Uncovering the Bigger Picture of Healthcare Risk
By Riskonnect
How healthcare provider organizations can operationalize enterprise risk management
Healthcare provider organizations (HPOs) often overlook the vital connection between traditional risk management activities—including patient safety, compliance, and quality—and broader enterprise risk management (ERM) efforts. This oversight is primarily due to data, operational, and technology silos within the risk landscape. “Consequently, providers find themselves managing risk in a fragmented manner, hindering their ability to view their entire risk profile,” says Jay Lechtman, vice president of strategy and innovation for healthcare at Riskonnect.
During a recent webinar titled “Connecting The Dots: How to Achieve a Comprehensive and Holistic View of Risk,” supported by Riskonnect and Salesforce AppeExchange, Lechtman emphasized the significance of fully operationalizing healthcare ERM. He also shared insights on overcoming barriers and strategies for developing a fully integrated risk management program. Here are the session highlights.
Unraveling the complexity of ERM
Lechtman points out that hospitals and health systems face significant challenges from disjointed risk management areas and activities that lack interrelation and technological interoperability. He identifies two primary reasons:
- Limited Familiarity with ERM: Enterprise risk management is relatively new to the healthcare industry, formally introduced in 2014. Lechtman explains that healthcare’s well-established clinical risk management audience is still becoming acquainted with ERM. Consequently, ERM is often initiated within the compliance department, focusing on information security, legal matters, and financial issues. “Unfortunately, this approach inadvertently creates silos around strategic, financial, and operational risks, further segregating traditional risk management,” he says.
- Disparate Tech Solutions: Lechtman says these challenges are exacerbated by the fact that traditional risk management also has its own technology stacks in the following areas:
- Patient safety
- Patient compliance
- Patient experience
- Provider quality management
- Peer review
- Credentialing
He estimates that the average provider organization relies on five to fifteen technology systems for risk management. Lechtman explains that these technologies are not designed to share data, functionality, and workflows with each other. He further clarifies, “Analytics capabilities within each system are usually confined to their specific data sets, lacking an automated means to connect the dots and understand the interconnectedness of different risk areas.”
Creating a unified risk management approach
To tackle these challenges, Lechtman recommends that HPOs adopt integrated risk management strategies that connect the different risk domains to create a more comprehensive view of organizational risk. He underscores the value of thinking holistically and connecting leading indicators to potential risks. “This approach has enormous benefits,” he notes. For instance, by focusing on prevention, organizations can enhance their risk and claims management processes over time, resulting in cost reductions and improvements. “Through connectivity providers can monitor interventions in real-time, ensuring their effectiveness and sustainability, ultimately leading to significant operational improvements.”
Lechtman shares an example where a Riskonnect client achieved a nearly 300% return on investment three years after implementing an integrated risk management solution, amounting to approximately $1.8 million in cost savings. “This client witnessed notable savings in two key areas, including a 55% increase in efficiency due to the automation of manual tasks and an additional 55% percent savings from improved risk avoidance,” Lechtman explains.
Recognizing the significance of technology, Lechtman underscores the value of adopting a technology model similar to the electronic health record (EHR). “Providers view their EHR as a central source for clinical information, whether it is generated organically within the EHR or integrated from other data sources. The EHR sets an example for other functional technologies within healthcare to follow,” he says.
Accordingly, Lechtman suggests HPOs consolidate their risk management model onto a single platform, enabling them to establish a unified source of truth for all risk-related matters. “Utilizing a single platform that combines risk identification with all the operational activities associated with risk is a far superior approach compared to piecing together up to 15 different solutions attempting to achieve the same outcome,” says Lechtman. Furthermore, he adds, “Providers are recognizing the significant operational benefits of implementing integrated risk management, whether independently or with the support of a technology solution.”
Embracing a visionary mindset
Lechtman also highlights a large Midwestern academic medical system currently redesigning its overall safety and risk management structure. The system is organized around three core principles: patients, providers, and the institution as a whole. “By establishing comprehensive visibility around each of these three areas, they enable real-time management and gain a deeper understanding of the relationships among stakeholders and how they impact one another.” Lechtman emphasizes that the key takeaway from this health system is to “think big” in managing risk and consider the capabilities and flexibility of the technology used.
Moreover, Lechtman proposes that the next-level of risk management entails integrating a single, unified risk management platform with patient and provider relationship management solutions. This integration includes equipping call center agents with patient-specific risk data, including past grievances, safety incidents, claims, and lawsuits. By leveraging this data, agents can make informed decisions that contribute to a positive patient experience. “The ultimate objective is to provide an end-to-end solution that connects risks with activities and workflows designed to prevent risks from happening or reduce their likelihood,” says Lechtman.