3 Definition of Risk Risk is the probability or threat of any negative occurrence caused by internal or external vulnerabilities interfering with achieving objectives that may be mitigated or avoided by preemptive action.
4 What areas in Texas Tech University Health Sciences Center expose us to risk?
5 Areas of Risk Operational: Maintaining a successful core business operation. Financial: Earning, raising or accessing new capital. Human: Managing human resource issues such as hiring, terminating, employee compensation or conflict resolution. Strategic: Achieving and expanding our objectives while meeting emerging challenges. Legal / Regulatory: Meeting statutory and regulatory compliance. Technological / Research: Developing new informational technology and biomedical research. Education: Meeting the requirements of educational accrediting bodies and providing optimal education for our students. Environmental: Ensuring a safe environment for our students, patients and employees.
6 What is a definition of Enterprise Risk Management (ERM)?
7 Definition of ERM Enterprise Risk Management is the identification and prioritization of risk severity across an entire enterprise by determining the degree of negative impact generated by each specific risk. Steps are taken to mitigate the risk through the implementation of regularly monitored processes and internal controls which are utilized uniformly and comprehensively while constantly scanning and identifying new emerging risks. ERM also eliminates the silo approach toward managing risk and improves communication enhancing both local and enterprise wide operational effectiveness.
8 What are the main functions of a Enterprise Risk Management (ERM) program?
9 ERM Functions 1. Develop a uniform, comprehensive and understandable risk management plan designed to identify, prioritize and mitigate risks. 2. Distribute the plan and educate all core users. 3. Implement the plan with enterprise wide usage. 4. Monitor to ensure the plan is both effective and appropriately utilized.
10 How do we identify and prioritize risks in multiple areas?
11 Risk Priority Matrix Risk Frequency High > 1 occurrence / month Low < 1 occurrence / month High Low Risk Category High Low HF, HI LF, HI HF, LI LF, LI HF High Frequency LF Low Frequency HI High Impact LI Low Impact Decreasing level of risk or threat severity HF, HI High Priority Red Tab HF, LI Moderate High Priority Yellow Tab LF, HI Moderate Low Priority Blue Tab LF, LI Low Priority Green Tab A color tab for each policy or procedure highlights the level of risk or threat severity
12 What factors determine risk severity?
13 Site Specificity: An identified risk in one area might not have the same impact as in another. As an example, a 15 minute power outage in an office might cause an inconvenience but could prove catastrophic in an operating room during a surgical procedure. Risk Impact or Threat: As a rule, the greater the number of areas a risk impacts, the greater the risk threat or severity it presents. Scope of Responsibility: Usually, the greater the number of people responsible for mitigating a certain risk, the higher the probability this risk will be poorly handled.
14 Financial Impact Risk: The greater the financial impact of the risk, the greater the severity it presents. Institutional Reputation Risk: The greater the potential risk to the reputation of an institution, the greater the severity of the risk. Risk Frequency: The more often the risk occurs, the more closely and frequently the risk needs to be monitored. Statistical Analysis: Using historical data, the statistical probability of an adverse event occurring can be determined. The greater the amount of data over a longer period of time, the greater the predictive accuracy of identifying risk severity.
15 Who should determine the risks that generate the most severe threat?
16 Task Force to Determine Risk Severity A task force with a designated team leader will be assembled to assess each of the potential risks in their respective areas by identifying and prioritizing the severity level of each risk and the threat posed. Effective communication between task force team leaders is vital when risks or threats are found to have impact beyond one s own specific area in order to break down silos of risk management. There must be a unified, concerted and coordinated team effort in order to successfully prioritize broad based or system wide risks. It is important to take upon the responsibility of initiating dialogue when such risks are identified and not to assume that someone else will. If certain risks identified are particularly problematic and longstanding, it is often helpful to ascertain how other comparable institutions are handling similar issues to benefit from their experience.
17 What is the starting point to determine risk severity?
18 As we begin the process to determine risk severity, it is important to note that any policy or procedure is designed to mitigate risk and facilitate a favorable outcome while attaining a specified objective. For example, a procedure that addresses turn around time is designed to decrease it (favorable outcome) and not to increase it (unfavorable outcome) with a specific objective identified. Reviewing existing policies and procedures could be a starting point toward establishing a risk severity analysis.
