Uploaded byad_saxe2408
PDF, PPTX4,769 views

Ppt for Healthcare Risks

The document discusses risks in healthcare organizations from an internal audit perspective. It provides a list of audit areas where applications are present in healthcare providers to assess IT risks. These include accounts payable, admissions/discharges, ancillaries, billing and more. It also identifies general control areas to examine, such as change controls, backup/recovery processes, compliance initiatives and disaster recovery planning. Finally, it notes some common high-risk IT security areas like web applications, connected medical devices, wireless networks and application interfaces.

Embed presentation

Download as PDF, PPTX
a KONNECTORS presentation R I S K
HEALTH CONTINUUM Governmen ts Public health organizatio ns AgenciesPatients Others Healthcar e providers a KONNECTORS presentation
Project risks Legal & Regulatory risks Reputation risks Corporate Governance risks Business continuity risks People risks Supply chain risks Technology risks Economic risks Social risks MAJOR CATEGORIES OF RISK IN HEALTHCARE a KONNECTORS presentation A list of audit universe areas where applications are present to better assess the IT risks of health-care providers. Risk areas identified* include: •Accounts payable. •Admissions, discharges, and transfers. •Ancillaries. •Billing and accounts receivable. •Cardiology. •Core clinical activities. •Cost accounting. •Decision support. •Emergency department. •General ledger. •Health information management. •Human resources. •Laboratory. •Materials management. •Payroll. •Pharmacy. •Physician practice management. •Radiology. •Scheduling. •Surgery. The audit universe also identified general control areas that should be examined during the assessment. These areas include: •Application change controls. •Backup and recovery processes. •Compliance initiatives. •Disaster recovery planning efforts. •Infrastructure configuration management activities. •IT management processes. •Network infrastructure, security administration, and server infrastructure activities. •System development and acquisition life cycle initiatives. •Third-party services. •Data center environmental controls. Finally, besides identifying general control areas, the audit universe pinpoints a number of common IT security high-risk areas, including Web applications, medical devices connected to the network, wireless networks, and application interfaces. Below is a description of each high risk and its associated audit universe area. Risk assessment of IT risks in Healthcare
AssessingITRisksinthe HealthcareIndustry While the adoption of new technology offers a number of benefits and gives health-care providers the opportunity to gain a competitive advantage, it also introduces new risks into the environment that must be managed appropriately. Health-care providers are rapidly deploying IT systems to dramatically change business processes, create new opportunities, and reduce costs. Because failures in health-care technology can be life threatening, internal auditors need to become aware of the different technology-related risks in the health-care field and learn about potential audit approaches to address identified problem areas. As part of their work, health-care providers collect and maintain non-clinical personal information that could be used for identity theft purposes, such as Social Security numbers and credit card and insurance account information. In addition, many organizations are adopting automated health information systems, thus highlighting the importance of continuous system availability and decreased downtime. Hence, data integrity remains a critical factor that is necessary to ensure better patient care and is an area that is regulated more and more through different national and industry- specific regulations. Considering the different IT security risks that are affecting organizations and the technologies used in the health-care field, where should internal auditors and organizations focus their audit activities? A good starting point is to conduct an IT enterprise risk assessment. Ideally, this risk assessment should be revisited and updated as necessary on a continuous basis. The Health Information and Management System Society's (HIMSS's) 18th Annual Leadership Survey provided insight into the priorities of CIOs in the health-care sector, their areas of perceived risks, and the tools used to mitigate those risks (refer to the 3 charts below). a KONNECTORS presentation
Charge Description Master (CDM): Is the hospital reviewing this area on a regular basis to make sure they capture charges correctly? Coding and charge information can change frequently and if a procedure is recorded incorrectly, a hospital may not receive the correct reimbursement amount. Pharmacy: What system does the hospital use for medications? How are medications controlled? How are patient accounts charged? One day stays: What is the criterion for admissions? How is the criteria applied for medical observation? Is the billing corrected if the criteria are not met? Managing cash activities: How is cash accounted for? How are receipts given out? What types of receipts are utilized? How is this information recorded into a patient’s account? Is a lock box used to hold onto cash until deposited to a central location? How often is cash collected and deposited? What controls are in place for cash handling and who handles the cash? Admitting and registration of patients: When a procedure has been scheduled in advance, how does the hospital register the patient? Does the admitting area ask for identification and insurance information upon arrival at the hospital? Are any co-payments and deductibles discussed prior to the procedure taking place? How are co-payments and deductibles collected? Laboratory: Is the laboratory in compliance with OIG guidelines? Do reference forms contain all needed diagnostic information? Is there a maximum time limit for standing orders? How does the laboratory charge? On result only? Charity care: Is there a process in place to maintain charity applications? Are logs maintained? Who approves charity write-offs? Who reviews write-off codes for compliance with hospital-level services defined by HCAP? Miscellaneous: Are the discounts (in case of multiple services availed by a patient and available at that time under Hospital’s policy) properly adjusted at the time of billing ? Revenue Assurance in a Hospital a KONNECTORS presentation On an average, companies lost seven percent of revenue to fraud in 2008, according to the Association of Certified Fraud Examiners (ACFE) 2008 Report to the Nation on Occupational Fraud and Abuse.
