1

2

Policy Date: Policy Revision:
Policy:
The purpose of this policy is to evaluate all hazards, their risk of actual occurrence, and the impact on life, property, and business should the hazard occur.
HVA Results
The attached HVA identified the following relative threats based on hazard type to the facility, be it natural, technological, human error or hazardous materials (hazmat). It also identified the relative impacts based on probability and severity of hazards to the facility.
Procedure:
1) A hazard vulnerability analysis (HVA) will be conducted on a:
 xxxxx basis;

after an emergency event; and/or
 warranted by changes in either the community or staffing, by the Emergency
Preparedness Committee (EPC).
2) The [Position Title] is responsible for ensuring that the HVA is conducted, forwarding to the necessary committees, and carrying out any corrective measures identified through the HVA.
3) The completed HVA along with an analysis and recommendations for changes must be submitted to the EPC .
4) The analysis and recommendations must take into consideration whether current emergency preparedness properly addresses issues raised through [insert specific site policies you want the HVA to take in to account] .
5) All events must be dealt with specifically through a policy and procedure addressing that specific event. The policy must address mitigation, preparedness, response, and recovery.
6) The EPC will use the hazard and vulnerability assessment tool developed by Kaiser
Permanente (see attached).
7) If using the Kaiser Permanente HVA Tool : Issues to be considered when conducting the HVA include the probability and severity of the event. Considerations for severity must include human impact, property impact, business impact, preparedness, internal response, and external response. The probability and magnitude (human, property, and business impact) of
3

the event will be considered on a scale for 1 (low) to 3 (high) and mitigation (preparedness, internal response, and external response) will be scored on a scale from 1 (high) to 3 (low).
The tool also contains an instruction tab in the file for additional guidance.
8) The following resources should be used to assist in gathering known risk and historical data for hazards in [insert your location here] :

Resource #1

Resource #2
4

5

 Legal and Regulatory Requirements
 Clinical o Patient Care o Customer / Patient Service o Clinical Orders o Protocols o Treatment Plans o Clinical Decision Support o Medical and Clinical Documentation
 Financial Accounting o Insurance Claims Processing o Account Receivable o Accounts Payable o Health Care Center Insurance
 Administration o Scheduling o Registration o Documentation of Patient
Encounters o Patient Records Management o Procurement o Inventory o Supply Chain Processes
 Human Resources o Payroll o Staffing
 Information Technology o Hardware o Software o Back ups o Communications: online , wireless,
POTS, PBX
 Facility Maintenance o HVAC o Utilities o Housekeeping
 Data Warehousing o Medical Treatment Results o Lab Data o Billing Data o Patient Files
6

7

#___ Department:
Business Process:
Type:  Critical Process
Priority:  High
Description:
#___ Department:
Business Process:
Type:

Critical Process
Priority:  High
Description:
#___ Department:
Business Process:
Type:  Critical Process
Priority:

High
Description:
#___ Department:
Business Process:
Type:  Critical Process
Priority:  High
Description:
 Non Critical Process
 Medium  Low

Non Critical Process
 Medium  Low
 Non Critical Process

Medium

Low
 Non Critical Process
 Medium  Low
8

9

Business Continuity
The capability to continue essential business processes under all circumstances
Business Continuity Plan Well researched, all-hazards effort to ensure capabilities are developed to maintain business operations before, during and after a disaster. Consists of a business impact analysis (BIA), threat analysis (HVA), and impact scenarios.
Business Impact Analysis (BIA) The process of identifying and quantifying the impacts of an emergency or disaster in both financial and non-financial terms on an organization. It considers essential critical processes that are required to conduct business during an emergency event
Critical Process Essential functions that are important to the mission of the organization and must be maintained during an emergency event
Emergency A condition of disaster or of extreme peril to the safety of persons and property caused by natural, technological or man-made events, that may have a quick or slow onset.
Hazard
Hazard Vulnerability Analysis
(HVA)
Process
A potential or actual force with the ability to cause loss or harm to humans or property
An event-focused, systematic approach to identify, assess, and prioritize each hazard that may affect a community to show vulnerabilities. The vulnerability is related to both the impact on the organizational function and the likely service demands created by the hazard impact
A systematic series of activities or tasks that produce a specific end
Risk
Vulnerability
The effect of hazard combined with vulnerability
How susceptible resources are to the negative effects of hazards including the likelihood of a hazard occurring and mitigation measures taken to lessen the effects of hazards
10