1. DNV, NIAHO, ISO
Why Do I Care?
Louise Prince MD, FACEP
Chief Quality Officer
September 11, 2012
2. The DNV
Det Norske Veritas (DNV)
• Originally a non governmental organization that
establishes and maintains technical standards for the
construction and operation of ships and offshore
structures. Also validates to ensure compliance with
standards.
• Organized with the objective to “safeguard life, property
and the environment”
• Ultimately a provider for the services of managing risk
3. The DNV in
Health Care
• Received CMS deeming authority to survey health care
organizations utilizing the Medicare Conditions of
Participation.
• Ultimately exceeds Medicare accreditation due to ISO
9001 standards.
• Slightly over 300 hospitals in the US have chosen DNV.
• Only health care accreditation body that includes both
CMS standards and ISO 9001.
JCAHO, Healthcare Accreditation Facilities Program
(HFAP), State Department of Health and direct CMS survey
are all other options for acquiring deemed status from CMS.
4. What is this survey
process?
• Annual surveys- adds accountability.
• Not as prescriptive as to “how” to meet each requirement: We
determine the how and then need to perform in that manner.
• Focus on interactions of processes.
• Survey findings are reported in two categories
• Category 1 nonconformities: requires submission of an
action plan within 10 days of receipt from final report and
submission of performance measurement data to verify
implementation of corrective action measure.
• Category 2 nonconformities: requires submission of an
action plan within 10 days of receipt from final report and
validation of effective implementation occurs at next annual
survey.
5. Survey Process
AUDIT CYCLE FOCUS
Initial survey Accreditation following NIAHO
(2010) standards
Year One NIAHO Surveillance
(2011) ISO 9001 Readiness survey
Year Two NIAHO Surveillance
(2012) ISO 9001 Stage One
Year Three NIAHO Recertification
(2013) ISO 9001 Stage Two (full ISO
certification audit)
6. NIAHO
• National Integrated Accreditation for Healthcare Organizations
standards (NIAHO).
• NIAHO is a combination of Center for Medicare and Medicaid
Services Conditions of Participation (CoP’s) and ISO 9001
requirements.
• ISO 9001 requirements include a Quality Management
System which consists of five main categories:
• Documentation
• Management Responsibility (customer/patient focus,
planning)
• Resource Requirements (Human Resources,
infrastructure, work environment)
• Service Realization (Admit, Treat and Discharge)
• Measuring and Monitoring (internal audits,
customer/patient satisfaction, corrective and preventive
action, continual improvement)
7. NIAHO Requirements
(Standards)
Each of the previous categories is further subdivided
Quality Management System Governing Body
Medical Staff Nuclear Medicine Services
Nursing Services Rehabilitation Services
Staff Management Obstetric Services
Medication Management Emergency Services
Outpatient Services Patient Rights
Chief Executive Officer Dietary Services
Discharge Planning Anesthesia Services
Utilization Review Infection Control
Laboratory Services Medical Records Service
Respiratory Care Services Surgical Services
Medical Imaging Physical Environment
Organ, Eye and Tissue Procurement
8. ISO 9001:2008
• Created by the International Organization for Standardization
(ISO) its objective is to set standards that meets the following
objectives:
• Consistency of patient care
• Customer (patient) satisfaction
• Continual Improvement
• Seen throughout the world as the “must have” certification for
quality-driven organizations.
• Less than 50 DNV accredited hospitals have achieved either
compliance or certification to ISO 9001. Many are just
beginning the process. In Syracuse, Crouse, St. Joseph’s and
Upstate are all DNV accredited and in varying stages of ISO
certification.
9. How does ISO work in
Health Care?
• ISO helps health care to develop standardized processes.
Examples: improved communication hand offs, revisions to
policies to reflect best practice, detection of problem-prone
issues and standardization of documents for patient care.
• The key is finding those things that work well and then making
them our standardized processes.
• ISO supports the “continual” improvement model and therefore
ensures that we improve our practices and maintain the
improvement.
