Risk Management in Hospitals - ROJoson - 2018 - Surabaya, Indonesia

Risk Management in Healthcare Institution
Reynaldo O. Joson, MD, MHA, MHPEd, MSc Surg
Darya-Varia Laboratoria Multidiscipline Scientific Forum
Surabaya, Indonesia
February 10, 2017

Thank You
Terima Kasih
Salamat Po
Darya-Varia Laboratoria

2017 - Yogyakarta
Value-based Healthcare Service
in National Health Care

Risk Management in Healthcare Institution
For Hospital Administrators
Risk Management in Hospitals
Hospital Risk Management (HRM)
Reynaldo O. Joson, MD, MHA, MHPEd, MSc Surg
Darya-Varia Laboratoria Multidiscipline Scientific Forum
Surabaya, Indonesia
February 10, 2017
(45-minute lecture and 15-minute discussion)

Hospital Risk Management (HRM)
HUGE TOPIC!
Given
(45-minute lecture and 15-minute discussion)
OVERVIEW
SOME IMPORTANT EXAMPLES AND TIPS ON PROCESSES
Thoughts, Perceptions, Opinions and Recommendations (TPORs)

Survey on Risk Maturity
of Sample of Indonesian Hospitals – 2018 – Surabaya
Guide in ROJoson’s Lecture
Self-assessment of Hospital Owners and Administrators

Self-assessment on Risk Maturity
important and first step
in developing and continually improving
a risk maturity program of
hospitals / organizations!
IDENTIFY GAPS ACTION PLANS

Hospital Risk Maturity – ROJ’s TPORs
Concepts of Hospital Risk Maturity
What is Hospital Risk Maturity?
Level of development of the Risk Management
Program / Capability of a hospital

What is importance of Hospital Risk Maturity
Assessment?
To know the current status or level of development
of the Risk Management Program / Capability of a
hospital and then to move forward or improve.

How is the Hospital Risk Maturity Assessment done?
Self-assessment
Checklists - Questionnaire
Observation
Critical Incident Reports
External assessment
Checklists-Questionnaire
Observation
Evaluation of Critical Incident Reports

Questionnaires on Hospital Risk Maturity
Assessment
Many models!
Choose one that is simple – practical – with end-
results being same!
• Effective and efficient assessment
• Effective and efficient risk management program
(performance excellence)

Risk Maturity Levels
Risk Maturity Key Characteristics
Risk Naive No formal approach developed for risk
management
Risk Aware Scattered silo based approach to risk
management
Risk Defined Strategy and policies in place and
communicated. Risk appetite defined
Risk Managed Enterprise wide approach to risk
management developed and communicated
Risk Enabled Risk management and internal control fully
embedded in the operations
http://riskquestionnaire.grant-thornton.co.uk/

Ad hoc Undocumented; in a state of dynamic change;
depends on individual heroics
Preliminary Risk defined in different ways and managed in silos.
Process discipline is unlikely to be rigorous.
Defined A common risk assessment/response framework is in
place. Organization-wide view of risk is provided to
executive leadership. Action plans implemented in
response to high priority risks.
Risk Integrated Risk management activities coordinated across
business areas.
Risk Optimized Risk discussion is embedded in strategic planning,
capital allocation, and other processes and in daily
decision-making.
http://www.theiia.org/Blogs/marks/index.cfm/post/Measuring%20the%20Maturity%20of%2
0Risk%20Management

Naïve Although a project risk management process may have
been initiated, its design or application is
fundamentally flawed.
Novice The project risk management process influences
decisions taken by the project team in a way that is
likely to lead to improvements in project performance
as measured against its objectives.
Normalized The project risk management process is formalised and
implemented systematically.
Natural The risk management process leads to the selection of
risk-efficient strategic choices when setting project
objectives and choosing between options for project
solutions or
delivery.
http://www.lundhumphries.com/pdf/SamplePages/Project_Risk_Maturity_Model_Hopkinson
_Ch1.pdf

Ad hoc
Defined
Managed
Integrated
Loosemore et al, 2006 Risk Management in Projects, 2nd ed, Taylor & Francis, Oxon

Ad hoc Organization is unaware of risk management
or its benefits
No formal policies or procedures
Reactive management through “heroic efforts
of individuals”
Possible blame culture
Defined Risk management is function based and
maybe inconsistent
Some policies are documented, but RM is
largely informal
Likely ‘silos’ effect
Senior management supports but not requires
RM

