There is risk in everything we do—in 9-1-1 and non-emergency responses, in air medical and critical care transports, each specialty with its own peculiarities. The goal of any risk management program is to reduce an agency’s exposure to risk and provide a safe environment for its employees, visitors and patients. The results of a well-functioning risk management plan should be a reduction of the hazards to which members of the service are exposed and protection of the physical and financial assets of the organization.
The basic steps to any risk management process include:
• Identifying the risk—What are the things that will harm us?
• Prioritizing the risk—How often do such things happen?
• Quantifying the risk potential—How bad might it be if something happens?
• Implementing controls and mitigation strategies—What can be done to lessen the effect or prevent a risk from happening?
• Evaluate and revise the process—Did my strategies work?
What Threatens You?
Start by making a list of potential risks. Include all departments: billing, operations, communications and administration. Examine incident reports and quality assurance audits. Talk with your insurance carriers. Focus on incidents categorized as high-frequency/high-severity. Typically this will be motor vehicle collisions, worker comp cases, stretcher drops, patient injuries and lawsuits.
Once you’ve identified your risks, the management team needs to develop mitigation strategies. This includes development of policies and procedures to define the system’s standard of care and detail how operations are to be conducted. These may cover things like driving standards, dispatch protocols, hiring practices and competency standards. Operations and clinical departments should attempt to track infectious exposure reports, incident reports, customer complaints, protocol violations, medication errors, near-miss events and equipment malfunctions. Look for trends and patterns to predict future occurrences. As an example, there may be vehicles that do not start in cold weather, or a series of near-misses involving a particular medication.
What to Do About It
There are several methods for controlling identified risks, each having its own strengths and weaknesses.
In exposure avoidance, we choose not to engage in a particular activity. For example, a system may choose not to have specially trained EMS providers for tactical responses. This may reduce the likelihood of an EMS exposure to violence, but it may cause issues within the emergency services community if you are a sole provider. Avoidance is not always possible; therefore, you must also attempt to control risk utilizing other strategies.
Segregation of loss exposures involves structuring your activities and resources in such a way that if an incident occurs, it does not affect the entire organization. This may include using multiple vendors for medication supplies or fleet services, or storing supplies at individual posts in addition to a centralized warehouse.
Risk transfer essentially entails getting someone else to do it for you. An example would be having another agency staff your PSAP, thus assuming the liability for call screening. You may also transfer the financial liability for an activity you wish to retain through the purchase of insurance from a third party.
Another option is risk retention, which means deciding how much risk you want to assume. Will you go self-insured and be responsible for first dollar on all losses, but still purchase insurance for excess coverage? Many agencies are becoming self-insured for auto accidents and worker compensation claims.
When Something Happens
Once an event occurs, there are things you should do immediately to lessen the impact on your organization and prevent future occurrences. First initiate an investigation. Take statements from involved employees and get copies of call reports, incident reports and police reports, as well as all recordings (dispatch tapes from all involved agencies, medical control recordings), photographs and video. Gather copies of current SOPs, memos and policies that pertain to the incident. Secure quality assurance records too, but check with your legal counsel on how to maintain the confidentiality of these documents, particularly if you may be named in a lawsuit. Keep these files in a secure area.
The purpose of the internal investigation is to identify what part of the process failed and propose new methods for preventing bad outcomes. As an example, say a crew drops a patient to the ground while unloading them from an ambulance. The crew should notify a manager, secure an RMA for the event (assuming the patient does not complain of an injury), notify the receiving facility of the event and document the name of the person accepting the report. The stretcher should be taken out of service and evaluated by a qualified technician. A manager should follow up with patient to ensure there are no additional complaints or issues.
While many systems do not have the resources for a full-time risk manager, this should not limit their implementation of risk reduction techniques. Risk management principles can and should be practiced by every member of the organization.
Other resources include your insurance carrier. They will have historical and comparative data that can help you benchmark yourself against the Bureau of Labor Statistics database, which is available on their website. Another readily available resource is National Fire Protection Association. The American Society of Health Risk Managers offers a certification program that covers the entire spectrum of risk management in the healthcare setting. Lastly, do not forget to explore the Occupational Safety and Health Administration’s website. OSHA has posted resources including downloadable training programs, e-tools and templates.
Peter I. Dworsky, MPH, EMT-P, is corporate director of support services for New Jersey’s MONOC Mobile Health Services, where he oversees special operations and safety and risk management. He has been involved in many aspects of EMS and emergency management since 1985.