Académique Documents
Professionnel Documents
Culture Documents
_·~···-----'-'-"-
Certified Profession.al in
Healthcare
-
Ris~ Management .
..
~ '
(CPHRM)
Exam Preparation Guide ·
ASHRM • AMERICAN
SOCIETY FOR
HEALTHCARE
• RISK
MANAGEMENT
© 2014
\',
American Society for Healthcare Risk Management of the American Hospital Association ··.
I
Reviewers
Cyndi Siders, RN, MSN, CPHRM, DFASHRM
Vice President of Consulting Services, Coverys Risk Management
\ ..
Table Qf Contents
Preface.......................................................................... vi
Healthcare Operations Domain
Preparation Objectives................................ ." .... ·................... 2
Key Terms ................................................... ·.............. 2
I. Enterprise Risk Management (ERM) ........................................... 7
II. Risk management (ERM) process ............................................. 9
III. Risk identification ....................................................... 12
IV. Risk management program ................................................ 14
V. D~:velopment of the risk management program ................................. 15
VI. Key attributes of a risk management program .................................. 16
VII. Scope of the risk manageme!lt program ...................................... 16
VIII. Required skills for the succJssful healthcare risk martager ........................ 18
IX. Education and professional recognition ....................................... 18
X. Areas of expertise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ............... 19
XI. Risk management operations ............................................... 19
XII. Organizational Governance................................................ 20
XIII. Directors and officers liability prevention .................................... 21
XIV. Physician and allied health professionals credentialing ........................... 21
XV. Risk management's role in performance improvement ........................... 23
XVI. Policies and procedures .................................................. 25
XVII. Education ........................................................... 26
XVIII. Crisis/adverse event management ......................................... 26
XIX. Safety/environment of care program ................... ·..................... 27
XX. Hazard Risks ..................................................... ·...... 28
XXI. Technology Risks ...................................................... 31
(
PREFACE
This guide was prepared by the American Society for Healthcare Risk Management (ASHRM) for.
i~dividuals who plan to take the Certified Professional in Healthcare Risk Management (CPHRM)
examination offered by the American Hospital Association (AHA) Certification Center. Organized
by domains of practice, the CPHRM Exam Preparation Guide builds upon previous editions. It is
irhen~ed to serve as an oudine for exam preparation as well as a resource for healthcare risk managers
and patient safety professionals. ·
Guide features
ASHRM's 2014 CPHRM Exam Preparation Guide is organized in a detailed oudine format and includes
us'eful features such as key terms, acronyms, review questions and suggestions for additional resources.
Revised 2014
1. Define Enterprise Risk Management (ERM) and the benefits of an ERM program
'f. U~t the five steps in the Enterprise Risk Management decision making process
:\
3. Identify the key components of developing a risk management program, including the risk
management professional's role and responsibilities.
I I
I 4. Articulate key issues concerning healthcare organization governance
i
5. Descr~be the benchmarking and performance improvement attributes that contribute to the risk
I
management process
6. Discuss physician and allied health professionals credentialing
7. Describe the elements ofpolicy and procedure development
8. List the key steps to crisis management
9. Describe issues related to technology
10. Discuss various aspects of employee and environmental safety
11. Explain workers' compensation from a risk manager's perspective
12. Explain five legal essentials of a contract
13. Describe organizational requirements for vendor/third party services
14. List and explain three elements of a risk management review of an organization's mergers,
acquisitions, and divestitl.,lres
15; Create a list of exposures that deal with organizational advertising liability
KEY TERMS
Important terms and definitions,relevant to this domain:
Adverse event- Negative or bad result stemming from a diagnostic test, medical treatment or surgical
intervention; an injury resulting from a medical intervention.
Age Discrimination in Employment Act- 29 U.S.C. Section 621 et seq. Federal statute prohibiting
certain types of employment discrimination on the basis of age.
Americans ~th Disabilities Act- 42 U.S.C. Section 12101 et seq. Federal statute aimed at
prohibiting discrimination against individuals with certain mental and physical disabilities in the
areas of employment and public accommodation.
Assignment- Act of transferring to another all or part of one's property, interest or rights.
Benchmarking- Comparative process used by organizations to collect and measure internal or
external data that may ultimately be used for the purpose of developing, implementing and sustaining
quality improvements.
Breach of contract- Failure, without legal excuse, to perform any promise that forms the whole or
part of a contract. Hindrance by a party regarding the required performance of the rights and duties
identified in the contract.
. . ... : .. _-,
Maximum medical improvement (MMI) -In workers' compensation, the point in which the
injured employee has recovered to the maximum extent ·medically expected .(also called permanent
and stationary or P&S). When an employee reaches MMI, any residual disability, pain, etc. is
expected to be permanent.
-"
National Labor Relations Act- The main body of law governing collective bargaining explicitly
grants employees the right to collectively bargain and join trade unions; originally enacted by
Congress in 1935 under its power to regulate interstate commerce.
National Practitioner Data Bank (NPDB) -The Data Bank is a confidential information
clearinghouse created by Congress with primary goals of improving health care quality, protecting
the public, and reducing healthcare fraud and abuse. Federal statutes require that an NPDB report
be made by any entity that pays money on behalf of a practitioner to settle a legal claim asserted
against the pr:actitioner. Reports must also be filed by hospitals that restrict, suspend or terminate
a practitioner;~ privileges to examine or treat patients at the hospital. The NPDB is prohibited by
law from disclosing information on a specific practitioner, provider, or supplier to a member of the
general public.
Occupational Safety and Health Act/~dministration- 29 U.S.C. Section 651 et seq. Federal
statute (and agency created by it) chargeCi with responsibility for promulgating standards and
enforcement mechanisms governing worker safety for most industries.
Occurrence reporting- Unexpected patient medical intervention, intefl;sity of care or healthcare
impairment. Staff is given clear guidelines and specific examples of reportable incidents or events;
e.g., occurrences of missed diagnosis that result in patient injury; surgically related occurrences
such as wrong patient being operated on, the wrong site, the wrong procedure or treatment related
occurrences; falls; medication-related occurrences, etc.
Occurrence screen reports- Systematic review of medical records/cases (either retrospectively or
concurrently conducted) using predetermined screening criteria, conducted to identify cases that may
warrant a closer performance improvement review. Screeners look for deviations from practice, policy
and procedures. Criteria for screens are established in areas that are considered to be high risk, high
frequency or problem prone.
Organizational culture- Set of values, guiding beliefs or ways of ~ng shared among members of
an organization.
OSH.I\ General Duty Clause- OSHA's general requirement that employers maintain a safe work
environment. OSHA inspectors may cite the general duty clause whenever an unsafe workplace
condition or work practice is identified, but no specific OSHA regulation applies.
Ostensible agency doctrine- The doctrine sometimes referred to as apparent agency, permits a
finding of liability on a hospital where there is the appearance of an employment relationship with
an independent contractor. In the absence of employer-employee relationship, a managed care
organization (MCO) may still be held vicariously liable for the acts of provider physicians if the
patient had a reasonable belief the physician was the MCO's agent and that this belief was based upon
representations made by the MCO to that effect. Burden is on the plaintiff to prove that he oF. she,
1
detrimentally relied on the fact that the MCO held the physician out as its agent.
Peer review- Process whereby possible deviations from the standard of patient care are reviewed by an
I
individual or committee from the same professional discipline to determine whether the standard of
care was met and to make recommendations for improving patient care processes. Most jurisdictions
provide at least a limited protection from discovery in civil actions for peer review activities.
Quality Improvement Organization (QIO) -A group of health quality expertS, clinicians, and
consumers organized to improve care delivered to Medicare beneficiaries. QIOs work under the
Risk- Chance of loss. "Pure" risk is uncertainty as to whether loss will occur; "speculative" risk is
uncertainty about an event that could produce loss. Pure risk is insurable; speculative risk usually is not.
, Risk analysis- Process used by the person/individuals assigned risk management functions to
. deterrt).ine the potential severity of the loss from an identified risk, the probability that the loss will
happen and alternatives for dealing with the risk.
· Risk avoidance- Decision not to undertake a particular activity because the risk associated with the
activity is unacceptable. The only risk control technique that completely eliminates the possibility of
loss fr.om a given exposure. This technique reduces the possibility of a loss to zero by the conscious
choice not to engage in or avoid a specific activity or operation.
Risk control- Includes techniques to minimize frequency or severity of accidental losses or to make
losses more predictable; stopping losses from happening or mitigating the loss. Risk control techniques
include avoidance, loss prevention, loss reduction, segregation of loss exposures and contractual
transfers designed to protect an organization from legal obligations to pay for others' losses.
Risk financing- Includes risk management techniques that encompass all the ways of generating
funds to pay for losses that risk control techniques do not entirely stop from happening; techniques
include risk retention and risk transfer.
I Lf Risk identification- Process of identifying problems or potential problems that can result in loss;
recognizing the potential for loss.
Risk management- Process of making and carrying out decisions that will assist in prevention of
adverse consequences and minimize the adverse effects of accidental losses upon an organization.
Also, a systematic and scientific approach in the empirical order to identify, evaluate, reduce or
eliminate the possibility of an u:nfavorable deviation from expectation and, thus, to prevent the loss
of financial assets resulting from injury to patients, visitors, employees, independent medical staff,
or from damage, theft or loss of property belonging to the healthcare entity or persons mentioned.
The definition includes transfer of liability and insurance financing relative to the inability to reduce
or eliminate intolerable deviations. Originally defined by the American Hospital Association as the
"science for the identification, evaluation and treatment of the risk of financial loss," risk management
now also encompasses the evaluation and monitoring of clinical practice to recognize and prevent
patient injury.
:I,
i Risk treatment strategies- Range of choices available to handle a given risk. Treatment strategies
include two general categories: risk control and risk financing.
Root cause analysis -Multi-disciplinary process of study or analysis that uses a detailed, structured
process to examine factors contributing to a specific outcome (e.g., an adverse event). A process
for identifying the basic or causal factors that underlies variation in performance, including the
occurrence or possible occurrence of a sentinel event.
Telemedicine/telehealth- The use of telecommunications to provide medical information and
services. Also, the provision of healthcare consultation and educati~n using telecommunications
.. '
OUTLINE
I. Enterprise Risk Management (ERM)
A Definition: A framework of activities that assists an organization to identify and manage risk
holistically by considering all forms of risk across the organization.
B. Structured analytical process focuses on identifying and estimating·the financial impact and
volatility of a defined portfolio of risks
C. ERM proposes that risks do not exist or behave in isolation but can be identified, grouped and
catalogued in risk domains
D. Premise is that every entity, whether for-profit, not-for-profit or a governmental body, exists to
provide value for stakeholders
E. Provides framework for management to effectively deal with risk and opportunity
F. A comprehensive way of thinking about risk in all areas of an organization
G. Risks can be grouped into domains ,:
.
1. Operational risks: Arise out of daily operations and includes risk presented by facility's \supply
'
chain, compliance, product recalls, admissions, service lines, clinical operations and changes
in regulations
2. Clinical/patient safety risks: Associated with the delivery (or lack thereof) of care to residents,
I
patients and other healthcare customers and stakeholders.
3. Strategic risks: Concern business decisions; decisions that affect strategic risks include pricing,
partnerships, marketing, joint ventures, mergers and acquisitions
4. Financial risks: Concern cash-flow management, interest rates, access to capital, economic
instability, taxation and costs of commodities
5. Human capital risks: Comprise risks to the organization's workforce
6. Legal/ regulatory risks: Arise from the failui:e to identify, manage and monitor legal, regulatory
and statutory mandates on a local, state and federal level.
1
7. Technology risks: Associated with the use of machines, hardware, equipment, devices and
:1 tools but can also include techniques, systems and methods of organization.
8. Hazard risks: Comprise traditionally insurable risks including property, general liability and
products liability
H. ERM definition of risk tends to ignore the mutually exclusive speculative vs. pure classification
scheme in defining risk
I. ERM consists of eight interrelated components (identified by Committee of Sponsoring
Organizations of the Treadway Commission Integrated Framework)
1. Internal environment: Risk and safety culture of the organization, governing body support,
· risk tolerance, policies and procedures
2. Objective setting: Strategic objectives
3. Event identification: Identified risks and opportUnities within the risk domains of clinical/patient
safety, operations, finance, human capital, legal/regulatory; technology, strategic and hazard risks
4. Risk assessment: Likelihood and impact of identified risks
5. Risk response: Cost benefit analysis of risk response such as avoidance, reduction, sharing and
acceptance
6. Control activities: Policies and procedures to ensure selected risk response is implemented
7. Information and communication: Communication of internal and external data sources that
express risk tolerance, performance metrics and compliance philosophy
8. Monitoring: Assessments of necessary components of the ERM program and their efficient
functioning over time
J. Benefits of an ERM program
1. A strategic, organizational framework for managing risk
2. Understanding relationships (correlations) between risks
3. Efficient and effective treatment of risks
4. Risk prioritization
5. An understanding and assessment of future risks
6. A common risk taxonomy
7. Promotion of transparency
I: 8. Support for board educational initiatives and framework for meeting financial disclosure
requirements
9. Better decision making
10. Allocation oflimited resources
11. Success of regulatory and compliance initiatives
12. Formal linkages
il
ij
I'
:I
(14) Clinical indicators
,,I
(15) Collaborative relationships with quality, nursing, medical staff, infection control,
security, safety, etc.
f) Formal risk identification systems:
(1) Incident reporting
;
(2) Sentinel event traE:king
:\
(3) Root cause analysis (RCA)
(4) Failure mode, effect and criticality analysis (FMECA)
(5) Occurrence reporting and screening
(6) Device reporting and tracking logs
(7) Security reports
g) Analysis to determine the potential severity of the loss associated with an identified risk,
the probability that such a loss will occur and the frequency of such a loss
(1) Metrics utilized to analyze risks
(2) Risk mapping
a) A graphic depiction of an organization's risks that displays the relationship between
frequency and severity oflosses (risk assessment)
b) Provides prioritization scheme for further data collection; also to establish risk
mitigation strategies, define capital allocations and exploit competitive advantages
c) Provides an analysis of the identified risk's impact on the organization
, I
d) Improves the organization's knowledge of its exposure to risk and facilitates selecting
the desired risk control technique
2. Examining alternative risk management techniques or treatments
a). Refers to the range of choices available to the risk manager in handling a given risk
b) Risk control stops losses from happening or mitigating the loss
(1) Risk avoidance eliminates any possibility ofloss; only risk treatment that reduces the
probability of loss to zero
(2) Loss prevention
(a) Technique reduces the likelihood of an event or the frequency of the event; proactive
Examples: Preventive maintenance program, education, vaccination program
(3) Loss reduction
(a) Involves various loss control strategies aimed at limiting the potential consequences
of a given risk without totally accepting or avoiding it; reduces severity of those
losses that other risk control techniques do not prevent
Examples: Fire sprinklers, fire extinguishers
(4) Segregation of loss exposures: Involves arranging an organization's activities and
resources, so if a loss occurred, it would not broadly affect the organization
(a) Separation: Distribution of a particular activity or asset over several locations
I (b) Duplication: A reserve or substitute is available for alternative use if the primary
source or activity is affected by a loss
(5) Contractual transfer for risk control: Directed at shifting the legal responsibility
from one party to another party; leasing of property and subcontracting activities are
frequent forms of contractual transfer for risk control
(a) Implement a program for control of contractual risk
(b) Review contracts for:
i. Risk exposures
ii. Risk assumptions
iii. Insurance provisions/requirements
iv. Hold harmless clauses
v. Indemnification
vi. Regulatory compliance
··(c) Recommend implementing modifications to additions identified as risks
(d) Ensure that a program exists for tracking maintenance and retention of contracts
and leases , ',
(6) Risk financing: All the ways of generating funds for paying losses that occur
(7) Risk retention: Involves assuming the potential losses associated with a given risk and
making plans to cover any financial consequences of such losses:
(a) Current expensing of losses
(b) Unfunded loss reserve: an accounting entry denoting a potential liability to pay for
a loss
(c) Funded loss reserve: a reserve backed by set aside funds within the organization
(d) Borrowing funds to pay for losses
(c) Affiliated, "captive" insurer: A limited-purpose insurance company set up in a
jurisdiction that is favorable to such companies, to provide insurance to entities
that are also the company's owners or affiliates; the most formalized method of risk
retention
(d) Self-insurance trust
(e) Risk retention group
(8) Risk transfer: Shifting the financial risks but not the ultimate legal responsibilities for
those losses to another entity -, '
(a) Insurance: Outside, unaffiliated insurer (e.g., commercial insurance)
(b) Non-insurance transfers: Agreement such as a hold harmless agreement or
indemnification agreement
1:
3. Selecting the best risk management technique or combination of techniques ··.I.
a) First, forecast the effects the available risk management options are likely to have on the
organization's ability to fulfill its goals
b) Second, define and apply criteria that measure how well each alternative risk arrangement
technique contributes to each organizational objective in cost-effective ways
4. Implementing selected techniques requires attention to the technical risk management
decisions that must be made by the risk management professional and the managerial
decisions that must be made in cooperation with other managers throughout the organization
to implement the chosen techniques
5. Monitoring, evaluating and improving the risk management program is done to gauge and
assess the effectiveness of the techniques employed to identify, analyze and treat risk
a) Reduce and control the number and size of payments of claims
b) Identify the most economical approaches to risk financing
c) Improve quality and safety
d) Quantify cost of risk
e) Quantify tolerance for risk
1
H. Computerized incident/ occurrence tracking
1. Risk management information systems
2. Many commercially available systems
3. Database software can support customized risk identification systems
4. Important elements of computerized system:
a) Data collection breadth and effectiveness
b) Data screening, review and coding
c) Data processing and analysis
d) Report generation and information analysis and feedback
l.