Managed Common RM understanding and language
organization-wide
Formalized generic risk management process
“Bad news” accepted
Senior management requires RM
Integrated RM aligned with strategic planning and quality
improvement
RM is used in decision-making to gain
competitive advantage
Proactive approach and open culture
RM is responsibility of all

Results of Survey on Risk Maturity
of Sample of Indonesian Hospitals – 2018 -
Surabaya
Risk Maturity How many hospitals (%)
Ad hoc
Defined
Managed
Integrated

Hospital Risk Management – ROJ’s TPORs
OVERVIEW
HOSPITAL RISK MANAGEMENT

OVERVIEW
Contents
Overview of hospital risk management
• What is risk
• What is hospital risk management
• General, preventive, ultimate goals of HRM
• Quality parameters - Assessment checklist
• Basic framework and processes of HRM
• Risk Management
• Critical success factors in HRM
• Critical governance factors in HRM
• Design and Development Plan - Manual of policies and procedures
• Multisectoral coordination and collaboration
• Recommendations in developing an integrated sustainable hospital
risk management

Recommended Resource Materials
• ISO 31000 – Risk Management – Principles and
Guidelines
• Joint Commission International
• International Society for Quality in Healthcare
(ISQUA)
https://isqua.org/docs/default-source/education-
/isqua-webinar_july-2016_luke-feeney.pdf?sfvrsn=0
• ISO 9001:2015 – Quality Management System –
with current emphasis on Risk-based Thinking

Concepts of Risk and Hospital Risk Management
What is “RISK”?
What is Hospital Risk Management (HRM)?

What is “RISK”?
Risk is a probability or threat of a
damage, injury, liability, loss, or other negative
occurrence
that is caused by
external or internal vulnerabilities, and
that may be neutralized through
preemptive action.
http://www.businessdictionary.com/definition/risk.html

What is “RISK”?
“Risk” – effect of uncertainty on objectives (ISO 31000)
Effect – deviation from the expected – positive and/or negative.
Objectives can have different aspects (such as financial, health and
safety, and environment goals) and can apply at different levels (such
as strategic, organization-wide, project, product and process).
Uncertainty is the state, even partial, of deficiency of information
related to, understanding or knowledge of an event, its consequence,
or likelihood.

What is “RISK”?
Risk – “any uncertainty that, if it occurs, could have a
positive or negative effect on achievement of one or more
organizational aims and objectives and
is assessed through the combination of magnitude of
potential injury (impact) and the probability (likelihood) that
the uncertainty will occur.”
http://www.who.int/management/general/risk/WhenRiskNotRisk.pdf

What is Hospital Risk Management (HRM)?
Hospital risk management (HRM) is
a system or program that
manages the “risks” of a hospital.
•Department Risk Management
•Disaster Risk Management
•Patient Treatment Risk Management (Benefit-Risk; Medical
Malpractice Risk Management)
•Others

Definition of Risk Management – ISO 31000
“Risk Management” – coordinated activities to
direct and control an organization with regard
to risk.
“Risk Management System” - formalized
system that documents processes, procedures
and responsibilities for achieving the policies
and objectives of Risk Management System.

Concept of Risk Management – ISO 31000
•Risk management can be applied to an entire
organization, at its many areas and levels, at
any time, as well as to specific functions,
projects and activities.
Risk Management at -
• Board of Directors Level
• Operating Room
• Pharmacy
• Laboratory
• Nursing Floors
• Outpatient Department
• Emergency Room
• Etc.

Importance of Managing Risks in Hospitals
“Risk” – effect of uncertainty on objectives
•Risks can make or break the hospitals
•Positive or negative income
•Sustained or bankrupt hospital
•Proactively manage risk!
•Minimize SURPRISES!

Risk Management – Joint Commission
International Stipulations
Risk Management Program –
Clinical and administrative activities that
organizations undertake to identify, to evaluate, and
to reduce
the risk of injury to patients, staff, and visitors and
the risk of loss to the organization itself.

Standard QPS.11
•An ongoing program of risk
management is used to identify and
to proactively reduce unanticipated
adverse events and other safety risks
to patients and staff.

