In any industry, risk management addresses liability, both proactively and reactively. Risk management in health care considers patient safety, quality assurance and patients’ rights. The potential for risk permeates all aspects of health care, including medical mistakes, electronic record keeping, provider organizations and facility management.
What is Risk?
According to the Insurance Bureau of Canada, “Risk, in insurance terms, is the possibility of a loss or other adverse event that has the potential to interfere with an organization’s ability to fulfill its mandate.”
Examples of adverse events in health care are unexpected death, failure to diagnose or treat disease, surgical mistakes or accidents. All of those can interfere with a provider’s delivery of medical care. Some can result in litigation.
Kinds of Risk Management
The Joint Commission, which accredits and certifies more than 17,000 health care organizations and programs in the United States, defines risk management in health care as “(c)linical and administrative activities undertaken to identify, evaluate, and reduce the risk of injury to patients, staff, and visitors and the risk of loss to the organization itself.”
Risk management is proactive or reactive. Proactive is avoiding/preventing risk. Reactive is minimizing loss or damage after an adverse/bad event. Medical care delivery is art based in science. Good results cannot be guaranteed.
Every surgery has the potential for an undesirable outcome. Sometimes, regardless of medical intervention, patients die.
Applying common sense can prevent bad results or accidents. For example, slippery floors in high traffic areas can cause accidents. Washing floors at low traffic times and diverting traffic away from wet floors until dry is a proactive means of risk avoidance.
Potential for some adverse events can be mathematically measured.
Treatment choices for a particular patient with a particular disease depend on the reliability of available options, the nature of the disease, whether the patient is hospitalized, the ease of care delivery, side-effects, cure rates and other factors.
Statistical data, regarding the effectiveness of medications, as well as the kinds and rates of potential side-effects, helps physicians decide what to prescribe.
After the potential for adverse events is identified and measured, a plan is designed and implemented to avoid risk(s) and/or minimize damage and loss. Risk management does not have recipes.
Occasionally, a plan to prevent risk can create new risks. For example, the introduction of electronic medical records (EMRs) can make more efficient use of providers’ time and ease access to information about patients’ prescriptions and medical histories. At the same time EMRs can invade patients’ privacy or cause physicians and nurses to rely too much on technology, instead of customizing diagnosis and treatment. Breaches of privacy and diagnostic or treatment mistakes can result in litigation.
Risk management must be designed for each organization. An organization’s purpose, mandate, size, facility construction, nature of business, location, patient populations, demographics, and other factors must be considered.
Health care risk management can benefit from already available practice guidelines and principles. National standards for delivered care also help to prevent medical mistakes.
Making quality of delivered medical care a top priority can avoid unnecessary treatments, undesirable side-effects and unfortunate outcomes.