19 What are the individual steps to determine risk severity?
20 1. Review the current policies and procedures and identify the risk(s) addressed in each one. 2. Assess the severity or threat of the risk(s) identified. 3. Color tab (red, yellow, blue or green) each policy and procedure according to risk severity. 4. Identify any remaining risk(s) which are not already addressed. 5. Develop a policy or procedure to deal with the newly identified risks. 6. Assess the level of severity or threat these identified risks represent. 7. Color tab each new policy or procedure according to risk severity. 8. Formulate a Risk Management Assurance Map to ensure ongoing and effective risk prioritization and mitigation.
21 What is a Risk Management Assurance Plan (RMAP)?
22 RMAP A Risk Management Assurance Plan (RMAP) is a methodology that can be utilized to uniformly and effectively manage severity prioritized risks with processes or internal controls in place to deal with each risk individually. This consistent approach to risk mitigation can maximize risk management (proactive) and minimize crisis management (reactive). Depending on the scope of the area involved, the size of an RMAP can be quite variable. This methodology incorporates risk management principles as outlined by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).
23 What is an institutional appetite for risk and how does it affect the RMAP?
24 Institutional Appetite for Risk The institutional appetite for risk is the level of risk that an institution is willing to assume and can determine how aggressive any RMAP should be developed and implemented. Risk Severity Inversely Proportional Low Moderate High Risk Appetite Appetite for risk is usually inversely proportional to the severity of the risk. The steeper the incline, the lower the appetite or tolerance (high aversion) for risk and the more graded the incline, the greater appetite or tolerance (low aversion) for risk. An Enterprise Risk Management program at TTUHSC should have a low appetite for risk with each RMAP having aggressive processes in place to mitigate each identified risk.
25 What is the format of an RMAP?
26 RMAP Format Prioritized Risk Objective Action Plan Risk Owner Monitoring Documentation A Prioritized Risk is a severity ranked risk which negatively impacts achievement of the objective. The Objective is a goal, metric or mission the risk negatively impacts. The Action Plan can be a written procedure, policy or program designed to mitigate the specific risk which can cause failure to attain the objective. The Risk Owner is the person designated and accountable to carry out the Action Plan. Monitoring determines the effectiveness of the processes and internal controls in place and addresses the manner the Action Plan and risk mitigation is being periodically reviewed. Documentation demonstrates written proof of assurance the Action Plan is being carried out successfully to mitigate the specific risk intended and achieve the objective.
27 Who should be responsible for formulating an RMAP?
28 RMAP Formulation The same task force that determined risk severity ranking could take on the function of establishing an RMAP to assess and mitigate each risk individually.
29 What is an example of an RMAP? The RMAP was designed by a task force assembled for the Department of Pathology in TTUHSC School of Medicine.
30 Example RMAP Prioritized Risk Objective Action Plan Risk Owner Monitoring Documentation Specimen Turnaround Time for Department of Pathology Achieve 100% completion of surgical and cytological cases in a timely manner. Report surgical and cytological cases within 72 hours of specimen receipt or notification of delay to the attending physician documented in patient report. (HP Quality Management Plan) Warren Hatley will monitor the turnaround times for surgical and cytological cases. Turnaround Times are reported at the biennial Performance Improvement Committee meeting. This QA monitor will be reviewed Quarterly by the Medical Director or designee. Turnaround time monitoring is documented and placed in the minutes of the Department of Pathology Performance Improvement Committee. The signed documentation by the Medical Director will be maintained by the Cytology Supervisor. Cytological Histological Correlation Maintain 85% 100% correlation with no discrepancies, 0% 15% correlation with minor discrepancies and 0%0 05% correlation with major discrepancies. Monitor on monthly basis the correlation between cytological and histological specimens. (HP Cytology/Histology Correlation) Warren Hatley will monitor the correlations between cytological and histological specimens after the Pathologist review. A monthly report will be generated through the laboratory LIS to compile the number of correlations entered by the reporting Pathologist at the time of specimen sign out. Monthly reports will be compiled, reported and placed in the minutes of the monthly UMC Health System Quality Management Governance Committee and biennially at the Department of Pathology Performance Improvement Committee.