PRIORITY B Processes with significant but less likely risks will receive audit focus, if they relate to or can be efficiently audited with other 'A' processes. PRIORITY A Processes with risks that are both significant and likely. Unless risks are well managed, they should be a key focus of the audit plan. PRIORITY C Processes with likely but low significant risks. Minimal audit focus. PRIORITY D Minimal or no audit focus. Human Resources; Patient Satisfaction Legal & Regulatory; Contracts; Information Systems; Treasury PatientServices; RevenueCycle Supply Chain Management Grant Administration a KONNECTORS presentation For the evolving hospital industry, managing risk is a high-stakes business issue.
Some associated risks Healthcare providers & Others consists of Sample risk(s) associated with the healthcare provider & Others Hospitals (Private/ Government) Not enough beds to accommodate all patients; whether proper billing charged to the patients. Nursing Homes Running without license; Either short on some medicines/ injections or a doctor not available on duty (for any reason, in an emergency) Testing Laboratories Personnel not available to do the testing & hence further delay in patients’ treatment. Pharmaceutical Companies Some medicines’ supply not frequently available or very highly priced; regulation risks. Diagnostic Centers Some machines not working properly. Medical Equipment (X-ray machines, BP testing machines, CT scan machines, etc) Manufacturers Not able to meet the demand for the various machines from all the customers (including hospitals/ R&D centres, etc). Health Insurance companies/ Third Party Administrators (TPAs) Claim settlements; forged documents; Hospitals charging higher rates (where mediclaim is applicable) Colleges/ Universities/ Institutes teaching medicine Not able to meet the demand of the medical professionals as required. Specialised R&D centres Breach of agreement vis-à-vis technology transfer; failure of research resulting in writing off of expenditure incurred. a KONNECTORS presentation
Risks that were identified in 2010, were present in surveys of 2005 & 2007 too Top 10 Risks 2010 * (5 risks were present earlier too) Level of risk in 2007 Level of risk in 2005 Percent of respondents who believe that passage of healthcare reform will increase this risk Estimate of an organization’s ability to control this risk Payment increases consistently below medical inflation: potential for precipitous reductions in reimbursement as a result of state and federal regulatory changes Top-Level Top-Level 92% Limited or none Physician relationships: ability to control the direction and level of alignment of physicians and institutions Top-Level Top-Level 96% Reasonable Increased enforcement initiatives and governmental challenge of overpayment for services (e.g. RAC, MIC, and ZPIC audits, Stark anti-kickback statutes, false claims laws, antitrust, etc.) Low-Level Mid-Level 89% Some Unfunded mandates for the provision of healthcare services Top-Level Top-Level 66% Limited or none Increasing cost of capital and significant gap between capital needs and capital available from all sources Low-Level Low-Level 66% Some Top 10 Risks 2010 * (5 new risks in 2010) Percent of respondents who believe that passage of healthcare reform will increase this risk Estimate of an organization’s ability to control this risk Preparedness for clinical automation: inadequate information technology requiring investment in more sophisticated information systems 83% Reasonable An extended economic recovery or a return to a significant recessionary environment; unemployment increases and continues to remain high No additional impact None Improving performance in the midst of accelerating regulatory and marketplace change 85% Reasonable Rebuilding the organization’s balance sheet 73% Reasonable Significant reduction in employer-based insurance 77% None Risks that were identified as new in 2010 a KONNECTORS presentation
Important auditable functions/ areas from an Hospital’s perspective: SERVICE DELIVERY Medical strategy & service excellence Patient reception & admission Diagnosis & Patient treatment Patient discharge & rehabilitation services Medical record maintenance Corporate Governance Business Planning M & As and Projects Marketing & Sales Stakeholder perspective Cost perspective Procurement - Medical supplies Procurement - Capex HR & Payroll Some other enablers Insurance including TPA Housekeeping Operating systems & IT Miscellaneous Blood Bank management Waste & Energy management F&B Legal & Taxation Inventory management Customer service a KONNECTORS presentation
Process/sub-process withHighrisk criticality i Hospital Governance ii Medical & Quality Audit iii Operations Support Audit iv People Audit v Finance & Accounts vi Compliance Management Mergers & Acquisition – Internal Control DDR Medical Strategy & Quality Capacity Management Quality Compliance Management – NABH/ JCI New Projects Corporate Governance Marketing Hospital Governance Compliance Management Medical Records Secretarial EHS Other enactments JCI standards NABH standards Medical & Quality Audit Stress Care Centres Operation Theatre’s ICU, MICU, ICCU & PICU Imaging Centres & Laboratory’s Vascular Rooms Cardiac Recovery rooms Preparatory room Recovery room Ambulance services Surgical Services Blood bank management Functional audit areas of focus (High risk) Admissions Procurement including CPC Inventory Management Discharge & Billing Patient Safety – Incident Management Insurance including TPA Bio / Non Bio Medical equipment IT Support – FOS, ITGC, ERP, Business Continuity & DRP Operations Support Audit HR Planning & Recruitment Employee training Roster management Leadership Development Initiatives Performance Appraisal process Employee Satisfaction Survey People Audit Budgeting Accounts Receivable Accounts Payable Fixed Assets Management Capital Expenditure Taxation Financial Reporting Share Capital And Funds Utilization Finance & Accounts a KONNECTORS presentation
