Why Enterprise Risk Management? Why now? Consider an audit of your healthcare organization has found your facility failed to report hundreds of mistakes, or your chief Urologist was charged with research conflict of interest. What if your facility inappropriately billed for time and activity while working under a federally funded grant, or your organization was found noncompliant in interim life-safety measures? Given the breadth and complexity of potential risks such as these, healthcare organizations require a logical framework for identifying the true scope of potential risks, evaluating risk exposures and responding to risks. In the midst of mounting regulations, higher standards of accountability, increased competition for services and staffing shortages, healthcare facilities endeavor to continually improve patient care and safety while decreasing unnecessary costs. Understandably, healthcare organizations have, like most other organizations, focused on those risks that could be easily managed at lower costs and have ignored residual risks. By taking a proactive approach to risk management using an Enterprise Risk Management (ERM) model, healthcare organizations will be better equipped to focus on all risks throughout the organization while maintaining patient safety, ensuring compliance and improving their organizations' bottom line. Incorporating an ERM program at any institution takes time and a commitment by senior management to shift their organization to a new paradigm; a better, continuous method for analyzing all risks throughout the organization. There are three steps involved in implementing an ERM program in an organization. These steps include analyzing risk from a broader, enterprise-wide perspective, defining roles and responsibilities and creating a strategy matrix to address specific ERM elements. While an organization must focus on those steps needed to implement an ERM program, it is important to understand the definition of ERM and the key elements of ERM to truly understand the value ERM can bring to your organization. This paper will define ERM and the elements of ERM as well as address the steps needed to achieve ERM. Furthermore, we will introduce a new model, the ERM Fusion Model. The use of this module will depict how ERM can bring value to a healthcare organization facing compliance with JCAHO continued readiness, HIPAA, Sarbanes-Oxley, OSHA, CMS and more.
展开▼