31 Example RMAP Continued Prioritized Risk Objective Action Plan Risk Owner Monitoring Documentation Sending of Non Secured s with Patient Information outside of the TTU Computer/Intranet. Documentation of unsuspected results will be noted and being to the clinician. 100% compliance is the expected goal for ensuring all s with patient Information are sent as Secure/Encrypted. 100% documentation of notification is the expected goal. All personnel, both faculty and staff, will be educated that all s containing patient information must be sent as Secure/Encrypted. (HP of Sensitive Patient Information) Pathology coding department will monitor all new malignancies to ensure that documentation of physician notification is in the patient report. (HP Reporting of Cytology Cases) Notification of failure to comply will be reported by individual section supervisors to Cheryl Hutton and the responsible individual will be counseled. Reports that do not contain documentation of notification will be returned to the reporting Pathologists to amend the report. A copy of the report will also be given to Laboratory Director Warren Hatley. Since there is no means of monitoring individual s at the quarterly Risk Management Task Force meeting, all supervisors will be reminded to reemphasize the need for security measures to all subordinates and colleagues. The total number of reports without documentation along with the Pathologists responsible will be identified. Documentation of failure to comply will be reported quarterly at the Risk Management Task Force meeting. This will be made part of the minutes of the Risk Management Task Force Team meeting. Quarterly reports will be reported to and signed off by the Medical Director.
32 Example RMAP Continued Prioritized Risk Objective Action Plan Risk Owner Monitoring Documentation Courier vehicle left unlocked and unattended with patient specimens onboard. 100% compliance with securing the courier vehicle when unattended. Written procedure put in place defining the procedure for pickup and transport of patient specimens with special instructions on securing the transport vehicle when unattended. (HP Departmental Vehicles and Courier Service). Tim Detrixhe Ride along observation of couriers daily operations. Written reminders to lock transport vehicle will be placed on all updated courier Route Sheets. Courier will be written up when vehicle is found unsecured. Write ups and Courier Route Sheets will be saved for documentation and a report will be presented to the Quarterly Risk Management Task Force meeting and entered into the minutes. ICD 10 Coding & Reimbursement Loss of revenue due to changing coding rules. Maintain current level of billing and reimbursement. Cheryl Hutton Monitored daily. Will be available in the patient billing records.
33 Example RMAP Continued Prioritized Risk Objective Action Plan Risk Owner Monitoring Documentation Specimens that are Improperly routed and or lost from the Operating Room. 100% of specimens for pathology and clinical laboratory should reach their destinations. Contact Nurse Manager for the Operating Room to establish a quarterly meeting with Pathology to incorporate the CME training for the operating room staff. (HP Lost or Missing Specimens). Dr. Lisa Smith will report problems to the Nurse Manager for the Operating room during quarterly meetings and at OR staff CME. Teri West from histology will monitor specimens for histology, Warren Hatley from Cytology will monitor specimens for cytology. Documentation of improperly routed specimens and lost specimens will be incorporated into the Risk Management Task quarterly minutes and into the Operating Room CME.
34 Example RMAP Continued Prioritized Risk Objective Action Plan Risk Owner Monitoring Documentation Conflicting data between Initial H&E slides and Recut H&E slides for consultation and legal requests 100% review of all recut H&E slides by Pathologists prior to sending. Have all H&E recuts for outside consults and legal requests will be reviewed by the Pathologist who originally signed out the case. (HP Material mailed for Extra Departmental Consultation and Off Site requests.) Teri West is to ensure recut slides are taken to the Pathologist. Diana Kimbrough is to ensure the Pathologist signature of review is on the pink recut request prior to sending slides. Pink slide recut requests are reviewed by transcription for Pathologist signature prior to sending slides. Pink request will be filed with the initial slide request from the requesting institution. Disposal of tissue that has not been evaluated by a Pathologist 100% compliance is expected by the Department of Pathology in order to avoid potential legal issues arising from disposal of tissue without documentation or description of the tissue. All tissue entering the Department of Pathology must be accompanied by a request for a minimum of a Gross Only diagnosis. (HP Surgical Pathology Exclusion) The gross room personnel, the Pathologist on duty and the Histology Supervisor will be responsible for rejecting tissue for disposal due to lack of a Pathology examination request. The Histology Supervisor will be notified whenever a tissue is rejected for disposal due to lack of a Pathology examination request. The Histology Supervisor will record the number of events that occur each quarter and will report this at the quarterly Risk Management Task Force meeting.
