Risk Management Policy

Transcription

1 Trust Board in Public March 2010 Agenda Item 10.3 Item: Risk Management Policy Synopsis: The Trust Board is requested to approve the move to APPROVE this Risk Management Policy as its strategy for managing risk within the Trust. This Risk Management Policy formally moves Trust to the new ISO31000:2009 standard for Risk Management which has replaced the AS/NZ 4360 standard. Author: Head of Integrated Governance and Quality Presented by: Mary Sexton, Director of Nursing, Quality and Governance Action Required: Discussion and Approval 1

2 Surrey & Sussex Healthcare NHS Trust Risk Management Policy Version DRAFT 03 Status DRAFT 15 March 2010 Date ratified DD/MM/YYYY Name of Owner Integrated Risk Lead Name of Sponsor Group Risk Management Group Name of Ratifying Group Quality and Risk Management Board Type of Procedural document Policy Policy Reference To be completed by Policy Coordinator Date issued MMM/YYYY Review date April 2011 Target audience All staff Related Documents SaSH Risk Management Plan SaSH Risk Register Guidelines Policy for the Reporting, Management and Investigation of Incidents CNST Maternity Risk Management Strategy References: Registration Regulations 2009 ISO 31000:2009 Risk management Principles and guidelines NHSLA risk management standards Monitor Code of Governance for NHS foundation trusts (2010) Human Rights Statement The Trust incorporates and supports the human rights of the individual, as set out by the European Convention on Human Rights and the Human Rights Act 1988 EIA Status This policy is available on request in different formats and languages from the Policy Coordinator / PALS. The latest approved version of this document supersedes all other versions. Upon receipt of the latest approved versions all other versions should be destroyed, unless specifically stated that the previous version(s) are to remain extant. If in any doubt please contact the document owner or Policy Coordinator. 2

3 Contents 1. Introduction 2. Purpose 3. Definitions 4. Accountability and Responsibilities for Managing Risk 4.1. Introduction 4.2. Board of Directors 4.3. CEO and Management / Quality and Risk Management Board 4.4. Specialist groups, individuals and functions concerned with aspects of risk management 4.5. Corporate Directorates 4.6. Clinical Directorates 4.7. Specialties 4.8. Staff 5. Identifying, Assessing, Managing and Governing Risk 5.1. Introduction 5.2. ISO 31000:2009 Risk management Principles and guidelines 5.3. SaSH Risk Register Guidelines 5.4. Governing Risk 5.5. The Board Assurance Framework (BAF) 5.6. The Statement on Internal Control (SIC) 6. Communication and Consultation with Stakeholders 7. Approval and Ratification 8. Review and Revision Arrangements 9. Dissemination and Implementation, including staff training 10. Archiving Arrangements 11. Monitoring Compliance 12. References 13. Associated Documents Appendices Appendix A Core risk management responsibilities for specialist groups, individuals and functions Appendix B Quality and Risk Management Terms of Reference 3

4 1. Introduction Surrey and Sussex Healthcare NHS Trust (SaSH) is committed to putting people first and delivering excellent accessible care. The vision is to exceed patient and carers expectations for easy access to the delivery of safe, high quality care and to come together as one team, respecting the choices of individuals and provide ever improving clinical excellence, levels of comfort and care. In pursuit of these goals, the Trust has identified six key corporate objectives: Safe, high quality coordinated care Easier access and shorter waiting times Better information more choice Revitalising our environment Engaging with our community An effective organisation The Board of Directors recognises that a key factor in achieving these goals and objectives is to ensure that effective risk management arrangements are in place and embedded in the organisation s practices and processes. According to the Monitor Code of Governance for NHS Foundation Trusts The board of directors role is to provide effective and proactive leadership of the...trust within a framework of processes, procedures and controls which enable risk to be assessed and managed. Effective risk management arrangements will, in addition to helping ensure goals and objectives are met, help ensure compliance with statutory, mandatory and best practice requirements. Managing health and safety risks, for example, has been a legal requirement in the NHS since full and final removal of Crown Immunity in April And the Health and Social Care Act 2008 (Regulated Activities) Regulations place a statutory duty on all NHS organisations to identify, assess and manage risks relating to the health, welfare and safety of service users and others who may be at risk from the carrying on of the regulated activity. In addition, there are a range of mandatory and voluntary risk management schemes applicable to SaSH, including the Auditor s Local Evaluation (ALE) operated by the Audit Commission and the NHS Litigations Authority s risk management standards.. In pursuit of the objective of implementing effective risk management arrangements the Trust is committed to adhering as far as possible to the new international best practice Standard ISO 31000:2009 Risk management Principles and guidelines. The new Standard sets overarching values, a framework and a process for managing all types of 4