1. Take an enterprise-wide comprehensive approach
a) Identify areas for assessment: profile or~tion's current services ind relationships
i~portant in identifying the various areas for assessment
b) Identify traditional risk areas such as hazard and operational risk as well as financial and -
strategic risk
c) Analyze systems ·already in place to determine their current effectiveness
d) Determine external needs and demands
e) Review the assessments using a "risk map" if necessary
f) Identify areas of concern and existing management controls
g) Develop a risk management action plan
E. Review all existing insurance polices
F. Review contracts
G. Consider ASHRM's "Self-Assessment Tool for Risk Management Programs & Functions" (CD)
b) Confidentiality
c) Credentialing/privileging/disciplinary actions
d) Impairment
e) Billing, business situations and incentives: HHS Office ofinspector General (OIG) fraud
and abuse
f) Gatekeeper obligations under managed care plans
3. Employee-related risks
a) OSHA compliance, hierarchy of controls and record keeping
b) Workers' compensation, TPAs, pre-employment physicals
c) Employment practices
d) EEOC: Discrimination allegations
4. Property-related risks
a) Assets/structures
b) Fire
c) Earthquake
d) Flood
e) Windstorm
f) Boiler and machinery
\',
g) Vehicles i
h) Equipment
i) Records retention, including electronic media
5. Financial-related risks
a) Directors and Officers (D&O)
b) Healthcare providers
3. Chartered Property and Casualty Underwriter (CPCU) of the Professional Association for
Chartered Property Casualty Underwriters
4. Certified Safety Professional (CSP) granted by examination and the Board of Certified Safety
Professionals
5. Certified Risk Manager (CRM) available by written examination from the National Alliance
for Insurance Education and Research
D. Recognition programs
1. ASHRM Fellow (FASHRM) awarded for outstanding achievement
2. ASHRM Distinguished Fellow (DFASHRM) awarded for superior achievement in the profession
3. Criteria for both include a combination of education, leadership, publication experience and
achievement
X. Areas of ex}>ertise
A Clinical and patient safety
1. Represents the largest functional.lu-ea
2. Encompasses the current state of patient safety and staff awareness with the organization
3. Includes proactive patient safety initiatives
4. Promotes a culture of patient safety through education policy development and
standardization of processes
B. Operations
1. Includes development of an Enterprise Risk Management program for the organization
2. Covers activities associated with managing an Enterprise Risk Management program
3. Encompasses all aspects of risk identification, analysis and risk control
C. Regulatory and accreditation compliance
1. Includes all activities associated with major healthcare regulations
2. Includes all activities associated.with compliance of accreditation standards
3 . Encompasses ethical situations includes end oflife decisions
D. Risk financing
1. Includes all activities associated with financing losses
2. Includes either transferring or retaining the risk
E. Claims management
1. Includes activities associated with managing actual claims, potential claims and/or lawsuits
2. Spans activities from notification, reporting and investigation to resolution \',
I
P. Evaluating effectiveness
1. Frequency of evaluation
2. Evaluative metrics
a) Total number of claims
b) Total number of potential compensable events (PCE)
c) Total cost of risks
d) Average defense cost of particular types of claims (i.e., newborn injuries)
~ I
c) Facility must implement and maintain written policies and procedures pertaining to
disclosure
d) State law defines specific patient privacy rights
5. Disability issues
a) Americans with Disabilities Act
(1) Section 504 of the Rehabilitation Act prevents physical or mental discrimination by
any healthcare facility that receives federal funding
6. Breach of"duty to warn'' [Reisner v. Regents ofthe University ofCalifornia,31 CaL App. 4th
1195, 37 CaL Rptr. 2d 518(Cal.App.Dist.2 1995)}
7. Information sh~ing
a) Contractual provisions for the confidentiality of information
b) Obtain appropriate releases
c) All final adverse actions are required to be reported in a timely manner to:
(1) National Practitioner Dat~ Bank
(2) Healthcare Integrity and Protection Data Bank
3. Privilege
E. Performance improvement, patient safety and risk management may employ failure mode,
effect and criticality analysis (FMECA); and root cause analysis (RCA) to describe and quantifY
systemic risks and occurrences
F. Engage the performance improvement process and patient safety initiatives to improve risk
management operations and reduce exposures
1. Obtain and monitor outcomes and core measures data that can be used to evaluate risk exposures
a) Patient complaints and/or patient satisfaction
b) Occurrence report data
c) Potential compensable events
d) Compliance data
e) Outcomes of operative and invasive case review
f) Utilization review
g) Blood and blood product utilization
h) Medication use
i) Infection control
j) Environment of care
k) Human resources
1) Restraints
2. Provide thoughtfully researched (preferably peer reviewed) best practices information for
consideration
3. Support "culture of safety'' that encourages identification of opportunities for improvement
G. Basic principles:
1. Requires senior management support
2. People do not malfunction, processes do
3. Reducing process variation reduces the potential for error and inefficiency
!
2. State
a) State laws and regulations
3. Local
a) County ordinances
b) Standards of surrounding facilities or practices
XVII. Education
I,
A. An effective risk management program should have a defined education action plan
B. The action plan should address the following areas at orientation and annually
1. Purpose of risk management
2. Components of risk management process
3. Incident reporting process
4. Positive patient relations
5. Applicable federal and state laws
6. Any identified area needing improvement
I ,
C. Education strategies
1. Information
,,
a) Warnings and labels
b) Posters
c) Memos
2. Training and education\
a) Orientation
b) Annual training
3. Policies and procedures
4. Standardization of processes; order sets
5. Designs to prevent errors; mistake proofing
i
1. The environment in which patient care is received and delivered
2. Mission and policy statement
a) Highly visible
b) Overall objective ofEOC standards is to define methods/processes for the identification
and management of the inherent safety risks associated with healthcare operations
c) Overall goal is to provide a safe, functional and effective environment for patients, staff and visitors
hrrf¥,._, ·
(4) Landslides
(5) Infectious diseases
(6) War
(7) Mass transit accidents
(8) Structural collapse
(9) Chemical terrorism
'.\
b) Internal
(1) Biological terrorism
(2) Bomb threats
(3) Fire
(4) Loss of utUities
(5) Loss of medical gases
(6) Communication system failures
4. Planning and preparation
a) Emergency management planning
(1) Hazard and vulnerabUity analysis
(2) Incident command system
(3) Emergency operations center
b) Training
(1) Employee support
' I
I (2) Drills
I I
(4) Lex loci delicti commissi: The state where the injury occurred, or the one with the most
ties to the issues involved, has jurisdiction
(5) Medical malpractice
(6) Data confidentiality _and protection
(7) Technical shortfalls
(8) Cr:edentialing
(9) Licensure
4. Risk manager involvement in technology
a) Role, duty and responsibility
b) Fundamental familiarity with technology.
c) Involvement in negotiations and decision-making
d) Education for board, medical staff, administration and management
H. Staffing issues
1. Workplace staffing challenges are associated with liability exposures
a) Staffing levels
b) Need for specific skill sets: nursing, pharmacists, specialty physicians
2. Shortages are affected by:
• a) Vacancy rates
:\
b) Turnover
c) Availability in the labor market
3. TJC addresses staffing standards
a) Required staffing patterns
b) Staffing indicators
c) Monitoring of staffing
d) Screening indicators
4. Human resources indicators
a) Nursing care per patient day
b) Use of agency/registry staff
c) Overtime rates
d) Sick time
e) Staff injuries
5. Clinical indicators
a) Adverse drug events
b) Patient/family complaints
c} Injury to patient
d) Length of stay
\._
e) Patient falls
6. Risk management role
a) Provide orientation including chain of command, incident reporting, informed consent,
preservation of evidence
b) Reinforce mission statement and patient safety goals
c) Evaluate staffing patterns and levels
d) Review supplemental staffing contracts (hold harmless and indemnification provisions)
----- ..........
4. Internal process review: For claim reporting, medical case management and return to work
5. Vendor process review
6. Building the business case to implement changes to mitigate the risks
a) Speak the organization's financial language
b) Establish the cost baseline
c) Establish implementation costs
d) Develop a savings model
e) Offer solutions
f) Process redesigns
g) Policy redesigns
h) Vendor management strategies
i) Claims management strategies
j) Internal communications
k) Return to work programs
1) Safety and loss prevention strategies
m) Disease management and wellness programs
7. Implementation
a) Organizational support
b) Strategy for success
c) Support of physicians in return to work process
d) Communicate to employees
e) Training
f) Disseminate management reports
g) Measurement
• ,J,
8. Appropriate equipment
9. Safety orientation and training
F. Loss experience information
1. Revised OSHA record-keeping requirements
2. Claims history
3. Accident/illness report analyses
4. Regular reporting of conclusions to the board of directors
G. OSHA bloodborne pathogen considerations
1. Personnel need to be informed of the ri~ks and be familiar with and follow the OSHA blood-
borne.pathogei:t.s standard
2. Infecti~n can be transmitted from a patient to a staff member or from a staff member to a patient
3. OSHA standard identifies many procedural standards and use of personal protective equipment
H. Federal Needlestick Safety and Prevention Act of 2000
1. Whenever possible, needle-less sjstems should be provich!d
2. Safety needle products should always be used in any procedure where they can be used
without adversely affecting clinical care
3. Must indentify, report and trend accidental needle stick injuries, including those that might
occur in the provision of emergency medical services
I. Pre-placement programs (post offer)
1. Drug screening
2. Physical exams
3. Job analyses
]. Post-employment programs
1. Employee assistance programs
2. Employee safety programs
3. Wellness programs
K Ergonomics
1. Design of work tasks to fit the employee
2. Prevention of cumulative trauma (repetitive motion) disorders
3. Employee focused and management supported
4. Risk management involvement
L. Claims management
1\
1. Proper reserving ··.
\
2. File handling
3. Litigation management
4. Tracking and trending claims data
M. Reporting process
1. Investigate accident
~
i'
b) Employment-related litigation
c) Environmental impairment claims
d) Property damage claims
e) Civil penalties
f) Loss of accreditation
g) Potential criminal actions
. 2. Regulatory agencies and focuses
a) Department of Labor: OSHA
b) State plans
(1) 34 states as of2014 https://www.osha.gov/dsgltopics/safetyhealth/states.html
(2) Must be at least as stringent as OSHA regulations
3. OSHA safety standards cover:
a) Asbestos
b) Bloodborne pathogens
c) Cadmium
d) Confined space entry
I
I I e) Ergonomics programs
i I
i ! f) Ethylene oxide
I I \.
I i g) Formaldehyde
h) Glutaraldehyde
i) Hazard communication standard, a.k.a. Employee's "Right-to-Know Rule"
j) Hazardous waste operations and emergency response (HAZWOPER)
k) Hydrogen peroxide
1) Laboratory standard
!
'! m) Lead
n) Lock-out/tag-out standard
o) Mercury
p) Methyl methacrylate
I i
q) Solvents
r) Noise
s) Personal protective equipment
~-.---c.·,
t) Respiratory protection
u) Tuberculosis exposure control (CDC guidelines)
4. Illness exposures not directly addressed by OSHA
a) Electric and magnetic fields
b) Hazardous drugs
c) Indoor air quality
d) Infectious waste handling
e) Laser safety and electrocautery devices
f) Latex sensitivity
g) Molds
h) Video display terminals
i) Waste anesthetic gases
5. Injury exposures not directly add_ressed by OSHA
,
a) Compressed gases
b) Flammable liquid/solvent storage
c) Radiation safety
d) Workplace violence
6. TJC issues
a) Safety management
b) Security
c) Hazardous material management
d) Life safety management
e) Emergency preparedness
f) Bioterrorism
g) Equipment management
h) Utilities management
i) Social environment
7. Environmental issues
a) Resource Conservation and Recovery Act of 1976
b) Comprehensive Environmental Response, Compensation and Liability Act of 1980 (CERCLA)
c) Clean Water Act of 1977
d) Clean Air Act of 1963
e) Toxic Substances Control Act (TSCA) of 1976
f) Underground and aboveground storage tanks
g) Asbestos removal
h) Disposal of hazardous waste
i) On-site medical waste incinerators
XXVI. Contracts
A. A contract is an agreement between two or more persons that creates an obligation to do or not
do a particular thing
B. Contract formation: A bargained-for exchange of promises
1. Offer may be oral or written; some contracts (e.g., land sale) must be in writing
2. Acceptance is clear and unequivocal with regard to intent to accept; not a counter-offer
3. Consideration includes financial commitment or change oflegal position
C. Five legal essentials
1. Parties to the contract are competent
2. Contract represents mutual understanding between the parties
3. There is consideration; a bargained-for exchange oflegal value exists between the parties
4. Purpose or object of the contract is legal
6. Consortium
7. Divestiture
B. Concept of successor liability
1. Stock acquisition: N"ormally the acquiring -company assumes all legal liabilities
2. Asset purchase: Normally there is no transfer of liability
3. Successor liability: The acquiring company can be held liable for the torts of the target
company's previous owners
C. Elements for risk management review
1. Indemnity and insurance provisions
2. Histo~ic claims data
3. Senior!llanagement concerns
4. Evaluate exposures to loss:
a) Contractual liability
b) Professional liability
c) Directors' and officers' liability
d) Workers' compensation
e) Property exposures
f) Environmental exposures
g) Excess coverage
h) Fiduciary liability
i) Risk financing program
D. Divestitures
1. Analysis of key variable costs
2. Analysis of impact of the divestiture on remaining insurance program
3. Assistance with data collection for the new owners
E. Due diligence process
1. Objectives
a) Reduce the acquisition purchase price
b) Improve post-acquisition earnings and/or cash flow
c) Improve risk management effectiveness throughout the organization
d) Insulate the organization &om unanticipated exposures/costs
2. Key steps
a) Collect the necessary information
b) Analyze the subject organization's exposures to loss
c) Assess its risk financing programs
d) Evaluate its risk management policies and procedures
------~.---;-~.n-:,'
. .:·.· ·... ::...· ._
A. 1 and 2 only
B. 1, 2 and 3 only
C. 2, 3 and 4 only
D. All of the above
Amwer:B
Complete authority is not a necessary element ofa risk management program, so neither C norD can be
the right answer. Physician acceptance is a necessary element so B must be the right amwer.
3. A growing healthcare orgat\ization had a risk manager who did not have any staff and
reported to the director of n~sing, who reported to the chief operating officer. The risk
manager presented information to the employees, and the information was filtered upward
through senior management. The risk manager knew changes needed to be made due to the
growth of the organization. One additional staff member was added, and a personal computer
was purchased for the department. Although this scenario represents some changes designed
to address.the issues related to growth, the major flaw in this organization was:
A. There was no direct involvement of the board in the risk management program
B. Not enough employees were added to the risk management department
C. Not enough computers were added to the risk management department
D. The computer should have included incident tracking software
Answer: A
The correct answer can only be inferredfrom the information given. It is not possible to telL The number of
FTEs or the number ofcomputers is correct for the organization or not because no information about the
size or complexity ofthe organization is given. D is a possibility, but the fact that the risk manager presents
information that is then "filtered upward" is a clue that answer A is correct.
5. To have a successful quality improvement process, a risk management program must have
which of the following?
1. An autocratic management style
2. Interactive multidisciplinary teams
3. A mindset that most problems are caused by processes
4. Full support of senior management
A. 1, 2 and 3 only
B. 2, 3 and 4 only
C. 1, 2 and 4 only
D. 1, 3 and 4 only
Answer: B
Certainly option 1, an autocratic management style, is not right.
Answers A, C and D all contain option 1 so only answer B can be right.
6. Ultimately, the accountability for the risk management program belongs to the:
A. Risk manager
B. Chief executive officer
C. Corporate attorney
D. Board 1:·,
Answer: D
The board (or governing body) has ultimate accountability for both risk management and the quality ofcar(.
The others ~ through C) all report to someone else, and although they may be held responsible in some wa}
the ultimate responsibility and accountability rests with the board
., A. 1 and 4 only
B. 2 and 3 only
C. 1, 3 and 4 only
P. All of the above
Answer: A
. No correct answer could contain options 2 or 3 as they are wrong. A log ofthe visit by the FDA should be
kept, and senior management should be notified that an FDA inspector is in the facility. All the answers
conta,in options 2 and 3 except A; it is the right answer.
9. It is important to protect the discoverability of incident reports. Which of the following have
significant impact on whether the reports are discoverable?
1. Joint Commission/TJC stkdards
2. State statutes
3. Federal statutes
4. Case law
A. 2 and 3 only
B. 2 and 4 only
C. 2, 3 and 4 only
D. All of the above
Answer: C
In order to protect the confidentiality ofthe incident report, several approaches can be taken: provide
protection under state/federal statues regarding quality assurance and/or peer review activities, or provide
protection under the attorney/client privilege, also referred to as work product protection. Local and state
case law also affects discoverability ofincident reports. T]C standards would not have impact on whether
incident reports are discoverable.
A. 1 and 2 only
B. 1 and 3 only
C. 1, 2 and 3 only
D. All of the above
Answer: A
To maintain corzfidentiality, the original report should be sent to the risk manager immediately upon
completion. Copies should never be made, and the report must never be made part ofthe medical record.
The facts ofthe incident should be included in the medical record.
11. If a practitioner requests a telemedicine consult with another practitioner in a different state,
the consultant:
A. Must possess a valid medical license from his own state since reciprocity is granted in all states
B. Must possess a valid medical license from the requesting physician's state since reciprocity is not
granted in all states
C. May need to possess a valid medical license from the requesting physician's state since reciprocity
varies from state to state
D. Must obtain a temporary license from the requesting physician's state
Answer: C
Reciprocity requires the authorities ofeach state to negotiate and enter agreements to recognize ltcenses
issued by the other state without a forther review ofindividual credentials.
A. 2 and 3 only
B. 1 and 4 only
C. 1, 3 and 4 only
D. 2, 3 and 4 only
Answer: D
Risk management treatments refer to the range ofchoices available to the risk manager in handling a given risk. There
are two major categories that include risk control and risk finance. Risk control strategies include risk avoidance,
loss prevention, loss reduction, segregation ofloss exposures and contractual transferfor risk control Risk financing •
strategies include risk retention and risk transfer. Risk anticipation is not a risk management treatment strategy.
13. A risk m~ager should review which of the following information when considering the
effectiveness of an organization's workers' compensation program?
1. Workers' compensation claims history
2. OSHA 300 log
3. Listing of all employees and volunteers
\4. Directors and officers of the organization
A. 1 and 2 only
B. 2 and 3 only
C. 1, 2 and 3 only
D. All of the above
Answer: A
Workers' compensation claims history and the OSHA 300 (injury log) specify the frequency, severity, and
amo~nt ofinjuries an organization sustains, and the claims history identifies the resultant losses due to
injuries. This data would provide quantifiable information to assess program effectiveness.
15. Protecting outdoor air intakes can mitigate the risk of terrorists introducing airborne agents
into a facility. Steps to accomplish this include:
1. Relocate intakes to a rooftop or higher up on the building
2. Establish a security zone around the intakes
3. Add lighting and surveillance cameras to monitor the intakes
4. Implement negative ventilation throughout the building
A. 1 and 2 only
B. 2 and 3 only
C. 1, 2 and 3 only
D. All of the above
Answer: C
Applying negative ventilation will not deter a terrorist attack via airborne agents. The agent could be
introduced within the facility and negative pressure would move the agent through the facility before
expelling it and thus exposing the general population to the airborne agent. Protecting the outdoor
air intakes where airborne agents can be introduced into your facility is accomplished by relocating
17. Which of the following clauses is "the voluntary relinquishment by the insurer or self-
insurer of the right to recover from a third party''?
A. Hold harmless clause
B. Indemnification clause
C. Waiver of subrogation rights clause
D. Contractual risk clause
Answer: C
A waiver ofsubrogation rights relinquishes the insurer's right to recover from .a third party.
A. 1 and 2 only
B. 1, 2 and 3 only
C. 1, 3 and 4 only
D. All of the above
Answer: B
A contract is an agreement either written or oral, involving an offer, the acceptance ofthe offer and an
exchange consideration. The agreement must be legal in order to be enforceable.
