Analysis of a Risk Management Program in the Healthcare Setting.

Analysis of a Risk Management Program in the Healthcare Setting.


Analysis of a Risk Management Program in the Healthcare Setting

Risk management can be defined as the identification, prevention, and reduction of the impact of risks that can be reasonably expected to befall the organization. Organizations such as healthcare organizations are exposed to various forms or categories of risks.Analysis of a Risk Management Program in the Healthcare Setting.


These range from fiscal leakages, financial penalties from regulatory bodies, litigation for medical errors and malpractice (financial settlement), loss of revenue due to incorrect billing, high employee turnover, and so on. The presence of these risks is a threat to the existence of the organization. This is because the actualization of a risk may spell the end of the organization in more than one way. For instance, unmitigated medical errors and malpractice may result in a succession of suits that cripple the organization financially and also in terms of reputation. An organization whose reputation has been spoilt will not be able to compete in the marketplace because customers who are the patients will be afraid of consuming their services.Analysis of a Risk Management Program in the Healthcare Setting. This is the reason why risk management is an important component of the strategic objectives of any organization. It saves the organization resources, particularly fiscal resources. Many risk management programs exist, but the overriding characteristic of them all is that they must be able to detect risk early and prevent it from occurring (Infosec, 2020; NEJM Catalyst, 2018; Alam, 2016). Some of the most important risk management programs are those related to the quality of care (patient safety and practitioner certifications) as well as patient information privacy and security or HIPAA (Strategic Management Services, 2008). This paper discusses the risk management program related to claims development and submission in the context of reimbursements.Analysis of a Risk Management Program in the Healthcare Setting.

A Summary Description of the Risk Management Plan Chosen and the Rationale

According to Strategic Management Services (2008), the process of preparing and submitting claims for reimbursement is the single most important risk area for healthcare organizations. This is because this process forms the financial lifeblood of the organization. All revenues can directly be attributed to the efficiency or otherwise of this process. A slight mistake in procedure coding or billing can result in direct financial losses or indirect losses through penalties.Analysis of a Risk Management Program in the Healthcare Setting. The specific areas that this risk management program addresses are duplicate billing, wrong procedure coding inaccurate coding, defective billing, and incorrect/ improper claims (Leon-Chisen, 2018; AHIMA, n.d.). The consequences of not controlling and mitigating these risks include several categories of regulatory fines and penalties. The rationale for choosing this particular risk management program is that it touches on the financial stability of the organization and that is where the strength of the organization lies.Analysis of a Risk Management Program in the Healthcare Setting.

Comparison of Standard Risk Management Program Administrative Steps and Processes with Those in the Example

            Risk management is a systematic process that follows well-defined steps. In other words, risk management is a science and does not just depend on happenstance. There are five distinct but interrelated steps involved in any risk management program. According to Thomas (2020), these are:

  1. Risk identification

This is the first step in any risk management program. At this stage, the organization is running well without any problems threatening its existence. However, there are potential threats always lurking somewhere. It is these threats that are identified before they become a reality. For instance, several cases of incorrect coding and billing that receive warnings from the Centers for Medicare and Medicaid Services (CMS). Compared to the example, this step is specific and also has a specific goal.Analysis of a Risk Management Program in the Healthcare Setting.

  1. Risk analysis

In this step, the risk identified in step 1 is analyzed further to determine its strength and likelihood of occurrence. The likely impact it may have on the organization if it happened is also underscored. The possible causative factors and mitigating factors may also be considered at this stage. It is also at this step that it is determined whether this risk is a risk that can be eliminated completely or just mitigated (some risks cannot be completely eliminated, such as the risk of a competitor). In the context of this paper, an example is the risk of penalties by the CMS which can be eliminated through proper training of coders. This step is the same as that found in the example.Analysis of a Risk Management Program in the Healthcare Setting.

  • Risk evaluation and ranking

In step III the risk is evaluated, measured, and ranked in order of severity and priority. It is in the best interest of the organization to deal with the most pressing and potentially devastating risks before considering the more mundane ones. Ranking the risks also helps with the smooth implementation of planned mitigating measures. This step is congruent with the one found in the example.

  1. Risk treatment

In this fourth step, the risk is handled by way of coming up with measures that attempt to remove the threat. For instance, to remove the threat of losing revenue through incorrect procedure coding the organization may organize for upskilling training on site for its coders. This step is also congruent with that one found in the example.Analysis of a Risk Management Program in the Healthcare Setting.

  1. Risk monitoring and review

As stated above, not all threats can be eliminated. It is for this reason that after implementing mitigation measures or solutions for identified threats, it is important to monitor their progress and trajectory. This allows for the implementation of fresh mitigation measures when the threat levels rise again. For instance, some degree of billing errors is expected to remain because of the human element in data entry. However, the rates should be kept at the lowest level possible. Monitoring allows for the review of measures instituted to curb the threats. This step is also in sync with the one found in the example.Analysis of a Risk Management Program in the Healthcare Setting.

Key Regulatory Agencies and Organizations and Their Roles in the Risk Management Oversight Process

In order to effectively carry out risk management, healthcare organizations depend on the input of different organizations that play different roles in mitigating these risks. These roles can be direct or indirect by association. In the case of the risk management program chosen for this case, some of these organizations and their roles are:

  1. The American Health Information and Management Association (AHIMA): The aim of this organization is to improve the quality of all medical records. It was founded in 1928 and brings together healthcare professionals whose specialty is health information management (HIM) such as coders and nurse informaticists (AHIMA, n.d.). The AHIMA certification and accreditation is important in helping with risk management associated with medical records such as billing and coding.
  2. The Centers for Medicare and Medicaid Services: This is a payer organization whose role in the risk management associated with billing, coding, and claims for reimbursement cannot be overemphasized.    Analysis of a Risk Management Program in the Healthcare Setting.
  3. The Joint Commission on Accreditation of Healthcare Organizations (JCAHO): This is a quality assurance organization that also gives accreditation to healthcare institutions that have shown excellence in the provision of quality healthcare services. The role it plays in risk management is that it serves as a deterrent to organizations that would otherwise been lax in enforcing quality improvement measures.Analysis of a Risk Management Program in the Healthcare Setting.

Risk Management Plan Compliance and Proposed Recommendations

There are specific requirements by the Medicare Improvements for Patients and Providers Act or MIPPA in terms of the processes and procedures for billing for several procedures. To a large extent, the example risk management plan is in compliance with MIPPA-approved accrediting body standards (ACR Support, 2020). This can be seen in its outlined steps and how each is expected to be implemented. The proposed recommendations to enhance, improve, and secure compliance standards include (i) having internal audits, and (ii) audits having the ability to identify weaknesses in the coding and billing procedures.Analysis of a Risk Management Program in the Healthcare Setting.


ACR Support (December 17, 2020). The Medicare Improvements for Patients and Providers Act (MIPPA) (Revised 12-17-2020).

Alam, A.Y. (2016). Steps in the process of risk management in healthcare. Journal of Epidemiology and Preventive Medicine, 2(2), 118.

American Health Information Management Association [AHIMA] (n.d.). American Health Information Management Association (AHIMA).

Infosec (2020). Risk management in healthcare.

Leon-Chisen, N. (2018). ICD-10-CM and ICD-10-PCS coding handbook 2019, revised ed. Health Forum, Inc.

NEJM Catalyst (2018). What is risk management in healthcare?

Strategic Management Services (2008). Hospital risk management program: Ten risk categories for the four-step process. Strategic Management Services.

Thomas, C. (May 4, 2020). Five steps in the risk management process.

Analysis of a Risk Management Program in the Healthcare Setting.