Rendering or receiving healthcare service – like life in general – is not risk free. Operating a hospital or health service organization is replete with different types and levels of risk exposure. Various types of risk involved with the delivery of healthcare services include such areas as malpractice and omissions or commissions involved in patient care; general liability such as a visitor falling down a flight of stairs; medication errors or failure of medical technology or clinical equipment; wrong site surgery or other surgical mishaps; employment of staff including wrongful discharge and on-the-job injuries; the operation of boilers, chillers, or other equipment including vehicles; management of legal documents including contracts; and regulatory compliance. Identifying and understanding these risks is the first step in determining appropriate risk exposure and developing a plan and process to better identify and understand, as well as minimize and manage, risk exposure.
Identifying Risk
Identifying risk exposure in a hospital or health service organization is a first step, and can be done by a manager internal to the organization or by contracting with an outside consultant. Commonly referred to as a "Risk Management Audit", this process involves identifying risk exposure throughout the various departments, functions and operations of the organization, and making a determination as to the significance of risk exposure in identified areas. The determination of risk exposure along with an evaluation of whether the risk is preventable or can be appropriately minimized is a judgment call based upon both quantitative and qualitative data.
The table below provides an outline/overview that can be followed to identify risk exposure. This table is intended to be an example or illustration and by no means should be considered comprehensive or complete. These areas and others can be assessed and analyzed for key findings, patterns and trends relating to deviations from desired procedures, practices, outcomes, and risk exposures. When analyzing risk exposures in various areas, are there common threads between any findings or trends in these areas? What clinical functions, services or activities have the greatest variability in practice and outcomes indicating a need for greater use of evidenced-based, standardized processes and protocol? What areas appear to pose the greatest current overall risk to the organization?
Cost-Benefit Analysis
In general, the concept of evaluating costs versus benefits can be applied to help determine the significance of a given risk exposure, actions that can be taken to mitigate risk, and associated costs (time, money, effort or negative impact on efficiency or effectiveness). By weighing the costs associated with actions, changes or interventions, and comparing that to the possible reduction or mitigation of the risk exposure – along with considering a variety of pertinent other factors and variables – a determination can be made as to the appropriate steps to take. Organizational priorities, culture and past experience should also be considered when making such a determination. Again, the determination of risk exposure along with an evaluation of whether the risk is preventable or can be appropriately minimized is a judgment call based upon both quantitative and qualitative data.
Functional Collaboration & Integration
There are a number of clinical and administrative functions that overlap or connect with the function of risk management as previously highlighted and include, but are not limited to, quality improvement and patient safety; medical staff credentialing; hiring and employment; safety and security management; infection control; employee health and workers compensation; regulatory reporting; corporate ethics and compliance; business practices; disaster preparedness; and media relations. It is important for the designated Risk Manager to have timely access to the flow of data and information from these areas that have implications for risk exposure identification, trending and pattern discovery. Moreover, these are functions where collaboration on perceptions, understandings, ideas, strategies and plans to address issues and opportunities for prevention, improvement and problem resolution of risk should occur. It is important that risk management not be allowed to function in a "silo" as collaboration and integration of risk management with these other important functions is critical to foster and promote improved efficiency and effectiveness overall for the success of the risk management initiative and the organization as a whole.
In small hospitals or health service organizations, the designated Risk Manager may wear multiple "hats" having responsibility for one or more other functions that overlap or connect with risk management. This is entirely appropriate and can facilitate a cost-effective approach.
In larger organizations, there may be several employees working together in a risk management department with responsibilities that extend on an enterprise-wide basis. Regardless, a collaborative and coordinated approach includes risk management's participation on key standing committees with ongoing access to the flow and reporting of important data and information impacting risk exposure, identification, mitigation and management.
Summary
Risk exposures continue to increase as various environmental forces are exerted on hospitals. Identifying risk exposures in a hospital is a first step towards creating a risk management plan, program and structured process to effectively identify, mitigate and manage risk. Determining the extent and significance of various risk exposures and what actions might be the most appropriate for the organization to take includes weighing costs vs. benefits, along with the prudent judgment of management. Clearly that judgment includes overall administrative acumen, conceptual skills, participatory leadership and decision-making.