Process/ sub- process with Medium risk criticality Medical & Quality Audit Allied Health operations Medical Psyh Units Progressive Care Unit Nurse/ Doctors bay Pediatrics/ Ortho/ Neuro Unit Foods & Beverages Laundry & Housekeeping Centre for Community Service Autopsy & Mortuary management Pharmacy Energy & Water consumption Operations Support Audit Hospital and clinician relationship management Employee Records Payroll end to end Salary benchmarking People Audit Cash & Bank Management Treasury Stock Options Foreign Exchange Investments Share Capital And Funds Utilization Finance & Accounts a KONNECTORS presentation Risk Levels* 1. Top-Level Enterprise Risks These risks were identified by all or virtually all of the respondents and are seen as meeting the following parameters: a. A current risk or one that is on the short-term horizon b. A risk that has a high likelihood of occurring c. A risk that is seen as having a significant impact on the healthcare system. 2. Mid-Level Enterprise Risks These are essentially “around the corner” risks as identified by the executives. They are generally viewed as having a lower likelihood of happening or a longer lead time. However, if the risk becomes a reality, it is viewed as having a significant impact on the organization. 3. Lower-Level Enterprise Risks These risks meet one or more of the following parameters: a. Much lower likelihood of occurring or a longer timeframe for a healthcare organization to adjust b. Less impact on the system and/or a more manageable level of risk It may happen that low level risks of today might become/ shift to medium or high category of risks, if left uncontrolled. So, risk management has to be a continuous & all- pervasive exercise.
1. Does increasing volatility and growing complexity make risk management central and strategic to your entity ? 2. Do you see the risk management capabilities as important to future profitability and long- term growth. 3. Are you implementing comprehensive enterprise risk management programs? 4. Executives expect their investments in risk management to increase over the next two years. 1. How active is your company in influencing risk regulation in your industry or geography (e.g. establishing direction for future industry reform)? 2. How is healthcare reform addressed within your risk management program? 3. How are pricing issues addressed within the risk management program? 4. How is capital adequacy or the risk-bearing capacity of the balance sheet addressed within your risk management program? 1. Balance risk appetite with risk capacity. 2. Focus on supply chain risk. 3. Improve governance of risk & compliance. 4. Use a more holistic approach. Action to achieve risk mastery Handling of primary concerns for a healthcare entity How do you view risk management capabilities ? a KONNECTORS presentation “ With more hospitals now hiring physicians and acquiring physician groups, they need to rethink both the duration and magnitude of their risk exposures.”
A. Look to create shareholder value from risk management. B. Involve the risk organization in key decision- making processes. C. Improve the sophistication of measurement, modeling and analytics to anticipate risks in an increasingly complex environment. D. Go beyond a compliance mindset of risk management to deliver more complete business solutions that drive competitive differentiation. E. Integrate risk management capabilities across business units and organizational structures. F. Establish a dedicated, C-level risk executive with oversight and visibility across the business. G. Infuse risk awareness across the organizational culture. H. Invest in continuous improvement. a KONNECTORS presentation Critical Success Factors for Effective Strategic Risk Management • Align your strategy with the risks most relevant to your ability to achieve your near- and long-term strategic objectives. • Create an efficient organizational structure with clear roles and responsibilities for everyone on the team. Leverage existing functions and teams, rather than creating more bureaucracy or overburdening leadership with decisions and tasks that can be handled by the rest of the team. • Put a transparent, repeatable process in place. Where possible, make use of existing processes to ensure minimal disruption, and provide clear direction and well-defined deliverables. Where new approaches are needed, deploy strong change management disciplines to optimize workforce involvement and acceptance. • Determine appropriate risk metrics and meaningful reporting formats, and establish a process for monitoring risk metrics to make sure information is relevant, reliable and provided on a regular, established basis. • Develop and implement those tools and templates needed to efficiently standardize and sustain the risk management process, emphasizing practicality and cost/benefit optimization.
Internal audit is a 5-step process @ KONNECTORS. Risk Assessment Annual Internal Audit Plan Development Audit Program Development & Execution Findings & Recommendations Monitoring of Implementations Step 1 Step 2 Step 4 Step 3 Step 5 a KONNECTORS presentation 1. We don’t have any risks. 2. Hopefully nothing bad happens today. 3. Everybody needs to be careful all the time. 4. If you make a mistake, we’ll fine/discipline/fire you! 5. We had a meeting and discussed the chance that if a particular risk could happen, we would communicate to everyone. 6. We brainstormed what could happen, and we took some actions to minimize the chance. 7. We developed a risk assessment of our process, and have an ongoing action plan and cadence to address the highest prioritized risks. Some businesses manage risks by the following ways today:
a KONNECTORS presentation Please Contact: Founder Adarsh Saxena, CA @ KONNECTORS RMT Solutions konnectorsrmts.2012@gmail.com +91-9873016166. New Delhi - 110018. India. R S K I

