The effort to decrease and evaluate risks to patients, staff, and organizational resources within a health care institution is defined as health care risk management. In order for facilities to minimize financial loss is to reduce accidents and injuries. All health care facilities and providers put risk management in to practice on a continuing basis. In 1985, the senior officers of the The Health and Human Services (DHHS) decided that there was a need to implement policies and procedures on risk management and risk assessment.
There was a considerable amount of concern about how the advances in risk management and risk assessment in the Environmental Protection Agency (EPA) would somehow affect the DHHS. In this article there was a philosophy of risk. This philosophy gave the actions that should be considered when putting the philosophy into action. 1. “Identify hazards that pose risks to public health and well-being. 2. Manage risks associated with the identified hazards in a manner that is prudent and in concert with the public’s need. 3. Acknowledge the essential participation of the public. . Communicate risks understandably to both experts and lay persons. 5. Whenever possible, use information that makes it possible to arrive at an informed estimate of risk. 6. Manage each significant risk through an approach that gives full consideration to alternative actions to control the hazard. 7. Advance the processes of risk assessment and risk management by research that reduces uncertainties” (Johnson, 2003). One typical risk of the Department of Health and Human Services would be someone giving out personally identifiable information.
Because the Department of Health and Human Services “is responsible for managing the information it stores, processes, and transmits in support of its business function in accordance with Federal laws and regulations, any unauthorized use, disclosure, or loss of such information can result in the loss of the public’s trust and confidence in the Department’s ability to properly protect it” (hhs. gov). Another risk is an organizational risk. This type of risk occurs when the management commitment, political expectations, or legislative requirements to complete the project are impacted because the project does not proceed.
This type of risk looks very bad on the organizations and makes the stakeholders question what type of organization they have invested in. Then you have technical risks. These risks are “associated with maintaining skilled staff, hardware and software dependencies, application software, other infrastructure needs, and security vulnerabilities and safeguards” (hhs. gov). This type of risk affects the organization is a major way. If not handled in a proper manner, the organization can be destroyed. The organization has to realize that the stakeholders are looking at this very closely.
They want to know that the organization is serious about the staff and that they are skilled enough to handle what goes on in the organization. It is also important that no one is giving out improper information. In order to mitigate these risks, the organization needs to have proper education. How can a person with no education or experience solve any kind of risk problem? Of course to some people it is a natural instinct to know how to resolve issues but they still must have education to back up their instinct.
Most organizations have an education requirement in order to be placed in an upper level position and that should strictly be adhered to. Not only should they have education, but experience should be a must. If they do not have the experience, they should be offered training. Training is very important. Each person should be trained on how to identify and handle these risks. Everyone in management position should be made aware of what to do when an issues comes up and how to resolve them. There should also be seminars held annually and it should be mandatory for everyone to attend.
There should be policies put in to place to ensure that risk assessment is practiced. Staff should be able to review one another’s work and give opinion on how things are going. Management cannot be around to see everything. If the staff is able to monitor what is going on and if there is a problem then take it to management, some of the problems that occur might be avoided. Also, if someone does pose a risk to the organization, that person should be place on some type of probation period. In conclusion, an organization is only as successful as they people behind it. Management should focus on the well-being of the organization.
They should take any necessary steps needed to make sure that the organization continues to run and be successful. Everyone has an interest in the success of an organization from the stakeholders to the management to the staff and the public. Proper risk management keeps everyone happy. The Department of Health and Human Services understands what needs to be done to have proper risk management. They play a major role in the health care industry and they know that it is necessary to maintain the reputation of this organization. They have risk management policies in effect and they adhere to them.
They make sure that their stakeholders and well as the public do not become affected by the possible risks that may occur within the organization. This organization is well prepared for the risks that can occur and have the knowledge to handle any type of issue that may arise. The Department of Health and Human Services is not the only organization that is prepared on this level but it is a sure example for those organizations that are looking for ways to identify and manage risks. Every organization can be successful if it develops a risk management policy of its own or if not, there should be a standard risk policy for all organizations.