35 Example RMAP Continued Prioritized Risk Objective Action Plan Risk Owner Monitoring Documentation Proper shipping of hazardous materials 100% compliance with State and Federal Shipping regulations is the expected goal. Transcription department will be responsible for ensuring that all hazardous materials being shipped are packaged and labeled in accordance with state and federal guidelines (HP Shipping of Hazardous Material) Cheryl Hutton will ensure that all personnel are properly trained in shipping of hazardous material and that training is documented. The transcription supervisor will be assigned to ensure that these specimens have been properly prepared for shipment. Documentation of training in proper shipping of hazardous materials from all authorized shippers will be maintained in their personnel records. Materials not delivered by the mail room workers in a timely manner. 100% of time sensitive and confidential patient information will be sent out by the mail room staff on the same day they are picked up. Contact General Services Department to identify potential problems with their procedures of ensuring that mail is properly sent. (HP Material mailed for Extra Departmental Consultation and Off Site requests.) Tim Detrixhe will contact the mail room staff to explain the situation and question if policies are in place to avoid future incidences. Diana Kimbrough will monitor outgoing mail and report noncompliance to the Risk Management Task Force. confirmations received from the mail room on all items shipped will be printed and attached to the original shipping document. If there is no confirmation the following morning after mailing, the Mail Room Supervisor will be contacted. A copy of General Services procedures, if any, will be filed as part of the minutes of the Risk Management Task Force. Problem calls to the Mail Room Supervisor will be documented, and if more than one item per month is found to have been unsecured or delayed, the Task Force will move the issue to the Department Chair.
36 Example RMAP Continued Prioritized Risk Objective Action Plan Risk Owner Monitoring Documentation Online Pathology Collection Manual Within the next year assess the viability of building a web site for the Department of Pathology so the Pathology Collection Manual can be accessed by all clients of the Department of Pathology. Contact the TTUHSC IT department to investigate what is needed to establish a web site for the department, not just a department home page, but an actual site that allows clients to access collection manuals and other pertinent information about the department. (HP Specimen Collection Manual). Warren Hatley will contact the TTUHSC IT department to start information gathering for the process. Dennis Metcalf will be engaged in the actual web site building process and act as a liaison between the Department of Pathology and the IT Department of Pathology. Monitoring and maintenance of the Department of Pathology web site will be conducted by the Department of Pathology IT person, Dennis Metcalf. Yearly review of the Department of Pathology Collection Manual will be conducted by the Histology Supervisor, the Cytology Supervisor and the Medical Director. Changes will be made by the Department IT personnel.
37 What value can the RMAP model provide?
38 RMAP Value The Risk Management Assurance Plan model can be used to assist management in making solid and informed decisions by establishing a uniform and systematic approach to managing current and emerging risks. With proper risk prioritization, limited resources will be utilized most judiciously providing maximal operational efficiency and the greatest return on investment.
39 How often and by whom should an RMAP be reviewed?
40 RMAP Review The Risk Management Assurance Plan should be reviewed by the same task force that formulated the RMAP as often as required but at least once annually. This ensures the risk severity ranking is appropriate and can determine the effectiveness of the RMAP in attaining specific objectives through risk mitigation.
