Risk management is defined as the culture, processes and structures that are directed towards realising potential opportunities while managing adverse effects (AS/NZ ISO 31000:2009).
The concept of risk has two elements
- The likelihood of something happening.
- The consequences for your business/practice if it happens.
Risk management should also be integrated into a practice’s philosophy, policies and strategic plan, rather than viewed or practiced as a separate program or ‘add-on’ only if time permits. All staff have a responsibility to be involved actively in practice risk management.
The delivery of healthcare in Australia has changed significantly over the last two decades. Many practices are group practices and most are fully computerised and employ both clinical and administrative staff. Patients today have unlimited access to information and communication. This has resulted in practice managers and doctors not only facing new risks but there are recurring patterns and areas of risk. The most common of these in the Australian context include:
- patient safety
- staff safety (WHS)
- professional reputation
- practice and practitioner financial viability
- principal, practitioner and staff health
- computer systems and IT security
- confidentiality and privacy
- fraud
- organisational risk
- compliance, corporate and clinical governance
- business interruption.
- customer quality
- legal risks
- project risks
- strategic/political risks