More Related Content

PPTX
Healthcare Risk Management
byJoven Botin Bilbao
 
PPTX
Healthcare Risk management overview
byAhmad Thanin
 
PPTX
Risk management in healthcare
byMujeeb Kandy, MASc, MS, CPHQ, RHIA.
 
PPTX
Effective risk management in healthcare practice-
byDr. AbdulQawi Almohamadi
 
PPT
Risk Management and Healthcare Organizations
byJohn Cousins
 
PPTX
Hospital accreditation
bySana Saiyed
 
PPTX
Presentation on International Patient Safety Goals (JCI)
byDr.SONAL GAUR
 
PPTX
Quality and patient safety intro
bykiran
 
Healthcare Risk Management
byJoven Botin Bilbao
 
Healthcare Risk management overview
byAhmad Thanin
 
Risk management in healthcare
byMujeeb Kandy, MASc, MS, CPHQ, RHIA.
 
Effective risk management in healthcare practice-
byDr. AbdulQawi Almohamadi
 
Risk Management and Healthcare Organizations
byJohn Cousins
 
Hospital accreditation
bySana Saiyed
 
Presentation on International Patient Safety Goals (JCI)
byDr.SONAL GAUR
 
Quality and patient safety intro
bykiran
 

What's hot

PPT
Introduction to Outcome Mapping
bySimon Hearn
 
PPS
Risk management in Healthcare
byNadeem Baig
 
PPT
Leadership in healthcare
byGordon Otieno Odundo
 
PPTX
prevention and control of occupational diseases
byPreetika Maurya
 
PDF
Medical errors....
byHisham Aldabagh
 
PPT
Quality and Patient safety goals
byrosebless
 
PPTX
Importance of medical audit
byalicecarlos1
 
PPT
Patient satisfaction
byNc Das
 
PPTX
Enterprise Risk Management in Healthcare Organisations “Going Beyond Patient ...
byHossam Elamir
 
PPTX
What is the role of a risk management ppt
byAD Baj
 
PPTX
Risk Management
byKinza Razzaq
 
ODP
Incident reporting
byVidya vijay
 
PPSX
Occurance variance report Incident report بلاغ حادثه
byMEEQAT HOSPITAL
 
PPT
Presentation on fraud prevention, detection & control
byDominic Sroda Korkoryi
 
PPTX
Risk management
byMohamed Mosaad Hasan
 
PPTX
Directing process
byPallavi Lokhande
 
PPTX
Patient safety
byMEEQAT HOSPITAL
 
PPSX
Quality improvement
bycarroll support
 
PPTX
Healthcare Quality: Basic concepts
byYasser Sami Abdel Dayem Amer
 
PPTX
Quality Management Orientation Program
byKaye Tacuel, RN
 
Introduction to Outcome Mapping
bySimon Hearn
 
Risk management in Healthcare
byNadeem Baig
 
Leadership in healthcare
byGordon Otieno Odundo
 
prevention and control of occupational diseases
byPreetika Maurya
 
Medical errors....
byHisham Aldabagh
 
Quality and Patient safety goals
byrosebless
 
Importance of medical audit
byalicecarlos1
 
Patient satisfaction
byNc Das
 
Enterprise Risk Management in Healthcare Organisations “Going Beyond Patient ...
byHossam Elamir
 
What is the role of a risk management ppt
byAD Baj
 
Risk Management
byKinza Razzaq
 
Incident reporting
byVidya vijay
 
Occurance variance report Incident report بلاغ حادثه
byMEEQAT HOSPITAL
 
Presentation on fraud prevention, detection & control
byDominic Sroda Korkoryi
 
Risk management
byMohamed Mosaad Hasan
 
Directing process
byPallavi Lokhande
 
Patient safety
byMEEQAT HOSPITAL
 
Quality improvement
bycarroll support
 
Healthcare Quality: Basic concepts
byYasser Sami Abdel Dayem Amer
 
Quality Management Orientation Program
byKaye Tacuel, RN
 

Viewers also liked

PPTX
Clinical Risk Management
bylimgengyan
 
PPT
The Purpose And Goals Of Risk Management
byLisa Shannon, RN, BSN, JD.
 
PPTX
Risk management
byAbhi Kalyan
 
PPTX
Understanding Risk Stratification, Comorbidities, and the Future of Healthcare
byHealth Catalyst
 
PPTX
Risk & Risk Management
byansula
 
PPT
Introduction to Risk Management
byFAA Safety Team Central Florida
 
PPT
Medical Risk Management
byroncline
 
PPTX
Think Like a Bad Guy "Hacker" - Change the game to proactively protect your ...
bySaqib Chaudhry
 
PPTX
HealthCare Compliance - HIPAA and HITRUST
byKimberly Simon MBA
 
PDF
Hospital Services Assessment Report 2014
byJoseph Mwangi
 
PDF
Risk Management
byJacobe2008
 
PPTX
Medicare Advantage Compliance
bytyhubbard
 
PDF
Medical Risk Management
byIntland Software GmbH
 
PPSX
Healthcare Compliance Presentation
byKendall Brune
 
PPT
Compliance for Health Care Organizations
byGlass Jacobson
 
PDF
Top Health Care Regulatory Trends: New Risks and Opportunities
byEpstein Becker Green
 
PPTX
Why We Need to Shift Healthcare Quality Measures from Volume to Value
byHealth Catalyst
 
PPTX
Risk Management Training
byQuality Improvement Consulting
 
PPTX
Lean Principles in Healthcare: 2 Important Tools Organizations Must Have
byHealth Catalyst
 
PDF
A simplified guide to Risk Assessment in Occupational Health & Safety
byWessam Atif
 
Clinical Risk Management
bylimgengyan
 
The Purpose And Goals Of Risk Management
byLisa Shannon, RN, BSN, JD.
 
Risk management
byAbhi Kalyan
 
Understanding Risk Stratification, Comorbidities, and the Future of Healthcare
byHealth Catalyst
 
Risk & Risk Management
byansula
 
Introduction to Risk Management
byFAA Safety Team Central Florida
 
Medical Risk Management
byroncline
 
Think Like a Bad Guy "Hacker" - Change the game to proactively protect your ...
bySaqib Chaudhry
 
HealthCare Compliance - HIPAA and HITRUST
byKimberly Simon MBA
 
Hospital Services Assessment Report 2014
byJoseph Mwangi
 
Risk Management
byJacobe2008
 
Medicare Advantage Compliance
bytyhubbard
 
Medical Risk Management
byIntland Software GmbH
 
Healthcare Compliance Presentation
byKendall Brune
 
Compliance for Health Care Organizations
byGlass Jacobson
 
Top Health Care Regulatory Trends: New Risks and Opportunities
byEpstein Becker Green
 
Why We Need to Shift Healthcare Quality Measures from Volume to Value
byHealth Catalyst
 
Risk Management Training
byQuality Improvement Consulting
 
Lean Principles in Healthcare: 2 Important Tools Organizations Must Have
byHealth Catalyst
 
A simplified guide to Risk Assessment in Occupational Health & Safety
byWessam Atif
 

Similar to Ppt for Healthcare Risks

PDF
Roadmap for healthcare change
bybrucco
 
PPTX
Streamlining Your Medical Practice for Profitability and Success
byConventus
 
PPTX
Healthcare Valuations in an Era of Reform and Uncertainty
byPYA, P.C.
 