41 How can the effectiveness of an RMAP be determined?
42 Determination of RMAP Effectiveness Is the RMAP achieving objectives? Yes Continue to monitor usage of the RMAP Yes No Is the RMAP being appropriately utilized? No Reassess the RMAP and modify parameters as needed Reeducation as to usage of the RMAP
43 How can we summarize the RMAP process?
44 Identification of the Risk Institutional Appetite for Risk Prioritization of the Risk (degree of severity or threat) Development of an RMAP Maximize Risk Management (Proactive) Minimize Crisis Management (Reactive) Meet Objectives To Assure Quality of Service
45 How can an RMAP and the Office of Audit Services interrelate?
46 The mission of the Office of Audit Services is to assist management in identifying, avoiding and mitigating risk. With access to a Risk Management Assurance Plan, the Office of Audit Services will be able to more readily assess the effectiveness of the processes or internal controls in place to mitigate risk and assist management toward correcting the root cause of any problem identified to prevent recurrence. Audit Services can also assist management in identifying commonalities and best practices in comparable areas within the institution and help establish and maintain risk management uniformity and consistency across Texas Tech University Health Sciences Center.
47 Can an RMAP be used to meet the requirements of an external accrediting organization?
48 The Risk Management Assurance Plan model can be used to assist management in achieving a successful accreditation outcome by establishing a systematic approach toward identifying and meeting the requirements and standards of any external accrediting organization.
49 What are the possibilities for expansion using the RMAP model?
50 RMAP Expansion With leadership support, a coordinated team effort and site specific risk assessment and prioritization, the Risk Management Assurance Plan (RMAP) model can be successfully implemented in any area within Texas Tech University Health Sciences Center. An Enterprise Risk Management website will be developed to inform and educate about ERM and help explain the benefits the program can provide. Our mission is for the Enterprise Risk Management program initiated at Texas Tech University Health Sciences Center to ultimately span the entire Texas Tech University System and become a statewide recognized and emulated program for Health Related Institutions.
HIPAA Notice of Privacy Practices THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. This Notice
Policy 8.3.2 Business Responsible Party: President s Office BUSINESS CONTINUITY PLANNING Overview The UT Health Science Center at San Antonio (Health Science Center) is committed to its employees, students,
MIAMI UNIVERSITY Internal Audit & Consulting Services Risk Discussion Questionnaire Department or Process: Contact Person: Contact Phone: Date Completed: GENERAL INFORMATION 1. What is the Purpose/Mission/Objective
Mental Health Mental Retardation Authority of Harris County ENTERPRISE RISK MANAGEMENT A Framework For Assessing, Evaluating And Measuring Our Agency s Risk A Risk-Based Audit Strategy November 2006 Internal
CHAPTER 1 COMPUTER SECURITY INCIDENT RESPONSE TEAM (CSIRT) PURPOSE: The purpose of this procedure is to establish the roles, responsibilities, and communication procedures for the Computer Security Incident
JOINT COMMISSION INTERNATIONAL ACCREDITATION STANDARDS FOR CliniCAl laboratories 2nd Edition Effective 1 April 2010 International Patient Safety Goals (IPSG) Goals The following is a list of all goals.
NOTICE OF PRIVACY PRACTICES TEMPLATE Sections highlighted in yellow are optional sections, depending on if applicable Original Date: ##/##/#### Revised per HIPAA Omnibus Rule ##/##/#### Revised Date Implementation:
Analyzing s in Healthcare February 12, 2014 1 Content What is Enterprise Management (ERM) ERM Benefits ERM Standards / ISO 31000:2009 ERM Process Register ERM Governance Model s Q&A 2 What is Enterprise
Document: EB 2008/94/R.4 Agenda: 5 Date: 6 August 2008 Distribution: Public Original: English E IFAD Policy on Enterprise Risk Management Executive Board Ninety-fourth Session Rome, 10-11 September 2008
Department of Veterans Affairs VA Directive 0054 Washington, DC 20420 Transmittal Sheet April 8, 2014 VA Enterprise Risk Management (ERM) 1. REASON FOR ISSUE: This directive provides guidelines to help
Relational Coupling by 2-D Barcodes A Novel Approach to Positive Patient and Specimen Identification in Tissue and Cytology Specimens Lee KC, Wong SN, Leung YW, Lam WL Department of Pathology, Princess
INTEGRATED MANAGEMENT SYSTEM MANUAL IMS Based on ISO 9001:2008 and ISO 14001:2004 Standards Approved by Robert Melani Issue Date 30 December 2009 Issued To Management Representative Controlled Y N Copy
NOTICE OF PRIVACY PRACTICES Effective Date: September 20, 2013 Last Modified: May 12, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO
POSITION DESCRIPTION/ COLUMBUS REGIONAL HEALTHCARE SYSTEM JOB TITLE CODING SUPERVISOR JOB CODE 0172 DEPARTMENT FLSA (Exempt/Non-Exempt) HEALTH INFORMATION MANAGEMENT NON-EXEMPT DEPARTMENT DIRECTOR SIGNATURE
Patient and Physician Satisfaction Surveys as a Lever of Quality Improvement in the Laboratory Hannah Poczter, AVP and Ed Giugliano, PhD November 2, 2010 1 North Shore LIJ Health System The Nation s Largest
ACCIDENT PREVENTION PLAN A Sample Plan for Counties TABLE OF CONTENTS MANAGEMENT COMPONENT... 1 Safety Policy Statement Safety Committee Members Authority and Accountability Statement RECORDKEEPING COMPONENT...
