![]() To combat this, the aviation industry pioneered efforts at developing a near-miss culture, where carefully studying incidents, even when no negative outcome occurred, is a central focus. Namely it’s the idea that mistakes, even tiny ones, can put lives at risk. The aviation industry shares at least one critical aspect with healthcare. Challenges with establishing a near-miss culture The drastically different risks faced by healthcare organizations means that standard methods of control used in other settings may not be adequate for their needs. The constant interaction with people in pain, on drugs, and/or with mental health issues explains the discrepancy in rates of workplace violence when compared to other industries. The commission notes that the voluntary nature of reporting means that even this drastic figure is likely underreported. industries last year.” Outsized impacts from workplace violenceĪccording to an OSHA report cited by the Joint Commission, 75% of annual workplace assaults occur in healthcare and social service settings. As a result, “The healthcare industry was the victim of 88% of all ransomware attacks in U.S. Criminals know this, and play on the industry’s tendency to pay off ransomware demands. While many businesses would suffer devastating losses if critical systems were locked out via a ransomware attack, any downtime in a healthcare setting can actually mean life and death. ![]() The second factor relates to the critical role that technology plays in healthcare operations. This explains why some reports claim there has been an average of one health data breach per day this year. Healthcare institutions are essentially banks of PII in terms of the data they are obliged to store. Two factors create an exponentially greater risk of cyber attacks.įirst, as the infamous outlaw Willie Sutton may (or may not) have replied when asked why he robbed banks, “Because that’s where the money is.” Personally identifiable information (PII) data is the most valuable on the black market due to its linkage to identify theft. Similarly, the long educational cycles and complex certification processes associated with much of the healthcare workforce makes mitigating labor shortages and talent gaps that much more difficult. ![]() Notable examples include:Īdditionally, given the critical role that these institutions play during natural disasters (and the need to stay open when others relocate), their disaster response plans are pressure tested in ways that other organizations can often avoid. ![]() Part of the reason that an ERM approach can be difficult in healthcare is because the industry faces amplified risk profiles in several key areas, with risk levels that are well above those faced by other industries. ![]() The current state for most providers falls between ‘basic’ and ‘evolving’ maturities for ERM programs.” Confounding factors for the healthcare industry The NEJM Catalyst article cites a report from Healthcare Financial Management Association (HFMA) that states, “Despite the growing importance of programs today, and the raised awareness of their importance, many healthcare providers have been slow to adopt a more sophisticated approach. The road to fully functional ERM programs, however, has proven to be a challenging one for most healthcare organizations. This demand for an expanded view of healthcare risks has fueled the demand for Enterprise Risk Management (ERM) solutions. An article in the New England Journal of Medicine’s (NEJM) Catalyst blog notes, “For these reasons, hospitals and other healthcare systems are expanding their risk management programs from ones that are primarily reactive and promote patient safety and prevent legal exposure, to ones that are increasingly proactive and view risk through the much broader lens of the entire healthcare ecosystem.” ![]()
0 Comments
Leave a Reply. |