By
Ryhan Ebad

Introduction
Hospitals treat thousands of people every day. There are
risks involved in the treatment of patients, the
management of staff and the running of hospitals and
clinics.
Human error, poor organisation and lack of clarity on
management arrangements are all risks. Errors and
accidents can cause discomfort, cost money, jobs and in the
most extreme cases, lives.

 Is a systematic identification and treatment of risk.
 Is a logical and systematic method of identifying,
analyzing, treating and monitoring the risks involved in
any activity or process.
 Is a continuous process of reducing risk to organisations
and individuals alike.
 Assures statutory responsibility to manage and monitor
health & safety, corporate and clinical risk.
 Is a standardised process used in business and industry to
reduce injuries, errors, faults and accidents and at the
same time improve quality.
Risk Management

Who Uses Risk Management?
Risk Management practices are widely used in public and
the private sectors, covering a wide range of activities or
operations.
These include:
• Finance and Investment
• Insurance
• Health Care
• Public Institutions
• Governments

How is Risk Management Used?
The Risk Management process steps are a
generic guide for any organization, regardless of
the type of business, activity or function.
There are 7 steps in Risk Management
Approaches.

1. Establish the context
2. Identify the risks
3. Analyze the risks
4. Evaluate the risks
5. Treat the risks
Risk is dynamic and subject to constant change,
so the process includes continuing:
6. Monitoring and review
7. Communication and consultation
Risk Management Approaches

Step 1: Establish the Context
The strategic and organizational context in which risk
management will take place.
How will you assess and analyse the risk? What are the
criteria you will use to judge the likelihood and
consequences of risk?
For example, the nature of your business, the risks
inherent in your business and your priorities.

Step 2: Identify The Risks
Defining types of risk, for instance, ‘Strategic’ risks to
the goals and objectives of the organization.
What could stop you achieving your objectives and
outcomes?
• Identifying the stakeholders, (i.e., who is involved or
affected).
• Past events, future developments.

Step 3: Analyze The Risks
How likely is the risk event to happen? (Probability and
frequency?)
What would be the impact, cost or consequences of
that event occurring? (Economic, political, social?)
Are our existing risk controls working and what are the
potential consequences of risks happening?

Step 4: Evaluate The Risks
Rank the risks according to management priorities, by
risk category and rated by likelihood and possible cost
or consequence.
Determine inherent levels of risk.
What is the balance between potential benefits and
adverse outcomes of managing these risks?

Step 5: Treat the Risks
Develop and implement a plan with specific counter-measures to address the
identified risks.
How can we develop and implement specific cost-effective strategies to
increase benefits and reduce potential costs?
Consider:
• Priorities (Strategic and operational).
• Resources (human, financial and technical).
• Risk acceptance, (i.e., low risks).
 Document your risk management plan and describe the reasons behind
selecting the risk and for the treatment chosen.
 Record allocated responsibilities, monitoring or evaluation processes, and
assumptions on residual risk.

Step 6: Communicate and Consult
Who will need to know about and be involved at each
stage of the risk management process?

Step 7: Monitor and Review
 In identifying, prioritizing and treating risks, organizations
make assumptions and decisions based on situations that are
subject to change, (e.g., the business environment, trading
patterns, or government policies).
 Are we achieving the right outcomes and how do we know?
 Risk Management policies and decisions must be regularly
reviewed.
 Risk Managers must monitor activities and processes to
determine the accuracy of planning assumptions and the
effectiveness of the measures taken to treat the risk.
 Methods can include data evaluation, audit, compliance
measurement.

How Do I Identify Risk ?
Some hazards and risks are easy to identify; faulty electrical
sockets, unsafe flooring or in-patients not having name
bracelets.
Others risks are more difficult to recognise; contaminated
surfaces, a mistake during a rushed staff handover,
medication allergies, or common practice to make
something quicker or easier that raises the risk of
something going wrong.
You want it to be routine for staff to know how to identify
and report clinical risk, poor practice or faulty machinery.

Risk Identification
If you are trying to identify risks it is important to think
about how things happen in your work area.
You need to use up-to-date, accurate information about
how your service works, if possible from both staff and
patients.
This could be recent incidents, audits, questionnaires,
complaints or the views of those who visit your work area.

 What could happen?
 When and where could it happen?
 How and why could it happen?
 How can we prevent or minimise risk of this happening?
 How you identify risks and who you involve will depend
on whether you are looking at a specific ward/team area
or at a more strategic, organisational level. Its useful to
involve others in identifying risk as this gives you
different perspectives on the same situation.
Identifying Risks Is About Asking:

Approaches to Identify Risk Can Include:
 Brainstorming on possible risks in a facilitated session.
 Mapping out the processes and procedures of the ward
or the patient journey on a wall chart and ask staff to
identify risks at each stage.
 Drawing up a checklist of risks and asking for feedback.
If you are looking for help or training on how to identify risks in your work
area you should discuss this with your manager, risk management staff and/or
clinical governance staff in your organisation.