How to Assess s Strategy Areas for Assessment: A number of strategic areas that you may wish to start with are included in the matrix below. We invite comments on additional areas to include. Law Department
Policy Statement The is committed to providing excellence in service to the general public. It is important for all employees of the Government of Nova Scotia to work as a team in the attainment of this
Policy: 1 Page: 1 of 8 I. Purpose, Reference, and Responsibility A. Purpose The purpose of this policy is to establish guidelines for faculty compensation. B. Reference 1. University of Colorado Administrative
Performing a Compliance Risk Assessment for Compliance Auditing & Monitoring in Healthcare Organizations Author: Glen C. Mueller, Chief Audit & Compliance Officer, Scripps Health, San Diego, CA Introduction
HIPAA Omnibus Notice of Privacy Practices Effective Date: March 03, 2012 Revised on: July 1, 2015 Mobile Physician Group PC 231 High Street Suite 1, Mount Holly, NJ 08060 1-855-MPG-DOCS THIS NOTICE DESCRIBES
Florida Gulf Coast University Policy Manual Title Use Of University Facilities Policy: #3.026 Approved: 01/13/2014 Responsible Executive: Vice President for Administrative Services and Finance Responsible
Business Continuity Planning for Schools, Departments & Support Units 1 What is Business Continuity Planning? Examples Planning for an adverse, major or catastrophic event that would cause a disruption
Page 1 of 14 I. Policy II. A. The, the units of the UW-Madison Health Care Component and each individual or unit within UW-Madison that is a Business Associate of a covered entity (hereafter collectively
Policies of the University of North Texas Health Science Center Chapter 14 14.601 Electronic Health Record Policy UNT Health Policy Statement. The University of North Texas Health Science Center (UNTHSC)
Unique Standards and Documentation Required for Accredited PathA Programs Section III (PathA) Page 1 UNIQUE STANDARDS AND THE REQUIRED DOCUMENTATION Pathologists Assistant Standards Objectives PREAMBLE
The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework Dorothy Gjerdrum, ARM-P, Chair of the ISO 31000 US TAG and Executive Director,
Content Sheet 13-1: Overview of Customer Service Role in quality management system This module will describe basic elements that are essential for developing an effective customer service program. Customer
Page 1 of 5 POLICY 1. Community Living Quinte West shall take all reasonable precautions to protect all employees from illness and injury. 2. The employer shall work cooperatively with employees, the bargaining
Evaluation and Inspection Division Federal Bureau of Investigation s Integrity and Compliance Program November 2011 I-2012-001 EXECUTIVE DIGEST In June 2007, the Federal Bureau of Investigation (FBI) established
Effective 1 July 2015 Joint Commission International Accreditation Standards for Medical Transport Organizations English 2nd Edition Section I: Accreditation Participation Requirements JOINT COMMISSION
THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES Physician Assistant Program Report No. 14-12 OFFICE OF INTERNAL AUDITS THE UNIVERSITY OF TEXAS - PAN AMERICAN 1201 West University
LAWRENCE COUNTY MEMORIAL HOSPITAL Lawrenceville, Illinois NOTICE OF PRIVACY PRACTICES Effective April 14, 2003 Revised May, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU WILL BE USED AND
DM-PH&SD-P7-TG6 رقم النموذج : I. Introduction This Guideline on supports the national platform for disaster risk reduction. It specifies requirements to enable both the public and private sector to develop
Red Flag Policy and Procedures for Alexander Orthopaedic Associates The Identify Theft Prevention Program developed by Alexander Medical Group LLC dba Alexander Orthopaedic Associates referred throughout