Intent of QPS.11
Hospitals need to adopt a proactive approach to
risk management. One such way is a formalized
risk management program whose essential
components include
a) risk identification;
b) risk prioritization;
c) risk reporting;
d) risk management;
e) investigation of adverse events; and
f) management of related claims.

Measurable Elements of QPS.11
1. The hospital’s risk management framework
includes a) through f) in the intent.
2. At least annually, a proactive risk-reduction
exercise is conducted on one of the priority risk
processes.
3. High-risk processes are redesigned based on the
analysis of the test results.

Standard FMS.3
• One or more qualified individuals oversee the
planning and implementation of the facility
management program
• to reduce and control risks in the care environment.

Intent of FMS.3
Hospitals work to provide safe, functional, and supportive
facilities for patients, families, staff, and visitors. To reach
this goal, the physical facility, equipment, medical
technology, and people must be effectively managed.
In particular, management must strive to
• reduce and control hazards and risks;
• prevent accidents and injuries; and
• maintain safe conditions.

Intent of FMS.3
Effective management includes multidisciplinary planning,
education, and monitoring as follows:
• Hospital leadership plans the space, technology, and
resources needed to safely and effectively support the
clinical services provided.
• All staff are educated about the facility, how to reduce
risks, and how to monitor and to report situations that
pose risk.
• Performance criteria are used to evaluate important
systems and to identify needed improvements.

Measurable Elements of FMS.3
1. Program oversight and direction are assigned to
one or more individuals qualified by experience and
training.
2. Evidence of the training and experience of the
qualified individual(s) is documented.
3. The individual(s) plans and implements the
program, including elements a) through f) of the
intent.

Risk Management – ISO 9001:2015
Stipulations
ISO 9001:2015 (Quality Management System) puts
emphasis on Risk-based Thinking.
Risk-based thinking enables an organization to
determine the factors that could cause its processes
and its quality management system to deviate from
the planned results, to put in place preventive
controls to minimize negative effects and to make
maximum use of opportunities as they arise.

Stipulations
An organization needs to plan and implement
actions to address risks and opportunities.
Addressing both risks and opportunities establishes
a basis for increasing the effectiveness of the quality
management system, achieving improved results and
preventing negative effects.

Stipulations
Opportunities can arise as a result of a situation favourable
to achieving an intended result, for example, set of
circumstances that allow the organization to attract
customers, develop new products and services, reduce
waste or improve productivity. Actions to address
opportunities can also include consideration of associated
risks.
Risk is the effect of uncertainty and any such uncertainty can
have positive or negative effects. A positive deviation
arising from a risk can provide an opportunity, but not all
positive effects of risk result in opportunities.

What are the general goals of HRM?
• Maximize all potential risks with positive effects (rejoice
and celebrate)
• Prevent and mitigate all potential risks wth negative
effects
• Be prepared in terms of response and recovery in case the
risks become real
• Control resulting damage, injury, liability, loss, or other
negative occurrence to a minimum level

What are the general goals of HRM?
• Avoid loss of and disability in
People (patients, visitors, staff) in the hospital
Resources of hospital
Business of hospital (business discontinuity)
• Avoid complaints related to risk occurrence and
consequences!

What are the preventive goals of HRM?
• Promote safety for ALL patients, visitors, and staff in the
hospital
• Provide effective assistance and management during
emergencies (disasters)
• Prevent controllable deaths and disabilities
• Prevent and control losses (business, finances, properties,
and infrastructure)

What are the ultimate goals of HRM?
SUSTAINABILITY OF THE HOSPITAL
AS LONG AS POSSIBLE
(target: 100 years)

What are the ultimate goals of HRM?
SUSTAINABILITY OF THE HOSPITAL
AS LONG AS POSSIBLE
(target: 100 years)
Sustainable structure-wise
Sustainable financial-wise
Sustainable service-wise

Sustainable structure-wise goal of HRM?
Sustainable structure-wise
Will NOT collapse
NOT be burned
NOT be flooded
NOT be destroyed by whatever hazards
and will continue to operate its business as long as possible
(target: 100 years).

Sustainable financial-wise goal of HRM?
Sustainable financial-wise
Will NOT go bankrupt
Will have positive income
and will continue to operate its business as long as possible
(target: 100 years).