• ISO 9001 is a system that is the base (the foundation) for the 3
C’s: Consistent delivery of care, Customer (patient) satisfaction
and Continual improvement (Plan, Do, Study, Act: We Plan our
system, Do the implementation, Study the effectiveness, and
Act if further corrections are needed)
10. ISO
• The difference between “Continual Improvement” and
“continuous improvement”? Continual improvement asks that
you constantly raise the benchmark to improve (what we should
strive to be); continuous improvement is when you focus your
resources on the issue and it improves while you are focused
and once you change your focus it deteriorates and you are
continually restarting the process
• Quality Management System and 6 Required Procedures.
These procedures are:
– Control of Documents
– Control of Records
– Internal Audits
– Control of Nonconforming Product
– Corrective Action
– Preventive Action
11. Quality Manual
• Purpose of the Quality Manual is to define how ISO 9001
fits in the organization (defines our scope and who we
are)
• Includes the six required procedures
• Describes the interaction between the processes of what
we do (admit-treat-discharge and all the supporting
departments)
• Ours was developed in June 2012
12. Control of Documents
• A procedure (Policy) that establishes the level of
control for all documents to ensure documents are
periodically reviewed, approved prior to use, and
available at points of use. This needs to include
external documents and how they effect our processes
(changes in state laws and regulations to practice)
• Examples of documents we would need to control are:
policies, procedures, protocols, forms, job descriptions,
and competency checklists
13. Control of Records
• A procedure (Policy) that ensures that records (a
document that is filled in and shows history) are stored,
retained, protected and destroyed when appropriate.
Examples would be:
Medical records, temperature logs for refrigerators, crash
cart logs, any document that is completed to provide us
information of what happened.
14. Internal Audits
• Audits come in three types: Internal (auditing our process),
supplies and patients (auditing satisfaction), and external
(audits by regulatory bodies for compliance)
• Five required Audits:
– Environment of care
– Clinical (our core business, treating patients)
– Infection Control
– ISO 9001 audits (the quality management system)
– Utilization Review
• Internal audits are performed by individuals who have no
responsibility for the area/process being audited to ensure
impartiality. There will be a schedule of areas to be audited
and recurrent time frames.
15. Control of Nonconforming
Product
• A procedure (policy) that addresses our practice when a
product or service does not meet the intended original
requirements
Examples:
Out of date supplies or medications, equipment not
functioning as required, wrong site surgeries or procedures
and patient complaints
16. Corrective Action
• A procedure (policy) that defines if data/results fall below the
established benchmark, then the organization would establish a
corrective action.
• A correction is a quick fix to a specific action
• A corrective action includes a root cause analysis were the
organization investigates the “why “ of the problem/issue to
prevent it from re occurring
• When the organization takes a corrective action they must
always adhere to the following
• Review the identified problem (including customer complaints)
• Determine the cause
• Evaluate the need for action to prevent a re occurrence
• Determine and implement the action needed
• Record the results of the action
• Review the effectiveness of the corrective action
17. Preventive Action
• A procedure (policy) that addresses if data reveals a
negative trend, then the organization would take a
preventive action to “prevent” the situation from re
occurring or getting worse.
• Example would be Failure Mode Effects Analysis (FMEA)
where we review the “what if’s” prior to implementation to
determine that we are “preventing” errors, when we
determine a potential problem may exist be performing a
risk assessment (infection control does this annually,
environment of care rounds, clinical engineering
preventive maintenance checks on equipment), risk
management reports such as PSN events that may show
us of potential system/process issues that need to be
changed to prevent bad outcomes or redundancy.
18. Top Management
Representative
According to the ISO standard definition organizations
“shall appoint a member who will have the responsibility
and authority that includes:
• Ensure the quality management system processes are
established, implemented and maintained
• Reports to senior management on the performance of
the system and any need for improvement
• Ensures engagement of employees
• Our representative is Julie Briggs
19. What Can You Do?
ISO 9001 Management system is not JUST
compliance, it should be seen as an organizational
initiative to improve patient care.
You may be asked to participate in an audit
(infection control, care of patients, document or
record control)- always keep information secure,
know that our policies are on line on the intranet,
and know how and who to speak with to improve
patient care and satisfaction-Chief of Service,
CEO, the nurse manager, the Quality Officer or the
ISO top management representative