Category: GRC

5 ways healthcare risk management software increases patient safety

A 2016 analysis published in BMJ revealed that medical error is the third-leading cause of death in the United States. This includes process errors, planning errors, and failures to act. Martin Makary, a health policy expert at Johns Hopkins and an author of the analysis, explains that the “complex medical system” in the U.S. “sometimes lacks transparency that results in the wide variation in quality of medical care that is the endemic problem in safety.” Makary also notes that “safety nets are missing and standardization is lacking.”

At the heart of this standardization problem lies outdated technology and confusing systems. Many healthcare providers continue to use lagging systems that don’t efficiently collect or analyze data. Furthermore, a mix of legacy and new systems makes for potential conflicts that add to the confusion and fortify workplace silos. Without the sharing of information, organizations fail to see big-picture strategies and solutions that could help prevent medical errors and increase patient safety.

read more

Make automation matter

It’s not exactly a secret: Regardless of size or industry, every organization stands to benefit from using automation technology to cut down on repetitive, time-consuming administrative tasks. More than simply speeding up a process or getting people to work faster, automating administrative tasks yields value by freeing up employees to focus on the aspects of their job that really matter and provide value.

Automation is wonderful. Except when it isn’t.

As covered in Behind the Hype of Robotic Process Automation (RPA), businesses can run into issues by rushing to reduce costs and improve productivity through automating processes without first evaluating their effectiveness and necessity. The benefits of automating repeatable, administrative tasks can also be lost if automation technology is too difficult to use. The result? Time that could be used performing more high-value activities winds up spent managing software.

read more

How to prepare for 2019 data breach trends

Data Breach Today offers predictions in What’s Ahead for Health Data Privacy, Security in 2019? While the article focuses primarily on health data, a few key trends apply more broadly and are likely to resonate with all types of organizations.

Prediction: Disruption from regulatory changes is likely

Rebecca Herold, author of 19 books on information security and CEO of The Privacy Professor consultancy, begins the list of predictions by examining the potential for agency updates to HIPAA. “Based on continued pressure from local, state and federal government agencies, law enforcement, researchers and others to ease the sharing of patient and mental health data by removing the need to obtain patient consent, I expect to see OCR issue proposed HIPAA updates,” she notes.

read more

The data-driven risk manager

Despite the widespread ambition of organizations to create a data-driven culture, few seem to make the transition successfully. In the article Big Companies Are Embracing Analytics, But Most Still Don’t Have a Data-Driven Culture, the authors cite the results of this year’s annual New Vantage Partners survey on data issues. “Virtually all respondents (99%) say their firms are trying to move in that direction, but only about one-third have succeeded at this objective. This gap appears every year in the surveys, and the level of success hasn’t improved much over time.”

According to a Gartner study, a similar disconnect is found — 80% of CEOs claim to accept the concept of data as an asset, yet only 10% say their organization treats it that way. Given the fairly daunting odds, why are so many organizations still fighting the uphill battle to establish a data-driven culture? Because, as a TechCrunch article notes, “Being data-driven pays!” As proof, the authors cite an MIT study finding a 5-6% higher output in data-driven organizations and other research indicating more than a $13 payback for every dollar spent on analytics.

The importance of the risk manager

Given the potential payoff of a data-driven culture, the analysis-based role of a risk manager can be a linchpin in the effort to elevate the role of data in strategic decision making across the organization. To make this transition, risk managers need to adopt an enterprise risk management (ERM) mindset, regardless of whether the organization actually has an ERM program in place or not. The core of this mindset relies on using data to influence decisions and direct actions.

read more

Five trends at the 2018 Origami Risk User Conference

Origami Risk’s 2018 User Conference, held last week, utilized a new format that not only placed a premium on client presentation of use cases, but also focused on digging into “how” presenters managed to implement their specific solutions. Listening to a diverse set of cases, several common trends emerged.

1. Transparency is key

Many of those presenting echoed the need to establish transparency and accountability in their processes. You can’t measure what you can’t see, and you can’t improve what you don’t measure. The most obvious culprits were paper-based procedures—everything from workplace safety “coaching cards,” to incident intake reports. Spreadsheet-centric workflows, such as data-heavy values collection efforts, also failed to identify the “who, what, when, and where” type of information required to make any process fully transparent.

read more

Timing is thingevery—How rushing leads to embarrassing errors

The pressure to do more with less is constant. But delaying an honest evaluation of your risk management information system (RMIS), while an understandable temptation, can lead to compressed timelines, rushed decisions, cost overruns, and additional grey hair.

