Legal Issues in Hospital Enterprise Risk Management



Similar documents
Document Management in the FIPPA Era

Understanding Legal Documents for Guardianship, Powers of Attorney and Estates

PERSONS WITH DEVELOPMENTAL DISABILITIES SERVICES ACT

PERSONAL INFORMATION PROTECTION ACT

Electronic Health Record Privacy Policies

The Interior Designers Act

Privacy Incident and Breach Management Policy

Aberdeen City Council IT Governance

How To Write A Medical Laboratory

The Emergency Protection for Victims of Child Sexual Abuse and Exploitation Act

Province of Alberta ARCHITECTS ACT. Revised Statutes of Alberta 2000 Chapter A-44. Current as of April 30, Office Consolidation

Personal Health Information Privacy Policy

PRIVATE VOCATIONAL TRAINING ACT

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

The Youth Drug Detoxification and Stabilization Act

Audit, Risk Management and Compliance Committee Charter

PERSONAL HEALTH INFORMATION PROTECTION ACT, 2004: AN OVERVIEW FOR HEALTH INFORMATION CUSTODIANS

Ontario Public Health Organizational Standards. Ministry of Health and Long-Term Care Ministry of Health Promotion and Sport

Privacy Update Recent Updates in Privacy Law

If you require any further information, or have any queries, please contact the Quality Improvement and Change Management Unit on

Code of Conduct. Code of Conduct

Standard 1. Governance for Safety and Quality in Health Service Organisations. Safety and Quality Improvement Guide

HANDY HINTS FOR IN-HOUSE COUNSEL. Law Society of New South Wales Corporate Lawyers Committee

NURSING HOMES GENERAL REGULATION

Aberdeen City Council IT Disaster Recovery

Note that the following document is copyright, details of which are provided on the next page.

PLEASE NOTE. For more information concerning the history of these regulations, please see the Table of Regulations.

Integrated Risk Management:

SCHEDULE "C" to the MEMORANDUM OF UNDERSTANDING BETWEEN ALBERTA HEALTH SERVICES AND THE ALBERTA MEDICAL ASSOCIATION (CMA ALBERTA DIVISION)

The Licensed Practical Nurses Act, 2000

POLICY. Number: Title: Enterprise Risk Management. Authorization

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

Ontario Hospital Association/Ontario Medical Association Hospital Prototype Board-Appointed Professional Staff By-law

Enterprise Risk Management

The Archives and Public Records Management Act

IIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT

Family Involvement with Mental Health & Addiction Services

PRIVATE HEALTH INSURANCE INTERMEDIARIES PRACTICE CODES JUNE 2015 VERSION 2

Enterprise Risk Management for Independent Schools. Denise K. Gutches President DKG Consulting, Inc.

INFORMATION MANAGEMENT STRATEGIC FRAMEWORK GENERAL NAT OVERVIEW

A Best Practice Guide

PUBLIC INTEREST DISCLOSURE (WHISTLEBLOWER PROTECTION) ACT

ENTERPRISE RISK MANAGEMENT FRAMEWORK

The Health Information Protection Act

Guidance Note: Corporate Governance - Board of Directors. March Ce document est aussi disponible en français.

How to handle data privacy issues in the car industry

Guide to the National Safety and Quality Health Service Standards for health service organisation boards

Governance and Risk Management in the Public Sector. Fernando A. Fernandez Inter-American Development Bank (202)

NURSING HOMES OPERATION REGULATION

Information Governance and Management Standards for the Health Identifiers Operator in Ireland

HUMAN TISSUE AND ORGAN DONATION ACT

NC General Statutes - Chapter 90 Article 26 1

Caedmon College Whitby

Compulsory Drug Treatment Correctional Centre Act 2004 No 42

Generally Accepted Recordkeeping Principles

Risk Management Policy and Framework

Accountable Privacy Management in BC s Public Sector

The Freedom of Information and Protection of Privacy Act

Risk Management - Board & Management Responsibilities Murray Short, MBA, CPA CA Not-for-Profit Partner RLB LLP

TEACHERS ACT [SBC 2011] Chapter 19. Contents PART 1 - DEFINITIONS

HIPAA Privacy Policies & Procedures

The Impact of Accountable Care Organizations (ACOs) on Credentialing and Privileging

The Workers' Compensation Act - A Review of Records

ELECTRONIC TRANSACTIONS ACT

Aberdeen City Council IT Security (Network and perimeter)

Guidelines for Information Sharing related to the Youth Criminal Justice Act (2003)

IT Governance Charter

VICTIMS OF CRIME ACT

Appendix: regulations and relevant sections in statutes. Business Corporations Act

Explanation where the company has partially applied or not applied King III principles

FIPPA and MFIPPA: Bill 8 The Recordkeeping Amendments

STATEMENT OF VALUES AND CODE OF ETHICS

Privacy Policy on the Responsibilities of Third Party Service Providers

The Respiratory Therapists Act

Eclipx Group Limited Risk Management Policy

MEMORANDUM OF UNDERSTANDING BETWEEN. PROVINCE OF ONTARIO COUNCIL FOR THE ARTS (also known as the Ontario Arts Council) AND

Cloud Computing and Privacy Toolkit. Protecting Privacy Online. May 2016 CLOUD COMPUTING AND PRIVACY TOOLKIT 1

