Broad-based competencies through clinical risk management

The publication of the normative specifications and in particular the function and competences of the risk manager met an unexpectedly great need, on the one hand from private organisations and public institutions, which operate an "Enterprise Risk Management" (ERM), on the other hand the institutions of the health service, in particular the hospitals, which in the meantime in Austria and in Germany have trained and certified several thousand clinical risk managers in courses of several days and use them in the clinical operation.

The risk management standards have contributed to the fact that the health authorities have adopted their contents to a large extent as guidelines.

Risk management standards as a driving force
In recent years, the international standard ISO 31000 and its specification by ONR 49000 have made risk management a recognized and important management tool. These standards define and specify not only the risk management process (framework, identification, analysis, evaluation and management), but also the organizational framework (strategy, responsibilities, planning, implementation, evaluation and improvement) as well as the integration of risk management into existing management tools, taking into account interfaces with quality, compliance, safety, emergency and business continuity management.

ONR 49003 defines the requirements for the qualification of a risk manager. He must systematically consider risk management processes and individual risk management systems competently and integrate all relevant points into a comprehensive management framework.

Minimum requirements
As a side effect of the normative impulses, minimum requirements for clinical risk and quality management to promote patient safety and organisational development were introduced both in Austria at the level of the Länder and in Germany at the Länder level. In Germany, they are anchored in § 136 a) of the Social Code Book V (SGB V) and specified in the Joint Federal Committee resolution. This involves the following requirements:

• The goal is the greatest possible patient safety and safety culture.
• Risk and quality management are management tasks and the responsibility of the management.
• Responsibilities and accountabilities must be regulated.
• A hospital needs a risk strategy in which the systematics of recognition, assessment, management and risk monitoring are presented.
• The implementation of the risk strategy also includes appropriate risk communication.
• The systemic approach of the P-D-C-A-Zyk- lus is to be applied.
• Managers and employees should take part in appropriate training courses
• Error reporting systems, complaint management and a surgical checklist are mandatory.
• Several roles are mentioned in the responsibilities and competences:
• the top management with the executive board and the medical and nursing management,
• the risk owners, who basically bear the responsibility for the risk,
• the risk managers who can apply the risk management process with the various methods and provide technical support to the responsible risk owners and managers, and
• the auditors (from clinical risk and quality management as well as from finance), who evaluate the effectiveness of the corresponding system and report to the supervisory bodies in large organisations.

Aim of competence development: a high safety culture
The safety culture in the clinical risk management of hospitals describes the way in which safety is organized in the context of patient care and thus reflects:

• the settings
• the convictions,
• the perceptions and
• the perceptions and

of managers and employees with regard to the safety of patients, employees and the organisation. A safety culture can be developed and is subject to a continuous learning process*. It is now easy to show how pronounced a safety culture is in a hospital. A well-known maturity model can be used for this purpose.

Concept of the training of clinical risk managers
The concept of training clinical risk owners and risk managers is divided into three stages or didactic levels:

• In the first stage (approx. 3 days), participants must in particular become familiar with the regulatory and normative principles and learn to apply the risk management process. This involves various methods such as scenario analyses, process analyses, loss and error analyses and their specific applications in hospitals.
• In the second stage (approx. 3 days), the methods are practised again and the components of the risk management system are dealt with and deepened. The second part concludes with a written examination, which represents qualification step 1.
• The third part serves to transfer the knowledge into the operational reality of the hospital. The participant must prepare a risk assessment using a method of his choice or a risk management concept for his hospital as a project (approx. 20 pages).
• After this qualification step 2, the participant receives a personnel certificate in which the competences for the implementation of ISO 31000 or ONR series 49000 are attested.

It is worth noting that a large proportion of the training participants are risk owners, which means that not only technical but also responsibility-related skills are built up.

Where does Switzerland stand?
Switzerland's healthcare system has a high level of security of supply, but this also means that we have the most expensive healthcare system in Europe. The steadily rising health insurance premiums in the long term are becoming an economic burden that will reach its limits at some point.

In terms of service quality, the Swiss healthcare system is in the middle of the field in a European comparison. The establishment of a broad-based safety culture through the training of risk owners and risk managers, as well as the introduction of binding minimum requirements, would significantly improve the quality of services. To achieve this, some institutional framework conditions, especially in the legal environment, would also have to be adapted. Unfortunately, this is demonstrated all too clearly by repeated cases of damage in clinical operations.