5 risk. The Standard replaces the Australian/New Zealand Standard 4360, which NHS organisations across the UK have been using since This risk management policy is owned by Trust senior management, who support its implementation by ensuring a progressive, honest, open and just environment where all types of risks can be identified and managed in a timely, positive and constructive way. Senior management will ensure that all staff are provided with education, training and support, appropriate to their role. to enable them to meet their responsibilities under this Risk Management Policy. This policy is supported by an organisation-wide Risk Management Plan, which is a dynamic document designed to ensure that the Risk Management Policy is implemented and risk management is embedded in all of the organisation's practices and processes. 2. Purpose The purpose of this policy is to describe the arrangements for effective risk management in support of the organisation s vision and objectives and to meet relevant standards imposed by legislation, the Care Quality Commission, the Audit Commission and the NHS Litigation Authority 1. The policy is designed in accordance with the new international best practice standard ISO 31000:2009 Risk management Principles and guidelines, which requires organisations to clarify their objectives for and commitment to risk management, and to specify the following: the links between the risk management policy and the organisation s objectives and other policies; the organisation's rationale for managing risk; accountabilities and responsibilities for managing risk; the way in which conflicting interests are dealt with; the organisation s risk appetite or risk aversion; processes, methods and tools to be used for managing risk; resources available to assist those accountable or responsible for managing risk; the way in which risk management performance will be measured and reported; commitment to the periodic review and verification of the risk management policy and framework and its continual improvement; and 1 The NHS Litigation Authority and the Audit Commission refer to existence of a Risk Management Strategy. ISO 31000:2009 refers to a Risk Management Policy and a Risk Management Plan. Throughout this document the terms Risk Management Policy and Risk Management Plan, taken together, can be regarded as the Risk Management Strategy for SaSH. 5

6 the way in which the risk management policy will be communicated to all staff. 3. Definitions ISO 31000:2009 defines risk as the effect of uncertainty on objectives and states that Risk is often expressed in terms of a combination of the consequences of an event and the associated likelihood of occurrence. Risk management is defined in ISO 31000:2009 as coordinated activities to direct and control an organization with regard to risk. This risk management policy sets out the activities and coordination mechanisms specific to SaSH. Further definitions are contained within the risk management and related documents referenced at section 12. The principal definitions for risk management are provided in ISO 31000:2009 Risk management Principles and guidelines. 4. Accountability and Responsibilities for Managing Risk 4.1 Introduction Figure 1 sets out the framework of accountability for managing risk across SaSH, which is operationalised within the overall context of quality and risk management and which is operationally led by the Chief Executive Officer (CEO) and governed by the Board of Directors (the board). There are 7 levels of accountability for risk management as described in Figure 1. Sections provide additional detail on risk management accountabilities. Appendix A sets out key risk management responsibilities for specialist groups, individuals and functions listed in section

7 1 Board of Directors Corporate governance Management Audit & Assurance Healthcare Governance Performance Remuneration Board committees 7 Accountability level Integrated governance and quality department Misc. quality/risk groups, individuals and functions 2 Quality and Risk Management Board CEO Management Board 3 INFORMATION POLICIES 4 Corporate Directorates 5 Clinical Directorates 6 Specialties/service lines 7 Staff Figure 1 SaSH accountability framework for managing risk 4.2 Board of Directors Level 1 The Board of Directors is responsible for governing the management of risk within SASH. The Board exercises oversight of risk management through its Healthcare Governance Committee to ensure, through holding management to account for quality and risk management matters, that Key Performance Indicators set out in section 11 of this policy are being met. In addition, the Board of Directors annually reviews and signs off the commitment to Health and Safety Statement of Intent. 7

