This module on the “Safemedic” platform includes:

•       "Risk Management" coursebook

•       Interactive video lecture by David Smith, International Network for Health Workforce Education

•       Materials available to download

In the course of the interactive video lecture, you can choose to go deeper into a topic or to move onto the next subject.

Course summary

The literature presented in this report explores the available research relating to risk and risk management processes. The review draws on academic peer reviewed journal articles and textbooks as well as key grey literature from both the public and private sectors. The literature search was conducted using Booth’s (2013) triple plus method which provided a systematic search strategy which included resources from academic libraries and databases, specialist grey literature databases, and supplementary grey literature search engines such as Google Scholar.  The review is divided into five sections which reflect the five key principles/aspects of risk management. These are: (i) initiating risk, (ii) identifying risk, (iii) assessing risk, (iv) managing and responding to risk, and (v) monitoring, reporting and communicating risk.  

The aim of the course is to broaden the knowledge of healthcare professionals on many aspects of risk, so that they can correctly identify, assess, manage and respond to risk in the context of their work, as well as monitor, report and communicate risk. The training is based on an interactive video lecture. It can also be realized via the blended learning system.

Upon completion of the course, the course participant will have knowledge of the following:

• ways of initiating the risk management process;

• defining the risk management context of an institution;

• human aspect of risk management - clear division of roles;

• key areas by which threats to publicly funded healthcare organizations can be identified (audit, third parties and the public, patients and consumers);

• risk assessment methods;

• the risk categories to be used within the healthcare system;

• control mechanisms that can be used to control or eliminate risks;

• possible responses to risk;

• risk management;

• monitoring of mitigating actions;

• reporting information obtained as a result of risk assessment and its     dissemination within the institution.

 

Upon completion of the course, the course participant will be able to:

• define risk;

• identify sector-specific risks;

• identify groups of employees that should be included in the risk management process;

• define the roles and responsibilities of the participants in risk management in the institution;

• identify the risk categories applicable in the health system risk assessment;

• assess the likelihood of occurrence and the consequences of the risk;

• choose the appropriate one from the possible risk responses;

• propose monitoring of mitigation measures in order to minimize or eliminate negative impacts;

• report and communicate within the institution the information obtained as a result of risk assessment and control.

 

Contents of the course

1.    Initiating risk

2.    Identifying risk

3.    Assessing risk

4.    Managing and responding to risk

5.    Monitoring, reporting and communicating risk

 

Course notes

Initiating risk

Quotation from the lecture

“A relatively new step in the risk management process which prescribes how an organisation should start the risk management process…. In order to start the initiation process it is important for organisations to set a context in which staff have a clear understanding of when, how and why they are undertaking risk management. … An organisation’s internal structure, external environment and the specific function of risk management activity are the factors which constitute the ‘context’.

The next step in ‘initiation’ is to define what is meant by the term ‘risk’...  It is therefore important for a business to define risk clearly, making it specific to the sector to which an organisation belongs. 

The human aspect of risk management is vital to its success and effectiveness. …The only way the risk process can succeed is if everyone knows their role. Four staff groups that must be included in the risk process are identified in the literature: the Board, senior management, risk manager and all staff.” 

 

 

Identifying Risk

Quotation from the lecture

“ [Organisations] should attempt to identify as many ‘significant’ risks as possible, bearing in mind that risk identification is a continuous process and new risks will keep appearing.

The literature search of both academic and grey literature found three key areas where risks to business, specifically publicly financed healthcare organisations, can be identified. These are: (i) audit, (ii) third parties, and (iii) public, patients and consumers.

Pair/group work

The primary task of a medical facility is to ensure the safety of its patients and staff. What are the safety risks associated with the work of an Accident and Emergency Department?

 

 

Assessing Risk

Quotation from the lecture

 “The way of assessing a risk … is to determine the likelihood of that risk occurring or recurring versus the impact (sometime called consequence) if the risk were to materialise. …Applying a risk matrix is the natural next step after using a numerical grading scale. The National Patient Safety Agency (NPSA) (2011) Guidance for Risk Managers developed the matrix below which is generally accepted and widely used within the UK’s National Health Service.

An organisation should reach a judgement about the level of analysis which is deemed most practicable for its circumstances.

Risk can come from within, for example through employee actions and / or from the decisions of management, such as the choice of accounting policy. There are external threats too, like risks posed by factors beyond the control of company staff. It is therefore useful to group risks together.”

 

Managing and Responding to Risk

Quotation from the lecture

“There are a number of opportunities available to staff when presented with a risk.  These have been summarised as … Avoid, Accept/Tolerate, Control/Treat, Share, Transfer, Eliminate, Take Opportunity.

If the appropriate action when responding to a risk is to control or eliminate a risk, a number of options are also available. These are outlined as ‘types’ of controls…. [These are]  preventive controls, corrective controls, directive controls, detective controls.”

 

Quotation from the lecture

“Monitoring risk relates to how the owner or manager of a risk keeps up-to-date with mitigation (i.e. how often risk is reviewed and checked in order to minimise or eradicate the negative impact).

The reporting phase is how the information gained from assessing and controlling risk is presented to the organisation.

Communicating risk is how shared learning is disseminated within the organisation.”