#112 – HEALTHCARE@RISK: DEFINING RISK-BASED THINKING – TED SCHMIDT

Posted on by

00141Hospitals that conform or certify to ISO 9001 (specifically those in the DNV-GL Healthcare accreditation scheme) are aware of the recent revision to ISO 9001.  This 2015 version introduces a new term, “risk-based thinking”, that is raising eyebrows and causing ire in some circles.   The main source of this ire is the fact that risk-based thinking is not defined in ISO 9001:2015 or in the associated standard ISO 9000:2015, “Fundamentals and Vocabulary”.

In the evolutionary process of ISO 9001:2015, there are many iterations.  The CD or Committee Draft, the DIS or Draft International Standard, the FDIS of Final Draft International Standard are the stages that an ISO standard goes through on it’s path to becoming an International Standard.  Let’s begin by using the definition of risk as “the degree of uncertainty on achievement of objectives” (COSO 2004).  In the DIS, there was a definition for risk-based thinking.  I have modified it a bit here:

Risk-based Thinking (aka RBT): “The activity of considering risk qualitatively and possibly quantitatively when planning, implementing and maintaining your quality management system.”

To break this down, RBT is an activity, a process.  In this process you consider risk to achievement of your objectives (clinical, financial, operational, etc.).  This consideration may generate a record (FMEA, meeting minutes, etc.).  The risk consideration may be qualitative (that which can not likely be measured) or quantitative (that which can be measured).  You make these considerations when planning, implementing and maintaining your QMS.  Your QMS is a living breathing system, constantly changing in our complex healthcare environment, so RBT is an on-going process.

Annex A.4 in ISO 9001:2015 gives us more information about RBT.  This Annex says that RBT is something that we often do subconsciously; it should be built into our governance and into our critical and complex processes.  RBT incorporates preventive measures into our daily work.  It should become an attribute of our hospital culture since everyone is responsible for risk.

Greg Hutchins, PE, CERM has defined RBT as “risk-based decision making” and “risk based problem solving”.  We will always consider risk when determining corrective actions and when we make decisions.  We decide, based on risk, before picking up a dirty needle.  If we decide to pick up the needle, we decide to take measures so as not to harm others or ourselves.  These definitions give RBT more contexts and allow us insight on how to implement RBT into our management system.

The National Integrated Accreditation for Healthcare Organizations (NIAHO®) includes risk in QM6.SR5c for Goal measurement/Prioritization of Activities to include “high risk, problem-prone….processes, functions and areas”.  QM8SR2c states that we need “defined processes to reduce risk”.  And a proposed Annex to NIAHO® is entitled “Safety Risk Management”.   DNV-GL Healthcare incorporates risk into the NIAHO® standard in many areas, therefore risk-based thinking becomes a strong synergy to help us sustain our patient safety environment.  This sustainable environment is made stronger when our process and risk integration is highly reliable.

Get familiar with RBT.  Understand the integration of RBT with your current risk position from NIAHO.  Neither ISO 9001 nor NIAHO® require a risk-management framework, such as ISO 31000.  Take the time to understand RBT.  Maximize it’s value to patient safety by integrating with your process management.  Once you can maximize the value, consider an ISO 31000 based enterprise risk-management framework.

The success of RBT in hospitals is directly related to the commitment of leadership to the effective planning, implementation and maintenance of our management system.  Leadership requirements in 2015 are now expanded.  Objectives in the QMS are now required to integrate with strategic business objectives.  This alignment should ensure that we now have one management system in our hospitals.  This system should integrate, quality, risk, finance and operations into a single hospital management system.  As committed healthcare providers, we want ensure confidence in our services.  Our services are more reliable when our processes are in control and risk has been mitigated through effective risk-based thinking.

Bio:

Ted Schmidt is a Pharmacist, a Certified Enterprise Risk Manager (CERM©), and a Senior Advisor with BlueSynergy Associates, LLC.  BlueSynergy Associates maximize innovation, experience and customer perspective to reduce risk and make hospitals a safer environment. He currently advises and instructs hospitals in quality, risk, safety and environmental management systems.  Ted led the largest ISO 9001 implementation in healthcare at the Veterans Administration.  He is a Senior Member of the American Society for Quality and a certified Lead Auditor in quality management systems by Exemplar Global.  He can be reached by email at tschmidt@bluesynergyassociates.com. Follow BlueSynergy on LinkedIn and Twitter

Leave a Reply

Your email address will not be published. Required fields are marked *