Information Technology Disaster Recovery Policy Policy Statement This policy defines acceptable methods for disaster recovery planning, preparedness, management and mitigation of IT systems and services
THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK ACCOUNTABLE SIGNATURE AUTHORISED for implementation SIGNATURE On behalf of Chief Executive Officer SAHRA Council Date Date
HIPAA Notice of Patient Privacy Practices Effective Date: January 1, 2014 THIS NOTICE DESCRIBES HOW PROTECTED HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
Title: Regulation Reference: CONTACT CENTER CALL MONITORING AND RECORDING Policy Number: EP 1.22 Effective Date: 1/2015 Policy Statement: It is the policy of the Texas Tech University Health Sciences Center
Enterprise Risk Management Breaking Down the Barriers at Emory Willis Healthcare Forum Nashville, TN July 10, 2007 Shulamith Klein Senior Director Office of Risk & Insurance Services The Emory Enterprise
Risk Assessment & Enterprise Risk 1 Healthcare Corporate Governance Today s environment requires building a culture of risk awareness and management of risk across the organization, while formulating less
Business Continuity Planning Instructions Business continuity planning is a proactive planning process that ensures critical services or products are delivered during a disruption. In creating the plan,
BERKSHIRE HEALTH SYSTEM LABORATORIES Berkshire Medical Center Fairview Hospital Compliance Guidelines for Phlebotomy, Billing and Marketing Personnel General Job Responsibilities: All phlebotomists have
Policies and Procedures: IDENTITY THEFT PREVENTION Section: Chapter: Policy: Compliance Administration Identity Theft Prevention I. PURPOSE The purpose of this policy is to protect patients and West Virginia
105 CMR 210.000: THE ADMINISTRATION OF PRESCRIPTION MEDICATIONS IN PUBLIC AND PRIVATE SCHOOLS Section 210.001: Purpose 210.002: Definitions 210.003: Policies Governing the Administration of Prescription
NOTICE OF PRIVACY PRACTICES DILEY RIDGE MEDICAL CENTER Effective Date: 3/1/2010 Version: 30110.1 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS
Final National Health Care Billing Audit Guidelines as amended by The American Association of Medical Audit Specialists (AAMAS) May 1, 2009 Preface Billing audits serve as a check and balance to help ensure
Page 1 Guilford Medical Associates, P.A. NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE
Communicating Critical Test Results Safe Practice Recommendations Massachusetts hospitals are collaborating in a patient safety initiative to improve our ability to provide timely and reliable communication
Compliance, Risk Management, and Quality Assurance How to Play in the Same Sandbox Mary Ellen McLaughlin, CPC, CHC Senior Consulting Manager, IMA Consulting Jeffery Wiggins, JD, MHA, CHC, CICA VP Audit
CISM (Certified Information Security Manager) Document version: 6.28.11 Important Note About CISM PDF techexams CISM PDF is a comprehensive compilation of questions and answers that have been developed
2013 2016 South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy 2013-2016 1 1 Context 3 SCOPE 3 WHAT IS RISK MANAGEMENT? 3 LOCAL AND NATIONAL DRIVERS 3 Business
Effective as of August 6, 2004 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. We are required
Monterey County 14M32 HOSPITAL RISK ASSESSMENTAND COMPLIANCE OFFICER DEFINITION Under administrative direction, plans, organizes, directs, and coordinates various functions, operations and activities pertaining
Health Insurance Portability and Accountability Act HIPAA Privacy Standards Healthcare Provider Training Module Copyright 2003 University of California Click the arrow to start the YouTube video in a separate
Internal Audit Report Right of Way Acquisition TxDOT Office of Internal Audit Objective Evaluate the right of way acquisition process for efficiency and compliance. Opinion Based on the audit scope areas