 Step 1 Build a safety culture.
 Step 2 Lead and support your staff.
 Step 3 Integrate your risk management activity.
 Step 4 Promote reporting.
 Step 5 Involve and communicate with patients and the
public.
 Step 6 Learn and share safety lessons .
 Step 7 Implement solutions to prevent harm.
Seven Steps to Patient Safety

Managing Risk
Risk can be managed at two overlapping levels:
1. Strategic/management level.
2. Day-to-day staff/patient operational level.

Potential Causes of Risk
Risk management in healthcare includes the whole
spectrum of things that could and can go wrong.
It includes:
 Slips, trips and falls involving staff, patients and the
public.
 Administrative errors that impact on patient care.
 Clinical incidents that have a direct effect on the
outcome of patient care.

Risk Management and Patient Safety
 Risk management has been influenced by the growing
awareness of the number of errors, incidents and near-
misses that happen in healthcare and the effect on the
safety of patients. Traditionally, risk management has
been about professional and organisational performance
and systems - the financial or corporate cost of making
mistakes.
 Patient Safety aims to improve the safety and quality of
care through reporting, analysing and learning from
patient safety incidents and 'near misses' involving
hospital patients.

Risk Management and Patient Safety Correlation
Past Present
Clinical risk management Patient safety
Competence Performance
Individual oriented Team and systems oriented
Voluntary code Regulatory framework
Clinician centred Patient centred

Health and Safety
Health and safety is part of risk management and is a
statutory requirement on all employers, employees and self
employed contractors. It involves preventing people from
being harmed or becoming ill as a result of work activities
by:
 Minimising risks to health.
 Taking the right precautions.
 Providing a satisfactory working environment.

How do I Assess or Analyse Risk?
Looking closely at what causes risks to happen helps us
understand and manage why they occur.
Analysis of risks can take place at a number of levels;
 it can be about a particular clinical process such as minor
surgery.
 the storage of hazardous materials in a health centre or
the financial status of an organisation.
Risks can also be analysed at different stages in a process,
such as before and during treatment.

Risk Assessment
Risk assessment involves understanding and knowing what
to do if the risk occurs by:
 Identifying in advance potential hazards and risks.
 Deciding who or what might be harmed and how.
 Evaluating the risks and deciding whether the existing
precautions are adequate or whether more should be
done.
 Recording your findings and implementing them.
 Reviewing your assessment and revising it if necessary.

Analysing Risks Will involve Looking At:
 What controls do we have in place to prevent a risk
occurring?
 What is the consequence of a risk occurring?
 What is the likelihood of a risk occurring?
 What is the level of risk in light of these
considerations?

Five Steps to Risk Assessment
Risks at your workplace can be assessed by the follow the
five steps:
Step 1 Identify the hazards.
Step 2 Decide who might be harmed and how.
Step 3 Evaluate the risks and decide on precautions .
Step 4 Record your findings and implement them.
Step 5 Review your assessment and update if necessary .

Tips…..
 Don’t overcomplicate the process.
 In many organisations, the risks are well known and
the necessary control measures are easy to apply.
 You probably already know whether, for example, you
have employees who move heavy loads and so could
harm their backs, or where people are most likely to
slip or trip.
 If so, check that you have taken reasonable
precautions to avoid injury.

Remember……
When thinking about your risk assessment:
 A hazard is anything that may cause harm, such as
chemicals, electricity, working from ladders, an
open drawer etc.
 The risk is the chance, high or low, that somebody
could be harmed by these and other hazards,
together with an indication of how serious the harm
could be.

Step 1: Identify The Hazards
First you need to work out how people could be harmed.
When you work in a place every day it is easy to overlook
some hazards, so here are some tips to help you identify
the ones that matter:
 Walk around your workplace and look at what could
reasonably be expected to cause harm.
 Ask your employees or their representatives what they
think. They may have noticed things that are not
immediately obvious to you.
 Refer to the manuals and other materials to practical
guidance on where hazards occur and how to control
them .

Identify Hazards
 Check manufacturers’ instructions or data sheets for
chemicals and equipment as they can be very helpful in
spelling out the hazards and them in their true
perspective.
 Have a look back at your accident and ill-health records
– these often identify the less obvious hazards.
 Remember to think about long-term hazards to health
(eg high levels noise or exposure to harmful substances)
as well as safety hazards.

Step 2: Decide Who Might Be Harmed and How
For each hazard you need to be clear about who might be
harmed; it will help you identify the best way of managing
the risk. That doesn’t mean listing everyone by name, but
rather identifying groups of people (eg ‘people working in
the storeroom’ or ‘passers-by’). In each case, identify how
they might be harmed, i.e. what type of injury or ill health
might occur. For example, ‘shelf stackers may suffer back
injury from repeated lifting of boxes’.