Industry consolidation is forcing changes both good and bad. Regardless of whether you elect to stay with your current system or make a move, the worst-case scenario is to find yourself boxed in because you ran out of time.

There are a few critical factors a risk manager should take into account to ensure they are in the driver’s seat. Your time is limited, but your options don’t have to be.

read more

Elevate to better outcomes: How the happiest clients in the business are solving real-world problems with Origami Risk

A flexible, intuitive interface. Software expertise combined with insurance and risk experience. A collaborative approach to implementation that’s different by design. When selecting a Risk Management Information System (RMIS) that meets your needs, each of these elements is important, but in today’s market, these are baseline requirements. The critical factor influencing the choice of a system should be the answer to the following question: Will this technology drive meaningful business results?

Measurable outcomes are what really matter. The right RMIS must prove capable of contributing to your team’s ability to more efficiently analyze risk and insurance data, prevent losses, control claim costs, streamline renewals, and reduce your organization’s total cost of risk. If it cannot, what’s the point?

For some examples of the impact that partnering with Origami Risk has had on the business results of a few of our clients, please read on.

read more

ERM – Moving beyond risk assessments and heat maps

Risk assessments and heat maps remain central components in most enterprise risk management (ERM) programs. Yet there is considerable debate about their effectiveness and both tools have no shortage of critics. In 2011 Howard Sklar, a Forbes contributor, outlined one of the most popular criticisms regarding companies that viewed risk assessments as a document instead of a process. He noted, “Companies that fail in this way are often trying to check the risk-assessment box on their program. That’s fine, as far as it goes. At first glance, a risk assessment seems like a low-ROI effort. You put in time and potentially money, and you get back a piece of paper laying out what you already know.

Similarly, others deride heat maps as nothing more than “colorful guesses.” Brian Priezkalns, in the not-too-subtly titled article, Why I hate Heat Maps, says “Heat maps are just a terrible terrible terrible way to understand, communicate about, and decide how to respond to risks. They either mess up what you already knew, or they hide the fact you are too ignorant to make a rational decision. Everything that can be done with heat maps would be done better with actual numbers.”

If these tools have such fierce critics, then why are they still central to most ERM programs? In this article, we’ll examine what drives the limitations, and the key missing ingredient that turns them into powerful assets. read more

Creating a Successful ERM Program: Why Ditching Spreadsheets Isn’t Enough

Technology is often the first thing risk managers turn to when seeking to enhance enterprise risk management (ERM) programs. The appeal of leaving behind a jumble of spreadsheets and manual processes for a single, dedicated ERM workhorse is undeniable. Yet, without the right context to shape the selection process, a new technology solution may not help at all. In fact, it could even make matters worse. read more

Flood risk – Insurance update or enterprise wide risk management?

The impact of Flood risk has typically been managed by government controls (building flood barriers, managing release of water via dams, and determining the locations and types of structures that can be built). Owners of properties are then responsible for the financial impact of any remaining risk related to flooding. This is often handled through the purchase of insurance and, sometimes, through reliance on a government disaster payments.

This approach has not been perfect. The National Flood Insurance Program has been around since 1958 and has so far managed to incur a debt well in excess of $24 billion. And 2017 was certainly a bad year for flood victims and insurers. Premium increases can be expected and may not be available for locations where there have been multiple claims over the years. (One location, for example, is said to have been flooded more than 30 times in 50 years).

There are new options for some flood damage control, such as replacing sandbags with chemical filling such as silica, which is relatively light, doesn’t require the labor associated with filling bags, and may be reused if floodwaters contain no significant pollution. Additionally, new technologies are being deployed to prevent flooding. These include hydraulic powered water gates in Tokyo, surge barriers in the Netherlands, and the Fox Point Hurricane barrier, which protected Providence Rhode Island against the surge of Hurricane Sandy.

Insurance of own property and other various controls are, typically, the primary methods to reduce the impact on organizations. So, how is this related to Enterprise Risk Management? read more