Risk management planning related to Health Information Technology Content • Defining risk management • Risk Management Program goals & Objectives • Steps in Managing Risk and Compliance (HIT) • Conclusion Definition • Risk management is defined as the process of making and carrying out decisions that will assist in the prevention of adverse consequences and minimize the adverse effects of accidental losses upon an organization. Definition • Risk management in health care considers patient safety, quality assurance and patients’ rights. The potential for risk permeates all aspects of health care, including medical mistakes, electronic record keeping, provider organizations and facility management. The Patient Safety and Risk Management Program goals and objectives are to: • Continuously improve patient safety and minimize and/or prevent the occurrence of errors • Minimize adverse effects of errors, events, and system breakdowns when they do occur. • Enhance the safety of patients , visitors and employees and minimize the financial loss to the hospital through risk detection evaluation and prevention • Protect human and intangible resources Risk management planning 1.Risk management planning related to patients medical data security and safety 2.Risk management planning related to patients health safety Risk • More and more health-care providers have implemented Web-based physician and patient portals to allow visibility into their organization's clinical and financial data If the Web application is not coded securely, vulnerabilities could be exploited by an unauthorized user via the Internet to compromise the confidentiality of sensitive information. Steps in Managing Risk and Compliance • Healthcare executives and providers can and should implement risk and compliance management from the very beginning of Health information technology development. • The first phase is Assessment and the second phase is Design and Implementation THE BENEFITS OF IMPLEMENTING A RISK AND COMPLIANCE MANAGEMENT STRATEGY • Improve patient and customer satisfaction • Reduce the cost of data breaches • Build and maintain reputation and competitiveness • Promote evidence-based medicine • Improve public health • Prevent system downtime Errors in Healthcare related to IT System related errors • A quarter of incidents were related to data output problems, such as retrieving the wrong patient record because the system does not ask the user to validate the patient identity before proceeding. This kind of problem led to incorrect medication orders and in one case an unnecessary chest x-ray. • One system failed to issue an alert when a pregnancy test was ordered for a male patient Health care providers errors • Twenty-four percent of incidents were linked to data-input mistakes. For example, one nurse recorded blood glucose results for the wrong patient due to typing the incorrect patient identification number to access the record.This kind of mistake led to wrong diagnose and treatment. Risk management planning for medical errors related to IT Risk managers have a unique and important role to play in healthcare disciplines : • Ensure the web-based system (EHR, EMR )works properly • Coordinate educational sessions for staff to discuss errors and their prevention strategies • Encourage error reporting, to ensure learning from error occurs, and ensure improvement needs are identified. • Perform an objective self-assessment of the hospital's risk for electronic prescription errors (wrong medication) . • Share error reduction and prevention strategies and other patient safety information with the other facilities Conclusion Clearly, risk management planning related to health information technology is necessary for patients security and safety . It is very important to develop and implement a risk management plan in healthcare and continuously evaluate and test this plan. The costs of planning ahead will always be less than not doing so. Thank you References: • http://bphc.hrsa.gov/ftca/riskmanagement/riskmgmtplan.pdf • http://www.emc.com/collateral/analyst-reports/fs-healthinformation-technology-ar.pdf • https://www.ecri.org/EmailResources/PSRQ/RMRep0613-HIT.pdf • http://sites.tums.ac.ir/superusers/111/Gallery/20120206075323Rick %20Management.pdf • http://ijimt.org/papers/266-CM244.pdf • http://patientsafety.health.org.uk/sites/default/files/resources/safety _and_risk_management_in_hospitals.pdf • http://www.ncpa.org/pdfs/st327.pdf