Sustainable service-wise goal of HRM?
Sustainable service-wise
Will continue
to provide adequate and quality services
expected of a hospital for as long as possible, both during
crisis and non-crisis situations

Quality parameters of an excellent HRM?
• Systematically and comprehensively formulated (with
document)
• With full support and commitment of top management
and ALL staff
• ALL staff of the hospitals trained and educated on program

Quality parameters of an excellent HRM?
• With testing or exercises done regularly and at planned
intervals and as needed
• Being reviewed regularly at planned intervals and as
needed
• Has been tried and tested and has achieved its formulated
goals and objectives and specified targets

Risk Management in Hospitals - ISO 31000
PRINCIPLES FRAMEWORK PROCESS

Principles of Risk Management – ISO 31000
To be effective, an organization should at all levels comply with
the principles below.
• creates and protects value.
• is an integral part of all organizational processes.
• is part of decision making.
• explicitly addresses uncertainty.
• is systematic, structured and timely.
• is based on the best available information.
• is tailored.
• takes human and cultural factors into account.
• is transparent and inclusive.
• is dynamic, iterative and responsive to change.
• facilitates continual improvement of the organization.

Basic Framework in Hospital Risk Management?
Risk Management Framework (ISO 31000)
set of components that provide the foundations and
organizational arrangements for designing, implementing,
monitoring, reviewing and continually improving risk
management throughout the organization.

Risk Management Framework for Hospitals
From ISO 31000 – Risk Management – Principles
and Guidelines

Risk Management Framework for
Hospitals
From ISO 31000 – Risk Management – Principles and Guidelines

Basic processes in Hospital Risk Management?
Risk Management Process (ISO 31000)
systematic application of management policies, procedures
and practices to the activities of communicating, consulting,
establishing the context and identifying, analyzing,
evaluating, treating, monitoring and reviewing risk.

Risk Management Process – ISO 31000

Risk Management Framework and Process for Hospitals

Communication and Consultation –
continual and iterative processes
that an organization conducts to
provide, share and obtain
information and to engage in
dialogue with stakeholders
regarding the management of risk.

Establishing the Context –
Defining the external and internal parameters to be
taken into account when managing risk, and setting
the scope and risk criteria for the risk management
policy.

Establishing the Context
External context – external environment in which a
hospital seeks to achieve its objectives
• Cultural, social, political, legal, regulatory, financial,
technological, economic, natural and competitive
environment, whether international, national, regional
or local;
• Key drivers and trends having impact on the objectives
of the organization; and
• Relationships with, and perceptions and values of the
external stakeholders.
SWOT ANALYSIS – OT

Internal context – internal environment in which a hospital seeks to
achieve its objectives
• Governance, organizational structure, roles and accountabilities
• Policies, objectives, and the strategies that are in place to achieve them
• Capabilities, understood in terms of resources and knowledge (e.g. capital, time,
people, processes, systems and technologies)
• Information systems, information flows and decision-making processes (both
formal and informal);
• Relationships with, and perceptions and values of, internal stakeholders
• Organizational culture
• Standards, guidelines and models adopted by the organization, and
• Form and extent of contractual relationships
SWOT ANALYSIS – SW

Scope
•Clinical risk (involving medical care of
patients) ~ PATIENT SAFETY PROGRAM
•Non-clinical risk (not involving medical care of
patients)

INTEGRATION
•Clinical risk (involving medical care of
patients) ~ PATIENT SAFETY PROGRAM
•Non-clinical risk (not involving medical care of
patients)
•Quality and Risk Management
•Quality and Safety and Risk Management

Risk Management Policy of ROJHMC
To always use risk-based thinking and processes in planning and
deciding all activities in the hospital so as to minimize negative effects
and to maximize positive effects on accomplishment of objectives.
This policy shall be realized through:
• Understanding the potential risks on quality and safe health care
services, products, facility, environment and business development;
• Complying with all statutory and regulatory requirements on risk
management;
• Designing a structured, comprehensive, integrated, effective and
efficient risk management system;
• Providing adequate resources and highly competent staff to support
the implementation of the management system;
• Regularly evaluating and reviewing the results of implementation of
the management system;
• Continually improving the management system with innovations.