A. 1 and 2 only
.B. 1 and 3 only
C. 2 and 3 only
D. All of the above
Answer: D
Generally a patient's freedom to choose a physician is limited by the HMO. Patients who are injured by an
HMO physician may argue that they would never have been subjected to the injury (medical malpractice}
ifthe HMO had more carefully screened its providers. In this case, the HMO specifically advertised the
exceptional quality ofits physicians.
The courts often look at advertising materials that imply that, in spite ofthe independent contractor status of
the physician, the physician was held out or represented as an employee. Such an advertisement could lead a
"reasonable" patient to believe the physician was an agent ofthe HMO and to rely upon this representation
when choosing a physician, thereby creating an ostensible or apparent agency relationship.
A breach ofcontract occurs when the HMO guaranteed or promised that its physicians could manage any
illness or injury. When the promised result does not occur, the patient has grounds to assert a breach ofcontract.
20. The due diligence process is a complicated, multi-faceted process undertaken when acquisitions
are being considered. Which of the following are objectives of the due diligence process?
1. Reduce the purchase price
2. Improve post-acquisition (\~nings
3. Increase the "bank bdok'' value of the company
4. Insulate the organization from unanticipated costs
A. 1 and 2 only
B. 2 and 4 only
C. 1, 2 and 4 only
D. 2, 3 and 4 only
Answer: C
Due diligence is undertaken by the acquiring organization in order to completely assess the risks and
strengths ofthe company to be acquired. The final offer should be based on findings ofthe due diligence
findings. Increasing the book value ofthe company would in all probability increase the askingprice and
would not be a goal ofthe acquiring company.
A. 2, 3 and 4 only
B. l, 2 and 3 only
C. 1, 3 ~d 4 only
D. 1, 2 ~d4 only
Answer: A
There is no needfor the corporate contact person to be an attorney; generally the healthcare spokesperson is
from the public relations or communication? departments. There shquld be a designated spokesperson that
is familiar with the guidelines regarding what information may be ;eleased to the media and has worked
with facility leadership to develop a media disclosure plan.
Having one spokesperson develop a relationship with media contacts can create an effective rapport between
the healthcare facility and the media and supports a professional and consistent message to the public.
Notes
I\
i
I
I,
CLINICAL/PATIENT S~ETY
Domain
\:
\
1. Identify the clinical areas that provide the greatest risk exposures in healthcare
\ 2~ Discuss the importance of having a patient safety infrastructure to support a patient safety program
',\
3. Explain the Just Culture concept and its impact on reporting patient safety events
4. Describe the components of a high reliability organization
5. Summarize the concepts behind the study of human factors engineering
6. Scire the healthcare entities subject to the national patient safety goals
7. Identify the primary organizations that influence patient safety initiatives in healthcare
8. Discuss the value of patient and family participation in patient safety
9. Summarize the components of a successful disclosure
10. Summarize the concepts of the "Second Victim Phenomenon"
11. Describe steps to implement programs to support healthcare workers involved in serious harm events
KEY TERMS
Important terms and definitions relevant to this domain
Accountable Care Organizations (ACOs) - Groups of doctors, hospitals, and other healthcare
providers, who come together voluntarily to give coordinated high quality care to their Medicare
patients. The goal of coordinated care is to ensure that patients, especially the chronic3.lly ill, get the right
care at the right time, while avoiding unnecessary duplication of services and preventfug medical errors.
Adverse .event- Negative or bad result stemming from a diagnostic test, medical treatment or surgical
intervention; an injury resulting from a medical intervention.
Critical incident stress debriefing- A facilitator-led group process conducted soon after a traumatic
event with individuals considered to be under stress from trauma exposure.
Source: https:/ /www.osha.gov/SLTC/ emergencypreparedness/guides/ critical.html
Data mining- A process that provides the methodology and technology to transform data into
useful information for decision making.
Disclosure- Communication of information regarding results of a diagnostic test, medical treatment
or surgical intervention.
Failure mode effects analysis or criticality analysis (FMEA o.t FMECA) -A proactive, systematic
assessment used to identify the steps of a process that may be subject to failure in order to design
measures to either prevent or control such failures. If a criticality phase is used in this process, the
perceived level of criticality of each type of potential failure is identified, to aid in setting priorities for
establishing control mechanisms.
Heuristic- Refers to experience-based techniques for problem-solving, learning and discovery that
find a solution which is not guaranteed to be optimal, but good enough for a given set of goals.
Where the exhaustive search is impractical, heuristic methods are used to speed up the process of
finding a satisfactory solution via mental shortcuts to ease the cognitive load of making a decision.
Examples of this method include using "rule of thumb" or "educated guess."
····.·~.·:·.· .·-
•- ,.-~ .· ,+,o. L
Hospital acquired conditions (HAC) -Section 5001 (c) of Deficit Reduction Act of 2005 requires
the Secretary of Health and Human Services to identify conditions that are: (a) high cost or
high volume or both, (b) result in the assignment of a case to a DRG that has a higher payment
when present as a secondary diagnosis, and (c) could reasonably have been prevented through the
application of evidence-based guidelines.
High-reliability organizations- Organizations with systems in place that are exceptionally
consistent in accomplishing their goals and avoiding potentially. catastrophic errors.
Human factors- The interrelationship between humans, the tools they use and the environment in
which they work.
Incident- Any happening not consistent with the routine operations of the facility or routine care of
a particular patient. Ex;unples: A union strike, a criminal act such as a homicide, or a physical disaster
including hurricanes, bioterrorism threats, etc.
Latent error --::Errors in the design, organization, training or maintenance that lead to operator errors
and whose effects typically lie dormant in the system for lengthy periods of time.
Organizational culture- Set of values, guiding beliefs or ways of thinking shared among members of
an organization. \
Ostensible agency doctrine - The doctrine of ostensible agency, sometimes referred to as apparent agency,
permits a finding of liability on an organization where there is the appearance of an employment relationship
with an independent contractor. For example, in the absence of employer-employee relationship, a managed
care organization (MCO) may still be held vicariously liable for the aets of provider physicians if the
patient had a reasonable belief that the physician was the MCO's agent and that this belief was based upon
representations made by the MCO to that effect. The burden is on the plaintiff to prove that he or she
detrimentally relied on the fact that the MCO held the physician out as its agent.
Patient Safety Organization (PSO) -The Patient Safety Act and the Patient Safety Rule authorize
the creation of PSOs to improve quality and safety through the collection and analysis of aggregated,
confidential/}ata on patient safety events. This process enables PSOs to more quickly identify
patterns of failures and develop strategies to eliminate patient safety risks and hazards. The Act
extends confidentiality and privilege protections to eligible information developed by providers for
reporting to a PSO (but not to information developed for other purposes), deliberations and analyses
conducted by either a PSO or a provider in its respective patient safety evaluation system (PSES) and
information developed by a PSO for the conduct of patient safety activities.
Root cause analysis- Multi-disciplinary study or analysis that uses a detailed, structured process
to examine factors contributing to a specific outcome (e.g. an adverse event). Also, a process
for identifying the basic or causal factors that underlies variation in performance, including the
occurrence or possible occurrence of a sentinel event.
Restraint- Any manual method, physical or mechanical· device, material, or equipment th~t
immobilizes or reduces the ability of a patient to move his or her arms, legs, body, or head freely;
or a drug or medication when it is used as a restriction to manage the patient's behavior or restrict
freedom of movement and is not a standard treatment or dosage for the patient's condition. A~,
restraint does not include devices that involve the physical holding of a patient for the purpose of
conducting routine physical examinations or tests, or to protect the patient from falling out of bed, or
to permit the patient to participate in activities without the risk of physical harm. Source: CMS-42.
CPR (Code ofFederal Regulations) 482.13(e)
Safety culture- Culture of safety emphasizes blameless reporting, successful systems, knowledge,
respect, confidentiality and trust; a culture that looks at the system, the environment, the knowledge,
the workflow, the tools and other stressors that may affect provider behavior.
I
I
Seclusion- lrivoluntary confinement of a patient alone in a room or area from which the patient
is physically prevented from leaving. Seclusion may only be used for the management of violent or
self-destructive behavior. If a patient is free to leave a time out area whenever the patient chooses, this
would not be considered seclusion based on this definition.
~Sentinel event- Any unexpected occurrence involving death or serious physical or psychological
injury, or the risk thereo£
.Telcrmedicine/tele-health -The use of telecommunications to provide medical informadon and
'services. Also, the provision of health care consultation and education using telecommunications
networks to communicate information; medical practice across distance via telecommunications and
interactive video technology (American Medical Association's Council on Medical Education and
Medical Services). The use of electronic information and communications technologies to provide
and support healthcare when distance separates the participants (Institute of Medicine).
The JoiD.t Commission (TJC)- Voluntary nonprofit accreditation body that sets standards
for healthcare organizations and conducts education programs and a survey process to assess
organizational compliance.
OUTLINE
I. Looking for Risks in All the Right Places - High Risk Areas
A. Obstetrics
1. Common risks and areas of concern
a) Failure to identify fetal status
b) Failure to timely perform a cesarean section
c) Administration of.oxytocin
d) VBAC (vaginal birth after cesarean)
e) Uterine rupture
f) Massive transfusion protocols
i
'',, 2. Typically the area ofhigh~t severity losses that warrants risk management attention and
resources
3. For more than 25 years, obstetrics has been one of the leaders in severity of professional
liability claims
4. American College of Obstetricians and Gynecologists (ACOG), Association ofWomen's
Health, Obstetric and Neonatal Nurses (AWHONN and American Academy of Pediatrics
(AAP) (provide authoritative guidelines for safe practice)
5. Documented evidence of training and ongoing competency with fetal monitoring strip
interpretation and unit policies/protocols are essential
6. Claims data .findings
a) Primary clinical issues in obstetrics claims are a neurologically impaired baby, stillbirth
and/ or neonatal death, and shoulder dystocia-related injuries.
b) Hospital-based treatment such as fetal monitoring and oxytocin administration are
significant factors in these types of claims
7. Mean length of time from filing of an obstetrics claim involving neonatal harm to resolution
is four to seven years; some cases may take longer .
8. Key components of safety initiatives on obstetrical units
a) Measuring the safety culture on each labor and delivery unit
b) Changing the culture to be more patient safety-oriented
c) Implementing team training programs
d) Standardizing key clinical protocols and physician orders based on professional standards,
guidelines and latest evidence
e) Promoting a common understanding of fetal monitoring and expectations for interventions
when the fet:ll heart rate (FHR) patterns are non-reassuring through interdisciplinary
edu~tion and certification
.,. I
I
2. Standard of care guided by the American College of Surgeons (ACS) and the Association of
Perioperative Registered Nurses (AORN)
3. Informed consent doctrines
. 4. Safe Medical Devices Act of 1990 applies to many practices in the operating room, such as
implanted devices
5. Physical infrastructure
I
~~ a) Dedicated elevators
b) Dedicated power sources
c) Dedicated gas and vacuum sources
d) Dedicated air Bow system
e) Fire management
6. Techniques to promote accurate site identification to avoid wrong-site surgery emphasized by
The Joint Commission (TJC), World Health Organization (WHO) and Institute of Medicine
. (IOM)
7. Infection controi practices are a significant patient safety issue affecting operating rooms directly
a) Infection c<;>ntrol risk assessment (ICRA)
b) Sterile processing
c) Safety walk-throughs
d) Sterile technique
e) Needle stick/sharp-related injuries
8. Legal theory of res ipsa loquitur ("the thing speaks for itself") is often evident in lawsuits
stemming from retained instrument/sponges
9. Adequate preoperative evaluation
a). Physicians and nursing staff must be clear about what constitutes timely and adequate
preoperative history and physical
b) Pre-operative checks \
c) Patient participation
d) Verification checklist
e) Time out
10. External disaster plan
11. Security
a) Traffic control in the OR is important for patient safety
b) An identification process should be in place that prevents unauthorized access to restricted areas
c) Exterior doors should be secured and video surveillance should be used in appropriate areas
12. Reduction of staff-related risk
a) Staff privileges/job descriptions should reflect current technology
b) Contract personnel
--,_,_
·~~2~;(
•
c,;c(i~;~' .
.
'
E. Intensive Care Units
1. Common risks
a) Medication administration
b) Use of monitoring alarms
c) Medical management with multiple providers
d) Electronic intensive care unit (eiCU)
2. Medication misadrninistration
a) Volume of medications ordered
. b) Computerized physician order entry
·c) Limitations on accepting verbal orders
d) High-alert medications
e) Dosage miscalculations
f) Dispensing machine errors
g) Process work-arounds
3. Use of monitoring alarms
a) Proper parameters
b) Effectiveness
4. Medical management involving multiple providers
a) Use of intensivistsltele-intensivists
b) Chain of command
c) Clear communication protocols
5. ICUs are error-prone
a) Complexity of the environment
b) Presence of multiple,.:aregivers
c) High number of interactions among caregivers
d) Technology overload
6. High stress, high complexity and staff diversity ofiCU environments can cause distractions,
miscommunications and fatigue leading to mistakes, errors and adverse events
· 7. Human factor errors
a) Skill-based errors include slips and lapses
b) Rule-based errors are actions that match intentions but do not achieve their intended
outcome due to incorrect application of a rule or inadequacy of the plan
c) Knowledge-based errors are due to knowledge deficits
8. Common ICU adverse events
a) Medication and/ or intravenous (IV) errors
b) Events during transport outside the ICU or transfer of care (handoffs)
c) Injuries associated with airways and/or ventilator use
b) Contraband controls
c) Physical plant controls
d) Visitor controls
9. Elopement prevention
10. Confidentiality of sensitive information
11. Access to behavioral health records
12. Addiction/substance abuse therapies
13. Research and experimental treatments
14. Abuse risks
a) Alleged abuser-abused
(1} Patient-patient
(2) Staff-patient
c) Human resources
(I) Employee handbook
(2) Employee proficiency
(3) Training
(a) Orientation
(b) Annual updates
(c) Certifications
d) Clinical
(1) Confidentiality and patient privacy; HIPM
(2) Infection control
(3) Patient tracking and diagnostic follow-up
2. Health literacy and cultural diversity
3. Examples of insurance coverage needed
a) General liability
b) Professional liability
c) Workers' compensation
d) Business interruption
e) Disability insurance
fj Property insurance
4. Claims data
a) Medical services traditionally provided in an acute care setting are now performed in an
ambulatory care setting; transition brings an increase in the severity and frequency of
professional liability claims
b) Medical events most likely to generate medical professional liability claims
i·.·j''·
I
72 ASHRM Preparation Guide for the CPHRM Examination
!t.
I__-···---·:·:. .J
c) Administration
(1) Injury investigation and reporting requirements, provision of physician services,
supervision of medical care and quality improvement committees
d) Quality oflife
(1) Activities or programs to promote the resident's highest practicable level of physical,
mental and psychosocial well being
e) Resident assessment
(1) Functional assessments, establishment of the interdisciplinary plan of care and timing •
and management of changes in condition
f) Investigation and reporting obligations
(!)"Facility must investigate any injury to a resident and make a report to the facility
~dministrator within five days; findings must also be forwarded to the state survey agency
5. Results are available on the Online Survey Certification and Reporting Database (OSCAR)
6. Deficiencies identified during suryey may lead to CMS imposing sanctions, penalties,
increased monitoring, ban on payment, loss of right to p~ticipate in Medicare and Medicaid
7. Office of Inspector General may investigate criminal and civil complaints
8. State surveyors may also conduct an investigation in response to reported risk event/complaint
9. Loss control focus in aging services/long-term care should address:
a) Personnel (number, training, background, competency, appropriate assignments and supervision)
b) Policies and procedures
c) Patient care (routine documentation of assessments, i.e., medical and nursing, and ongoing status)
d) Equipment, medications and supplies
10. Risk management program
a) Areas of risk for aging services/LTC facilities
(I) Slips and falls
(2) Medication errors
(3) Negligent care
(4) Decubitus ulcers
(5) Elopement
(6) Abuse allegations
b) Risk identification and tracking
c) Loss control and prevention
1:·,
d) Claims management \
.
B. Redesign healthcare systems to make .errors difficult to commit
€. Create a culture in which the existence of risk is acknowledged
D. Promote injury prevention and patient safety as everyone's responsibility
E. Patient safety infrastructure
L Empowered patient safety officer/leader
2. Board of directors support
3. Interdisciplinary participation
4. Integration of quality, risk and patient safety
5. Patient safety plan
6. Patient safety committee(s)
7. Structured monitoring and feedback process
8. Accountability
9. Communication with key personnel
10. Actively and publicly promote patient safety
11. Open communication about patient safety initiatives; transparency
12. Language of safety·
a) Taxonomy
b).Nomenclature
13. Severity levels
14. Data use, managemeni'and oversight
15. Policies and procedures
16. Leadership support for transparency and disclosure
17. Patient and family participation and involvement
18. Identify patient safety as a focus in all processes and/or design improvement activities
19. Provide patient safety educational programs
20. Identify patient safety as a priority and support patient safety initiatives
21. Allocate resources for patient safety initiatives
22. Participate in patient safety rounds
23. Request and review organizational monitoring information related to patient safety
24. Monitor leadership's contributions to patient safety
25. Identified department with subject matter expertise
m) Workers' compensation
n) Environmental safety
8. Deficiencies of patient safety data
a) Confusion about use of the data
b) Lack_of agreed-upon taxonomy and failure to use agreed-upon taxonomy
c) Analyzing rare events vs. large segments of data
d) Multiple data streams without defined process on how to view the data
e) No central repository for patient safety data
f) Surveillance bias: The organization can look better or worse than others
(1) When an organization does a thorough job of surveillance, in all likelihood it will find
II?-ore and therefore may look worse
J. Taxonomy: Error Index
1. Necessary and important component of patient safety
a) Defines a common language to ClassifY events
b) Provides known way for providers to communicate about specific events
c) Promotes comparison with other organizations
d) Creates a common understanding &om which to create action plans and drive patient
safety efforts
2. Example: NCCMERP Index for Categorizing Errors
K. Error and Human Factors: "We can't change the human condition, but we can change
the conditions under which humans work'' (Reason, J. T. (1997). Managing the Risks of
Organizational Accidents. Aldershot, Hants, England: Ashgate)
1. Issues that impact human performance
a) Factors that are present before action takes place
(1) Fatigue, stress, boredom
(2) Dehydration, hunger
1. Factors that directly affect decision making
a) Perception
b) Memory
c) Attention
d) Reasoning
e) Judgment
3. Factors that directly permit decision execution
a) Communication
b) Ability to carry out intended action
4. Human factors and fatigue
a) Fatigue can impact an individual's performance and personality
(1) Reduce decision-making ability
Availability heuristic Diagnosis made based on past Patient incorrecdy treated for GI upset
experiences despite presence of cardiac symptoms
Anchoring heuristic Diagnosis made from initial Initial set of cardiac enzymes
(premature closure) impression although not supported negative so heart attack ruled out
by subsequent data or information when patient had left arm pain
Blind obedience Diagnosis made from undue False positive pregnancy test
reliance on lab results resulted in missed appendicitis
I ,
(2) Inadequate information flow
I'
I
I
I :
lll. Sentinel Event
I
I
I
I
I
A. Must comply with Joint Commission requirements
B. Any unexpected occurrence involving death or serious physical or psychological injury, or the
risk thereof
C. Goals of the sentinel event policy
1. To have a positive impact in improving patient care, treatment, and services and preventing
sentinel events
2. To focus the attention of a hospital that has experienced a sentinel event on understanding the
factors that contributed to the event (such as underlying causes, latent conditions and active
failures in defense systems, or organizational culture), and on changing the hospital's culture, i
!
systems and processes to reduce the probability of such an event in the future
3. To increase the general knowledge about sentinel events, their contributing factors, and
strategies for prevention
4. To maintain the confidence of the public and accredited hospitals in the accreditation process
··-·~·.-,.~,,
J.' •• , , . , ; ,
D. The Joint Commission requests voluntary reporting of sentinel events
1. Must conduct a root-cause analysis (RCA) on all sentinel events
E. The product of the root-cause analysis is an action plan that identifies strategies the organization
intends to implement to reduce the risk of similar events in the future. The plan should address
responsibility for implementation, oversight, pilot testing as appropriate, time liens, and
strategies for measuring the effectiveness of the actions.
