Medical malpractice: liability, prevention, and legal implications

¶ … Health Care Organization Risk Management

The objective of this study is the identification of the role of risk management in health care organizations and how this role relates to the process across the entire health care spectrum. This work will also examine the impact of risk management on health care costs, staffing and capability as well as examine the impact of risk management on health care costs, staffing and capability. Furthermore this work seeks to examine risk management in regards to the government regulatory environment and to identify strategies and make recommendations for implementation of the risk management process. Finally, this work intends to examine the impact of the risk management process on health care policy-making.

Health Care Risk Management

Health care risk management has been identified by the American Society of Healthcare Risk Management (ASHRM) as "the identification, analysis and evaluation of risk and the selection of the most advantageous method of treating it." (Chubb, 2009, p.4) Risk management involves a 'four-step model which includes the four following steps: (1) identification of risk; (2) analysis of risk; (3) risk treatment including: (a) control of risk; and (b) financing of risk; and (4) Evaluation of strategies for risk management. Chubb, 2009, p.4) Risk management can be identified n a practical manner through identification, prevention, addressing and monitoring of situations that could potentially result in: (1) liability or injury; (2) financial loss or (3) regulatory non-compliance. Chubb, 2009, p.4)

II. Risk Management Program Elements

Risk management program elements are stated to include those as follows:

(1)

Safety/security programs.

(2)

Occupational Safety and Health Administration (OSHA)

requirements/employee health program.

(3)

Clinical Laboratory Improvement Act (CLIA) requirements.

(4)

Infection control.

(5)

Medicare/Medicaid patient rights requirements.

(6)

Informed consent procedures.

(7)

Clinical standard of care/negligence.

(8)

Property damage and property accessibility.

(9)

Medical waste and needle disposal.

(10) Medical record documentation.

(11) Confidentiality policy and standards for release of medical information.

(12) Mandatory reporting requirements.

(13) Licensure requirements.

(14) Accreditation standards.

(15) Credentialing/privileging guidelines.

(16) Contract management.

(17) (17)Monitoring of marketing/public relations/external representations.

(18) Complaint/grievance management.

(19) Claim investigation and management.

(20) Employment practices guidelines.

(21) Construction/physical plant requirements, permits, etc.

(22) Regulatory compliance activities.

(23) Risk transfer and financing management.

(24) Retention of insurance policies.

(25) Insurance broker relations management. (Chubb, 2009, p.4)

III. Successful Risk Management Program is 'Consistent' and "Thorough'

Characteristics of a risk management program that is successful in nature are the characteristics of processes stated to be both "consistent' and thorough'. As well, these processes should be continuously reviewed and updated and those in charge of managing risk should seek resource availability and should include updates and standards as a function for the development and revision of processes of the organization. Included in a risk management program are the following required elements: (1) Policies and procedures that are developed specifically for the function of risk management which are in written form and in which described is the position held by risk manager and whom the risk manager reports within the organization. Incident reporting requirements should be outlined within the organization and specifically by risk management within the organization in order to "delineate claims handling and reporting requirements." (Chubb, 2009, p.4)

Secondly included is that risk management is a process and one of the nature in which the policies and procedures of the organization are aligned so as to guarantee that consistency with the standard of care delivered in the faculty of practice so as to avoid these being utilized as evidence of negligence or deviation from the standard of care. As well the process seeks to eliminate the use of policies or procedures which are incorrect in their application and to ensure that these are reflective of 'actual practices." (Chubb, 2009, p.5) It is important to ensure consistency between departments within the organization and to maintain historical archives of policies and procedures. Risk management includes the confirmation of appropriate signatures with dates of effectiveness and dates of revision duly noted.

Third related is that exposure identification mechanisms include those of formal reports as well as former review of prior claims, patient complaints, and employee complaints, as well as standardized surveys/questionnaires, inspections surveys, audits and reviews of experts or consultants are key in this endeavor. Finally, 'quality assurance' reporting is critical in nature.

Fourth stated is the requirement of an incident reporting process of a formal and standardized nature which sets out precisely what incidents are required to reported and what forms should be used when doing so. There should be a designation of completes the report and to whom the report is made as well as identifying the individual or individuals who will conduct the follow-up investigation.