Quality and Safety Policy - ROJHMC
To continuously provide quality and safe health care services,
products, facility and environment to all our stakeholders
(communities, families, patients, workforce and partners).
This policy shall be realized through:
• Understanding the expectations of our stakeholders on quality and
safe health care services, products, facility and environment;
• Complying with all statutory and regulatory requirements;
• Designing effective and efficient quality and safe management
systems
• Providing adequate resources and highly competent staff to support
the implementation of the management system;
• Regularly evaluating and reviewing the results of implementation of
the management system;
• Continually improving the management system with innovations.

Risk Criteria – terms of reference against which the
significance of a risk is evaluated.
General Framework for Risk Criteria

Risk Criteria

Risk identification - process of finding, recognizing and
describing risks.
• Involves identification of risk sources, events, their
causes and their potential consequences.
• From historical data, theoretical analysis, informed and
expert opinions, and stakeholders’ needs.

Risk identification - process of listing potential risks and
their characteristics.
The results of risk identification are normally documented
in a risk register, which includes a list of identified risks
along with their sources, potential risk responses, and risk
categories.

Risk analysis –
process to comprehend the nature of the risk
and to determine the level of risk.
Risk analysis provides basis for risk evaluation and
decisions about risk treatment.
Risk analysis includes risk estimation.

Risk Analysis (Estimation)
In hospitals, the risk estimation or analysis can be done on a
qualitative or quantitative basis or in some combination.
Qualitative analysis is based on judgement, previous
experience and intuition.
Quantitative analysis is generally based on an estimation of
the relative magnitude of harm that is likely to result and
the possibility that the event will actually occur.
Currently, a lot of hospitals do not analyze risk in a
quantifiable measure as they feel their risks are too complex
or cannot be measured. However, this can be done and in
fact, are being done.

In medical care, quantitative risk assessment is widely
practiced nowadays.
Examples, there are quantitative risk assessment for
perioperative complications with or without laboratory
testings; quantitative risk assessment for heart attack and
stroke in patients with metabolic syndrome; etc.
The statistical techniques commonly being used are the
multi-variate regression analysis; likelihood ratios; odds
ratios; predictive values; etc.

In hospitals, the risk is often evaluated by
determining the:
• degree of injury
• degree of patient dissatisfaction
• legal grounds for an actual claim
• potential public relations or community relations
impact
• financial loss or projection of loss

The recommendation is to move towards quantitative risk
estimation and analysis whenever and wherever possible to
get more specific estimate which will lead to more concrete
action plans and evaluation.
Another recommendation: start with a qualitative risk
analysis then segregate those risks in which a quantitative
analysis can be done and recommendable.

Samples of Likelihood Guide
Level Descriptor Description
5 Almost
certain
It will happen in the vast majority of
cases.
4 Most likely It will happen in a majority of cases.
3 Likely It will happen in some cases.
2 Unlikely It will happen in a few cases.
1 Remote It will happen only in a particular type of
case.

Probability Descriptor Description
4 Frequent Likely to occur immediately or
within a short period (may
happen several times in 1 year)
3 Occasional Probably will occur (may
happen several times in 1 to 2
years)
2 Uncommon Possible to occur (may happen
sometime in 2 to 5 years)
1 Remote Unlikely to occur (may happen
sometime in 5 to 30 years)

Remote (1) Unlikely (2) Likely (3) Most Likely (4) Almost Certain
(5)
Freq Prob Freq Prob Freq Prob Freq Prob Freq Prob
Occurs
every
5 years
or
more
1% Occurs
every
2- 5
years
10% Occurs
every
1-2
years
50% Bimont
hly
75% At least
monthl
y
99%

Samples of Impact Severity Guides
Score Impact
1 Negligible
2 Minor
3 Moderate
4 Major
5 Extreme

Negligible Minor Moderate Major Extreme
Adverse event
leading to
minor injury
not requiring
first aid.
No impaired
psychosocial
functioning
Minor injury or
illness, first aid
treatment
required <3
days absence
<3 days
extended
hospital stay.
Impaired
psychosocial
functioning
greater than 3
days less than
one month.
Significant
injury requiring
medical
treatment e.g.
fracture and /
or counselling.
>3 days
absence 3-8
days extended
hospital stay.
Impaired
psychosocial
functioning
greater than
one month less
than 6 months.
Major injuries /
long term
incapacity or
disability (loss
of limb)
requiring
medical
treatment and
/ or counseling.
Impaired
psychosocial
functioning
greater than 6
months.
Incident
leading to
death or major
permanent
incapacity.
Event which
impacts on
large number
of patients or
member of the
public.
Permanent
psychosocial
functioning
incapacity.