F. Critical incident debriefing
G. Subset of sentinel events that is subject to review by the Joint Commission includes any
occurrence that meets any of the following criteria (for hospitals):
1. The event has resulted in an unanticipated death or major permanent loss of function not
related_to the natural course of the patient's illness or underlying condition or
2. The evept is one of the following (even if the outcome was not death or major permanent loss
of function not related to the natural course of the patient's illness or underlying condition):
a) Suicide of any patient receiving care, treatment and services in a staffed around-the-dock
care setting or within 72 hours·;of discharge
b) Unanticipated death of a full-term infant
c) Abduction of any individual receiving care, treatment or services
d) Discharge of infant to wrong family
e) Rape, assault (leading to death or permanent loss of function), or homicide of any patient
receiving care, treatment, and services
f) Rape, assault (leading to death or permanent loss of function), or homicide of any staff
member, licensed practitioner, visitor, or vendor while on site at the health care organization
g) Hemolytic transfusion reaction involving major blood group incompatibility (ABO, Rh,
other blood groups)
h) Invasive procedure, including surgery, on the wrong patient, wrong site, or wrong procedure
i) Unintended retention of a foreign object in an individual after surg~ry or other invasive procedures
j) Severe neonatal hyperbilirubinemia (bilirubin> 30 milligrams/deciliter)
k) Prolonged fluoroscopy with cumulative dose> 1500 rads to a single field, any delivered to
wrong body region, or >25o/o above the planned radiotherapy dose
'I
(4) Community
(5) Health on the Net Code of Conduct (HONcode) seal
(6) Risk issues regarding literacy
d) Spiritual competence
i6. Risk interventions
',\
a) Safety policies articulating support of the organizational mission and values
b) Posting patient rights
c) Credential staff on matters involving newly-identified competencies
d) Promoting cultural knowledge and competent care
e) Training staff to improve communication and patient education skills
I I
f) Grievance policies and appropriate execution of policies
g) Evaluating patient education and training
h) Addressing diversity through interdisciplinary quality improvement activities
i) Literacy testing on all patient education materials and tools
j) Assessing community needs
I
~.~.~.-..-_ .. ,-.
3. Obligation to come from a place of integrity
4. Obligation to take care of the needs of providers and others involved in the incident
5. Recognize that disclosure is a process that will require multiple discussions, not an "event"
6. Recognize that the purpose of disclosu~e is not to avert litigation but to respect the integrity
of the patient/caregiver relationship .
7. Whatever promises are made d~ring this process must be kept; trust is at stake
8. Maintain close contact with the patient/family during the process; do not put the onus of
responsibility on them to maintain the relationship
F. Reasons to disclose
1. Right thing to do
2. Patient~ expect it
3. Professi~nal responsibility
4. Earn trust/possibly forgiveness of patient
5. Supports patient safety initiatives; \
6. Required byTJC for unanticipated outcomes
G. Framing the conversation
1. Acknowledgement that adverse event occurred
2. An explanation as to why it happened
3. Statement that organization taking event seriously and investigating it
4. Statement that organization taking steps to prevent similar event from happening
5. An apology (as appropriate)
H. The Four "R"s of Apology
1. Recognition: Knowing when an apology is in order
2. Regret: Responding empathetically
3. Responsibility: Owning up to what has happened
4. Remedy: Making it right
I. Personnel barriers to disclosure
1. Fear oflegalliability
2. Fear of loss of credibility and reputation
3. Fear ofloss of licensure
4. Fear of punishment by organization or loss of job
1\·,
5. Feelings of vulnerability i
4. Struggle with accepting even most well trained and competent can make mistakes
. ' '
5. Conflict of Interest
K. A successful disclosure allows the patient and family
1. -To understand what happened
2. To understand the ramifications of the event
3. To have sufficient information to make future decisions (including seeking compensation)
,, 4. To receive an apology from the organization
5. To begin to heal
:i,
11. Teamwork across units
I
12. Teamwork within units
13. Two additional questions
a) Overall grade on patient safety
b) Number of events reported in last 12 months
14. Caring for Caregivers (Second-Victim Phenomenon)
a) Support provided for employees, physicians and licensed independent practitioners (LIPs)
after involvement
';-,•,·,'.' ... -
C. Use of safety assessments surveys
1. "The delivery of survey results is not the end point in the survey process; it is j~st the
beginning. Often, the perceived failure of surveys to create lasting change is actually due to
_faulty or nonexistent ~ction planning or survey follow up."
2. Pre- and post-safety interventions
3. Utilize results for PI action plan
a) Understand your results
b) Communicate and discuss the results
c) Develop focused action plans
d) Communicate action plans and deliverables
e) Imp~ement action plans
f) Track progress and evaluate impact
g) Share what works
D. Patient safety metrics
1. Involves both reactive and proactive measures
a) Good catches resulting in a practice change
b) Number ofFMECAs
c) Number ofRCAs resulting in a policy and procedure change
d) Sentinel events with and without disclosure
e) Number of disclosures involving risk management
f) Number of lessons learned from RCA that impacted more than two units
g) Participation in a periodic PS culture survey
h) Number of committees/family councils in which patients/families participate
1:
··.
I
3. A Failure mode, effects and criticality analysis (FMECA)) is a process used to investigate
serious adverse events in an effort to identify the active and latent causes of the event.
A. True
B. False
Answer: B
False. This definition as written mor; closely aligns with a root cause analysis. FMECA's do not require
an adverse event as the basisfor conducting the analysis. A FMECA is a proactive patient scifety tool that
'I, I
includes selecting a process, identifying the failure modes, and determining the effects ofthose failures, then
implementing an improved process.
4. Nurse Johnson was administering medications to the two patients in room 236 using the
bar-coding system. According to the facility's written procedure, the nurse was to administer
each patient's medication separately. She was to scan the medication, then scan the patient's
bar code, check for any error alerts, and then administer the medication if no alerts appeared.
The nurses complained that going out to the medication cart between patients was time-
consuming. To save time, Nurse Johnson habitually scanned the medication and the patient's
bar codes while the medication was being administered. On this day, after giving patient A his
medication, he immediately became severely short of breath, signaling an allergic reaction,
and respiratory support was required. Following an investigation it was determined that
Nurse Johnson had given patient A the medication for patient B and an error alert would have
activated in the bar-coding system. Nurse Johnson's behavior is an example of:
5. Safety culture surveys are intended to assess the organizational and unit-level attitudes
regarding p_atient safety. Survey results can reveal differences in perception of safety between
types of staff (such as MD and RN) and between departments or teams. They can be used to
identify pridrities for improvement and to help create a performance improvement action plan.
A. True
B. False
Answer: A. True
6. Mrs. Cobb was admitted for surgery on her right leg. At the conclusion of the surgery, she
awoke to learn that the wrong leg had been operated upon. An investigation revealed that the
pre-operative nurse had performed the site marking incorrectly and had placed the X-rays
in the OR suite facing backward. The root cause analysis team identified that failure to have
surgeons routinely participate in the site-marking process, with confirmatio:it by the patient,
was a participatory cause of the incident. This failure identified by the root cause analysis
team is an example of:
A. Latent failure
B. Reckless failure
C. Active failure
D. Supervisory failure
Answer: A
Latentfailure. The surgeon's lack ofparticipation was not a reckless or conscious disregardfor the patient's
safety, rather it was the routine process used at this facility. The active failures at the point-ofcare were
the incorrect site marking and the mistakenly placed X-rays. There are insufficient facts in the narrative to
know whether there was also was a failure ofsupervision; therefore, answer D would be incorrect;·
7. Select the answer that best identifies those organizations that are key inHuencers in the field
of patient safety: 1
:
A. Institute of Medicine (I OM), Agency for Healthcare Research and Quality (AHRQ), Fed6-al
Communications Commission (FCC), Center for Medicare and Medicaid Services (CMS)
B. Leapfrog Group, Institute of Medicine (IOM), Institute for Healthcare Improvement (IHI),
Administration for Children and Families (ACF)
C. National Patient Safety Foundation (NPSF), Institute for Healthcare Improvement (IHI),
Agency for Healthcare Research and Quality (AHRQ), Center for Medicare and Medicaid
Services (CMS)
'I
8. Taxonomy is a necessary and important aspect of patient safety because:
A. It defines a common language to classify events.
B. It allows organizations to compare themselves to others.
C. It creates a common understanding from which to create action plans and drive patient safety efforts.
D. All of the above
Answer: D
All ofthe above
9. The Emergency Department is a high risk area for which of the following reasons?
1. Brief patient contact
2. Lack of familiarity with the patient's medical history
3. Use of nurse practitioners and physician's assistants
4. Language and cultural barriers
A. 1 and 2 only
B. 2 and 3 only
C. 1, 2 and 4 only
D. All of the above
Answer: C
Patient assessment is at the root of.many ED risk management issues. Use ofnurse practitioners and
physicians' assistants would not impede this process; however briefpatient contact, lack offamiliarity
I '
with the patient's medical history and language and cultural barriers are involved in provider/patient
I , ,
II:;.: communication issues. Because ofhigh volumes, tight time constrains and a needfor ED physicians to act
decisively even when hampered by incomplete data, errors are likely to occur.
10. A surgeon performs a hysterectomy on a 25-~-old female due to an abnormal Pap smear
result obtained as an outpatient in the physician's office. The :final pathology report on the
uterus states the uterus contains only benign inflammation with no cancerous cells present. The
case is referred to the Obstetrics department, where the actions of the surgeon are discussed at
length. It is concluded that the surgeon acted in good faith based on the incorrect Pap smear
&om an independent laboratc>ry. The patient sues the obstetrician and the hospital, and seeks
to obtain copies of the minutes and any other documents related to the Obstetrics department
meeting. Which of the following is true?
A. The risk manager should argue that the documents are for purposes of peer review and protected
under the Health Care Quality Improvement Act
B. The risk manager should argue that attorney-client privilege should apply and not produce the
documents
11. Which of the following statements regarding the use of restraints are TRUE?
1. Wrist or vest devices can be considered restraints
2. Locked seclusion is considered a form of physical restraint
3. Medicati0n used to significandy alter a patient's behavior on an emergency basis is considered a
form of chemical restraint
·'
4. Voluntary use by a patient of an unlocked "quiet room" is NOT considered a form of physical
restraint
A. 1 and 2 only
B. 1 and 3 only
C. 1, 2 and 3 only
D. All of the above
Answer: D
Anything used to restrict an individual's behavior, physical or chemical is considered to be a restraint and
appropriate guidelines must be followed. However, placing a patient in an unlocked room so they can
regain composure is not a restraint since they can leave under their own volition.
12. The legal theory res ipsa loquitur would most likely apply to which of the following
scenarios?
A. A unit of blood is given to the wrong patient
B. A tornado damages visitors' vehicles on hospital property
C. A surgical sponge is left in a patient during a cesarean section
D. A visitor slips on an icy sidewalk and fractures her hip
Answer: C
Res ipsa loquitur means the thing speaks for itselfand is often used in retained-object cases. Leaving surgical
tools is not the intention ofany procedure; as such, foreign body retention is obviously a medical error. Oiice
circumstances supporting res ipsa are established, the theory shifts responsibility for proving the case from the
plaintiffto the defendant, who must then establish a lack ofculpability.
1\
•. \
13. Behavioral health patients may be at high risk for abuse. Which of the following statementS
regarding the risk of abuse of behavioral health patients are true?
1. Pediatric, adolescent, and geriatric behavioral health patients are particularly vulnerable
populations that may be at even greater risk for abuse
2. A crucial abuse prevention strategy is to require that all behavioral health workers undergo
reference checks and criminal background checks before they are allowed to work with patients
, A. 2 and 3 only
'\
· B. 2 and 4 only
C. 1, 2 and 3 only
D. 1, 2 and 4 only
Answer:·.C
Regardle'ss ofthe degree ofconfusion or disorientation ofthe patient, all abuse allegations must be seriously
considered and thoroughly investigated. During the course ofthe investigation, the staffin question should
be suspended to prevent patient tampering and to reduce potential additional risk to the patient or other
patients, and the staffin question. The investigation results will determine whether the suspension is with or
without pay.
14. A study published in 1999 revealed that approximately 44,000 to 98,000 people die each }'ll3.t in
US hospitals due to preventable medical errors. The entity that directly initiated the study was: ·
A. The Joint Commission
B. The Centers for Medicare and Medicaid Services
C. The Institute of Medicine
D. The U. S. Congress
Answer: C
"To Err Is Human: Building a Better Health System" is the Institute ofMedicine's landmark 1999 report
on medical error.
A. 1 and 2 only
B. 1 and 3 only
C. 1, 2 and 3 only
D. All of the above
Answer: A
To maintain confidentiality, the original report should be sent to the risk manager immediately upon
completion. Copies should never he made, and the report must never be made part ofthe medical record.
The facts ofthe incident should be included in the medical record.
1
j
16. H a practitioner requests a telemedicine consult with another practitioner in a different stat~,
the consultant:
A. Must possess a valid medical license from his own state since reciprocity is granted in all states
B. Must possess a valid medical license from the requesting physician's state since reciprocity is not
granted in all states
C. May need to possess a valid medical license from the requesting physician's state since reciprocity
varies from state to state
D. Must obtain a temporary license from the requesting physician's state
Answer: C
Reciprocity requires the authorities ofeach state to negotiate and enter agreements to recognize licenses
issued by the ot#er state without further review ofindividual credentials.
17. For more than 20 years, which of the following high-risk clinical specialties has led, or been
close to the top of, severity statistics for liability claims?
A. General surgery
B. Obstetrics
C. Neurological surgery
D. Emergency medicine
Answer: B
Claim statistics show that adverse events in obstetrics are generally high severity and are at the top ofseverity
lists. Whenever there is a bad outcome in the birth ofan infant, often the parents look to assign liability to
the obstetrician and/or hospital.
Notes
',\
~----. -----.-----.-.-:,-.
. ~· •. r·· .. _.,.,.,-~--.,---.- -------
~·~·-,-~--
--~-----~·~---- --~-
1:·,
\
KEY TERMS
Important terms and definitions relevant to this domain:
Advance directive- Written instructions recognized under law relating to the provision ofhealthcare when
an individual is incapacitated. Examples include living will and durable power of attorney for healthcare.
Age Discrimination in Employment Act- 29 U.S. C. Section 621 et seq. The federal statute
prohibiting certain types of employment discrimination on the basis of age.
I ,i
Americans with Disabilities Act- 42 U.S. C. Section 12101 et seq. A federal statute aimed at
prohibiting discrimination against individuals with certain mental and physical disabilities in the
areas of employment and public accommodation.
i I
I
I Anti-kickback statutes- Medicare-Medicaid Anti-Kickback Statute (42 USC § 1320a-7b).
!
Knowingly and willfully seeking or receiving a bribe, rebate or kickback for a referral for a program,
reimbursable item or service.
'~twill" employment- Can be terminated at any time by either party (employee or employer), for
any reason or no reason. \
Autonomy- The right to self-govern or self-manage; the capacity to make an informed, uncoerced
decision.
Becomes aware -A facility becomes aware of an event when the clinical personnel employed or
affiliated with a user's facility learn of a potentially reportable event.
Belmont report- Report describing the basic ethical principles on which all biomedical and
behavioral research should be based.
Beneficence - The concept of doing good.
Capabilities- CMS refers to two requirements: 1) physical capabilities and 2) personal capabilities.
• Medical facility capabilities: Physical space, equipment, supplies and services the hospital
provides (e.g., surgery, psychiatry, obstetriCs, pediatrics).
• Staff capabilities: Level of care the personnel of the hospital can provide within the training and
scope of their professional licenses.
Capacity-
• Hospital: Ability of the hospital to accommodate the individual requesting examination or
I .:1', '
----'----~ -- ._ -'--"--'--"-------
treatment of the transferred individual; encompasses such things as numbers and availability of
qualified staff, beds and equipment and the hospital's past practices of accommodating additional
patients in excess of its occupancy limits.
• Patient: The mental ability to make rational de_dsions.
Case law- Law based on judicial precedent rather than statutory law.
Civil false claims- Enables lawsuits by government or any individual (qui tam relator) against one
who submits a false claim to the government.
Common law- Used interchangeably with case law.
Common rule (45 CFR 46)- Basic Department of Health and Human Services policy for
protection of human subjects that encompasses the human subject protections followed by all federal
agencies that sponsor research.
Conditions ofParticipation (CoPs)- Requirements hospitals must meet to participate in the
Medicare and Medicaid programs.
Corporate compliance- As relates to healthcare fraud and abuse, any number of programs and
initiatives undertaken by providers to avo~d civil and criminal inv~tigations and charges related to
improper billing procedures, inappropriate referrals, kickbacks and' other prohibited activities under
federal statutes such as the Anti-Kickback Act and the Stark I and Stark II amendments to the Medicare
Act. Many healthcare providers have taken corporate compliance programs beyond these specific
legislative and regulatory requirements to encompass broader corporate business ethics concerns.
Covered entities (CEs) -Any healthcare provider who transmits health information in electronic
form in connection with a "standard transaction." Among covered entities are healthcare providers
(hospital, physicians, insurance company, etc.) and health plans (pay for cost ofhealthcare),
healthcare clearinghouses (furnish bills or pays for healthcare services).