PPTX
Conventus: Keeping Your Patients & Practice Safe
byConventus
 
PPT
A PPT describing the 101 of the Health care revenue-cycle
bydrrskhan
 
PPT
Revenue-Cycle-101.ppt
bysaiprasad914699
 
DOCX
Chapter 7 Assuring Safety and Security in Healthcare Insti.docx
bymccormicknadine86
 
PPT
Revenue Cycle Management
byWilliam Kirsh, DO, MPH
 
PPTX
The Shift in the Compliance Landscape
byPYA, P.C.
 
PPTX
HIMSS12 Sentry Data System
byWilliam Kirsh, DO, MPH
 
DOCX
Keeping Costs Under Control.docx
by4934bk
 
PDF
Patient Safety: Evolving from Compliance to Culture
byclinicalsolutions
 
PDF
Patient Safety: Evolving from Compliance to Culture
byclinicalsolutions
 
PDF
Patient Safety: Evolving from Compliance to Culture
byclinicalsolutions
 
PDF
Patient Safety: Evolving from Compliance to Culture
byclinicalsolutions
 
PDF
Healthcare Opportunities for Banks
byFIS Healthcare
 
PPTX
Risk-Management-in-Healthcare-Protecting-Patients-and-Profits.pptx
byssuser7e82f41
 
PDF
Ephor Group Healthcare IT Services Brief
byCharles Bedard
 
PDF
Essentials of Health Care Finance 8th Edition, (Ebook PDF)
byepdowftobk970
 
DOCX
OverviewAssignmentDue DateFormatGrading PercentFinance.docx
byalfred4lewis58146
 
Roadmap for healthcare change
bybrucco
 
Streamlining Your Medical Practice for Profitability and Success
byConventus
 
Healthcare Valuations in an Era of Reform and Uncertainty
byPYA, P.C.
 
Conventus: Keeping Your Patients & Practice Safe
byConventus
 
A PPT describing the 101 of the Health care revenue-cycle
bydrrskhan
 
Revenue-Cycle-101.ppt
bysaiprasad914699
 
Chapter 7 Assuring Safety and Security in Healthcare Insti.docx
bymccormicknadine86
 
Revenue Cycle Management
byWilliam Kirsh, DO, MPH
 
The Shift in the Compliance Landscape
byPYA, P.C.
 
HIMSS12 Sentry Data System
byWilliam Kirsh, DO, MPH
 
Keeping Costs Under Control.docx
by4934bk
 
Patient Safety: Evolving from Compliance to Culture
byclinicalsolutions
 
Patient Safety: Evolving from Compliance to Culture
byclinicalsolutions
 
Patient Safety: Evolving from Compliance to Culture
byclinicalsolutions
 
Patient Safety: Evolving from Compliance to Culture
byclinicalsolutions
 
Healthcare Opportunities for Banks
byFIS Healthcare
 
Risk-Management-in-Healthcare-Protecting-Patients-and-Profits.pptx
byssuser7e82f41
 
Ephor Group Healthcare IT Services Brief
byCharles Bedard
 
Essentials of Health Care Finance 8th Edition, (Ebook PDF)
byepdowftobk970
 
OverviewAssignmentDue DateFormatGrading PercentFinance.docx
byalfred4lewis58146
 

Recently uploaded

PDF
atharvyogshala.com-Deoria Taal Uttarakhands Magical Lake.pdf
byAtharv Yogshala
 
PPTX
Geriatric Health in Nepal: Aging Process, Health Problems, and Care Services
byashutoshsah28
 
PPT
children rights.ppt children rights child health nursing
byPooja Rani
 
PDF
Honorary Work_Punita V. Solanki_January 2026.pdf
byPunita V. Solanki
 
PDF
Peninsula Snore Clinic: Better Sleep Care
byPeninsula Snore Clinic
 
PPTX
Prism and Its Uses in Ophthalmic Dispensing
byMilan Gupta
 
PPTX
Space Regainer Application in Dentistrl.pptx
byDr. Rohan Shrivastava
 
PPTX
Diet in Pregnancy explained trimester wise.pptx
byShristi602572
 
PPTX
IRON DEFICIENCY ANEMIA and its importance .pptx
byNadiyaKhan11
 
PDF
ABRIDGED_DKA_TRAINING_CURRICULUM_POWERPOINT
byZACHARYMACHERA
 
PPTX
AUSHADHA KALPANA - In ayurveda through Sharangadhara
byakhilPatil30
 
PPTX
Compassionate Hospice Care Services in Orange County, NY
bysn036847
 
PPTX
Hypothalamus short notes on location, function and disorders by Dr. Neha [PT]...
byNehaChaudhary752493
 
PDF
Dr. David Wilson Utah - Dedicated To Patient Wellness
byDr. David Wilson Utah
 
PDF
Hospital and Hospice Integration: A Formula for Quality and Efficiency
byVITASAuthor
 
PDF
Presentations_Punita V. Solanki_January 2026.pdf
byPunita V. Solanki
 
PPTX
Internuclear, External and Total Ophthalmoplegia
byMilan Gupta
 
PPTX
Chapter 21 the immune system anatomy and physiology
bywz4qzpcrg4
 
PPTX
BEST PG SERVICES IN HAMRIPUR nitika 56.pptx
byStay Hamirpur
 
PPTX
Disaster Managment
byDr. Anuj Singh
 
atharvyogshala.com-Deoria Taal Uttarakhands Magical Lake.pdf
byAtharv Yogshala
 
Geriatric Health in Nepal: Aging Process, Health Problems, and Care Services
byashutoshsah28
 
children rights.ppt children rights child health nursing
byPooja Rani
 
Honorary Work_Punita V. Solanki_January 2026.pdf
byPunita V. Solanki
 
Peninsula Snore Clinic: Better Sleep Care
byPeninsula Snore Clinic
 
Prism and Its Uses in Ophthalmic Dispensing
byMilan Gupta
 
Space Regainer Application in Dentistrl.pptx
byDr. Rohan Shrivastava
 
Diet in Pregnancy explained trimester wise.pptx
byShristi602572
 
IRON DEFICIENCY ANEMIA and its importance .pptx
byNadiyaKhan11
 
ABRIDGED_DKA_TRAINING_CURRICULUM_POWERPOINT
byZACHARYMACHERA
 
AUSHADHA KALPANA - In ayurveda through Sharangadhara
byakhilPatil30
 
Compassionate Hospice Care Services in Orange County, NY
bysn036847
 
Hypothalamus short notes on location, function and disorders by Dr. Neha [PT]...
byNehaChaudhary752493
 
Dr. David Wilson Utah - Dedicated To Patient Wellness
byDr. David Wilson Utah
 
Hospital and Hospice Integration: A Formula for Quality and Efficiency
byVITASAuthor
 
