Health risk management

Jairo Reynales Londoño MD. MSP.

In particular, since the publication of the To Err is Human report in 1999, risk management has been considered a priority issue in the formulation of health policy, the management of institutions and the operation of processes. Knowing the volume and severity of adverse events related to health care has motivated the attention of:

– Society, which demands more transparency in relation to the risks it consciously or unconsciously faces.–

– Health service providers, who are increasingly forced to promote actions aimed at managing the risks inherent in their operation.

– International agencies, which are being forced to formulate and promote the adoption of policies, objectives, strategies, and actions aimed at risk management.

Within the reference framework described, the objectives and strategies related to risk management, as well as the redesign of the organizational structure of health institutions and programs, should be oriented to promote, support and be guarantors of the implementation progress of the actions conducive to guaranteeing the control of risks.

Comprehensive risk management has been positioned in recent years, this has motivated the design of various «Risk Management Models», including the ISO 31000 standard (ISO Guide 73: 2009). Published in 2009 by the International Organization for Standardization. In this standard, risk is defined as the «Effect of uncertainty on objectives»

NTC GP 1000: 2004 defines risk as «Any possibility of the occurrence of a situation that may hinder the normal development of the entity’s functions and prevent it from achieving its objectives.»

Risk management takes into account all aspects related to human, physical and financial resources; also, the tangibles and intangibles, as well as the internal and external sources that generate value.

The comprehensive analysis of risk management facilitates:

1. Act in advance in the face of opportunities and threats that may arise and jeopardize the day-to-day operation of health institutions and programs.
2. Understand the meaning of risk exposure, in order to make timely and correct decisions for their respective management.
3. Exercise the self-control required for the fulfillment of the agreed objectives and actions.
4. Promote the participation and collaboration of the organization’s collaborators in the different areas and processes of the institution.
5. Promote the creation of spaces to participate and discuss aspects to be improved.

The general objective of risk management is aimed at ensuring that all the institution’s activities and health programs are carried out within the framework of current regulations, seeking the prevention, reduction and mitigation of the risks inherent to its operation and the context in which it is found.

 

Basic concepts related to risk management 

The possibility of the occurrence of an event that has an impact on the fulfillment of the institution’s objectives and the health programs is expressed in terms of probability and consequences.

-The inherent risk: it is the risk to which the institution and the health programs are exposed in the absence of actions to modify their probability of occurrence or their impact.

-The residual risk: it is the level of risk that remains after the fact of having taken measures for its treatment.

Risk, in its most common perception, is assumed as a threat; In this sense, the actions undertaken by the institution are aimed at avoiding it, transferring it, reducing it, or mitigating it; however, risk can also be analyzed as an opportunity.

-The risk of corruption is given by the possibility that due to the misuse of power, resources or information, the interests of the institution are affected and someone obtains a particular benefit.

Risk management is the responsibility of the senior management and of each and every one of the collaborators who must direct their efforts towards achieving the agreed objectives and goals.

The risk approach is not achieved only with the use of the methodology and instruments that are available for this purpose, but with the actions planned for monitoring, evaluation and control, which have become a natural and inherent aspect of the planning process.

 

Senior management commitment to risk management

Senior management collaborators are responsible for promoting a culture aimed at identifying and preventing risk, but also defining the respective policy for risk management, which must have explicit the level of acceptance of risk and the definition of the periodicity for monitoring, evaluating and controlling risks; Likewise, they must establish the channels to disseminate the mechanisms defined and adopted by the hospital to support all the actions undertaken in this regard.

It is necessary to appoint a top-level manager (it must be the same one who is in charge of the development and maintenance of the quality management system) to guide and support the entire process of designing and implementing the risk management process. Likewise, senior management must guarantee that they have the necessary resources for its implementation and maintenance.

Given the importance of the issue, the joint effort of all the institution’s collaborators is required, so that the integral management of the risks inherent in each of the processes can be responded to, and especially those that are part of the value chain of the organization and have been identified as a priority for good performance in what concerns the provision of health services.

At the operational level, risk management must be led by those responsible for the processes, who have the duty to identify risks in procedures and activities and adopt and execute the control measures defined and necessary to manage them.