Neil, don't get me wrong: I think redundancy is a good idea, but in this case, I don't think that was the real problem solution. However, the mentality of seeking redundancy of critical systems IS clearly a process that can make a difference.

The first rule is not to get thrown off the boat; and, the second issue is that you can still get broken into a lot of pieces if a wall of water breaks over you (especially if you can't duck down); and, the third one is that the Gulf Stream isn't a place to be in November in a storm. It pointless to speculate whether her harness failed, or the attachment point(s), or what...

I will speculate that not being able to reduce sail in those conditions or use the autopilot can completely CHANGE the dynamic of a couple sailing in those conditions. In the case of an Island Packet, I suspect that it is not a boat that really wants to be overpowered and going faster rather than slower in the conditions. Regardless, it has to be very tough to sail for very long in those conditions without adequate crew with too much sail flogging around and no autopilot.

It's really sad, her life was lost; and her husband, and family, will have to live with the hole that accident left in the fabric of their lives.