How Will Your Practice Stand Up To a Risk Assessment?October 26, 2010
Lancet Staff Report
While quality assurance officers have attempted to minimize the exposure to risk, and therefore, financial exposure, in a variety of businesses for many years, it is perhaps more critical than ever to have a coordinated risk management plan.
Sometimes it is thought that the medical community should be primarily concerned with preventing injury to patients. In actuality, it is prudent for health providers to have a comprehensive program that manages risks to employees and other members of the health care team. It would be ideal to prevent all risks, but Lancet Indemnity RRG recognizes that such a goal is not possible. The very nature of medical practice brings inherent risks and the cost of trying to prevent every accident or injury would be prohibitive: thus the term risk management.
The International Organization for Standardization (IOS) suggests that risk management involves identifying the possibilities of exposure and assessing the negative impact of unfortunate events. It is important to identify the resources necessary to minimize and control the cost of such occurrences.
Then what are some strategies for managing risk? Douglas Hubbard, a risk management expert, (2009) states, “The strategies to manage risk include transferring the risk to another party, avoiding the risk, reducing the negative effect of the risk, and accepting some or all of the consequences of a particular risk.”
Regardless of which strategy is selected, it is important that a priority scale be used. The first priority to be addressed is a scenario where the risks with the greatest loss and the highest probability of occurrence are in tandem. Risks with lower probability of occurring and with lower financial exposure would be handled next. In reality, risks are not always easy to diagnose and the possibility of miscalculation is always present.
Lancet utilizes ASTAT Practice Management, who has developed a site evaluation that assesses the level of risk of medical practices. The evaluation covers `19 areas of risk and includes topics such as patient care records, patient notification of test results, confidentiality of medical records, project research studies, office manuals with policies and procedures, dispensing of prescription medications, professional employee job descriptions, telephone procedures, contractual relationships with HMOs, PPOs, IPAs, etc., and review by a business attorney for undue personal and professional exposure.
Lancet uses several ASTAT experienced representatives that conduct the risk review for the participating medical practice and submits the results as part of the overall Professional Liability Application.
The International Organization for Standardization (ISO/IEC 27001) suggests that after completion of the risk assessment, a risk treatment plan should be devised. This plan documents the decisions about how each of the risks identified in the assessment should be handled.
In order to be truly effective, the risk treatment plan must be periodically reviewed and evaluated. Through experience and, yes, actual loss, there may be a need for future changes in the plan. New information will allow for possibly different decisions to be made when faced with the risk of loss.
References Hubbard, Douglas (2009). The Failure of Risk Management:
Why It’s Broken and How to Fix It. John Wiley & Sons, P. 46.
ISO/IEC Guide 73:2009 (2009). Risk Management—Principles and guidelines on implementation. International Organization for Standardization.