Level 1 Level 2 Level 3 Level 4 Level 5
Near miss /
potential harm
/ damage.
Patients with
potential:
Event / error
results in no
harm /
damage.
Patients with
potential:
Event / error
results in
temporary
minor harm /
damage.
Increased
length of stay.
Event / error
results in
permanent
harm damage.
This is a critical
incident.
Event / error
results in
death.
This is a critical
incident.

Sample of Risk Quantification Matrix
CONSEQUENCE Insignificant
1
Minor
2
Moderate
3
Major
4
Extreme
5
L
I
K
E
L
I
H
O
O
D
Almost Certain –
5
5 10 15 20 25
Most Likely – 4 4 8 12 16 20
Likely – 3 3 6 9 12 15
Unlikely – 2 2 4 6 8 10
Remote – 1 1 2 3 4 5
Key1: 1-5 = Low Risk ; 6-15 = Medium Risk; >15 = High Risk
Key2: 1-4 = Low Risk ; 5-10 = Medium Risk; >10 = High Risk

Risk evaluation –
process of comparing the results of risk analysis with risk
criteria to determine whether the risk and/or its
magnitude is acceptable or tolerable.
Risk evaluation assists in the decision about risk
treatment.

sk Criteria
Risk EvaluationRisk evaluation
–
process of
comparing the
results of risk
analysis with
risk criteria to
determine
whether the
risk and/or its
magnitude is
acceptable or
tolerable.
Risk evaluation
assists in the
decision about
risk treatment.

Risk Evaluation – Risk Treatment

Risk Management Process – ISO 31000Risk Treatment – process to modify risk
Risk treatment can involve
• Avoiding the risk by deciding not to start or continue with the
activity that gives rise to the risk;
• Taking or increasing the risk in order to pursue an opportunity;
• Removing the risk source;
• Changing the likelihood;
• Changing the consequences;
• Sharing the risk with another party or parties (including contracts
and risk financing); and
• Retaining the risk by informed decision.
Risk treatment that deal with negative consequences are sometimes
referred to as “risk mitigation”, “risk elimination”, “risk prevention”
and “risk reduction.”

Monitoring – continual checking, supervising,
critically observing or determining the status in
order to identify change from the performance
level required or expected.
Review – activity undertaken to determine the
suitability, adequacy and effectiveness of the
subject matter to achieve established
objectives.
Monitoring and review can be applied to a risk
management framework, risk management
process, risk or control.

Risk Management Form Illustrating Risk Management Process

Risks
identified Causes
Date
risk
identifi
ed
Likelihood
Impact
Severity
Overall
Risk
Rating
Current
Controls
in
system
RISK ASSESSMENT Based on Context / Communication /
Consultation
• Risk Identification
• Risk analysis
• Risk evaluation

Risk
Response
Strategy
(Accept,
Control,
Transfer,
Avoid)
Action
Required
Respon
sible
Persons
Due
Date
Resou
rces
Requir
ed
Risk Treatment Plan

Monitoring and Review
Plan and Outcome
Post Tx
likelihood
Post Tx
impact
severity
Post Tx
Risk Score
Review
Date

Contingency Plan
What if risk really
happens?

RISK MANAGEMENT PROGRAM = CORPORATE <-> DEPARTMENTAL

SAFE
HOSPITAL
INITIATIVE
PATIENT
SAFETY
PROGRAM
FINANCIAL
MANAGEMENT
PROGRAM
BIOMED
EQPT
PROGRAM
WORK
FORCE
ENGAGEMENT
PROGRAM
BUSINESS
DEVELOPMENT
PROGRAM
CORPORATE RISK MANAGEMENT PROGRAM
Examples:

RISK IDENTIFICATION
RISKS commonly encountered in Philippine hospitals
Risk for
• business non-sustainability (financial viability)
• aging (unsettled) account receivables
• medico-legal suits (arising from patient care)
• technology-related disasters
• natural disasters (earthquake, flood, tsunamis, fire, etc.)

