Identifying risk, averting risk
The introduction of comprehensive risk management to a hospital is challenging. Although initiating quality and safety processes is often easy, the structural changes in a microcosmic hospital are harder to crack. However, successfully integrated risk management can represent a decisive, competitive advantage in the healthcare market.
By Karoline Laarmann
How can risk management be improved quickly and what kind of measures will ensure that employees really do change their attitude and behaviour?
‘If you want to establish integrated risk management in a hospital, a good start is taking a look beyond the rim of your teacup, at other industries,’ Dr Tobias Möhlmann, Associate Principal, Co-head of the McKinsey Hospital Institute, McKinsey & Company, advises. ‘One industry sector where the business model is almost completely based around the subject of risk management is the financial sector. There are two dimensions to this: measuring instruments in the form of rating agencies, which capture and evaluate risks, and a branch culture that is aimed at recognising risks, assessing them and finally making decisions based on those risks.’
However, the 2007 financial crisis proved that even supposed experts can overlook existential risks. The fatal economic effects of the banking crash also affected perceptions in other industry sectors. ‘Risk management’ is increasingly a focus for hospital administrators.
A question of business culture
In terms of measuring tools, Dr Möhlmann believes hospitals are already in a good position. A range of quality and safety systems, such as operating theatre checklists, Critical Incident Reporting Systems (CIRS), interdisciplinary case conferences, or patient tags, along with electronic patient files, are already in place. If anything, deep-rooted cultural barriers, which are widespread in hospitals, are a more likely reason for failure in the implementation of new measures. ‘Instead of evidence-based medicine, it’s often a case of eminence-based medicine. You know, for instance, that your doctor colleague should not be wearing a tie by the patient’s bedside to prevent wound infections, but you are too afraid to mention it.’
A McKinsey survey on the risk culture in hospitals confirmed this impression across all groups. Two basic problems were found: Fewer than 70% of all staff (ranging from board members to auxiliary nurses) abide by existing risk systems in their respective hospitals, or even understand the importance of the risks.
To explain the result, Dr Möhlmann says: ‘When you think about hospital risks you often only think about medical risks and patient safety. However, when you look at the hospital as a whole, there are a number of other factors, such as regulatory risks, financial risks, or reputation risks, which are all interdependent but have to be managed in different ways. Current quality and safety systems in hospitals promote documenting and delegating responsibility, instead of fast reactions and decisions. Frequently they are also much too detailed and complex, so they run the risk of being ignored by senior management.’
Creating transparency
So do you break the spell? There are three essential elements for successful establishment of risk management which are decisive. Initially, it’s all about creating transparency, which means risks must be identified in detail, i.e. via employee surveys or interviews. On the basis of this data analysis, risks should then be prioritised according to their likely occurrence and effects. This allows the development of strategies to avoid those top risks, and/or damage limitation if they do indeed occur. ‘The key of transparency, however, is breaking down the barriers between the responsible staff units and the Board. If the problem is not being addressed at management level there is no opportunity to implement measures in the other direction – this is a typical top-down problem,’ he points out.
Effective processes
The second key element of risk management is organisation and process. It is therefore advisable to assign some one to each individual risk. Structures should be determined in such a way that a potential risk, or risk event that has already occurred, are identified in time and reacted to respectively. ‘The most important thing is to create a base to learn from mistakes, i.e. through comprehensive implementation of anonymous CIRS. Of course, the best thing would be not just to talk about events once they have occurred, but also to broach the issue of near-miss situations,’ he advises.
Creating a risk culture
Dr Möhlmann emphasises the third essential issue -- the culture. Are employees informed of potential risks and containment measures? Are they aware of the risks and do they address them? Do they feel personally responsible and are they likely to react to impending risk events appropriately? Are they motivated to avoid and contain risks? ‘Risk management is often viewed as a bureaucratic burden by many employees as they lack the understanding of the necessity of these measures. Accordingly, they are then only carried out half-heartedly.’
He is sure that staff will only change their behaviour when they understand the expected changes and when these make sense to them. The important issue here is to focus on a few selected, clearly defined changes of attitude. It is also very important for well respected, senior staff to act as role models: ‘If the sister in the operating theatre does not wear a face mask then the staff members she oversees will assume there is no need to do so. However, if they feel well supported by the formal, organisational structure, i.e. if there are regular face mask controls in the theatre, they will feel more empowered to talk to their direct superior about the importance of wearing the mask. If you are sure of your facts, you are more likely to express your opinion.’
19.04.2011