Risk Management and Internal Audit Specialized Training Course Audit Risk Assessment Methodology May 20, 2015 Internal FR 2 Risk and Risk Assessment Defined Risk Institute of Internal Auditors (IIA) The
Sutter Health Support Services Shared Laboratory Position Description Position Title: Clinical Laboratory Scientist, Microbiologist Incumbent: Entity: SHSS Shared Laboratory Reports To: Director of Operations,
1. Introduction Clarius Group Risk Management Policy and Framework 1.1 Definition Risk is the chance of something happening that will have an impact on objectives. Risk provides the opportunity (upside)
DOCUMENTATION WAKE-UP CALL: HOW TO PREVENT DOCUMENTATION DEFICIENCIES AUTHORS: MARY C. MALONE, ESQUIRE MARY P. CHILES, RN, RAC-CT I. INTRODUCTION Concise clinical record documentation is critical to providing
Policy 6.007. ADMINISTRATION OF MEDICATIONS POLICY It is the policy of Cooperative Educational Services (C.E.S.) that students who require any medications to be administered during school hours, including
Sarasota Personal Medicine 1250 S. Tamiami Trail, Suite 202 Sarasota, FL 34239 Phone 941.954.9990 Fax 941.954.9995 NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY
POLICY CG01 RISK MANAGEMENT Document Control Statement This Policy is maintained by the Governance and Organisational Strategy. Any printed copy may not be up to date and you are advised to check the electronic
Site visit inspection report on compliance with HTA minimum standards London School of Hygiene & Tropical Medicine HTA licensing number 12066 Licensed under the Human Tissue Act 2004 for the storage of
Data Security John Hopkins Core Operations Manager. Melanie Williams, Ph.D. Branch Manager Texas Cancer Registry April 17, 2009 Background TCR receives approximately 200,000 reports from over 500 reporters
PUBLIC HEALTH NURSE II DEFINITION To plan and direct a specific public health program; to provide public health nursing services to individual clients and the community at large through the provision of
An Evaluation of Privacy and Security Issues at a Small University Abstract by Michael North Carolina Agricultural and Technical State University firstname.lastname@example.org Colleges and universities process large
COUNTY OF ORANGE DEPARTMENT OF HEALTH Corporate Compliance Plan COUNTY OF ORANGE DEPARTMENT OF HEALTH CORPORATE COMPLIANCE PLAN I. Corporate Compliance Plan It is the policy of the Orange County Department
Corporate Quality Manual Preface The following Corporate Quality Manual is written within the framework of ISO 9001:2008 Quality System by the employees of CyberOptics. CyberOptics recognizes the importance
Page : 1 / 8 1. Purpose: This manual is formed in order to create a business environment based on a partnership understanding with our suppliers, determine and develop our relationships in this context
Tusculum College Athletic Training Educational Program Clinical Education Affiliation Agreement This Agreement, made this day of, 20, by and between Tusculum College (hereinafter referred to as the INSTITUTION)
Framework for Enterprise Risk Management 2013 Johnson & Johnson Contents Introduction.... 4 J&J Strategic Framework... 5 What is Risk?.......................................................... 7 J&J Approach
Audit of the Test of Design of Entity-Level Controls Canadian Grain Commission Audit & Evaluation Services Final Report March 2012 Canadian Grain Commission 0 Entity Level Controls 2011 Table of Contents
ASTRAZENECA GLOBAL POLICY SAFEGUARDING COMPANY ASSETS AND RESOURCES THIS POLICY SETS OUT THE REQUIREMENTS FOR SAFEGUARDING COMPANY ASSETS AND RESOURCES TO PROTECT PATIENTS, STAFF, PRODUCTS, PROPERTY AND
June 2010 HEALTH, SAFETY, AND ENVIRONMENT MANAGEMENT SYSTEM (HSEMS) TABLE OF CONTENTS PAGE PART I INTRODUCTION Corporate Health, Safety and Environment Policy.. 1 Purpose... 2 HSEMS Framework... 3 PART