Risk Management in Consideration as a Vital Component of the Governance of Social Security Institutions

Risk Management

A Vital Component in the Governance of Health Care Institutions

Risk exists in any endeavor. Many people drive every day risking a traffic collision, others live in areas where the risk of spring tornados is extreme, and still other people work around high power electric lines. The question to ask is how can a person moderate the risks that they face each day? Make sure that the vehicle is performing to its optimal capabilities and that driving is undistracted and intentional. Make sure that a safe place exists nearby to go in the event of dangerous weather. Follow all of the safety regulations that go with the job of an electric company lineman. Basically people need to be alert and responsive to the situations that present themselves. Individuals must also understand that they have taken care of all but the most unforeseen eventualities (such as making sure the car one drives is properly maintained).

For a business the risks can be equally pressing. The healthcare industry has taken precautions for many years to protect the rights of the people who patronize health services. Societies license healthcare providers at all levels, hospitals are governed by both governmental and association rules, and patients have the expectation that they will receive the best care available. But is that always the case? Even with the best healthcare system in the world there are still issues that present themselves. The science of risk management is fraught with difficulty because not every risk is readily apparent. Following is a discussion of risk management as it relates to the health care industry.

Role of Risk Management in Healthcare

Defining risk and risk management as they apply to healthcare is the first important step. Risk is "the possibility of a loss or other adverse event that has the potential to interfere with an organization's ability to perform its mandate" (Miller, 2010). This could be a patient safety issue, a failure to make sure that adequate facilities and tools for care are available, or mistakes by personnel. Risk management is "clinical and administrative activities undertaken to identify, evaluate, and reduce the risk of injury to patients, staff, and visitors and the risk of loss to the organization itself" (Miller, 2010). This definition, taken from the Joint Commission, covers all manner of situations that could affect risk within a healthcare organization.

Associated Costs

The cost of doing business for healthcare organizations is rising, especially when they do not have a comprehensive risk management plan in place (Ethics Point, 2010). According to research, the issue facing many organizations is not that they do not manage risk, but that they do not do so efficiently. This inefficiency causes costs of risk management to rise (Ethics Point, 2010).

Because of the heavy cost of manpower to manage the intense regulation that governs healthcare, the efficiency cost from lack of proper planning, and overall larger costs generally associated with healthcare, providers have been hit hard by all of the additional costs incurred by risk management. In 2008, the average healthcare agency lost seven percent of its revenue due to fraud (Ethics Point, 2010). Regulations such as HIPPA carry severe penalties and access breaches are up every year (Ethics Point, 2010). With these breaches of a patient's file come heavy fines that have to be added to a company's bottom line. Another problem with these breaches of personal information is that patients go to other providers after they happen. This causes a real loss of revenue that is difficult to recover because of the subsequent loss of credibility (Ethics Point, 2010). Other costs associated with forms of poor risk management are loss of staff, paying overtime to fix an issue, and the cost of changing infrastructure (IT, building code violations, etc.) to meet new codes (Truarx, 2011).

Most healthcare agencies have a reactionary response when a threat is realized. A good risk management plan would have reduced the possibility of an occurrence, but many companies do not have one that is sufficient to deal with all contingencies. Therefore the costs of managing risk rise while knee jerk reactions are made when problems occur.

Government Regulations

The government is very interested in how healthcare institutions mange risk because citizens demand that there is safe management of the healthcare system. One of the most important laws managing risk has been the HIPAA laws. HIPAA was put into place to protect patients information from being disseminated too widely. Only persons who have a need to know what is in someone's health file may have access (Truarx, 2011). This right is specifically governed and there are severe penalties for any person or agency that abuses someone else's information.

Other regulations are specific to patient safety, how a hospital conducts its hazardous waste program, and other aspects that relate to safety of both patients and staff in a healthcare setting. Besides the federal government, states have their own requirements for a healthcare establishment that operates within its borders (Truarx, 2011). There are also international laws that are enforceable in certain situations. Especially during tmes of disaster relief when healthcare workers from around the world are called to a foreign location. These laws protect patients, no matter where they happen to be, from the malfeasance that can occur.

Role of Interest Groups

Interest groups are actually one of the safety nets for healthcare organizations (Kuhn & Youngberg, 2002). These organizations are watchdogs for patients rights and they also work to insure that the personnel who work for healthcare organizations are licensed and capable (Miller, 2010). These agencies also work to educate patients about their rights (Adams, 2010).

Interest groups run the gamut from such organizations as the American Medical Association which licenses doctors to such watchdog groups as the American Civil Liberties Union, which protects the interests of all citizens (Adams, 2010). Of these types of groups, the most important may be the Joint Commission on Accreditation of Healthcare Organizations (JCAHO). This organization conducts audits of organizations to make sure that they are in compliance with a set of standards by which all U.S. healthcare organizations are governed. Although the organization's stance on risk management is not the basis for most intraorganizational standards across the spectrum, they have given guidelines by which a risk management program can be based (Kuhn & Youngberg, 2002). These guidelines have given organizations the guidance they need to develop an individualized plan.