Dedicated emergency department (DED) - Must meet one of the following criteria:
• Licensed as an emergency department
• Advertises itself as providing emergency care
• One-third or more of walk-in patients seen for conditions that are considered "emergency
medical condition" as defined within the statute. -
Drive-through deliveries - Childbirth resulting in short postpartum stay as determined by the
managed care organization or other health plan.
Elder abuse - Single or repeated act or lack of appropriate action, occurring within any relationship
where there is an expectation of trust, which causes harm or distress to an elderly person. ',
Elements of informed consent for research - Include full disclosure of the nature of the re5earch '
and the subject's participation, adequate comprehension on the part of the potential subject and the
subject's voluntary choice to participate.
Emergency medical condition (EMC) -Medical condition manifesting itself by acute symptQms of
sufficient severity (including severe pain) such that the absence of immediate medical attention 't:oulH
reasonably be expected to result in:
• Placing the health of the individual in serious jeopardy
• Serious impairment to bodily functions
• Serious dysfunction of any bodily organ or part
Or with respect to a pregnant woman who is having contractions:
- ,_-·;1.
Med Watch form - Required form filed by facilities required to report events, injuries of patients.
Minimum necessary - Least amount of PHI disclosed to meet the request and accomplish the
intended purpose.
Non-maleficence- Avoiding harm; to not harm intentionally.
Notice of privacy practices (NPP) -Provided by covered entity which delineates how CE routinely uses
and discloses PHI, provides the rights and responsibilities of the patient, to whom the patient may complain.
Office of Civil Rights (OCR)- Office within Department of Health and Human Services which
enforces HIPM Privacy and Security compliance.
Paternalism -A unilateral and sometimes unreasonable decision by health care providers that implies
that they know what is best, regardless of the patient's wishes.
Patient Self Determination Act (42 USC Section 1395 et seq.)- Federal statute requiring certain
healthcare orga~izations to provide patients with information regarding advance medical directives.
Protected health information (PHI) - Includes information regarding a patient's condition and
provision of payment (past, present, future).
Prudent layperson standard - Request of the individual will be'considered to exist if a prudent
layperson observer would believe, based on the individual's appearance or behavior, that the
individual needs examination or treatment for a medical condition.
Regulation - Legislative mandates such as federal and state law; there are others that reflect
regulatory requirements, such as government-sponsored programs (e.g., Medicare).
Research -Activity designed to test a hypothesis, permit conclusions to be drawn and thereby to develop
or contribute to general knowledge; also "a systematic investigation, including research development,
testing and evaluation, designed to develop or contribute to general knowledge" (45 CPR 46.102(d)).
Sarbanes-Oxley Act (SOX) - Applies to public companies that are required to file periodic Securities
and Exchange Commission (SEC) Reports under Sections 12 or 15 (d) of the Security Exchange Act
of 1934 or if the public company has filed a registration statement that has not yet become effective
under the Securities Act of 1933.
Single use devices (SUDs) - Devices reprocessed for reuse originally intended for single use.
Stabilized- With respect to an EMC, that no material deterioration of the condition is likely, within
reasonable medical probability, to result from or occur during the transfer of the individual from a
facility, or, with respect to pregnancy, that the woman has delivered, including the placenta.
Surrogate - One who legally stands in place of another.
Telemedicine I telehealth - The use of telecommunications to provide medical information and
services. Also, the provision of healthcare consultation and education using telecommunication
networks to disseminate information; medical practice across distance via telecommunications and
interactive video technology (American Medical Association's Council on Medical Education and
Medical Services). The use of electronic information and communications technologies to prov~~e
and suppon healthcare when distance separates the participants (Institute of Medicine). \
Vulnerable subjects - Human subjects are considered vulnerable and require special considerations
if there are legitimate concerns about competency to understand information presented to them an~
make reasoned or informed choices; populations include children, pregnant women, prisoners, those
with psychiatric, cognitive and developmental disorders and substance abusers.
ID.Ethics
A. Ethical Basics
1. Ethics center on deliberations and explicit arguments to justify particular actions
2. Created by the collision of:
a) Law
b) Medicine
c) Biotechnology
d) Business
e) Philosophy
f) Religion
.I
:~
,;:y:;;-:.-:.·.·
3. Focuses on the reasons why an action is considered right or wrong
a) Ethical principles and moral obligations
b) Societal policy
c) Professional guidance (code of ethical behavior vs. clinical ethics)
(1) ASHRM Code of Professional Conduct: available at http://www.ashrm.org
Practicing responsibility to the profession
Practicing responsibility to those we serve
Avoiding conflict of interest
(2) AMA's Principles of Medical Ethics: available at www.ama-assn.org
(3) U.S. Ag~ncy for International Development
· (a) How to interpret the federal policy for the protection of human subjects of
"Common Rule"· available at www. usaid.gov
B. Ethical Principles
!.Autonomy
a) Ability to make decisions with~ut undue influence .\
b) Fundamental basis for informed consent and informed refusal
2. Beneficence
a) To do good and protect from harm
3. Non-maleficence
a) To avoid causing harm or prohibition against cruel treatment
4. Justice
a) Fairness and equal distribution ofhealthcare, non-discriminatory care
C. Moral Obligations
1. Related to conduct that conforms to accepted customs or conventions of a people
2. Respect patient's privacy and protect confidentiality
3. Communicate honestly about all aspects of the patient's diagnosis, treatment and prognosis
4. Determine whether patient is capable of sharing in decision making
5. Conduct an ethically valid process of informed consent
D. Ethical issues
1. Advance directives: A method to make decisions known to healthcare providers
2. Do-not-resuscitate orders: Physician communication to other healthcare providers that is
typically based upon prior conversation with patient/family
3. Research: Includes identification of risks and benefits, addresses data collection and pr~tecq
1
the subject's rights (including termination of participation) •
4. Institutional review boards: Charged with establishing protocols for and oversight of clinical trials
I
5. Informed consent \
E. Patient Self-Determination Act of 1990
1. Overview of the law
a) The law, 42 U.S. C. 1395 cc (a), established the right of competent patients to make
\ e) Requires providers to develop policies and procedures to address a patient's right to refuse
treatment and to execute an "advance directive" in accordance with individual state laws
f) Requires healthcare providers to furnish information about self-determination to their patients
2. Requirements
a) Written policies and procedures
(1) Living wills
(2) Durable power of attorney
b) Notice of Rights to provide information to patients concerning:
(1) Right to make healthcare decisions
(2) Right to accept or refuse care
(3) Right to formulate advance directives
!;
I
:I
(4) Presented at time of admission for inpatients, at time of enrollment for HMOs, prior
'I
to care for home health agencies
c) Documentation in medical record of advance directive
d) May not require advance directive as precondition to care
e) Compliance policy must be instituted to deal with elements oflaw and establish a formal
process for investigating and resolving patient grievances
f) Proyide education for staff and community on issues concerning advance directives
3. Applies to:
a) Hospitals
b) Nursing homes (SNFs)
c) HMOs participating in Medicare
d) Home care and hospice programs
e) Hospice programs
4. Does not apply to:
a) Free-standing outpatient clinics
b) Private physician offices
5. Recognized under state law; specifics apply to each state's laws
6. Penalties/sanctions
a) Condition of Participation in Medicare and Medicaid programs
b) Appeal process
:I
rv. Consent
A. Introduction
1. Consent is an important element of the provider/patient relationship
2. Consent is the act of agreeing to a specific diagnostic test or treatment; it can be characterized
as a contract for agreed upon services
3. Consent is a communication process between provider and patient, not merely the
completion of a form
4. Consent can be characterized as a contract for agreed upon services
5. Consent is practitioner's (individual who is to conduct the proposed test or treatment)
responsibility that is non-delegable
6. Consent presumes that an adult is capable of making treatment choices, as are minors under
defined circumstance
B. Legal sources of influence in the consent process
1. Federal law- Consumer Bill of Rights and Responsibilities published in 1997 reiterates the
fundamental framework of consent
a) Provide easily understood information to patients and opponunity to select among options
b) Discuss all treatment options with a patient in a culturally competent manner, ~eluding
the option of no treatment
c) Ensure that patients with disabilities have effective communication with care providers and
the tools for effective communication (e.g., interpreters, communication boards, etc.)
d) Discuss all current treatments a consumer may be undergoing, including alternative'\
treatments and those that are self-administered ·
e) Discuss all risks, benefits and consequences to treatment or non-treatment
f) Give patients the opponunity to refuse treatment and to express preferences about future'·
treatment decisions
g) Discuss the use of advance directives- both living wills and durable powers of attorney for
healthcare with patients and their designated family members
<;"".
Jl::
.-~~
'
~~
.
h) Abide by the decisions made by patients and/ or their designated representatives consistent '-:j
c) Time commitment associated with proposed and alternate treatments, including rehab,
physical therapy or long-term medication management
d) Urgency to undergo the test or treatment
e) Consequences of·deferring or refusing the tester treatment
F. Exceptions from the General Rules of Consent
1. Emergency treatment exception
a) Basic criteria
(1) Life threatening illness or injury requiring immediate attention
(2) Patient unable to communicate
(3) ;N"o time to secure treatment authorization
(4) ~imited to care only to extent that it is necessary to rectify the urgent situation
(5) Comprehensive documentation supporting the emergency condition and fulfillment of
the basic criteria
(6) Steps to minimize inappropriate use of emergency~xception:
(a) Clinical decision support tools such as clinical pathway or decision trees for
declaring emergency
(b) Staff and physician education
(c) Comprehensive documentation
2. Therapeutic privilege exception
a) To protect the patient from consequential harm arising from disclosure of medical information
b) Criteria for invoking the privilege
(1) Assessment of facts and circumstances
(2) Assessment preferably made by someone not involved in the patient's care
(3) Comprehensive documentation of assessment and decision
3. Compulsory treatment situation
a) Empowers public health officials to test, treat or quarantine individuals with infectious illnesses
G. Importance of an Informed Refusal of Care
1. Patient or recognized decision-maker must have mental capacity
2. Inform patient of consequences of refusal of proposed test or treatment
3. Document discussion with patient or recognized decision-maker
4. Patients and decision-makers have the right to withdraw consent
H. Needs of Specific Patients in the Informed Consent Process
1. Preliminary screening to identify special patients
2. Patients who warrant special considerations
a) Minors
(1) State laws differ
(2) Mature or emancipated minors may consent to treatment related to pregnancy,
sexually transmitted disease, mental health treatment or alcohol abuse· treatment
(3) Physician should assess minor to ensure such minor has the appropriate level of
judgment and reasoning skills for medical decision making
b) Mentally disabled or challenged per~ons, such as those with dementia or psychosis
c) Patients undergoing specific care as may be identified by law
(1) Breast cancer
., (2) SterUization
(3) Blood transfusion
(4)HN
d) Auditory, speech or visually impaired patients - ADA requires reasonable accommodations
to
facUitate the patients understanding, such as use of telephone or amplification devices,
sign language, interpreters for limited English proficiency, etc.
e) Culturally sensitive situations
f) ~esearch patients - Have a specific process and form that must be followed
(1) Addressed in the PSDA
(2) Identify risks and benefits of participating in research
(3) Minimize risks
(4) Perform risk-to-benefit evaluation
(5) Determine intervals of periodic review
(6) Determine mechanisms for monitoring data collection
(7) Protect subject's rights that mandates a process for accepting, rejecting and terminating
participation in research
I. Consent Litigation
1. Despit.e the presence oflaws and controls, consent- or lack of it- remains a persistent basis
for claims in professional liability lawsuits.
2. Consent litigation reflects a breakdown in the provider-patient relationship
3. Risk managers should be familiar with consent-related issues arising from
a) Managed care
b) Compulsory treatment situations
c) Behavioral health settings
d) Minors
e) Ambulatory care
f) Documentation
4. Results of a breakdown in the consent process
a) Battery - care provided absent consent or after consent is withdrawn
b) Unprofessional conduct
c) Negligent consent- FaUure to disclose material risks
d) Misrepresentation or deceit - intentional harm
e) Breach of contract- Assertion that care promised was not achieved
····· . .-.
-···.-:.-
d) CoP: Surgical Services
(1) Scope of the services:
(a) Staffing
(b) Duties of staff
(c) Surgical privileges
(d) Consistency between quality of inpatient and outpatient surgical services
(2) Delivery of service requirements
(a) Medical history and physical examination
(b) Informed consent form
·{c) Post-operative care requirements
.(d) Operating room register
(e) Operative report
e) CoP: Patient's Rights Standard.s
'
(1) Notice of Rights- patients notified in writing
(a) Complaint and Grievance Process
(2) Exercise of Rights: Patient has the right to participate in medical decision making
(3) Privacy and Safety: Patient has right to privacy and a safe environment
(4) Confidentiality of Medical Records: Reaffirms and strengthens confidentiality of
medical information
(5) Restraint or seclusion: Protocols for use of restraints and seclusion including staff
education mandate
f) CoP: Complaint and Grievances Standards
(1) Standards set by CMS that hospitals must follow to manage complaints and grievances
(2) Standards must ensure:
(a) Families are informed of their rights to present complaints and the mechanism to
do so; by issuing a complaint it does not compromise patient's future access to care
(b) Analysis of complaints and appropriate action is taken to correct the issues
(c) A response is sent to each patient/family which addresses the complaint.
g) CoP: Quality Assessment and Performance Improvement Program
(1) Standards
(a) Must develop, implement and maintain effective, ongoing hospitalwide, data-
driven quality assessment and performance improvement program ,.,
. \
(b) The program must include, but not be limited to, an ongoing program for which
there is measurable evidence that health outcomes will improve and medical errors
will be indentified and reduced.
(c) Must measure, analyze and track quality indicators including adverse patient events and
other aspects of performance that assess processes of care, hospital service and operations
(d) Must take actions aimed at performance improvement, measure success of
interventions and monitor to ensure improvements are sustained ·
- _, ____________
, ___________________________________________
c) Institutional rights
(1) Institution may suspend or restrict privileges for 14 days during which an investigation
may be conducted to determine the need for a professional review action
(2) Institution may summarily suspend privileges, subject to subsequent notice and
hearing, if failure to take such action would jeopardize the health of any individual
4. Established the National Practitioner Data Bank (NPDB)
I
:, a) Purpose ofNPDB
(1) Collects information on healthcare practitioners related to the professional competence
and conduct of physicians, dentists and other healthcare practitioners
(2) Tracks practitioners who have been defendants in malpractice claims that have
concluded with either a judgment or settlement
(3) Collects information on practitioners with adverse action against their hospital
privileges or their license to practice
(4) Provides conditional immunity from anti-trust suits against healthcare facilities and
their medical staff that participate in peer review, provided that:
(a) Due-process protections were made available to the physician under review, and
(b) The reviewers acted in good faith in furthering quality patient care
b) Entities that must report include
(1) Hospitals and other healthcare providers
(2) Medical and dental licensing boards
(3) Medical malpractice payors, including medical liability carriers, SIRs, trust, captives, RRGs
c) Entities with access to' the reported data include
(1) Hospitals
(2) Other healthcare entities with formal peer review
(3) Professional societies with formal peer review
(4) Boards of medical or clental examiners and other healthcare practitioner state licensing
boards
(5) Plaintiff's attorneys of plaintiffs representing themselves (some limitations)
(6) Healthcare practitioners - self query
(7) Researchers (statistical data only)
d) Reporting Requirements
(1) Payments of judgments or settlements made on behalf of specified licensed
practitioners, regardless of the amount in response to written demand - report within
30 days of the date of payment to NPDB
(2) Hospitals and other healthcare entities: Actions taken which adversely affect privileges
of physicians and dentists or membership on the staff- report within 15 days of
adverse action to board of medical examiners
(3) Disciplinary actions taken by State medical and dental boards -licensing board reports
within 30 days
3. Rewards facilities with better patient outcomes, processes and experiences instead of just
volume of services and penalties apply if hospital is non-compliant
4. Funded by a 1.25 percent reduction from participating hospitals' base-operating Diagnosis-
Related Group (DRG) payments in FY 2014
d) The FDA wanted to intensify the act as hospitals initially were either not reporting or
under-reporting serious events, illnesses, injuries or death that were caused by, or related
to, medical devices
e) Requirements of the act
(1) Reporting serious events
(2) Tracking of several implantable devices
f) Facilities that are required to report
(1) Hospitals
(2) Ambulatory surgical facilities
(3) Nursing homes
(4) ~orne health agencies
(5) Ambulance providers
(6) Rescue squads
(7) Rehabilitation facilities
(8) Psychiatric facilities
(9) All outpatient diagnostic and treatment facilities that are not physicians' offices
g) Facilities exempt from reporting
(1) Offices including physicians, chiropractors, optometrists, nurse practitioners, dental offices
(2) Employee health clinics
(3) Freestanding care units
(4) Patient confidentiality protections
(a) Reportable events should be handled under peer review, quality improvement or
other related protection programs
2. Reporting
a) If device has or may have caused or contributed to a death, report to product manu&ctt.I.rer (if
known) and FDA within 10 working days of notice (eMDR Electronic Medical Device Reporting)
b) If device has or may have caused or contributed to a serious injury, report to product
manufacturer only within 10 working days of notice. If the manufacturer is unknown,
report to the FDA (eMDR Electronic Medical Device Reporting)
c) If a facility submitted any eMDR Electronic Medical Device Reporting reports to the
manufacturer or the FDA, the facility must submit a summary to the FDA no later than Jan.1
3. Medical device tracking via FDA Modernization Act of2002
a) Requires the final distributor (such as a hospital) to collect patient identifying inforn.'\atio\l
1
for each patient who receives a tracked device and submit this to the manufacturers ·
b) Accreditation requirements
(1) The Joint Commission
"c) Manufacturing trends: Outsourcing of products
(1) Product quality and safety outside full control of corporation
_ 5. Product Recall Challenges
a) Oevelop standardized processes to receive and disseminate information about product
recalls, notifications, and safety alerts to appropriate departments and individuals
(1) Accountability- Establish who is responsible
(2) Communication plan
(3) Consider pharmaceuticals
(4) Alerts tracking mechanism
b) Timely management of recall and replacement efforts
-c) Establish a claims processing mechanism
H. Emergency Medical Treatment and Labor Act (EMTALA)
1. Overview of the law
a) Part of the Consolidated Omnibus Budget Reconciliation Act of 1986 (COBRA)
b) Enacted in response to· practice of "patient dumping," the transfer of uninsured individuals
from one hospital emergency department to another for no reason other than inability to pay
c) Congressional mandate for hospitals and providers to provide a "safety net" for persons
seeking assessment and care for a possible clinical emergency at a Medicare-contracted hospital
d) Applies to: \
(1) Hospitals that participate in the Medicare program and have a dedicated emergency
department (DED)
(2) Emergency physicians
(3) On-call physicians
2. Requirements
a) Provide a medical screening examination to determine if an "emergency medical condition''
(EMC) exists
b) If an EMC exists, provide appropriate medical treatment to stabilize the patient, subject to
the availability of resources (capability/capacity)
c) If capability/capacity is not available, provide "appropriate" transfer to facility that does
have capability/capacity to stabilize EMC
d) Participating hospital must accept a patient transfer from another hospital if it has the capability/
capacity to provide stabilizing treatment to patient that the transferring hospital does not have
10. Penalties/sanctions
a) Non-compliance may result in investigation by state licensing authority (SA), state quality
improvement organization (QIO), CMS, the Office of the Inspector General (OIG) or
Of11 ce of Civil Rights (OCR)
b) Civil monetary penalties (CMPs) of up to $50,000 per violation for hospital and! or physician(s)
c) Can lead to termination of participation in Medicare program for both hospitals and physicians
d) Hospital has a duty to report violations or inappropriate transfers (e.g., no prior notice
from other hospital, financial "dumps," etc.) to state licensing authority or direcdy to CMS
within 72 hours - not doing so is, itself, a violation
e) Whisde-blower statute: any facility or individual who retaliates against physicians or other
qualified individuals who refuse to authorize unsafe or inappropriate transfer or anyone
who reports suspected EMTALA violation, can be fined
11. Risk management implications ofEMTALA
a) EMTALA violations are too cosdy not to have policies and procedures established and
education provided and enforced to ensure compliance
b) Staff should be trained/ retrained on EMTALA compliance at least annually
'
c) Staff should be educated to treat presenting patients based on presenting signs arid
symptoms to avoid potential EMTALA violations
d) Staff should understand that MCOs cannot deny a patient access to hospital services but
may deny payment for those services
I. Medicare Regulations for Long Term Care Facilities (LTC)
1. Overview of long-term care
a) Care provided in person's home or community, assisted living facilities (ALFs), skilled
nursing facilities (SNFs), continuing care retirement communities (CCRCs), etc.
