Risk management planning related to Health Information Technology

Risk management planning related to Health
Information Technology
• Defining risk management
• Risk Management Program goals & Objectives
• Steps in Managing Risk and Compliance (HIT)
• Conclusion
• Risk management is defined as the
process of making and carrying out
decisions that will assist in the
prevention of adverse consequences
and minimize the adverse effects of
accidental losses upon an
• Risk management in health care
considers patient safety, quality
assurance and patients’ rights.
The potential for risk permeates
all aspects of health care,
including medical mistakes,
electronic record keeping,
provider organizations and
facility management.
The Patient Safety and Risk Management Program
goals and objectives are to:
• Continuously improve patient safety and minimize and/or
prevent the occurrence of errors
• Minimize adverse effects of errors, events, and system
breakdowns when they do occur.
• Enhance the safety of patients , visitors and employees and
minimize the financial loss to the hospital through risk
detection evaluation and prevention
• Protect human and intangible resources
Risk management planning
1.Risk management planning related to patients
medical data security and safety
2.Risk management planning related to patients
health safety
• More and more health-care providers have implemented
Web-based physician and patient portals to allow visibility into
their organization's clinical and financial data
If the Web application is not coded securely, vulnerabilities could
be exploited by an unauthorized user via the Internet to
compromise the confidentiality of sensitive information.
Steps in Managing Risk and Compliance
• Healthcare executives and
providers can and should
implement risk and
compliance management
from the very beginning of
Health information
technology development.
• The first phase is Assessment
and the second phase is
Design and Implementation
• Improve patient and customer
• Reduce the cost of data breaches
• Build and maintain reputation and
• Promote evidence-based medicine
• Improve public health
• Prevent system downtime
Errors in Healthcare related to IT
System related errors
• A quarter of incidents were related to data output problems,
such as retrieving the wrong patient record because the
system does not ask the user to validate the patient identity
before proceeding. This kind of problem led to incorrect
medication orders and in one case an unnecessary chest x-ray.
• One system failed to issue an alert when a pregnancy test was
ordered for a male patient
Health care providers errors
• Twenty-four percent of incidents were linked to data-input
For example, one nurse recorded blood glucose results for the
wrong patient due to typing the incorrect patient identification
number to access the record.This kind of mistake led to wrong
diagnose and treatment.
Risk management planning for medical
errors related to IT
Risk managers have a unique and important role to play in healthcare
disciplines :
• Ensure the web-based system (EHR, EMR )works properly
• Coordinate educational sessions for staff to discuss errors and their
prevention strategies
• Encourage error reporting, to ensure learning from error occurs,
and ensure improvement needs are identified.
• Perform an objective self-assessment of the hospital's risk for
electronic prescription errors (wrong medication) .
• Share error reduction and prevention strategies and other patient
safety information with the other facilities
Clearly, risk management planning related to health
information technology is necessary for patients
security and safety .
It is very important to develop and implement a risk
management plan in healthcare and continuously
evaluate and test this plan.
The costs of planning ahead will always be less than
not doing so.
Thank you
• http://bphc.hrsa.gov/ftca/riskmanagement/riskmgmtplan.pdf
• http://www.emc.com/collateral/analyst-reports/fs-healthinformation-technology-ar.pdf
• https://www.ecri.org/EmailResources/PSRQ/RMRep0613-HIT.pdf
• http://sites.tums.ac.ir/superusers/111/Gallery/20120206075323Rick
• http://ijimt.org/papers/266-CM244.pdf
• http://patientsafety.health.org.uk/sites/default/files/resources/safety
• http://www.ncpa.org/pdfs/st327.pdf