8 4.3 CEO and Management/Quality and Risk Management Boards Level 2 As Accountable Officer the CEO is accountable to Parliament as well as to the Board of Directors. The CEO is responsible for maintaining a sound system of internal control, which includes effective arrangements for risk management. Each year, the CEO has to sign, on behalf of the Trust Board, a Statement on Internal Control that provides an assurance that risk management, control and review processes are in place and their effectiveness has been reviewed. The CEO is supported by the Management Board. The purpose of the Management Board (MB) is to ensure that the organization is safely and effectively managed on a day to day basis. The MB sets appropriate frameworks and policies and procedures to support delivery of the organisational objectives, including risk management. The Quality and Risk Management Board (QRMB) works in partnership with the Management Board. It is responsible for ensuring, through appropriate frameworks and policies and procedures, the quality of services delivered through effective risk management. The QRMB is the most senior body concerned with the day to day management of risk across the trust. The QRMB is responsible for ratifying the risk management policy and related policies; for allocating resources at corporate management level to ensure effective management of risk; for dealing with conflicts; for holding directorates to account for monitoring the management of risk across the Trust; and for providing assurances to the board s Healthcare Governance Committee relating to risk management performance. In addition to the CEO s ultimate accountability for managing risk across the trust, all other individual executive directors have responsibility for managing risks within their own span of responsibility. 4.4 Specialist groups, individuals and functions concerned with aspects of risk management Level 3 Sitting between the QRMB and the Directorates, and working within what is essentially a matrix structure for risk management, are several specialist groups, individuals or functions with a Terms of Reference (ToR) or job description that sets out their role, responsibilities, accountability and reporting arrangements. These groups, individuals or functions are, in no particular order: 8

9 Integrated Governance and Quality Department Occupational Health Department Head of Integrated Governance and Quality Integrated Risk Lead Director of Infection Prevention and Control Infection Prevention and Control Team Director of Business Intelligence Health and Safety Manager Fire Safety Officer Nominated Fire Officers Estates and Facilities Safeguarding Children Group Safeguarding Adults Group Medicines Safety Group Medical Devices Group Decontamination Group Health and Safety Laser Group Waste Group Security Group Radiation Protection Group Caldicott Guardian 4.5 Corporate Directorates Level 4 The corporate directorates are led by an executive director who is responsible and accountable to the CEO/Quality and Risk Management Board for ensuring that their directorate properly manages their risks in line with this policy and with related policies, procedures and guidelines. Within individual directorates a Quality and Risk Management Forum exists, which provides a focus for staff on risk management matters 4.6 Clinical Directorates Level 5 The clinical directorates are each led by an directorate team who is responsible and accountable to the Quality and Risk Management Board for ensuring that their Directorate properly manages their risks in line with this policy and with related policies, procedures and guidelines. Within individual directorates a Quality and Risk Management Forum exists, which provides a focus for staff on risk management matters. 9

10 4.7 Specialties Level 6 Individual Specialities, or service lines, are accountable to the Clinical Directorates for properly managing their risks in line with this policy and with related policies, procedures and guidelines. Within individual specialties a Quality and Risk Management Forum exists, which provides a focus for staff on risk management matters. 4.8 Staff Level 7 It is the responsibility of all staff, including contractors, temporary staff and volunteers, to ensure they are aware of, and comply with this risk management policy and all related policies, procedures and guidelines, to the extent that is necessary to undertake their role. Some staff, such as General Managers, Matrons, Specialist Nurses, Lead Clinicians and Ward/Department Managers have particular responsibility to demonstrate leadership in relation to front line implementation and monitoring of effective risk management. 5. Identifying, Assessing, Managing and Governing Risk 5.1 Introduction Risk is identified, assessed, managed and governed in line with the following standards, guidance and recommendations: BS 31000:2009 Risk management Principles and guidelines on implementation The Health and Social Care Act 2008 (Regulated Activities) Regulations 2009 (currently before Parliament) The Care Quality Commission s guidance Guidance about compliance: summary of regulations, outcomes and judgement framework. Audit Commission (2009). Auditors' Local Evaluation (ALE) KLOE 2 and guidance 2009/10 NHS Litigation Authority (2009). NHSLA Risk Management Standards 2009/10 Monitor Code of Governance for NHS foundation trusts (2010) SaSH Risk Register Guidelines, March KLOE = Key Lines of Enquiry 10