RISK IDENTIFICATION
RISKS commonly encountered in Philippine hospitals
Risk for
• tarnished corporate or hospital reputation
• man-made disasters (fire, felony, bomb threat, terrorism,
etc.)
• non-medico-legal suits (not arising from patient care, such
as workforce legal suits)
• biological disasters

RISK ASSESSMENT
Risk assessment - likelihood of occurrence of
identified risks and impact when they occur.
Utility of risk assessment - more on prioritization
ALL risks identified must have preventive, mitigation,
preparedness, response, and recovery plans!

RISK MANAGEMENT
•Formulation of strategies and action plans to
prevent, mitigate risks and to respond and recover
from the consequences of unavoidable risk
occurrence
ALL hazards approach!
BUT
ALL risks identified must have specific preventive,
mitigation, preparedness, response, and recovery
plans!

RISK MANAGEMENT
Risks Prevention Mitigation Preparedness Response Recovery
Business non-
sustainability
Account
receivables
Medicolegal
suits
Technological
disasters
Natural
disasters
Tarnished
reputation
Man-made
disasters
Legal suits
Biological
disasters
Example of ALL-HAZARD APPROACH in Disasters
7 Basic Essential (Common) Steps in Response
• Declaration of disaster
• Creation of an incident command
• Notification of concerned authorities
• Mobilization and organization of staff and services
• Control of disaster
• Decongestion and post-disaster reconstruction
• Post-disaster evaluation and reporting

RISK MANAGEMENT
Business
non-
sustainability
Account
receivables
Medicolegal
suits
Technological
disasters
Natural
disasters
Tarnished
reputation
Man-made
disasters
Legal suits
Biological
disasters
Example of ALL-HAZARD APPROACH in “Situations”
• Declaration of “situation” (emergency – crisis)
• Creation of a “situation” command
• Mobilization and organization of “situation” team
• Legal team
• Crisis communication team
• Control of “situation”
• Post- “situation” reconstruction
• Post- “situation” evaluation and reporting

RISK MANAGEMENT
Business non-
sustainability
Account
receivables
Medicolegal
suits
Technological
disasters
Natural
disasters
Tarnished
reputation
Man-made
disasters
Legal suits
Biological
disasters
Example of ALL-HAZARD APPROACH in “B-Situations”
• Declaration of “B-situation” (emergency – crisis)
• Creation of a “B-situation” command
• Mobilization and organization of “B-situation” team
• Finance and audit team
• Business development team
• Control of “B-situation”
• Post- “B-situation” reconstruction
• Post- “B-situation” evaluation and reporting

RISK MANAGEMENT
Risks Structural S Service S Financial S
Business non-sustainability √√√√
Account receivables √√√
Medicolegal suits √√
Technological disasters √ √√
Natural disasters √√√ √√ √√
Tarnished reputation √
Man-made disasters √√√ √√ √
Legal suits √ √
Biological disasters √√ √
*S - Sustainability

Strategy to Avoid Medico-legal Suits
To avoid medico-legal suits
All physicians must always take note of the goals in the
management of all patients:
Resolution of the health problem
Live patient
No complication
No disability
Satisfied patient
No medicolegal suit

Avoiding Medico-legal Suits
PATIENT SAFETY PROGRAM
RAPPORT WITH PATIENTS AND RELATIVES
COMMUNICATION – INFORMED CONSENT

International Patient Safety Goals
Goal 1 - Identify patients correctly
Goal 2 - Improve effective communication
Goal 3 - Improve the safety of high-alert medications
Goal 4 - Ensure correct site, correct procedure,
correct patient surgery
Goal 5 - Reduce risk of health care-associated
infections
Goal 6 - Reduce the risk of patient harm resulting
from fall

Critical steps to ensure success of HRM
• Securing of administrative commitment and support
• Establishment and continual development of manual of
policies and procedures on risk management that include
risk preparedness (prevention, mitigation, preparedness,
response, and recovery plans)
• Regular conduct of risk control exercises

RISK MANAGEMENT
•Formulation of strategies and action plans to make
the risk management program walk the talk!
Leadership
Managership
Communication
Education and Training

Critical Governance Factors
Leadership
Readiness in Risk Control
T
r
a
i
n
i
n
g
C
o
m
m
u
n
i
c
a
t
i
o
n
Managership

“Manage” staff to get commitment and
support to achieve goals!