PRIVATE HEALTH INSURANCE INTERMEDIARIES CODE OF CONDUCT JUNE 2015 VERSION 2

The Health Care Directives and Substitute Health Care Decision Makers Act

MINUTE TAKING TIPS. How to keep your minutes FIPPA friendly

STRATEGIC PLAN

Information Security Policy. Document ID: 3809 Version: 1.0 Owner: Chief Security Officer, Security Services

The Registered Psychiatric Nurses Act

Standards for the Professional Practice of Internal Auditing

Transcription:

Legal Issues in Hospital Enterprise Risk Management Joshua Liswood DISCLAIMER This Coffee Talk presentation is provided as an information service and is not meant to be taken as legal opinion or advice. Please do not act on the information provided in this presentation without seeking specific legal advice. Miller Thomson LLP, 2012 All Rights Reserved. All Intellectual Property Rights including copyright in this presentation are owned by Miller Thomson LLP. This presentation may be reproduced and distributed in its current state. Any other form of reproduction or distribution requires the prior written consent of Miller Thomson LLP which may be requested at healtheditor@millerthomson.com

AGENDA 1. Enterprise Risk 2. Health Care: The Perfect Storm 3. Legislated Expectations

ERM Focus is on achieving the Hospital s objectives; Top down awareness and bottom up process Board and Senior Management Identification of areas and occurrences of risk Management of risk in the face of tolerance for risk The creation of an ERM culture

Hospitals: The Perfect ERM Storm A highly regulated and prescriptive environment Direct links to the Board for key areas of operational performance Fiduciary obligations extend beyond the corporate walls Total dependency for funding Product quality has direct consumer impact An environment of absolute transparency

Legislation and Regulation Public Hospitals Act Regulation 965 Every hospital shall be governed and managed by a board can t delegate ultimate responsibility for risk The board shall, monitor activities in the hospital for compliance with the Act, the regulations and the by-laws and take such measures considered necessary to ensure the Act, the regulations and the bylaws of the hospital are being complied with; Every board shall ensure that procedures are established in the hospital such that, within twenty-four hours after each patient is admitted to the hospital, an admitting note is entered in the patient record

Legislation and Regulation S. 33 of the PHA provides: The board may, (a) appoint physicians to a group of the medical staff of the hospital established by the by-laws; (b) determine the hospital privileges to be attached to the appointment of a member of the staff; and (c) revoke or suspend the appointment of or refuse to reappoint a member of the medical staff.

Governance vs. Management The ERM discussion will usually begin with aligning management's responsibility to risk manage operational risk and the board s responsibility to ensure risk oversight. In the Public Hospital this distinction is being blurred and at times confused as more direct operational responsibilities are placed with the board.

A View from the Bench A hospital has an obligation to meet standards reasonably expected by the community it serves in the provision of competent personnel and adequate facilities and equipment and also with respect to the competence of physicians to whom it grants privileges to provide medical treatment. expansion of fiduciary obligations

A View from the Bench The Board of Governors of a public hospital is entrusted by its community with the responsibility of providing a program of health care tailored to the particular needs of that community. The Board must establish objectives that are within the capacity of its plan and resources. It must create a balance within its medical staff to ensure a broad base of expertise, and select the staff capable of developing excellence in health care while obtaining the most efficient utilization of the facilities and resources of the hospital It is the task of a Board of Governors to balance the operation of its hospital and tune it to that level of optimum performance permitted by its inherent limitations. The Board of Governors has a responsibility to determine the pace at which the facilities of its hospital will be operated and to establish those staffing policies which satisfy the requirements of that operation.

Transparency/Disclosure Freedom of Information and Protection of Privacy Act (FIPPA) - a right of access to a record or a part of a record in the custody or under the control of an institution PHA Reg. 965 responsibility to ensure system for disclosing every critical incident to affected patient, SDM, estate Patient Safety Indicators - a hospital, when requested to do so by the Minister in writing, shall disclose information concerning indicators of the quality of health care provided by the hospital, the hospital shall disclose the information under subsection (1) through the hospital s website as relate to any or all of the following: 1. Diagnoses of hospital-acquired infections. 2. Activities undertaken to reduce hospital-acquired infections. 3. Mortality.

ERM and Governance Challenges external factors Pre 1980 risk limited to a restrictive view of what hospitals did and owned; Post 1980 risk expanded to the things we do, that we own and the systems that ensure the quality of our objectives; 1985 > expanding financial constraint 1990s > restructuring/integration 2000 > quality, disclosure and transparency

ERM and Governance Challenges internal factors Shift from incidents/occurrences in established silos (reactive) to a proactive identification of risk/threats across the organization; The production of voluminous and complex information Likelihood that identified enterprise risks and assessment stays the same Little opportunity to manage (cost) Complacency

ERM and Governance Challenges internal factors Are we creating a new standard to be judged against? Issues: - does the ERM framework meet a reasonable standard? - have management acted reasonably in their identification and assessment of risk? - have board committees and the board responded in a reasonable manner? What did you do about it

What s the Answer? Or ERM

Questions? Thank You Joshua Liswood 416.595.8525 jliswood@millerthomson.com

www.millerthomson.com Added experience. Added clarity. Added value. Follow us...