11 5.2 ISO 31000:2009 Risk management Principles and guidelines The new international standard ISO 31000:2009 Risk management Principles and guidelines sets out internationally accepted generic best practice in risk management. The Standard is based on the Australian/New Zealand Standard 4360:2004, which is currently the NHS s accepted generic standard for risk management. ISO 31000:2009 now replaces AS/NZS 4360:2004. The ISO Standard sets out the fundamental principles of risk management together with a framework and process for managing risk as shown in Figure 2. The risk management process depicted in Figure 2 is identical to the process contained in AS/NZS 4360, which NHS organisations in England have been working with since the Department of Health issued the 1999 version of the AS/NZS 4360 Standard in In summary, the risk management process as it applies to SaSH is as follows: 1. the context within which risk is to be managed is properly identified and understood. In this instance, the context is the entire range of activities carried on within SASH, including all activities associated with patient care and treatment; 2. risks are identified; 3. risks are assessed in terms of their likelihood, or probability, and potential consequences or severity of impact, should they materialise; 4. risks that cannot be accepted are treated so that they are either eliminated, transferred or properly controlled; 5. there is proper communication and consultation with relevant stakeholders about all aspects of risk management; and 6. all aspects of the risk management system are periodically monitored and reviewed to ensure the system is working effectively. 11

12 Figure 2 Risk management principles, framework and process from ISO 31000: SaSH Risk Register Guidelines The key tool used by SaSH for practical implementation of the risk management process outlined in section 5.2, above, is the Risk Register. A risk register is a repository for information on all aspects of risk and is used as a management tool both for managing risk and for communicating risk information. Risk registers need to be maintained by the various specialties or service lines and by each of the clinical and corporate directorates on an ongoing basis. Where necessary, serious risks need to be escalated up the managerial accountability line (see Figure 1), Periodically, these risk registers are aggregated to produce a composite Trust risk register. The trust risk register informs and assists directorate management, the CEO and Quality and Risk Management Board, and the Healthcare Governance Committee/Board of Directors. Further information on the role of the Board of Directors in governing risk is set out in section

13 In SaSH, risk registers are implemented as an electronic repository using the Datix risk management software. Further details on the SaSH risk register, together with a detailed explanation of how risk is identified, assessed and managed is contained in the SaSH Risk Register Guidelines publication. 5.7 Governing Risk The role of the board According to the FTSE Company 3, The role of boards is to govern, not to manage. It is about setting overall direction, establishing boundaries and controls, recruiting and motivating talented executives and overseeing their operation of the business. Figure 4 sets out how the management of risk is governed at SASH under the auspices of the board of directors and the board s audit and healthcare governance committees. The Healthcare Governance Committee monitors and reviews the trust risk register and generally provides assurances to the board in relation to the organisation s management of risk. The Audit and Assurance Committee is responsible for oversight of the entire system of internal control within SASH and, as part of this responsibility, will provide independent assurance to the board on the effectiveness of the organisation s system for risk management. 3 FTSE Company. Rewarding Virtue. 13

14 RISK REGISTER Location/ Management unit Dingley Dell Ambulance Trust Risk Assessor Bodmin Moore Date 14/10/99 Date of Review 1/12/99 ADEQUACY OF RISK ASSESSMENT Risk EXISTING CONTROLS Consequences Likelihood RISK RATING RISK Ref. DESCRIPTION OF RISK A I U (C) (l) (Cxl) RANKING A = Adequate I = Inadequate U = Uncertain Multiple fatalities 5 Single fatality 4 Major 3 Serious 2 Minor 1 Negligible 0 Certain 5 Likely 4 Possible 3 Unlikely 2 Rare 1 Impossible 0 SIC CEO BOARD Top-down population BAF External Audit Audit Committee Internal Audit Page 1 of? 1 Back injuries to ambulance staff Patient falling out the back of an ambulance 3 Damage (and possible personal = injury) to new ambulances with power-assisted steering 4 Dangerous exhaust fume build up in main ambulance depot 5 Trust bankrupcy through policy of = not charging for providing cover at local fairs 6 Public outrage at charging for providing local fair cover 7 'Putting people at risk' at fair through inadequate ambulance cover Etc. Healthcare Governance Committee TRUST RISK REGISTER Bottom-up population Figure 5 The trust risk register and the board 5.8 The Board Assurance Framework (BAF) A key companion to the trust risk register is the Board Assurance Framework (BAF). The BAF describes the principal risks that relate to the organisation s key objectives and is intended to provide assurances to the board in relation to the management of risks that threaten the ability of the organisation to achieve these objectives. The BAF provides the board with information on managing principal risks that provides assurances on the management of risk in relation to key organisational objectives. Wider consideration of the Trust risk register, through suitable reporting on significant risks to the board by the executive directors, provides the board with more comprehensive assurances on management of the totality of risk facing SASH. 14

15 5.9 The Statement on Internal Control (SIC) A further feature of figure 5 is identification of the requirement on the CEO to sign off, on behalf of the board, an annual Statement on Internal Control (SIC). This statement is underpinned by the risk management process and, in particular, the trust risk register and BAF. 6. Communication and Consultation with Stakeholders The key internal stakeholders for the purposes of this risk management policy are the staff, specialities, directorates, Quality and Risk Management Board and the Trust Board and its Healthcare Governance Committee. It is the responsibility of the Integrated Risk Lead to ensure proper consultation and communication processes are in place between key internal stakeholders. The key external stakeholders for the purposes of this risk management policy are the Care Quality Commission, District Audit and the NHS Litigation Authority (NHSLA). It is the responsibility of the Head of Integrated Governance and Quality to ensure proper consultation and communication processes are in place with key external stakeholders. 7. Approval and Ratification This Policy has been developed with the involvement of internal stakeholders together with an external healthcare governance and risk management specialist. It has been ratified as suitable for implementation across the Trust by the Quality and Risk Management Board. 8. Review and Revision This policy will be reviewed and, where necessary, revised at least annually in line with requirement of the Audit Commission s Auditors' Local Evaluation (ALE) KLOE and guidance 2009/ Dissemination and Implementation, including staff training As an organisation-wide policy, the general process for dissemination is as described in the Organisation Wide Policy for the Management of Procedural Documents. 15

16 Specifically, in relation to this policy, the key actions will be delivered through the Risk Management Plan. Staff training on risk management is key to implementation. The strategy for staff training, based on training needs analysis in relation to the responsibilities outlined in section 4, together with other specific risk management implementation requirements are as set out in the Risk Management Plan at Appendix A. 10. Archiving The risk management policy will be held in the Trust database and archived in line with the arrangements in the Organisation wide Policy for the Management of Procedural Documents. 11. Monitoring compliance This policy is monitored using a combination of: audit of the standards contained within and underpinning the policy, i.e. in no particular order - ISO 31000:2009; ALE 2009/10; Care Quality Commission published requirements and NHSLA risk management standards 4, will be reported by the Integrated Risk Lead to the Quality and Risk Management Board annually; and key performance indicators (KPIs - see table below) The principal management group reviewing compliance in relation to both audit results and indicator data is the Quality and Risk Management Board (QRMB). At a governance level, the principal board committee reviewing compliance is the Healthcare Governance Committee (HGC). All audit activity in relation to this policy will be carried out by the Integrated Governance and Quality section. The Quality and Risk Management Board will receive the audit results and be responsible for overseeing the action plan to address any issues of non compliance/poor practice. 4 An audit tool containing audit criteria covering the key requirements of the mentioned standards is available and provides a numeric score (0-100%) against key standards requirements. 16

17 Key Performance Indicator (KPI) % training in risk management carried out with risk leads identified in training needs assessment (TNA) % directorates having carried out an initial halfday facilitated risk identification workshop. % directorates having established a fully functional risk register in accordance with the risk management policy and risk register guidelines % directorates having established a fully functioning incident reporting/rca investigation system in accordance with SaSH policy. Incident reporting rate Person responsible for collating information Integrated Risk Lead Integrated Risk Lead Integrated Risk Lead Integrated Risk Lead Integrated Risk Lead Incident notification lag Integrated Risk (days) Lead Adverse incident rate Integrated Risk (from incident reporting) Lead Adverse incident rate Integrated Risk (from Global Trigger Lead Tool, i.e. retrospective case review) % reported incidents Integrated Risk assessed as high Lead risk/impact % directorate risk Integrated Risk management actions Lead completed, pending and late (including incident investigation actions) % CAS compliance Integrated Risk Lead Hospital standardised Integrated Risk mortality ratio (HSMR) Lead Frequency of reporting Quarterly Quarterly (time-limited KPI) Quarterly Quarterly Quarterly Quarterly Quarterly Quarterly Quarterly Monthly Monthly Monthly Group/Committee reviewing compliance QRMB QRMB QRMB QRMB QRMB QRMB QRMB QRMB QRMB QRMB QRMB QRMB 17

18 12 References The Health and Social Care Act 2008 (Regulated Activities) Regulations 2009 (currently before Parliament) Care Quality Commission (2009). Guidance about compliance: summary of regulations, outcomes and judgement framework. Audit Commission (2009). Auditors' Local Evaluation (ALE) KLOE and guidance 2009/10 NHS Litigation Authority (2009). NHSLA Risk Management Standards 2009/10 ISO 31000:2009. Risk management Principles and guidelines on implementation. Monitor (2010). Code of Governance for NHS Foundation Trusts. 13 Associated Documents Organisation Wide Policy for the Management of Procedural Documents Policy for the Reporting, Management and Investigation of Incidents (including Serious Incidents) CNST Maternity Risk Management Strategy etc. 18

19 Appendix A Core risk management responsibilities for specialist groups, individuals and functions This can be progressed and finalised once the Quality and Risk Management Board TOR have been ratified. 19

20 Appendix B Quality and Risk Management Board Terms of Reference Subject Terms of Reference for the Quality and Risk Management Board Written by Sharon Gardner-Blatch, Head of Integrated Governance and Quality Applicable to Members of Surrey & Sussex Healthcare NHS Trust Executive Committee Date ratified March 2010 Responsible Person Director of Nursing, Quality and Governance Contribution from Stuart Emslie, Risk Management Consultant Brenda Kelly, Integrated Risk Lead Version 1 Ratification Committee Trust Board Review date March 2012 Keywords Quality Safety Patient Experience Clinical Effectiveness Risk management Organisational Development 20

21 1 Purpose 1.1 The Quality and Risk Management Board (QRMB) is a senior management group, chaired by the Chief Executive Officer (CEO), which is focused on: 1. matters relevant to maintaining and improving the quality (i.e. safety, effectiveness and experience) of patient care including the organisational development to underpin the improvements; and 2. matters relating to the management of all types of risk across Surrey and Sussex Healthcare NHS trust (SaSH) 3. providing assurance to the SASH Healthcare Governance Committee by ensuring robust arrangements for effective quality and risk management. The QRMB is the most senior executive authority in relation to resolving matters relating to quality and risk and supports the CEO in providing management assurances to the board in respect of quality and risk matters, including Quality Accounts. 2 Constitution The QRMB provides through the CEO assurance to the Healthcare Governance Committee on the management of all aspects of quality and risk management. It is constituted under the CEO following the formal adoption by the Trust Board of the Risk Management Strategy. 3 Membership Chief Executive (Chair) Director of Nursing, Quality and Governance Medical Director Director of Business Intelligence & Technology Director of Human Resources Director of Clinical Services Director of Finance and Contracting Director of Environment and Facilities Clinical Director for Medical Directorate Clinical Director for Surgical Directorate Clinical Director for Clinical Support Services Directorate Clinical Director for Women & Child Health Directorate Chair of Lead Clinicians Group 21