Leaders may delegate
responsibilities and
competencies to
managers.
But must know
principles of risk
preparedness, esp. in
managing Incident
Command!
Critical factors for
readiness!

Leaders
communicate with
managers and staff
effectively and
efficiently! Timely!
Stress importance of
risk preparedness!
Provide directions!
Express commitment
and support!

Leaders support
training of staff for
risk preparedness!
Undergo training to
gain competency,
esp. in Incident
Command!
To demonstrate
engagement and
involvement!

Manual of Policies and Procedures
Recommendations:
The management program must be documented and placed
in a policies and procedures manual or primer,
disseminated to all staff, exercised, reviewed and re-
evaluated at planned intervals or as the need arises
anytime.

The manual can have the following simple outline:
• Preface
• Scope
• Definitions
• Program Management
• Planning
• Implementation
• Exercises, evaluation and corrective action
• Management Review

The manual can have the following simple outline:
• Preface
• Scope
• Definitions
• Program Management
• Planning
• Implementation
• Exercises, evaluation and corrective action
• Management Review
Hospital Risk Management
Program Manual
Supplementary Manuals on
Implementing Guidelines and
Instructions
(covering the categories of
common hospital risks)

Multisectoral Task Force / Committee
Recommendations:
Creation of multisectoral task force / committee
to align, coordinate, collaborate, and integrate all risk
preparedness programs of the hospital

Recommendations:
Examples of multisectoral task forces / committees
• Corporate Risk Management Committee
• Safety Promotion and Disaster Preparedness Committee
• Quality Management Committee
• Quality and Risk Management Committee

Recommendations:
Examples of multisectoral task forces / committees
• Corporate Risk Management Committee
• Safety Promotion and Disaster Preparedness Committee
• Quality Management Committee
• Quality and Risk Management Committeee
Essentials:
Multisectoral in membership
Headed by a top / senior
management representative
Aligning, coordinating,
integrating all risk preparedness
programs of the entire hospital

Case Studies of Hospitals
on Risk Management Program
Difficult to get info!
Majority = financial viability and sustainability
despite “un-enhanced” risk management program
Definite = incurred losses at one time or another
Challenges:
• Medicolegal suits
• Account receivables

• Risk management creates and protects value.
• Contributes to the demonstrable achievement of
objectives and improvement of performance.
• Risk management is an integral part of all organizational
processes.
• Not a stand-alone activity that is separate from the
main activities and processes of the organization. Is an
integral part of ALL organizational processes. Integrate
risk management into the overall management system
of the organization.

• Risk management is part of decision making.
• Helps decision-makers make informed choices,
prioritize actions and distinguish among alternative
courses of actions.
• Risk management explicitly addresses uncertainty.
• Explicitly takes account of uncertainty, the nature of
that uncertainty, and how it can be addressed.

• Risk management is systematic, structured and timely.
• Contributes to efficiency and to consistent, comparable
and reliable results.
• Risk management is based on the best available
information.
• There must be data no matter how limited.
• Risk management is tailored.
• Aligned with the organization’s unique external and
internal context and risk profile.

• Risk management takes human and cultural factors into
account.
• Recognizes the capabilities, perceptions and intentions
of external and internal people that can facilitate or
hinder achievement of the organization’s objectives.
• Risk management is transparent and inclusive.
• Appropriate and timely involvement of stakeholders
and decision makers at all levels of the organization,
ensures that risk management remains relevant and up-
to-date (and known to all and participatory)

• Risk management is dynamic, iterative and responsive to
change.
• Continually senses and responds to change. As external
and internal events occurs, context and knowledge
change, monitoring and review of risks take place, new
risks emerge, some change, and others disappear.
• Risk management facilitates continual improvement of the
organization.
• Improving risk management maturity facilitates
continual improvement of organization.

Risk Management in Hospitals - ROJoson - 2018 - Surabaya, Indonesia

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Similar a Risk Management in Hospitals - ROJoson - 2018 - Surabaya, Indonesia

Similar a Risk Management in Hospitals - ROJoson - 2018 - Surabaya, Indonesia (20)

Más de Reynaldo Joson

Más de Reynaldo Joson (20)

Último

Último (20)

Risk Management in Hospitals - ROJoson - 2018 - Surabaya, Indonesia