The work of Arby Carlisle (2005) entitled: "New Dimensions in Clinical Risk Management Strategies" states that in order to understand precisely where risk management is headed it is necessary to understand where it has been. Specifically Carlisle states that risk identification and management was historically "instituted in the corporate world in the 1940's as a quality control technique. In the 1970's, the nation faced a medical malpractice crisis, with a dramatic rise in the number of malpractice claims being filed and given staggering jury awards." (2005, p.1) The professional liability to the insurance market was affected greatly by these large awards and the result was the "...withdrew from the market or demanded heightened accountability in reporting and managing risks from insured's. Healthcare providers responded by creating coverage options and initiating programs to identify and control professional liability risks. Risk management efforts focused on retrospective reviews of incidents, loss reduction, and claims management. Since efforts were directed toward narrowly-focused functions and retrospective reviews, the data gathered and the prevention proposed were often seen by management and staff as being reactive, stale and no longer relevant." (Carlisle, 2005, p.1)

There has been an evolution in risk management that has resulted in more "sophistication and relevance..." And Carlisle states that risk management efforts have "...expanded beyond investigation, prevention, and claims management. Risk management now tackles more than its traditional roles of looking at what went wrong, who did it, how it can be prevented from happening again, how can costs be controlled, how can defense best be managed, how can settlements be structured, and how can staff be educated." (2005, p.1)

Risk management is now an inherent and "integral part of a health organization's basic components" in that risk management serves in the function of protection and support of the organization's "...board, management, leadership, staff, and every department, activity, committee, policy and procedural consideration, educational program, and strategic planning goal. The expanding role of risk management is largely due to a new understanding and perception among organization management as they assume a more proactive stance in their corporate governance roles."(Carlisle, 2005, p.1) Today's health care organizations take a role that is more proactive in terms of their roles of governance and no longer is a "cursory glance at annual risk management reports enough but instead there is a reliance on the reports regularly throughout the year including those in the nature of "legal and regulatory updates, enterprise-wide risk efforts, and education." (Carlisle, 2005, p.1)

Benchmarking and best practices have both been initiated by risk management as risk management seeks to "re-frame its identity and relevancy in the ever-evolving health care industry." (Carlisle, 2005, p.1) Carlisle predicts that in the future risk management strategies will be geared toward "...cross-disciplinary communication, both horizontally and vertically, within an organization. As a business decision and practice, progressive organizations will encourage risk management to expend more effort on looking for ways to better communicate what is known, being learned, and anticipated within the strata of the entire system." (2005, p.1)

This is predicted to potentially "...increase transparency of risk-reduction/management information within an individual organization, but also act as a catalyst to promote a collaborative effort of transparency between healthcare providers nationwide." (Carlisle, 2005, p.1) Collaboration taking place on the national level is stated by Carlisle (2005) to be a requirement in attempting to enhance patient care delivery and practices that are of a quality nature. Carlisle states that if optimal organizational penetration of risk management strategies is to occur then requires will be the organization's "...silos, housing peer review, quality improvement, safety, patient relations, information management, corporate compliance, and risk management efforts, must be dismantled. Free-flowing communication and shared reporting forges maximum linkage and alignment among the areas where activities, processes, performance, information and initiatives affect patient care and satisfaction, quality, financial stability, community perception, and ultimate realization of strategic goals." (2005, p.1)

The work of Brannan and Taylor entitled: "A Model for Enterprise Risk Management Within a Healthcare Organization" states that the incorporation of an ERM program "takes time and commitment by senior management to shift their organization to a new paradigm; a better, continuous method for analyzing all risks throughout the organization." (p.1) Brannan and Taylor state that there are three steps in the implementation of an Enterprise Risk model program in the organization which are those stated as follows: (1) analysis of risk from a broader, (2) enterprise wide perspective, and (3) defining roles and responsibilities and creating a strategy matrix to address specific ERM elements." (nd, p.1) There are stated to be eight elements of 'Enterprise Risk Management' which include those as follows: