| Operational | The business of healthcare is the delivery of care that issafe, timely, effective, efficient, and patientcentered withindiverse populations. Operational risks relate to those risksresulting from inadequate or failed internal processes, people, orsystems that affect business operations. Included are risks relatedto: adverse event management, credentialing and staffing,documentation, chain of command, and deviation from practice. |
| Clinical / Patient Safety | Risks associated with the delivery of care to residents,patients and other healthcare customers. Clinical risks include:failure to follow evidence based practice, mediation errors,hospital acquired conditions (HAC), serious safety events (SSE),and others. |
| Strategic | Risks associated with the focus and direction of theorganization. Because the rapid pace of change can createunpredictability, risks included within the strategic domain areassociated with brand, reputation, competition, failure to adapt tochanging times, health reform or customer priorities. Managed carerelationships/partnerships, conflict of interest, marketing andsales, media relations, mergers, acquisitions, divestitures, jointventures, affiliations and other business arrangements, contractadministration, and advertising are other areas generallyconsidered as potential strategic risks. |
| Financial | Decisions that affect the financial sustainability of theorganization, access to capital or external financial ratingsthrough business relationships or the timing and recognition ofrevenue and expenses make up this domain. Risks might include:costs associated with malpractice, litigation, and insurance,capital structure, credit and interest rate fluctuations, foreignexchange, growth in programs and facilities, capital equipment,corporate compliance (fraud and abuse), accounts receivable, daysof cash on hand, capitation contracts, billing and collection. |
| Human Capital | This domain refers to the organization’s workforce. This is animportant issue in today’s tight labor and economic markets.Included are risks associated with employee selection, retention,turnover, staffing, absenteeism, on-the-job work-related injuries(workers’ compensation), work schedules and fatigue, productivityand compensation. Human capital associated risks may coverrecruitment, retention, and termination of members of the medical-and allied-health staff. |
| Legal / Regulatory | Risk within this domain incorporates the failure to identify,manage and monitor legal, regulatory, and statutory mandates on alocal, state and federal level. Such risks are generally associatedwith fraud and abuse, licensure, accreditation, product liability,management liability, Centers for Medicare and Medicaid Services(CMS) Conditions of Participation (CoPs) and Conditions forCoverage (CfC), as well as issues related to intellectualproperty. |
| Technology | This domain covers machines, hardware, equipment, devices andtools, but can also include techniques, systems and methods oforganization. Healthcare has seen an explosion in the use oftechnology for clinical diagnosis and treatment, training andeducation, information storage and retrieval, and assetpreservation. Examples also include Risk Management InformationSystems (RMIS), Electronic Health Records (EHR) and Meaningful Use,social networking and cyber liability. |
| Hazard | This ERM domain covers assets and their value. Traditionally,insurable hazard risk has related to natural exposure and businessinterruption. Specific risks can also include risk related to:facility management, plant age, parking (lighting, location, andsecurity), valuables, construction/renovation, earthquakes,windstorms, tornadoes, floods, fires. |
| |