22 General Manager for Medical Directorate General Manager for Surgical Directorate General Manager for Clinical Support Services Directorate General Manager for Women &Child Health Directorate Head of Nursing and Governance for Medicine Head of Nursing and Governance for Surgery Head of Midwifery & Governance Head of Integrated Governance and Quality Head of Education and Training 4 Attendance 4.1 A quorum shall be a 50 % of the membership, of which 50% must be clinical. All members must attend/be represented at each meeting. 4.2 Any manager may be invited to attend, particularly when the MB is discussing areas of risk or operation that are the responsibility of that manager. 5 Administration 5.1 The P/A to the Head of Integrated Governance and Quality shall ensure that the Quality and Risk Management Board meeting in the second week of the month is provided with appropriate administrative support, take minutes of the meeting, collate and circulate papers, and ensure follow up actions are monitored for delivery. 6 Frequency 6.1 The QRMB will meet monthly, the Chair may request additional meetings if they consider it necessary. 6.2 The MB will meet the second Wednesday of the month from 11:30 to 13:30. 7 Reporting Groups: Specialist groups, individuals and functions concerned with aspects of risk management, quality and organisational development (these are identified in the respective strategies) Clinical and Corporate Directorate on their quality, risk and organisational development management 22

23 8 Duties The core duties of the QRMB are delivered under the key programmes below 8.1 Corporate Governance Provide such additional assurances to the Board of Directors, through the Board Healthcare Governance Committee and the Audit and Assurance Committee, as may be required. Prepare Quality Accounts in accordance with external guidance for review and acceptance by the Board of Directors through the Board s Healthcare Governance Committee Manage the embedding of all aspects of Governance including research within the corporate and clinical directorate structure for the NHS Trust. Manage full compliance with the Care Quality Commission Registration Regulations including any action plans for external regulatory standards contributing to the assurance framework for the remit of this Board. 8.2 Risk Management Approve the Risk Management Policy and Risk Management Plan (i.e. risk management strategy ) for the organisation. Periodically monitor and review the organisational (i.e. trust-wide) Risk Register. Provide direction for the allocation of resources to improve care quality, including patient safety, and risk management. 8.3 Reporting and Inspections Manage the delivery of all action plans arising from inspections, visits and accreditations to ensure compliance with standards contributing to the assurance framework. Periodically monitor and review feedback from internal quality and risk personnel, committees, groups and functions. 8.4 Quality of patient care Periodically monitor and ensure delivery of key standards and performance indicators for quality and risk (e.g. quality and risk dashboard ), together with relevant independent quality and risk and related reports, e.g. clinical audit, internal audit, NHSLA, Care Quality Commission, Audit Commission, National Audit Office, National Patient Safety Agency, Health and Safety Executive, CQUIN, EQUIPetc 23

24 Patient safety/ Effectiveness and outcomes/ Patient Experience Oversee and ensure delivery of the policies and action plans which combine to provide Trust Quality Strategy. Patient Safety Policy and Action Plan Clinical Effectiveness Policy and Action Plan Patient Experience Policy and Action Plan Risk Management Policy and Action Plan Organisational Development Policy and Action Plan. 8.5 Information Governance Monitor compliance with information governance standards and oversee the delivery of robust systems for maintaining confidentiality in line with Caldicott requirements. 8.6 Education and Professional Development Oversee and ensure delivery of continuing professional development and appraisal for all health care staff. Ensure compliance with appropriate levels of induction and mandatory training are in place for the appropriate health care staff (including agency, bank and locum). Receive and approve the annual training needs analysis ensuring it supports delivery of organisational development and delivery of high quality and improving services. 8.7 Research and Development Oversee the delivery of research within the Government Research Governance Framework. 8.8 Safeguarding Monitor compliance with all relevant statutory requirements relating to Safeguarding are met. Ensure systems are in place to promote best practice and learning. 24

25 Monitor and advise on compliance with key standards on the welfare of children and vulnerable adults across the Trust. Promote effective working across all partner agencies involved in Child Protection, including all statutory partnership arrangements. 8.9 Policies Approve relevant policies/strategies related to the management of care quality. 9 Single Equality Ensure that the single equality scheme action plans are regularly reviewed. Ensure systems are in place to promote best practice and learning. 25