It’s Health Risk Management Week!
This week is noteworthy for risk management professionals in the healthcare industry. The American Society for Healthcare Risk Management has set aside June 19-23 to show appreciation for the work of risk management professionals in ensuring patients’ healthcare.
If that’s you, we salute all you do. As developers of a platform for integrated risk management, we know the effort required and the pressure you’re under. You deserve a moment to reflect on all that’s been accomplished in the last year. Notice we wrote “moment?” Because we know there’s no resting on your laurels.
This week’s theme: innovation
For HRM Week 2017, the theme is “Leading Innovation in Risk Management.” Current processes are working, but the “pursuit of advancing patient safety, reducing uncertainty, and maximizing value” demands innovation.
Another driver of innovation is the sheer growth in risks faced by healthcare organizations. Spend any time on the HIPAA Journal’s website, and it’s like a Scared Straight program for HIPAA compliance. Another place you don’t want to see your organization’s name plastered is the “Wall of Shame,” the data breach list operated by the Department of Health and Human Services’ Office for Civil Rights. Innovation is exactly what is needed to address business associate risk, IT risk, cyber crime risk, health and safety risk, operational risk, enterprise-wide risk, every risk of every kind. But what does innovation require?
Technology incubates innovation
If you’re a healthcare risk management professional pursuing innovation, leveraging technology can empower you to more efficiently manage resources and extend or develop new capabilities.
An example that illustrates this is the meteoric rise in risks that are burdensome to manage. For instance, IT risks don’t just come in through the IT department. Data breaches can occur with business associates. There are health, safety and operational risks at healthcare facilities. Technology that integrates individual risk management processes can address this wide variety of risk factors facing healthcare in ways that existing processes can’t.
The big question is, what is the technology enabling integrated risk management?
Today’s GRC platforms
This infographic will take you through the origin and evolution of GRC, which stands for governance, risk management, and compliance. You’ll learn that GRC has evolved from a methodology for compliance into a platform for integrated risk management. Today’s leading GRC platforms are flexible, scalable, and cloud-based, empowering organizations to not only manage compliance, but also integrate risk management programs in industries as challenging as healthcare.
For example, one major health insurer recently transitioned from a first-generation to a comprehensive GRC platform. The legacy platform was so complicated to use that it forced the insurer to revert to manual processes and issuing assessments in spreadsheets. The insurer now uses a modern GRC platform to identify, analyze, track, and report on vendor risks. The platform facilitates the insurer’s processes for ensuring vendors have the proper security controls in place to protect PHI information and meet HIPAA requirements. That’s using technology to innovate.
HRM Week 2017 puts the spotlight on you — a risk management professional. Heed this week’s call to innovate and appreciate the role of today’s GRC platforms in delivering on integrated risk management processes.
Is the business associate agreement (BAA) enough to protect PHI data at risk? Here are six strategies for adding security to PHI data that passes through the hands of business associates.