Who Might Be Harmed
Remember:
 Some workers have particular requirements, e.g., new and
young workers, or expectant mothers and people with
disabilities may be at particular extra thought will be needed
for some hazards.
 Cleaners, visitors, contractors, maintenance workers etc,
who may workplace all the time.
 Members of the public, if they could be hurt by your
activities; if you share your workplace, you will need to think
about how your others present, as well as how their work
affects your staff – talk.
 Ask your staff if they can think of anyone you may have
missed.

Step 3: Evaluate The Risks and Decide On Precautions
Having spotted the hazards, you then have to decide what
to do about them. It is required of you to do everything
‘reasonably practicable’ to protect people from harm. You
can work this out for yourself, but the easiest way is to
compare what you are doing with good practice.
So first, look at what you’re already doing, think about what
controls you have in place and how the work is organized.
Then compare this with the good practice and see if there’s
more you should be doing to bring yourself up to standard.

A Table Like This To Set A Level of Risk.
You must define what these risk levels mean to you.
Extreme Very High Moderate Low Negligible
Almost
certain
Severe Severe High Major Moderate
Likely
Severe High Major Significant Moderate
Moderate High Major Significant Moderate Low
Unlikely Major Significant Moderate Low Very low
Rare Significant Moderate Low Very low Very Low

Decide on Precautions
In asking yourself this, consider:
 Can I get rid of the hazard altogether?
 If not, how can I control the risks so that harm is unlikely?
When controlling risks, apply the principles below, if possible
in the following order:
 Try a less risky option (e.g. switch to using a less hazardous
chemical).
 Prevent access to the hazard (e.g. by guarding).
 Organize work to reduce exposure to the hazard (e.g. put
barriers between pedestrians and traffic).
 Issue personal protective equipment (e.g. clothing, footwear,
goggles etc).
 Provide welfare facilities (e.g. first aid and washing facilities
for removal of contamination).

It Is Good to Know
 Improving health and safety need not cost a lot.
For instance, placing a mirror on a dangerous blind corner
to help prevent vehicle accidents is a low-cost precaution
considering the risks.
 Failure to take simple precautions can cost you a lot
more if an accident does happen.
 Involve staff, so that you can be sure that what you
propose to do will work in practice and won’t introduce
any new hazards.

Step 4: Record Your Findings and Implement Them
 Putting the results of your risk assessment into practice
will make a difference when looking after people and
your business.
 Writing down the results of your risk assessment, and
sharing them with your staff, encourages you to do this.
 When writing down your results, keep it simple, for
example ‘Tripping over rubbish: bins provided, staff
instructed, weekly housekeeping checks’, or ‘Fume from
welding: local exhaust ventilation used and regularly
checked’.

Record Your Findings
We do not expect a risk assessment to be perfect, but it
must be suitable and sufficient. You need to be able to
show that:
 A proper check was made.
 You asked who might be affected .
 You dealt with all the significant hazards, taking into
account the number of people who could be involved.
 The precautions are reasonable, and the remaining risk is
low.
 You involved your staff or their representatives in the
process.

A Good Action Plan
A good plan of action often includes a mixture of different things such as:
 A few cheap or easy improvements that can be done quickly, perhaps as a
temporary solution until more reliable controls are in place.
 Long-term solutions to those risks most likely to cause accidents or ill
health.
 Long-term solutions to those risks with the worst potential consequences
 Arrangements for training employees on the main risks that remain and
how they are to be controlled.
 Regular checks to make sure that the control measures stay in place.
 Clear responsibilities – who will lead on what action, and by when.
Remember, prioritize and tackle the most important things first. As you
complete each action, tick it off your plan.

Step 5: Review Your Risk Assessment and Update If Necessary
Few workplaces stay the same. Sooner or later, you will
bring in new equipment, substances and procedures that
could lead to new hazards. It makes sense, therefore, to
review what you are doing on an ongoing basis. Every year
or so formally review where you are, to make sure you are
still improving, or at least not sliding back.
Look at your risk assessment again. Have there been any
changes? Are there improvements you still need to make?
Have you or your coworkers spotted a problem? Have you
learnt anything from accidents or near misses? Make sure
your risk assessment stays up to date.

Update Risk Assessments
When you are running a business it’s all too easy to forget
about reviewing your risk assessment – until something has
gone wrong and it’s too late. Why not set a review date for
this risk assessment now? Write it down and note it in your
diary as an annual event.
During the year, if there is a significant change, don’t wait.
Check your risk assessment and, where necessary, amend
it. If possible, it is best to think about the risk assessment
when you’re planning your change – that way you leave
yourself more flexibility.

Thank You