2. Omnibus Budget Reconciliation Act of 1987 (OBRA)
a) Basis for uniform regulations governing care and assessment of nursing home residents
under Federal Nursing Home Reform Act of 1987
-a) Become familiar with mandatory reporting requirements, including permitted statutory
exceptions relating to child, elder and dependent adult abuse and neglect
b) Provide ongoing education to hospital staff and physicians of the reporting obligations
under state laws
c) Develop a policy for identification and reporting of elder abuse
d) Review information from National Center on Elder Abuse (www.elderabusecenter.org)
_L. The Americans with Disabilities Act (ADA): Title III Nondiscrimination on the Basis of
Dis~bility in Public Accommodations and Commercial Facilities www.usdoj.gov/crt/ada
1. Title III prohibits private entities that provide public accommodations and services from
denying goods, services and programs to people based on their disabilities.
a) Includes the following:
(I) Structural accessibility requirements for private entities
(2) Programmatic access: Reasonable modifications in policies and procedures or practices when
such are necessary to provide same level of goods, services, etc. to disabled as non-disabled
2. Public accommodations:
a) Must not impose or apply eligibility criteria that screen out or tend to screen out an
individual with a disability or any class of individuals with disabilities
b) May impose legitimate safety requirements that are necessary for safe operation.
c) May not impose a surcharge on a particular individual with a disability or any group of
individuals with disabilities to cover the costs of measures for accommodation
3. Definition of a disability according to ADA
a) A physical or mental impairment that substantially limits one or more of the major life
activities of such individual
4. Examples of physical or me)ual impairment
a) Anatomical loss affecting one or more of the following body systems
I'
I
b) Any mental or psychological disorder such as mental retardation, organic brain syndrome,
emotional or mental illness, and specific learning disabilities
c) Includes, but is not limited to orthopedic, visual, speech, and hearing impairments,
cerebral palsy, epilepsy, muscular dystrophy, multiple sclerosis, cancer, heart disease,
diabetes, mental retardation, emotional illness, specific learning disabilities, HN disease,
tuberculosis, drug addiction, and alcoholism
5. Major life activities
a) Functions such as caring for one's self, performing manual tasks, walking, seeing, hearing,
speaking, breathing, learning, and working
M. Clinical Laboratory Improvement Act (CLIA)
1. Overview of the law
a) Enacted in 1998 by Congress to establish quality standards for clinical laboratories
·-· ~
3. Responsibility of institutional review boards (IRBs)
a) Reviewing all clinical, translational research conducted at the institution
b) Reviewmg minimization of risks to human subjects to the greatest extent possible
c) Reviewing equitable selection of subjects
d) Assuring risks are reasonable in relation to anticipated benefits
~ Assuring risks, benefits and alternative options are clearly communicated to potential
human subjects during the informed consent process
f) Educating the research community on proper conduct of research
g) Assuring privacy and confidentiality of research subjects
4. IRB ~uthority and membership
a) Authority
(1) Prospective review
(2) Monitoring
(3) Require modification of protocols
(4) Approve or disapprove the research
b) Membership
(1) Minimum of five members of diverse backgrounds
(2) Includes one non-affiliated member, one non-researcher, one scientific member
(3) No member may participate in an IRB review of a study with which the IRB member
has a conflict of interest
(a) Member is the investigator
(b) Member has a financial interest
(c) Member has any other interest that may have an adverse impact on the ability to
exercise independent judgment
5. IRB activities \
a) Review of application and proposal for DHHS-funded human research
b) Prospective and ongoing review of research activities (non-exempt)
c) Review and approval of research conducted at intervals appropriate to the degree of risk,
but not less than once per year
d) Reporting of adverse events and unexpected risks to human subjects
e) Approval of amendment and modifications to protocols and consent forms
f) Documentation of review of protocols, actions, findings, and attendance in IRB minutes
6. Compliance
a) Oversight by DHHS and Food and Drug Administration (FDA)
b) Scope: Results of research, whether in terms of scientific recognition and/or financial
reward, may never take priority over the research subject
(1) Conduct compliance inspections of institutions engaged in research
(2) Provide oversight ofiRB activities
-~-~.-.-.
--- --- _ _ ',.1.:_;_;,~:.;__._,___,_ ·~---
-_;:.'·.
7. Common deficiencies identified by DHHS Office for Human Research Protections (OHRP,
www.hhs.gov/ ohrp)
a) Consent form deficiencies
( 1) Language not understandable to public
(2) !~adequate explanation of benefits
..
(3) Failure to address all elements of informed consent
(4) Failure to describe all research procedures
b) IRB procedural and process dellciencies
(1) Inadequately written policies and procedures
(2) Improper use of expedited review
(3) Inadequate information available to support risk, benefit determination
(4) Substantive changes to protocol and consent without full IRB re review
(5) Failure of documentation of IRB actions
c) Lapsed IRB approval (approval valid for one year)
d) Failure to report unanticipated problems involving risks to subjects, serious and continuing
noncompliance, suspensions and terminations to OHRP
8. Risk management considerations with human research subjects
a) Understand protection rights of human subjects
b) Know confidentiality of human subjects is held to higher level than general patients
c) Understand common deficiencies cited by OHRP and work with responsible persons to
assure compliance with human subject research activities
0. Patient Safety and Quality Improvement Act
1. Overview of the law
a) Law enacted in 2005
b) Medical error: failure of a planned action to be completed as intended or the use of a wrong
plan to achieve an aim, including problems in practice, products, procedures and systems
c) Patient safety organization (PSO): private or public entity or component thereof that\"
is listed by the Secretary of the Department of Health and Human Services (DHHS)
pursuant to the Act
(1) PSO must be certified and listed by DHHS
d) Patient safety work product (PSWP): any data, reports, memoranda, analyses (such as root
cause analyses) or written or oral statements
(1) Assembled or developed by a provider for reporting to a PSO and are reported to a
-~-''·· --------------------~---~-
(g) Law enforcement authorities if necessary for criminal law enforcement purposes
(h) If other than a PSO, PSWP does not include assessment of provider's quality of care
(6) PSWP continues to be privileged and confidential even after disclosure; however, no
confidentiality provisions in criminal proceeding
(7) No privilege or confidentiality protections when non-identifiable PSWP is disclosed
9. Wlpsde-blower protection
. loss of employment, failure to promote individual, failure to provide employment-
' a) Includes
related benefit, adverse decision made in relation to accreditation, certification,
credentialing or licensing of individual
10. PSOs and HIPM
a) PSOs treated as business associates under HIPM
b) Patient safety activities of PSOs constitute healthcare operations of provider
11. Risk management implications of Patient Safety and Quality Improvement Act
a) Structure ofPSOS and protections they afford, will enable risk managers to have access to
information otherwise unavailable or guarded under attorney client and work product privilege
b) PSOs should demonstrate at least basic competencies of its staff performing clinical,
technical and analytical functions
12. PSOs must accept data in the most efficient way possible, thereby ensuring a reasonable cost
structure
a) Ensure stringent technological and human firewalls to protect information being shared
with aPSO
(4) Direct treatment providers (hospitals, physicians) must provide to patient on first date
of treatment ·
(5) Must make "good faith effort" to obtain signature of patient's receipt (one time
signature unless significant changes are made to NPP)
j) Permitted disclosures where authorization is not necessary:
(1) Treatment, payment and/or healthcare operations (TPO)
(2) Quality assurance
(3) Compliance
(4) Business planning and development
(5) Reporting of disease, injury or disability
(6) Child abuse
(7) R:eports of abuse, neglect or domestic violence
(8) FDA regulated product reporting requirements
(9) Public health activities "',
(I O) Employers for work related injuries or illnesses
(11) Healthcare oversight activities
(12) Disclosures for judicial or administrative proceedings
(13) Law enforcement purposes
(14) As required by law:
(15) Reporting of certain wounds, injuries
(16) Descendants related to criminal activities on the CE premises
(17) To identify and locate a missing person, fugitive, material witness
(18) Emergencies
(19) Organ procurement organizations
(20) Health and safety threats
(21) Government-related disclosures
k) Disclosures where separate authorization is required
(1) Release of psychotherapy notes including drug, alcohol treatment
(2) Research
(3) Marketing
(4) HIV records or labs
1) Business associates 1:
. \
' .
(I) If aCE shares PHI with a business associate, it must enter into an agreement to obtain
"reasonable assurances" that the business associate will protect the PHI in compliance
with the Privacy Rule and Security Rule
m) Security Rule
(1) Administrative safeguards
(a) Implementation of security management process (gap analysis)
(b) Plan to address vulnerabilities
I_~
(c) Penalty amounts may change. To obtain the most up-to-date information go to
http:/ /www.hhs.gov/ ocr/ privacy/index.ht.m.l
(9) Criminal liability:
(a) Federal act does not provide any private right of action (for filing suit) although
some state laws may exist
(b) CE may be subject to criminal penalties through Department of}ustice (as referred
to by OCR)
(c) CE may be held criminally responsible for knowing disclosing or obtaining PHI in
violation ofHIPAA statute; fines may be up to$50,000 and one-year imprisonment. •
(d) The criminal penalties increase to $100,000 with imprisonment for up to five years
if the wrongful conduct involves false pretenses
(~) Infractions for malicious intent to harm or for personal gain may result in a penalty
·' of $250,000 and up to 10 years in prison
n) Risk management implications of the Health Insurance Portability and Accountability Act
(1) Support and collaboration with the privacy and se~urity officers
(2) Provide training of workforce on policies and procedures related to HIPAA Privacy
Rule and Security Rule
(3) Establish steps for responding to complaints, requests
(4) Ensure compliance to assure NPP is provided to patient
(5) Create paper trail of documentation
(a) Complaints
(b) Workforce training
(c) Sanctions
(d) Disclosures to business associates
(6) Have broad knowledge base on local, state and federal laws where there may be conflict
(7) Retain all HIPAA records for minimum of six years
B. Health Information Technology for Economic and Clinical Health Act (HITECH)
1. HITECH includes a series of privacy and security provisions that expand the current
requirements under HIPAA's Privacy Rule and strengthens its enforcement
2. Promotes and advances the adoption of health information technology (HIT)
3. HIT is intended to provide rapid, efficient and secure coordination of care and sharing of
information among hospitals, physicians, long term care facilities, home health agencies and
all other authorized users.
1\
4. HITECH - Breach Notification Rule: i
a) Creates the right of individuals to be notified by the "covered entity'' (CE) within 60 days
if there is a breach of their protected health information (PHI)
b) A "breach" is defined as "the nnauthorized acquisition, access, use, or disclosure of
[PHI] that compromises the security or privacy of such information, except where an
unauthorized person to whom such information is .disclosed would reasonably have been
able to retain such information"
b) False Claims Act -An action for a false claim act may not be brought
(1) More than 6 years after the date on which the violation is committed
(2) More than 3 years after the date when facts material to the right of actioh are known
or reasonably should have been known by the US government official charged with
responsibility to act in the circumstances, but in no event more than 10 years after the
date on which the violation is committed, whichever occurs last
D. Documentation
1. Regulations
a) Federal and state statutes
b) Professional practice standards
c) Specific healthcare facility protocols
d) Third-party payors
e) Accrediting organizations
2. Ownership of medical records
a) Healthcare facility or provider owns the actual record
b) Patient owns the information contained within the record
3. Tampering.with medical records
a) Report such activities
b) Risk management involvement
c) Forensic document examination
(1) Electrostatic detection apparatus
(2) Ink analysis
(3) Infrared exams
(4) Identification of date markers
4. Charting and documentation models
5. Documentation challenges
a) Electronic documentation
(1) Copy and past
(2) Wrong patient record
(3) Navigation challenges
b) Uncooperative or noncompliant patients
2. Forms/utilization
a) Tele pharmacy
b) Robotics in the OR, ER and with rounds
c) eiCU
d) Terrorist or similar catastrophic events
e) Workforce shortages
3. Risk exposures and challenges
a) Practice standards
b) Licensure and credentialing
c) Financial and regulatory compliance
d) Legal.;
e) Medical and hospital professional liability
f) Data integrity, confidentiality and protection
.,. ·"'...
g) Technical
:__ ________________________________
2. Claims submitted to Medicare are screened prior to payment and are generally paid without
requesting the supporting medical records. As a result, some claims may be paid inappropriately,
resulting in improper payments. The most prevalent reasons for improper payment are:
a) Items or services that do not meet Medicare's coverage and medical necessity criteria
l -
1 b) Items that are incorrectly coded
c) Services where the supporting documentation submitted does not support the ordered service
C. Medic~e, Medicaid, and SCHIP Extension Act (MMSEA)
1. Requires that liability insurers (including self-insurers), no-fault insurers, and workers'
compensation plans report details of settlements, awards, judgments or other payments
!nvolving Medicare beneficiaries
2. The purpose of reporting is to assist CMS and other insurance plans to properly coordinate
payment of benefits among plans so that claims are paid promptly and correctly
3. What must be reported is the identity of a Medicare beneficiary whose illness, injury,
incident, or accident was at issue to enable an appropriate determination concerning
coordination of benefits, including any applicable recovery claim
3~;:: "
152 ASHRM Preparation Guide for the CPHRM Examination
ii
•
~;J.h
'
_:;
. ···:.::·::-r::::- .. -
"·/··
a) Individuals and organizations that knowingly and willfully execute schemes to defraud any
HHS program, grant, or contract involving Recovery Act funds; and
b) Facilitate ongoing communications with federal, state, and local law enforcement and
other agencies regarding the use and distribution of HH~ Recovery Act funds. -
2. Equal Pay Act of 1964 (EPA) prohibits discrimination on the basis of gender in compensation
for substantially similar work under similar conditions
3. Civil Rights Act of 1991 includes provisions for monetary damages in cases of intentional
discrimination and clarifies provisions regarding disparate impact actions
E. Equal Employment Opportunity Commission (EEOC)
1. Federal agency within the Department of Labor
2. Responsible for receiving and investigating charges of discrimination filed by former, current
or prospective employees under Title VII, ADA, and ADEA
3. EEOC claim must be filed within 180 days of alleged action
a) If negative findings: Employee can bring civil action
b) If positive findings: EEOC brings charges against organization
F. Employee Retirement Income Security Act (ERISA)
1. Establishes a standardization of the administrative functions of employee welfare benefit plans
2. Establishes federal pre-emption of state laws that cover plan benefits from state courts to
federal courts to avoid conflicting regulations among states
3. No pain and suffering damages available to the plaintiff if a claim is preempted by ERISA
4. Some movement seen among states to permit health plans to be sued directly by enrollees in
defiance of ERISA preemption
X. Workplace Safety
A Occupational Safety and Health Administration (OSHA)
1. The primary regulatory agency in the field of occupational safety and health is OSHA a
federal agency within the United States Department of Labor
2. OSHA has authority to promulgate standards pursuant to the Occupational Safety and
Health Act of 1970 which has a general duty clause
a) The general duty clause requires that each employer furnish to each employee a job and a
workplace that are free from recognized hazards that are causing or are likely to cause death
or serious physical harm to employees
b) OSHA has full regulatory authority to enforce its standards and regulations
3. The purpose is to create workplace safety rules for employers with more than 10 employees
except low hazard industries such as finance, retail, insurance, etc.
B. Occupational and Environmental Risk Exposures for Healthcare Facilities
1. Establishes a federal requirement that employers provide a place of employment that is free
from recognized hazards to personal safety and health, such as exposure to toxic chemicals,
excessive noise levels, mechanical dangers, unsanitary conditions, heat or cold stress, etc.
~--·-_·>;·,~· .... -.
·,:,.-.·:,-·.
2. Twenty (20) diff~rent C<!tegories that address the principal health concerns for which OSHA
has developed safety standards
3. Numerous other injuries and illnesses not directly addressed by OSHA
4. Hazard Communication Standards I Employee Right to Know Rule
a) OSHA requires that standards are developed and information is disseminated about the
identities and hazards of chemical to ensure chemical safety in the workplace
b) Material Safety Data Sheets (MSDS)
C. Environmental Protection Agency (EPA)
1. Mission is to protect human health and the environment
2. Leads the nation's environmental science, research, education, and assessment efforts
3. Regulates materials and activities outside of buildings
D. Environni~ntal Issues
1. Underground storage tanks
2. Aboveground storage tanks
3. Asbestos removal
4. Disposal of hazardous waste
5. On-site medical waste incinerators
6. Clean Air Act
7. Clean Water Act
8. Toxic Substance Control Act
9. Hazardous Waste Operations and Emergency Response Standards (HAZWOPER): Applies to
workers who clean up hazardous spills or hazardous material
E. Environmental Issues in Acquisitions
1. Inspection of the property
2. Records review
3. Healthcare organizations must demonstrate intent and willingness to comply with published·
1
. '
standards
4. Healthcare organizations with better outcomes focus on patient safety, safe delivery and
effective and efficient care without compromise of essential elements
B. Mandatory surveying body and activities
1. Mandatory activities may occur
Centers for Medicare and Medicaid Services Some activities under CMS:
(CMS) • Regulation of laboratories
www.cms.gov • Surveys
Oversees payment for healthcare covered by • Certification of nursing homes, hospitals, home
the federal government health agencies, intermediate care facilities
• Most visible certification organization • Development of coverage policies
• May contract with state health departments • Quality of care improvement
to survey healthcare organizations • Purchase of health services for beneficiaries
• Establishes policies for healthcare payment
• Oversees payment to healthcare
organizations
C. Accreditation
1. Importance
a) A reflection of compliance with established norms or standards
b) A reflection or snapshot in time
ci{:i
~(~{:~
'
...