Presentations_Punita V. Solanki_January 2026.pdf
byPunita V. Solanki
 
Internuclear, External and Total Ophthalmoplegia
byMilan Gupta
 
Chapter 21 the immune system anatomy and physiology
bywz4qzpcrg4
 
BEST PG SERVICES IN HAMRIPUR nitika 56.pptx
byStay Hamirpur
 
Disaster Managment
byDr. Anuj Singh
 

Ppt for Healthcare Risks

  • 1.
  • 2.
  • 3.
    Project risks Legal &Regulatory risks Reputation risks Corporate Governance risks Business continuity risks People risks Supply chain risks Technology risks Economic risks Social risks MAJOR CATEGORIES OF RISK IN HEALTHCARE a KONNECTORS presentation A list of audit universe areas where applications are present to better assess the IT risks of health-care providers. Risk areas identified* include: •Accounts payable. •Admissions, discharges, and transfers. •Ancillaries. •Billing and accounts receivable. •Cardiology. •Core clinical activities. •Cost accounting. •Decision support. •Emergency department. •General ledger. •Health information management. •Human resources. •Laboratory. •Materials management. •Payroll. •Pharmacy. •Physician practice management. •Radiology. •Scheduling. •Surgery. The audit universe also identified general control areas that should be examined during the assessment. These areas include: •Application change controls. •Backup and recovery processes. •Compliance initiatives. •Disaster recovery planning efforts. •Infrastructure configuration management activities. •IT management processes. •Network infrastructure, security administration, and server infrastructure activities. •System development and acquisition life cycle initiatives. •Third-party services. •Data center environmental controls. Finally, besides identifying general control areas, the audit universe pinpoints a number of common IT security high-risk areas, including Web applications, medical devices connected to the network, wireless networks, and application interfaces. Below is a description of each high risk and its associated audit universe area. Risk assessment of IT risks in Healthcare
  • 4.
    AssessingITRisksinthe HealthcareIndustry While the adoptionof new technology offers a number of benefits and gives health-care providers the opportunity to gain a competitive advantage, it also introduces new risks into the environment that must be managed appropriately. Health-care providers are rapidly deploying IT systems to dramatically change business processes, create new opportunities, and reduce costs. Because failures in health-care technology can be life threatening, internal auditors need to become aware of the different technology-related risks in the health-care field and learn about potential audit approaches to address identified problem areas. As part of their work, health-care providers collect and maintain non-clinical personal information that could be used for identity theft purposes, such as Social Security numbers and credit card and insurance account information. In addition, many organizations are adopting automated health information systems, thus highlighting the importance of continuous system availability and decreased downtime. Hence, data integrity remains a critical factor that is necessary to ensure better patient care and is an area that is regulated more and more through different national and industry- specific regulations. Considering the different IT security risks that are affecting organizations and the technologies used in the health-care field, where should internal auditors and organizations focus their audit activities? A good starting point is to conduct an IT enterprise risk assessment. Ideally, this risk assessment should be revisited and updated as necessary on a continuous basis. The Health Information and Management System Society's (HIMSS's) 18th Annual Leadership Survey provided insight into the priorities of CIOs in the health-care sector, their areas of perceived risks, and the tools used to mitigate those risks (refer to the 3 charts below). a KONNECTORS presentation
  • 5.
    Charge Description Master(CDM): Is the hospital reviewing this area on a regular basis to make sure they capture charges correctly? Coding and charge information can change frequently and if a procedure is recorded incorrectly, a hospital may not receive the correct reimbursement amount. Pharmacy: What system does the hospital use for medications? How are medications controlled? How are patient accounts charged? One day stays: What is the criterion for admissions? How is the criteria applied for medical observation? Is the billing corrected if the criteria are not met? Managing cash activities: How is cash accounted for? How are receipts given out? What types of receipts are utilized? How is this information recorded into a patient’s account? Is a lock box used to hold onto cash until deposited to a central location? How often is cash collected and deposited? What controls are in place for cash handling and who handles the cash? Admitting and registration of patients: When a procedure has been scheduled in advance, how does the hospital register the patient? Does the admitting area ask for identification and insurance information upon arrival at the hospital? Are any co-payments and deductibles discussed prior to the procedure taking place? How are co-payments and deductibles collected? Laboratory: Is the laboratory in compliance with OIG guidelines? Do reference forms contain all needed diagnostic information? Is there a maximum time limit for standing orders? How does the laboratory charge? On result only? Charity care: Is there a process in place to maintain charity applications? Are logs maintained? Who approves charity write-offs? Who reviews write-off codes for compliance with hospital-level services defined by HCAP? Miscellaneous: Are the discounts (in case of multiple services availed by a patient and available at that time under Hospital’s policy) properly adjusted at the time of billing ? Revenue Assurance in a Hospital a KONNECTORS presentation On an average, companies lost seven percent of revenue to fraud in 2008, according to the Association of Certified Fraud Examiners (ACFE) 2008 Report to the Nation on Occupational Fraud and Abuse.
  • 6.
    PRIORITY B Processes withsignificant but less likely risks will receive audit focus, if they relate to or can be efficiently audited with other 'A' processes. PRIORITY A Processes with risks that are both significant and likely. Unless risks are well managed, they should be a key focus of the audit plan. PRIORITY C Processes with likely but low significant risks. Minimal audit focus. PRIORITY D Minimal or no audit focus. Human Resources; Patient Satisfaction Legal & Regulatory; Contracts; Information Systems; Treasury PatientServices; RevenueCycle Supply Chain Management Grant Administration a KONNECTORS presentation For the evolving hospital industry, managing risk is a high-stakes business issue.
  • 7.
    Some associated risks Healthcare providers &Others consists of Sample risk(s) associated with the healthcare provider & Others Hospitals (Private/ Government) Not enough beds to accommodate all patients; whether proper billing charged to the patients. Nursing Homes Running without license; Either short on some medicines/ injections or a doctor not available on duty (for any reason, in an emergency) Testing Laboratories Personnel not available to do the testing & hence further delay in patients’ treatment. Pharmaceutical Companies Some medicines’ supply not frequently available or very highly priced; regulation risks. Diagnostic Centers Some machines not working properly. Medical Equipment (X-ray machines, BP testing machines, CT scan machines, etc) Manufacturers Not able to meet the demand for the various machines from all the customers (including hospitals/ R&D centres, etc). Health Insurance companies/ Third Party Administrators (TPAs) Claim settlements; forged documents; Hospitals charging higher rates (where mediclaim is applicable) Colleges/ Universities/ Institutes teaching medicine Not able to meet the demand of the medical professionals as required. Specialised R&D centres Breach of agreement vis-à-vis technology transfer; failure of research resulting in writing off of expenditure incurred. a KONNECTORS presentation
  • 8.
