


This tool can be used to assess the functional risks of social and healthcare remote and digital services from the client’s and patient’s perspective. The tool is based on the BowTie risk management model (BowTie).

The term digital service refers to a service implemented with the support of a digital communication channel or platform. Digital services also include remote services, which are real-time services based on an interaction between people.

Risks related to service processes must be identified, and measures to protect against risks must be defined. The evaluation of operational risks must be continuous and last for the entire lifetime of the service.

Structure of BowTie risk management

The BowTie risk management tool can be used to describe various chains of events. The model gets its name from the bowtie shape of the diagram (Figure 1).

In the centre of the diagram is a key event where a loss of control occurs, such as an accident. On the left are chains of events from threats that can lead to a key event. Chains of events can be broken with protections that prevent a key event from occurring. The right hand side presents potential consequences that can be mitigated or limited by responsive actions.

Figure 1. BowTie risk management method (Heinijoki, Pommelin 2019)

BowTie risk management in practice

The most common dangers that can threaten activities within digital services are described in Table 1. The factors that expose you to these risks are described in Table 2.

Table 3 is used to calculate the magnitude of the risk by estimating the probability of each hazard occurring and how large the impact of the occurrence would be. Table 4 is used to assess the need and urgency of the necessary measures. The Excel tool prepared by the Finnish Centre for Client and Patient Safety automatically calculates the magnitude of the risk.

After this, measures to reduce the risks will be reviewed. A record is made for each risk:

  • current risk management methods, i.e. a description of preparedness
  • assessment of the current management of the risk (adequate, to be developed, insufficient)
  • proposals for improving risk management and decided development activities.
The client’s or patient’s dealings in the digital service are not successful, which results in one of the following:
– The service is interrupted
– The service is implemented with incorrect information
– Access to the service is delayed
– The client or patient is completely deprived of services.
The client or patient may be harmed as a result.
Table 1. The most common risks that can potentially threaten activities in remote and digital services
Client does not choose a digital serviceClient cannot use the digital serviceClient does not get the matter in question taken care of
The client has not received information about the service or cannot find the digital serviceThe client does not have the necessary equipment (computer, smartphone, internet connection)The digital service is difficult to use or the service is not understandable
The client is concerned about data security or privacy protectionThe client does not have tools for strong identificationA technical malfunction interrupts or prevents activities taking place
The client does not know whether the matter in question can be handled by the digital serviceThe client has insufficient digital skillsIt is not possible to handle the matter in question with a digital service
The benefit of the digital service is unclear to the clientDealing on someone else’s behalf is not possible in the digital serviceDeficiencies in the client’s or Staff’s remote interaction skills
 The client’s functional limitation or reduced cognition prevents the use of the digital serviceNot all relevant facts are identified or verified
 The digital service cannot be used in a language the client understandsThe client cannot switch from one digital service or application to another
  The client does not receive written instructions at the end of the digital service
Table 2. Factors susceptible to risks
Table 3. Assessment of the magnitude of risk
Table 4. Measures to reduce risk

It should be noted that a review is always made from the perspective of the client and the patient. If necessary, risk identification can be refined and made more extensively, for example, by the service.

The bowTie risk management method can also be used to review a risk event that has already occurred. The starting point is the consequences of the event for the client or patient. The chain of events is explained by proceeding from right to left. At the same time, it is assessed whether protections had existed and whether they had been implemented.

Excel tool

A written record can be made with the help of an Excel tool prepared by the Finnish Centre for Client and Patient Safety, which contains the identified risk factors (Figure 2). The tool can be obtained by request from noharm(a) (not yet in English, coming soon)

The tool also contains a more detailed description of the BowTie from the perspective of social welfare and healthcare digital services.

Figure 2. Example screenshot of the Excel tool


This document has been made in the strategy group 3.2 of Client and Patient Safety strategy operational programme.

For more information: Finnish Centre for Client and Patient Safety (noharm(a)

Published: 14.5.2024

Publisher: Finnish Centre for Client and Patient Safety

The need for updating the tool is checked annually.