~--~---.-,·--·.-;---::·-··:·!
c) Viewed by the public and payor as a "Seal of Approval"
d) A threshold for contracting for some payors
2. Voluntary accrediting organizations
a) The Joint Commission: T]C
b) Det Norske Veritas: DNV
c) National Committee for Quality Assurance: NCHQ
d) Healthcare Facilities Accreditation Program: HFAP
e) College of Am~rican Pathologists: CAP
..
3. Value of participating
a) Public demands it
b) Participation makes good business sense
c) Leads to improved patient care and safer environment
d) Promotes good discipline
e) Supports transparency
f) Right thing to do
g) May present advantages in marketing and recruiting
D. Risk management implications of accreditation, surveying and oversight
1. Be familiar with all of the organizations responsible for oversight for accreditation, surveying
and oversight
2. Collaborate with others in the facility to assure compliance with established standards and
data outcomes
3. Be familiar with state requirements and have knowledge of where to access published standards
4. Expect additional regulation of healthcare
5. Focus on patient safety, patient rights, governance, product safety, provider qualifications and
fiscal responsibility (payors and providers)
6. Consider future risks of health e-commerce, confidentiality of data, unauthorized access and
disclosure of patient data, provider qualifications and customer satisfaction
E. Non-compliance
1. Failure to meet licensure, accreditation and certification requirements may have an irripact on
loss exposure
2. Loss of funding due to violations of regulatory or accrediting standards
3. Public disclosure may potentially jeopardize public image, finances and potentiallitigatio~
resulting in a reputationalloss \
4. Exclusions from CMS may result from non-compliance
5. As fraud and abuse becomes a focal point for the government, both criminal and civil
monetary penalties will be assessed for violations
6. Threat of criminal charges, resulting in prison sentences, will raise concerns that healthcare
programs are appropriately established and directed by governing boards
7. Ifthe CMS uncovers any evidence of non-compliance, other state and federal agencie5 may be notified
J
158 ASHRM Preparation Guide for the CPHRM Examination ,,~~t
J
REVIEW QUESTIONS
Complete the review questions and then compare your answers with those explained below.
A 28-year-old uninsured male patient is re:ceived unannounced from a rural acute care hospital. The
patient is fully alert and oriented, but he is cachectic, HN-positive and has a knife wound to his leg.
His hemoglobin is extremely low. A staff member is directed to start a blood transfusion, but the
staff member refuses. Another staff member attempts to give him a blood transfusion, but the patient
refuses the transfusion. Although aggressive medical care is rendered to the degree possible, the
patient expires 12 hours later.
1. Which of the following statements is true about the staff member who refused to administer
the transfusion?
A. Employee has a right to refuse to perform in a dangerous situation such as an HN-positive
patient
B. Employee has a right to r~fuse to perform in a dangerous situation such as an HN-positive
patient with active, uncontrolled bleeding
C. Employee is protected by the ADA
D. Employee has no right to refuse to administer the transfusion
Amwer: D
Right to refuse is not based on religious reasom and right to conscience. Caregivers may not abandon the
patient.
2. When the above patient refuses the transfusion, which of the following actions should be
taken?
A. Court order should be sought
B. Transfusion should be administered without the patient's consent since it is a life saving a~on ~
C. Care should be provided to the degree possible while respecting the patient's wishes
D. Supportive only measures should be given
Amwer: C
The patient's autonomy allows that he can refuse or accept treatment. This is especially true here because the
scenario does not indicate that he is incompetent to make his own decisiom; he can do so even to the point
ofhis own detriment or demise.
L__
6. The Patient Self-Determination Act (PSDA) obligates which of the following entities to
· provide their clients with information regarding advance directives?
1. Hospitals
2. Providers of outpatient services
3. Health maintenance organizations (HMOs)
4. Home healthcare services
A. 1 and 2 only
B. 1, 2 and 4 only
C. 1, 3 and 4 only
D. All of the above
Answer: C
As a condition ofparticipation in Medicare and Medicaid programs, obligations are imposed upon
hospitals, hospices, skilled nursingfacilities, home health providers, personal care service providers and
managed care organizations; however the PSDA does not apply to pr0t1!iders ofoutpatient services.
7. Ethics consultations and decision-making done systematically will help to ensure that ethical
principles are met. This approach would include all of the following except:
A. Verification of the facts
B. Documentation of the rationale for the decision
C. Unanimous agreement among the participants
D. Identification for the potential legal and ethical problems that may be involved
Answer: C
Unanimous agreement is not required; however, there should be recommendations to the caregivers
providing direct care to the involved individual.
A. 1 and 2 only
B. 1 and 3 only
C. 1, 2 and 3 only 1\
Answer: B
All ofthe answer options are correct except B. Giving a device involved in a claim or incident or PCB to a
manufacturer to test should not be done. Tests are indicated use a third party testing agency that specializes
in forenSic engineering ofmedical devices.
10. The Americans with Disabilities Act {ADA) makes it unlawful to discriminate in
employment against a qualified individual with a disability and requires that places of
public accommodation be accessible to disabled persons. Which of the following may NOT
be considered discriminatory under the ADA guidelines?
A. Terminating an employee only because he has a physical or mental impairment that substantially
limits a major life activity
B. Terminating a disabled person unwilling to perform the essential functions of the job with or
without reasonable accommodation
C. Not promoting a disabled person due to his disability
D. Not providing reasonable means of communication for the person that is deaf, blind or non-
English speaking
Answer: B
The ADA prohibits discrimination against an individual with a disability who, with or without reasonable
accommodation, can perform the essentialfunctions ofthe job.
11. Federal or state criminal convictions ofhealthcare practitioners related to the delivery of
healthcare services must be reportchl to the:
A. National Practitioner Data Bank
B. Healthcare Integrity and Protection Data Bank
C. The Joint Commission
D. Centers for Medicare and Medicaid Services
Answer: B
Th~ Healthcare Integrity and Protection Data Bank was established by the Health Insurance Portability
and Accountability Act ofl996 (HIPM) as a clearinghouse for the reporting and disclosure ofcertain final
"adverse actions" taken against healthcare practitioners, suppliers, and other providers.
12. Under the requirements of the Healthcare Quality Improvement Act, hospitals must query
the national Practitioner Data Bank upon physician appointment and reappointment, but
no less than:
A. Every year
B. Every two years
A. 1 only .
·'
B. 1 and 2 only
C. I, 2 and 3 only
D. All of the above
Answer: D
The False Claims Act prohibits seven types ofactivities, which include presenting a false/fraudulent claim
for paymentfrom the government, making or using a false statement to get a claim paid, conspiracy to
defraud the government, embezzlement by government contractors, using a false record or statement to
concea~ avoid or decrease an obligation to pay money or property to the government, false certification of
deliveries to the government, purchase on the black market, and reverse false claims.
A. 1 and 2 only
B. 1 and 4 only
C. 1, 2 and 4 only
D. All of the above
Answer: B
EMTALA requirements include provision ofa medical screening examination to determine ifan
''emergency medical condition" (EMC) exists; ifan EMC exists, provide appropriate medical treatmen_t to ,
stabilize the patient, subject to the availability ofresources (capability/capacity). Ifcapability/capacity 'is ·
not available, provide "appropriate" transfer to facility that does have capability/capacity to stabilize EMC
Participating hospital must accept a patient transfer from another hospital ifit has the capability/capacity ·~
to provide stabilizing treatment to patient that the transferring hospital does not have. EMTALA does not '·
remove the obligation ofthe patientfor payment for services rendered, nor is there a requirement for prompt
medical treatment that should be determined by established triage guidelines.
~··
_•,-
;-·:
<_'
I
l _ _ _ , ..• ···-· --, ·-----.-,----
----~ ' ,---- ..... -,--,.-
RISK FINANCING
Domain
..L
-
•· I
.....
I
KEY TERMS
Important temis and definitions relevant to this domain
Actuary- A person who uses statistics to compute loss probabilities to establish premiums for
insurance companies and self-insurance trusts.
Boiler and machinery coverage- Provides protection for explosion of boilers and other pressure
vessels and accidental damage to equipment.
Business interruption insurance coverage- Insurance coverage typically provided as a part of a
property insurance policy covering the lost revenues and extra operating expenses associated with a
covered loss such as a fire; attempts to replace revenues lost due to covered loss.
Captive- An insurance company established to provide coverage to a sponsoring entity as opposed
to marketing and selling policies commercially to insureds; the sponsoring entity may be a parent
corporation and its related subsidiaries, a professional association or other group.
Certificate of insurance- A standardized form - usually produced by the insurance agent or
broker who arranges the coverage- that officially outlines the specific type of insurance in place, the
insurance carrier, policy period, policy nuihber, etc.
Claims-made coverage- Provides coverage for a claim .that occurred after the inception or retroactive
coverage date of the policy and is reported to the insurance company while the policy or any
replacement policy is still in effect.
Cost of risk- Value of all risks, internal and external, faced by an organization in fulfilling its mission.
Deductible- Amount required to be paid by the insured before the insurer will make payment for the
eligible loss as stipulated under the insurance contract; typically erodes the maximum benefit provided.
Direct insurance- A contractual arrangement involving the purchase of insurance by an insured
from an insurer.
Directors and Officers liability- D&O policies contain a two-part wrongful act definition:
• Any actual or alleged error or misstatement or misleading statement or act or omission or breach of
duty by directors and officers while acting in their individual or collective capacities
• Any matter claimed against them solely by reason of their being directors or officers of the company.
Errors and Omissions insurance: E&O insurance policies provide coverage for negligent advice or
business services provided by an individual or entity not eligible for professional liability insurance
coverage, such as medical billing companies, insurance brokers and managed care organizations.
Soft market 1 Insurance industry characterized by low premiums, flexible terms and generous capacity.
' ; .
Stop loss covirage - Provider excess coverage that is usually structured to insure excess claims.
Insurance coverage for healthcare and managed care organizations that have agreed in advance to accept
financial risk for the provision of healthcare services under capitated managed care contracts. Stop loss
policies limit the losses experienced by such entities when utilization of service exceeds estimates.
Tail- An extended reporting period whereby a claims-made policy is essentially converted to an
occurrence policy by extending coverage to all claims that arise &om the care rendered during the
policy period regardless of when the claim is reported.
Third-party insurance coverage- Provides coverage to a party other than the insured to make that
person whole for loss or injury covered by the insured; involves three parties.
OUTLINE
I. Structure of the risk management process
A. Identification and analysis of exposures
B. Treatment of exposures
1. Risk control
2. Risk financing
a) Retention
b) Transfer
V. Insurance contract
A. Insurance is a legal contract
B. Policy includes four standard elements:
1. Declarations page: Identifies the named insured and describes the property or activity to be insured
a) Components
(I) Policy number
(2) Inception and expiration date
(3) Insured address
(4) Policy limits
- ' .-:----~- . ·- . -
D. Te.rms and conditions of limits of liability
1. Policy limit: Represents the maximum amount the insurer will pay for losses
2. Per occurrence: Applies to a specific loss
3. Aggregate: Applies to all losses within a policy term
4. Defense costs can be included within the policy limit or outside
5. Deductibles or self-in~ured retentions may apply before the limits
E. Agents and brokers
1. Agent: Generally represents one or more insurance carriers
2. Broker: Generally represents the purchaser
1. Coverage to a party other than the insured to make that person whole for loss or injury
covered by the insured
2. Involves three parties:
a) The one who was harmed (plaintiff/claimant)
b) The insured who caused the harm or damage (defendant)
c) The insurer (commercial carrier or alternative risk financing vehicle)
-~~.I
174 ASHRM Preparation Guide for the CPHRM Examination
J
-'-----~__:_-.• .·;,,o_,,,•c·_·_:_,_,_,__., •
5. The third party would be able to collect the obligation from surety if principal cannot meet
the financial responsibility
6. Examples:
a) Contract bonds
b) Federal surety bonds
c) License and permit bonds (e.g., alcohol bonds)
d) Public official bonds
e) Judicial bonds
f) Nursing home bonds
6. Risk charge
. a) Overhead
' b) Loss control services
;
c) Catastrophic loss
7. Retrospective rating
a) Pridng approach that attempts to adjust premiums based on actual loss experience during
the· p~licy term
C. Types of risk financing programs
1. Large deductible
a) Most straight forward method of retaining risk
b) Virtually every type of insurance can be written with a deductible
c) As the deductible increases, credit against the guaranteed cost coverage should also increase
d) Considerations
(I) Risk appetite
(2) Budget ability
(3) Collateral/escrow requirements
(4) Claims handling
2. Self-insurance retention
a) Hard to ~istinguish between this program and a large deductible in many respects
(1) Both allow the insured a premium credit for accepting the responsibility for paying
claims up to a certain level.
(2) Both assume that some risk transfer or insurance excess of the retention will continue
to be purchased
(3) Both approaches may have collateral or escrow requirements
(4) Both may feature stop-loss features
b) State regulations must be reviewed to determine what is required to become a "qualified"
self-insurer
3. Risk retention group
a) An insurance company that provides liability coverage to its members and owners; members
must be "similar or related entities" with respect to the liabilities to which they are exposed
b) Must be licensed as an insurance company in at least one of the 50 states (off-shore
domiciles do not qualify)
c) Types:
(1) Reciprocals
(2) Purchasing groups
"':"!!'"~
D. Coverage types
1. Claims-made coverage
a) Retroactive date: The date defining the beginning of the coverage period for the claims-
made policy; this date is retained on arf indefinite basis if one- remains with the same carrier
b) Nose: Period of time between an insured's retroactive date and the current policy period
c) To change claims-made carriers
(1) Maintain original retro date (nose coverage)
(2) Buy an extended reporting endorsement (tail coverage) from the existing carrier and
establish a new retro date with the new carrier
(i) Retro date will usually predate the effective date on the policy
(ii) Permits an insured to report claims that are made after a policy period has expired
.; or has been cancelled, provided the wrongful act giving rise to the claim took place
during the policy term
(iii) Provides coverage for a.. claim that occurred ~r the inception or retroactive
coverage date of the policy and is reported to the insurance company while the
policy or any replacement policy is still in effect
2. Occurrence coverage
a) Provides coverage of an insured for incidents that occur while the policy is in effect,
regardless of when:
(1) The incident is reported to the insurer
(2) A claim is filed
b) No need for an insured to obtain an additional policy endorsement or extension when
moving to a new insurer
E. Considerations for whichever program
1. Meeting local regulations
2. Medicare and Medicaid reimbursement
3. Meeting collateral requirements
a) Cash
b) Securities
c) Promissory notes
d) Letters of credit
4. Tax implications
1:..
IX. Cost of risk (COR) i
4. Strategic risks
C. Cost of hazard risks
' ~(I
1. Generally insurable
2. Components
~)Insurance premiums
.·
r-~rc,:-;:;,-.' -----
4. Retained or uninsured losses
a) Hazard insurance programs usually require facility to retain:
(I) A portion ofrhe loss
(2) A deductible
(3) A self-insured retention
(4) A quota share percentage of the limit
(5) Another form of risk sharing retention
b) Many losses are uninsured or retained on an unplanned basis because:
(1) Risk is not recognized
(2) Coverage is too limited
(3) Risk was uninsurable
c) Some hazard risks that are not always considered and medical malpractice issues that are
uninsurable include:
(1) Known incidents not reported timely
(2) Loss of use of medical equipment
(3) Losses related to research/experimental treatments
(4) Facility contamination
(5) Managed care exposures not delineated
(6) Excluded occurrences under the policy
(7) Insurer insolvency
(8) Punitive damages
(9) Violations oflaw
(10) Unplanned or uninsured issues must be considered in establishing the entity's COR
d) Internal administrative costs
(1) Risk management department salaries
(2) Overhead
(3) Information systems
(4) Program or policy services outsourced
(a) Claims handling
(b) Loss prevention
(c) Policy administration \',
\
5. Other related activities
a) External services and providers
(1) The use of outside services/providers can have a major impact on COR
(2) Examples
(a) Insurance broker
(b) Defense counsel
' .
2. Issue~ to consider
:I
a) Nursing shortage tied to quality of care
b) Physicians doing tests to protect themselves from litigation
E. Cost of financial risks
1. Relates to internal and external factors affecting the financial performance of an institution
2. Examples:
a) Third-party reimbursement
b) Cost of capital
c) Investment performance
d) Price of goods and services
e) Inflation
f) Philanthropy
3. Many financial risks can be mitigated through non-traditional insurance techniques such as
hedging, investment portfolio diversification to protect investments from major swings in
value, and the prudent use of lines of credit to manage an institution's cash flow needs
F. Cost of strategic risks
1. Relates to "big picture" areas of risk such as the quality of senior management leadership,
reputation, market share, the quality of affiliations or product innovation
2. Costs are difficult to measure and typically fall outside the realm of the traditional risk manager
G. COR allocation
\
1. A fair and equitable allocation system allows management to focus its attention on the
greatest opportunities for improvement and to reduce those allocated costs
2. Key principles
a) Defined purpose that clearly states what the organization wants to achieve with the
allocation system
b) Customize expressly for the organization
c) Communicate appropriately within the organization by senior management
d) Support with necessary staff and systems
e) Base on credible data
f) Maintain on consistent basis from year to year
g) Ensure key institutional leaders and physicians are vested in the process
h) Focus on quality improvement in a positive manner
.l
182 ASHRM Preparation Guide for the CPHRM Examination
:·i ).c;·B~\.l:..
.-~ .
.. \ ~ i
-.. .·
,!'·'
~-- -··.·:····-·..-.·-~ ·..----
2. Distribution and use
3. Reliances and limitations
4. Summary and conclusions
5. Methodology
6. Major assumptions
7. Exhibits and graphs
H. Accounting issues
1. Generally accepted accounting principles
2. American Institute of Certified Public Accountants
REVIEW QUESTIONS
Mark your answers and then compare them with the answers explained below.
1. Imagine you are a hospital risk man~ responsible for purchasing and managing the commercial
insurance and the self-insured retention (Sffi) fund. You have structured professional liability
coverage with a combination ofSffi and commercial insurance. The Sffi limits are $1,000,000
per incident and $3,000,000 yearly aggregate. In addition to the SIR, you have purchased excess
coverage in the amounts of $10,000,000 per incident and $25,000,000 yearly aggregate.
Assume all policies are written on a calendar-year basis, all payouts are in the correct year, and the SIR
fund and the commercial insurance carrier are financially solvent.
~amples: If no claim has been paid during the year, a total of $11,000,000 per incident and
$28,000,000 yearly aggregate are available.
