Issue link: https://emsworld.epubxp.com/i/336320
23 www.ihdelivery.com July 2014 Integrated Healthcare Delivery I n the new world of mobile integrated healthcare, with its new roles, collabo- rations and innovations quickly gaining acceptance, providers and their employers may feel anxious about their responsibili- ties. In this evolving world, organizations may face legal issues resulting from oper- ating outside their traditional scopes of practice, insurance, malpractice and more. How can they mitigate their risk? When most people think about risk, they tend to consider it in an after-the- fact, Monday-morning-quarterback type of way. For example, "Suzie took a big risk moving that heavy patient all by herself; she could have been hurt." Or, "Dr. Jones really took a risk by leaving his work laptop in his car. What if someone had stolen it? Patient informa- tion could have been compromised." But the reality is that risk is anything that can derail an MIH organization or any business from accomplishing its mission, and the best time and way to contemplate and address risk is in advance of a problem, or as soon as a previously unknown or undiscovered threat becomes apparent. The mechanism to do this is risk management. Risk management is a process for identify- ing risks, assessing how serious they are, and determining ways to address them to avoid or minimize harm. Risk management focuses on events that may cause harm to a business' clients (i.e., patients), assets (including employees) or reputation. Enterprise risk management expands the focus to define risk as anything that can prevent a company from achieving its objectives. Just as a business might design a plan to achieve its goals, a risk- management plan is similarly a way to identify risk-management goals, strategies to achieve them and measur- able outcomes, as well as who will be held accountable if a risk becomes a reality. A risk-management plan may include policies a business already has or articulate goals for the future. Risk management is an important part of business planning, and it is especially important for high-risk enterprises such as MIH. The process of risk management is designed to eliminate or reduce the risk of certain kinds of events from hap- pening—or, if they do happen, provide a strategy to mitigate their impact. This is done by identifying, assessing and prioritizing risks of different kinds. Once risks are identified, a plan is created to minimize or eliminate the potential impact of negative events. There are a variety of strategies avail- able, depending on the type of risk and business. For healthcare organizations, there are associations and agencies that publish risk-management standards, best practices and resources, including the American Society for Healthcare Risk Management (ASHRM), the Health Care Compliance Association (HCCA) and the Health Resources and Services Administration (HRSA). There are also a number of more generic risk-management standards that may be applicable to healthcare organiza- tions, such as those developed by the By Allison J. Bloom How to Identify and Manage Risk LEGAL SCENE Allison J. Bloom is the CEO and founding partner of The Bloominghill Group, a healthcare coaching and consulting company dedicated to helping healthcare organizations and businesses understand and navigate the changing healthcare landscape. A coach, consultant and attorney, Bloom is a nationally recognized author on legal and healthcare reform topics, and lectures frequently on healthcare reform, legal, compliance and risk-management topics. Contact her at abloom@bloominghillgroup.com or www.bloominghillgroup.com . Allison J. Bloom A few simple steps can help protect your organization IHD_23-25_LegalScene0714.indd 23 6/13/14 11:25 AM