    Risks that were identified in 2010, were presentin surveys of 2005 & 2007 too Top 10 Risks 2010 * (5 risks were present earlier too) Level of risk in 2007 Level of risk in 2005 Percent of respondents who believe that passage of healthcare reform will increase this risk Estimate of an organization’s ability to control this risk Payment increases consistently below medical inflation: potential for precipitous reductions in reimbursement as a result of state and federal regulatory changes Top-Level Top-Level 92% Limited or none Physician relationships: ability to control the direction and level of alignment of physicians and institutions Top-Level Top-Level 96% Reasonable Increased enforcement initiatives and governmental challenge of overpayment for services (e.g. RAC, MIC, and ZPIC audits, Stark anti-kickback statutes, false claims laws, antitrust, etc.) Low-Level Mid-Level 89% Some Unfunded mandates for the provision of healthcare services Top-Level Top-Level 66% Limited or none Increasing cost of capital and significant gap between capital needs and capital available from all sources Low-Level Low-Level 66% Some Top 10 Risks 2010 * (5 new risks in 2010) Percent of respondents who believe that passage of healthcare reform will increase this risk Estimate of an organization’s ability to control this risk Preparedness for clinical automation: inadequate information technology requiring investment in more sophisticated information systems 83% Reasonable An extended economic recovery or a return to a significant recessionary environment; unemployment increases and continues to remain high No additional impact None Improving performance in the midst of accelerating regulatory and marketplace change 85% Reasonable Rebuilding the organization’s balance sheet 73% Reasonable Significant reduction in employer-based insurance 77% None Risks that were identified as new in 2010 a KONNECTORS presentation
  • 9.
    Important auditable functions/areas from an Hospital’s perspective: SERVICE DELIVERY Medical strategy & service excellence Patient reception & admission Diagnosis & Patient treatment Patient discharge & rehabilitation services Medical record maintenance Corporate Governance Business Planning M & As and Projects Marketing & Sales Stakeholder perspective Cost perspective Procurement - Medical supplies Procurement - Capex HR & Payroll Some other enablers Insurance including TPA Housekeeping Operating systems & IT Miscellaneous Blood Bank management Waste & Energy management F&B Legal & Taxation Inventory management Customer service a KONNECTORS presentation
  • 10.
    Process/sub-process withHighrisk criticality i Hospital Governance iiMedical & Quality Audit iii Operations Support Audit iv People Audit v Finance & Accounts vi Compliance Management Mergers & Acquisition – Internal Control DDR Medical Strategy & Quality Capacity Management Quality Compliance Management – NABH/ JCI New Projects Corporate Governance Marketing Hospital Governance Compliance Management Medical Records Secretarial EHS Other enactments JCI standards NABH standards Medical & Quality Audit Stress Care Centres Operation Theatre’s ICU, MICU, ICCU & PICU Imaging Centres & Laboratory’s Vascular Rooms Cardiac Recovery rooms Preparatory room Recovery room Ambulance services Surgical Services Blood bank management Functional audit areas of focus (High risk) Admissions Procurement including CPC Inventory Management Discharge & Billing Patient Safety – Incident Management Insurance including TPA Bio / Non Bio Medical equipment IT Support – FOS, ITGC, ERP, Business Continuity & DRP Operations Support Audit HR Planning & Recruitment Employee training Roster management Leadership Development Initiatives Performance Appraisal process Employee Satisfaction Survey People Audit Budgeting Accounts Receivable Accounts Payable Fixed Assets Management Capital Expenditure Taxation Financial Reporting Share Capital And Funds Utilization Finance & Accounts a KONNECTORS presentation
  • 11.
    Process/ sub- process with Mediumrisk criticality Medical & Quality Audit Allied Health operations Medical Psyh Units Progressive Care Unit Nurse/ Doctors bay Pediatrics/ Ortho/ Neuro Unit Foods & Beverages Laundry & Housekeeping Centre for Community Service Autopsy & Mortuary management Pharmacy Energy & Water consumption Operations Support Audit Hospital and clinician relationship management Employee Records Payroll end to end Salary benchmarking People Audit Cash & Bank Management Treasury Stock Options Foreign Exchange Investments Share Capital And Funds Utilization Finance & Accounts a KONNECTORS presentation Risk Levels* 1. Top-Level Enterprise Risks These risks were identified by all or virtually all of the respondents and are seen as meeting the following parameters: a. A current risk or one that is on the short-term horizon b. A risk that has a high likelihood of occurring c. A risk that is seen as having a significant impact on the healthcare system. 2. Mid-Level Enterprise Risks These are essentially “around the corner” risks as identified by the executives. They are generally viewed as having a lower likelihood of happening or a longer lead time. However, if the risk becomes a reality, it is viewed as having a significant impact on the organization. 3. Lower-Level Enterprise Risks These risks meet one or more of the following parameters: a. Much lower likelihood of occurring or a longer timeframe for a healthcare organization to adjust b. Less impact on the system and/or a more manageable level of risk It may happen that low level risks of today might become/ shift to medium or high category of risks, if left uncontrolled. So, risk management has to be a continuous & all- pervasive exercise.
  • 12.
    1. Does increasing volatilityand growing complexity make risk management central and strategic to your entity ? 2. Do you see the risk management capabilities as important to future profitability and long- term growth. 3. Are you implementing comprehensive enterprise risk management programs? 4. Executives expect their investments in risk management to increase over the next two years. 1. How active is your company in influencing risk regulation in your industry or geography (e.g. establishing direction for future industry reform)? 2. How is healthcare reform addressed within your risk management program? 3. How are pricing issues addressed within the risk management program? 4. How is capital adequacy or the risk-bearing capacity of the balance sheet addressed within your risk management program? 1. Balance risk appetite with risk capacity. 2. Focus on supply chain risk. 3. Improve governance of risk & compliance. 4. Use a more holistic approach. Action to achieve risk mastery Handling of primary concerns for a healthcare entity How do you view risk management capabilities ? a KONNECTORS presentation “ With more hospitals now hiring physicians and acquiring physician groups, they need to rethink both the duration and magnitude of their risk exposures.”
  • 13.
    A. Look tocreate shareholder value from risk management. B. Involve the risk organization in key decision- making processes. C. Improve the sophistication of measurement, modeling and analytics to anticipate risks in an increasingly complex environment. D. Go beyond a compliance mindset of risk management to deliver more complete business solutions that drive competitive differentiation. E. Integrate risk management capabilities across business units and organizational structures. F. Establish a dedicated, C-level risk executive with oversight and visibility across the business. G. Infuse risk awareness across the organizational culture. H. Invest in continuous improvement. a KONNECTORS presentation Critical Success Factors for Effective Strategic Risk Management • Align your strategy with the risks most relevant to your ability to achieve your near- and long-term strategic objectives. • Create an efficient organizational structure with clear roles and responsibilities for everyone on the team. Leverage existing functions and teams, rather than creating more bureaucracy or overburdening leadership with decisions and tasks that can be handled by the rest of the team. • Put a transparent, repeatable process in place. Where possible, make use of existing processes to ensure minimal disruption, and provide clear direction and well-defined deliverables. Where new approaches are needed, deploy strong change management disciplines to optimize workforce involvement and acceptance. • Determine appropriate risk metrics and meaningful reporting formats, and establish a process for monitoring risk metrics to make sure information is relevant, reliable and provided on a regular, established basis. • Develop and implement those tools and templates needed to efficiently standardize and sustain the risk management process, emphasizing practicality and cost/benefit optimization.
  • 14.
    Internal audit isa 5-step process @ KONNECTORS. Risk Assessment Annual Internal Audit Plan Development Audit Program Development & Execution Findings & Recommendations Monitoring of Implementations Step 1 Step 2 Step 4 Step 3 Step 5 a KONNECTORS presentation 1. We don’t have any risks. 2. Hopefully nothing bad happens today. 3. Everybody needs to be careful all the time. 4. If you make a mistake, we’ll fine/discipline/fire you! 5. We had a meeting and discussed the chance that if a particular risk could happen, we would communicate to everyone. 6. We brainstormed what could happen, and we took some actions to minimize the chance. 7. We developed a risk assessment of our process, and have an ongoing action plan and cadence to address the highest prioritized risks. Some businesses manage risks by the following ways today:
  • 15.
    a KONNECTORS presentation PleaseContact: Founder Adarsh Saxena, CA @ KONNECTORS RMT Solutions konnectorsrmts.2012@gmail.com +91-9873016166. New Delhi - 110018. India. R S K I