Emerging Views on Risk Management as a Strategy

As we enter the era of value-based payment, aligning management strategy with “systems thinking” will be essential to achieving high levels of performance.  Following are some thoughts on relevant concepts and practices as they relate to systems, quality, safety culture, and risk management.

A model of healthcare systems:

The word “system” is often used in conversations about healthcare, yet its meaning is rarely defined.   Recognizing the need for a common definition, the Institute of Medicine (IOM) introduced health professionals to the Sociotechnical System model of healthcare in its 2012 report “Health Information Technology and Patient Safety.”  Sociotechnical systems, per the IOM, are comprised of people, technology, process, organization, and environment.  The performance of the system is described as a product of the dynamic interaction of these components, and it is the unanticipated effects of component interaction that can undermine the quality and safety of care.  For example, a flawed medication reconciliation process may result in the persistence of an out-of-date medication list in an electronic health record.  A clinician utilizing this information might unwittingly prescribe a contraindicated medication.  The ensuing medication error would be due the interaction of the clinician, information technology, and reconciliation process—not individual incompetence. The performance of people is shaped by the system of which they are a part.

The new view of quality and safety in complex systems

An extensive body of research has revealed that healthcare systems are not inherently safe and that human error should not be seen as a cause of poor quality care or patient harm, but as a manifestation of deeper problems within the system of which people are but one part.  In this view, the human component of the system is alone capable of creating safety in the course of making decisions and performing work.  People recognize anomalies, identify problems, and mitigate the potential for adverse events.  Failures occur when a confluence of factors unexpectedly undermines the intentions of individuals and groups within an organization—exceeding their ability to detect, avoid, or mitigate risk.   

Safety Culture

The emergence of this new view of adverse event causation has led to widespread adoption of the term ”safety culture,” coined in the 1986 report on the Chernobyl Nuclear Reactor 4 disaster (International Nuclear Safety Advisory Group (INSAG), 1986).  Safety Culture reflects the extent to which individuals, teams, and leaders at all organizational levels strive to remain aligned in the continuous work of creating safety through their values, strategies, attitudes, and behaviors.   The horrific nuclear disaster at Chernobyl was tightly linked to the erosion of safety culture.

A key feature of a strong safety-oriented culture is the routine elicitation of staff perception of change in system performance, and by assessment of the potential risk(s) associated with change.  This is essential because failure typically arises from the unanticipated side-effects of change to system components (e.g., staffing, processes, facilities layout, technologies…) that are not addressed by strategies and protocols that respond to known sources of risk.  Rapid identification of emergent risk and prompt mitigation hinges on the expertise and practices of frontline supervisors and their teams; their ability to detect anomalies, recognize aberrant situations, and to respond effectively and efficiently as a team to mitigate the risk of an incident, or to stop the progression of an adverse event and recover. Leaders can make or break these capabilities and must reinforce a cultural orientation toward safety and quality continually through both word and deed.

Implications for Risk Management and Performance Improvement

Risk assessment must shift from a focus on discrete components of the health system (for example, the expectation that the introduction of information technology into clinics would, by itself, eradicate myriad safety and risk issues) to a focus on the interactive context of care and the potential for unintended side-effects of change--whether triggered through changes within our work settings, or by events in external settings. The era of pay-for-performance is upon us and the shift from a component-oriented risk assessment and mitigation strategy, to a system-oriented risk assessment and mitigation strategy is necessary to match management capability with the demands of pay-for-performance.