Per I ncidem \cu·k Aggrc:g.1re
--~~._..c.::··.·-··-·
If the first claim is settled for $1,500,000, the SIR pays the first $1,000,000, and the excess carrier
pays the remaining $500,000.
What is the remaining balance for the year end for the SIR and excess coverage? _ _ _ __
Answer. This leaves a year-end SIR balance of $2,000,000 and $24,500,000 of excess coverage for the year.
Ifthe next claim is settledfor $10,000,000, the SIR pays the first $1,000,000, and the excess carrier pays
the remaining $9,000,000. What is the remainingy~ar-end balance for the SIR and the excess coverage?
Answer: 7his leaves a year-end SIR balance of$1,000,000 and an excess coverage year-end balance of
$15,500,000.
2. 'What type of primary malpractice insurance policy is necessary to purchase "tail/prior acts"
coverage when changing carriers?
A. Excess
B. Umbrella .:
C. Occurrence
D. Claims-made
Answer. D
Claims-made coverage provides coverage for a claim that occurred after the inception or retroactive coverage
date ofthe policy and is reported to the insurance company while the policy or any replacement policy is still
in effect. A tail essentially converts a claims-made policy to an occurrence policy by extending coverage to all
claims that arise from the care rendered during the policy period regardless ofwhen the claim is reported
3. The insurance industry is cyclical. It is characterized by periods noted as "hard" and "soft"
markets. 'Which of the following statements is TRUE?
A. During a hard market, coverage is available and affordable
B. A hard market is characterized by flexible coverage terms
C. During a hard market, coverage may not be available at any cost
0. Hard market cycles last longer than soft market cycles
Answer. C
During a hard market it becomes difficult to place coverage and terms become less favorable. Only answer
C is correct.
4. Fiduciary
A. 1 and 2 only
B. 1 and 3 only
C. 1, 3 and 4 only
D. All of the above
~'-
Answer: C
Ifthe insurance paymentflows to you or your organization, it is first-party insurance. Since liability policies
pay for damage or injury to someone other than you, it is not first-party coverage.
7. A physician has a $1-million policy limit with a $100,000 per-claim deductible. How much
insurance does the insured have?
A. $1,100,000
B. $1,000,000
c. $900,000
D. $800,000
Answer: C
The carrier is responsible to pay the deductible and recover.from the insured. The deductible amount is subtracted
.from the policy limit resulting in the insurance amount. A letter ofcredit may be required.from the insured.
8. A new claim has been reported to the insurer. The claim occurred on 6/112012 and was reported
2h/2013. The facility has a claims-made policy dated 111/2013 -12/31/2013 with a retroactive date
of 1/1/2003. Assuming the claim is for a covered loss and was not known or reported to the prior
carrier at the time of occurrence, will the carrier accept the claim as being covered under the policyr
A. Yes
B.No
Answer: A
Claims-made coverage provides coverage ofa claim that occurred after the inception or retroactive coverage date
ofthe policy and is reported to the insurance company while the policy or any replacement policy is still in effect.
1:
··.
I
I
·'·
A. Examine the claims management process from the occurrence of the event to claim resolution
B. Dist\flgu~sh between a claim, a potentially compensable event, and a lawsuit
~I
KEY TERMS
Important terms and definitions relevant to this domain:
Adverse event- Any injury (undesirable clinical outcome) caused by medical care and not an
underlying disease process.
Adverse outcome- Clinical outcome that, while neither desirable nor necessarily anticipated, may
still have been a known possibility associated with the treatment or procedure.
Alternative Dispute Resolution - A process or system to resolve disputes outside the formal judicial
process.
Negotiation- A voluntary, usually informal, unstructured process. There is no third-party
facilitator, but parties may be represented by legal counsel.
Mediation -A process in which a neutral third party helps the parties reach a mutually-acceptable
agreement.
\.
Arbitration - The hearing and determination of a case in question someone either chosen by the
opposing parties or by a person appointed under statutory authority.
Binding- An agreement that is final and not appealable.
Non-Binding-An agreement is not final until it is entered by the court into the record allowing
the party to continue the civil litigation process.
Answer -A document filed with the court in response to a complaint or petition. Generally the answer
must: 1. Admit that the plaintiffs' allegations are true 2. Deny that the plaintiffs' allegations are true or
3. State that the defendant does not have information regarding the truth or falsity of the allegati9ns.
Appeal- An action that is taken after the trial of a matter or after a dispositive motion has been
entered in a matter. An appeal may be taken for the purpose of correcting an error made by the trial
court or to obtain a new trial. Also, it is a resort to a higher court to obtain a review of a lower court's
decision and a reversal of the lower court's judgment or granting of a new trial.
Assault- An intentional act that is designed to make the victim fearful and that produces reasonable
apprehension of harm.
Attorney-client privilege - A legal doctrine recognized by both common and starutory law
protecting certain confidential communications between an attorney and his or her client from
discovery in a legal proceeding unless the privilege is waived by the client.
Attorney work product privilege -A legal doctrine recognized by both common and statutory law
protecting the documents generated, theories devised, legal strategies formulated, etc., by-an attorney
on behalf of a client from discovery in a legal proceeding unless the privilege is waived by the client.
Battery- In .tort law, the intentional causation of harmful or offensive contact with a person without
that person's consent.
Claim- Formal notification that monetary damages are being sought for an alleged injury.
Claims-made coverage - Provides coverage for a claim that occurred after the inception or
retroactive coverage date of the policy and is reported to the insurance company while the policy or
any replacement policy is still in effect.
Claims man~ment- A systemized approach utilized to reduce the financial loss and negative
community image of a healthcare organization in situations where prevention fails and injury occurs.
Complaint/Grievance- A formal or infqrmal written or verbal complaint made to the hospital by
the patient or the patient's representative ~egarding the patient's clre. Medicare/Medicaid Hospital
Conditions of Participation require a formal process for patient notification of their rights and for
response and follow-up with the patient.
Complaint (legal) - One of the initial filings with a court to begin a lawsuit; normally recites all of
the allegations against the defendant and theories upon which the plaintiff seeks to recover damages
(may be called a petition in some jurisdictions).
Damages- Monetary compensation obtained for an injury for which the plaintiff (claimant) seeks
compensation from the defendant (healthcare provider) and may include economic losses, emotional
distress, pain and suffering and disability.
Punitive or Exemplary- Damages sought or awarded to punish or deter a defendant or others from
similar conduct rather than to compensate the injured party. The awarding of punitive damages
generally requires a showing of gross negligence or willful and wanton misconduct. Such damages are
not insurable in some jurisdictions and may be excluded by insurance pol.icies.
Special- Acrual damages such as medical expenses related to the injury.
Defamation- Intentional false communication that injuries another's reputation.
Slander -A false and defamatory statement (oral/spoken) made about a person.
Libel- Defamatory language expressed in print, writing, pictures, or symbols intended to injure
another's reputation, business, or means of livelihood. ·
Depositions -Testimony (under oath) of a witness taken on interrogatories reduced to writing and
used to support or substantiate testimony offered at trial. The deposition is an important phase of the
discovery process. It consists of a question-and-answer session in which the witness is interrogated
1
under oath, after which the testimony is transcribed. :
Discovery- The process in litigation by which each party to the action seeks to learn all the facts that
either 1. Support the plaintiffs cause(s) of action, or 2. Support the defendant's asserted defenses or denial~.
i,
Duty to defend- Insurer will defend any claim or suit alleging injury or damage and seeking
damages covered under the policy.
Duty to pay damages - Insurer will pay damages covered under the policy retroactive date.
Event- A happening or occurrence that is not part of the routine care of a particular patient or the
routine operation of the healthcare entity.
Employee Retirement Income Security Act (ERISA) -A federal law that sets minimum standards
for most :voluntarily establi~hed pension and health plans in private industry to provide protection for
individtj.als in these plans. -
Fraud and abuse- Fraud is an intentional misrepresentation, deception or act of deceit for the
purpose. of r~ceiving greater reimbursement. Abuse is reckless disregard or conduct that goes
against :kd is inconsistent with acceptable busiriess, medical practices, or both, resulting in greater
reimbursement. The terms are generally used together to refer to breach of federal statutes and
regulations regarding inappropriate billing, kickbacks, referrals, related to the federal or state
Medicare and Medicaid programs.
Guardian Ad Litem- A person appointed by the court to represent the interests of a minor child, an
unborn child or ~ disabled person.
Integrated delivery system -A healthcare system made up of various types of providers, including
hospitals, ambulatory care centers, surgery centers, home health agencies and physician practices, and
frequendy a managed care organizati~n, such as an HMO or a preferred provider organization (PPO).
Insured parties - Organization and employees covered by an insurance policy.
Joint and Several Liability- The legal theory whereas a plaintiff can recover the entire adjudicated
damages from any culpable defendant (joint); or they can collect the apportioned amount from each
defendant (several).
Lawsuit - Formal legal action .filed in court.
Managed care -The integration ofhealthcare delivery and financing that includes arrangements with
providers to supply healthcare services to members, criteria for the selection of healthcare providers,
significant financial incentives for members to use providers within the plan, and formal programs to
monitor the amount of care and quality of services.
Moonlighting- Working at another job after hours of a regular job.
Occurrence coverage -An insurance policy for which coverage is provided for claims that occur
during the policy period, regardless of when the claim is made.
Ostensible agency doctrine- The doctriri'e of ostensible agency; sometimes referred to as apparent
agency, permits a finding of liability on a hospital where there is the appearance of an employment
relationship with an independent contractor. In the absence of an employer-employee relationship, a
managed care organization (MCO) may still be held vicariously liable for the acts of provider physicians
if the patient had a reasonable belief that the physician was the MCO's agent and that this belief was
based upon representations made by the MCO to that effect. The burden is on the plaintiff to prove
that he or she detrimentally relied on the fact that the MCO held the physician out as its agent.
Petition - See entry for complaint.
Potentially compensable event (PCE) - Encompasses any incident in which there is neither an active
claim nor institution of a formal legal action, including those cases in which an unexpected event has
caused injury, the potential for injury or some expression of dissatisfaction or perception of injury.
Respondeat superior- Law doctrine that says an employer is responsible for the acts of employees if
the acts are within the course and scope of their employment.
Reserves - Estimates of the amount ultimately required to setde a claim, or pay a judgment
(indemnity reserve), and to provide for a defense and pay other allocated expenses related to
managing a claim (expense reserve).
OUTLINE
I. Claims Management Program
A A systemized approach utilized to reduce the financial loss and negative community image of a
healthcare organization in situations where prevention fails and injury occurs
B. Supported by leadership and board commitment
C. Driven by organizational philosophy and culture
D. Anchored by development of an infrastructure supported by staffing, policies and procedures,
decision authority, program scope and technology
E. Influenced by the organizations chosen risk financing mechanism
1. Self-insurance
2. Commercial insurance coverage
a) New claims
. b) Open and closed cases
'c) Aggregate
. claims experience
d) High exposure cases
e) Impact on risk financing program
3. Claims data collection system for identifying potential claims and litigation
a) Includes numerous data sources and types of events, including potential compensable
events (PCEs) and sentinel events
b) Part of the data mining process
(1) Information from QI, risk, patient safety, medical records, patient relations
(complaints and grievances), committees, hodine, surveys or reports, grapevine,
incident report, recall notices, etc.
c) Supported by technology
(1) Driven by a taxonomy that supports identification of open and closed claims
(a) Critical for meaningful benchmarking purposes
(2) Configured to generate loss runs
(a) Geared towards specific needs of insurers, underwriters, and brokers
(b) Key link to actuarial evaluation process
B. Investigation:
1. Process of collecting information regarding the facts related to a loss or potential loss situation
including collection of evidence and interviews of witnesses
2. Guidelines for investigating an event
a) Discover and document the facts
(1) Include review of policies and procedures; medical records, lab and imaging reports;
interviews with staff under the direction of counsel; determination of the insured
parties, etc.
b) Secure evidence
(1) Verify that there are document retention policies in place and a process for "claim/
litigation holds" of medical records, policies, etc.
(2) Equipment believed to have malfunctioned or user error
(a) Complete voluntary and/or mandatory reports to FDA (SMDA)
(b) Sequester equipment (saving/recording device settings); equipment supplies,
including packaging, needles and syringes; maintenance logs; manuals, etc.
c) Determine the applicable standard of care
(1) May include gathering applicable policies or procedures in place at the time of the eV-ent
c) Fact driven
d) May see evidence of both internal and external influencing factors
2. Claims classification system
a) Supported by technology
b) Driven by risk financing mechanism
c) Required fields (e.g., important dates, location, demographics, etc.)
\!) Duty to exercise reasonable care often noted as the "standard of care"
(2) Duty breached
(3) Direct or proximate causation: "injury''
(4) Damages resulted
2. Stan~d of Care
a) Must be established by expert opinion testimony
b) Exception can be rebuttable presumption of negligence based on:
(1) ·The negligence is so obvious that it is within the common knowledge of jurors
(2) The cause of the injury is under the exclusive control of the defendant and this type of
accident does not happen without negligence (res ipsa loquitur: "the thing speaks for itself')
(3) Negligence per se: A legal doctrine whereby an act is considered negligent because it
violates a statute or regulation
3. Tort reform
a) Activity on both the federal and state levels
b) Various legislative approaches
(1) Monetary cap on non-economic damages (e.g., $250,000)
(2) Mandatory prior notice of intent to file malpractice action
(3) Li.rri.its on percentage allocation of contingent attorneys' fees
(4) Abrogation of joint and s~eralliability
\.
'a) Patient looked to the institution rather than the individual physician for care
b) Institution "held out" the independent contractor or the physician as its employee
'c) Physician services provided by contract require careful review for adequate insurance and
indemnification provisions
3. Negligent credentialing liability
4. Negligent failure to protect confidential data or invasion of privacy (HIPAA and HITECH)
B. Exposures of emergency medical services providers
1. Abandonment
2. Assault/battery
3. False imprisonment
4. Invasion of privacy
5. Failure to appropriately treat the medical condition
C. Exposures of primary care in ambulatory settings
1. Professional negligence
a) Failure to satisfy the standard of care, causation, damages
(1) Inadequate history and poor communication
(2) Failure to order diagnostic tests
(3) Failure to refer
2. Informed consent
a) Negligent failure to properly disclose risks, benefits, alternatives, risks of refusal
3. Battery (failure to obtain permiss4m to treat)
4. Abandonment
5. Elder abuse
6. Negligent failure to protect confidential data or invasion of privacy (HIPAA., HITECH)
7. Safety issues (ensuring a safe environment)
8. Infection control
• 9. Human resource issues
D. Exposures of integrated delivery systems (IDS)
1. Unemployed physicians with hospital privileges are considered to be an independent
contractors
a) Generally, hospital cannot be held vicariously liable for the negligence of independent contractors
2. Development of IDS
a) Arguments are being made that various healthcare entities share some responsibility for
o~er providers to ensure adequate care is being provided
--------~,- ,T•,
·. ·~.: .. ' :~· .
(3) Provider subcontracting risk: Failure to maintain favorable contracts with provider
network, or experiences of higher costs due to referral patterns.
(4) Personnel risk: Failure to recruit and retain key employees
(5) Information risk: Disruption of information technology and its effect ori the organization
b) Seven steps
(1) Using due diligence and contract analysis to identify critical risk issues
(2) Developing a written plan for provider selection, credentialing and peer review based
on objective performance metrics
(3) Preparing and monitoring written utilization review and quality management plans
(4) Developing a written plan guiding appropriate patient communication
(5) Developing effective billing procedures
(6) Maintaining an ongoing continuing education program for providers
(7) Using insurance and other risk-transfer mechanisms
(a) Use indemnification clauses
~b) Require providers to sign hold-harmless agreements and provide adequate
·· comprehensive liability coverage
(c) Identify coverage available under the provider organization's current insurance
programs and secure aqditional coverage if nee~ed
F. Exposures of long-term care
1. Example: liability for residents who wander from the facility
2. "When a number of residents are injured due to a poorly-operated facility, a class action
lawsuit (e.g., abuse of residents) may result
3. CMS defines the requirements under the federal law for nursing homes (Social Security Act)
to meet the standards for participation in Medicare and Medicaid programs
4. Vulnerable adult statutes
V. Litigation Management
A. Selecting a defense firm
1. Significant experience in litigation
2. Multiple attorneys capable of handling the case
3. No clients preferred over others
4. Billing rates
5. Geographical proximity
6. Current caseload and ability to handle the litigation assigned efficiently and effectively
7. Experience with subject matter
8. Experience with plaintiff counsel chosen to represent the plaintiff
B. Communicating with defense counsel
1\
1. Acknowledgment of assignment immediately after receipt of the case; assignment should. be ~in
the form of a written letter
2. Designation of trial attorney who will work closely with the risk management professional
3. Investigation
4. Discovery
a) Consider litigation management strategies that require prior approval for such things as
expert reviews, necessity of depositions, etc.
(3) Motion in limine: A filing to preclude the admission of certain facts, testimony, items, or
proofs at trial; may be granted on the grounds that the evidence is not relevant, is redundant
or duplicative of other evidence, will unduly arouse or inflame the jury, and so on '·
C. Trial procedure
1. Substantive and procedural law
a) Procedural law refers to rules developed to conduct the proceedings of the court
a) Jury verdict
b) Settlement
(1) Agreed upon outcome of the case between the parties
c) Directed verdict
(1) Motions are made for directed verdicts when it is believed that the evidence presented
was not relevant and material to the facts of the case; court then rules and determines
the outcome of the case
D. Post-trial procedures
1. Appeal: Action taken after a verdict or decision on a motion has been entered
2. Negotiate a settlement
c) Mediation
(1) Voluntary process where a third party facilitates negotiations between the parties
• 2. Advantages over trial
a) More economical
b) Quicker
c) Less hostile
d) More private
3. Reporting of medical professional liability payment
a) National Practitioner Data Bank (NPFB)
b) State licensing agencies
REVIEW QUESTIONS
Mark your answers and then compare them with the answers explained below.
_ 1. The risk manager_ is usually expected to report which of the following to the insurer:
A. All events
B. Claims and lawsuits
C. PCEs
D.AandB
E. B andC
Answer: E
Requirements are described in the insuring agreement. Generally, reporting ofall events is not required but
the reporting ofc,laims, lawsuits and PCEs usually is required under the policy provisions for reporting.
4. Hospitals may be exposed to liability &om all but which of the following:
A. Employees' actions
B. Impaired physician
1:..
C. Contracted physician \
7. A 50-year-old school teacher is brought to the hospital to rule out metastatic disease. She
has a history of breast cancer, but chose not to undergo a round of chemotherapy at the time
of her diagnosis four years prior to this admission. During this hospitalization she is given
five doses of an anticoagulant in 'error. She begins to have seizures, and a CT scan reveals
bleeding in her brain. The physicians, nurses and pharmacists do not discover the error until
it is picked up on a routine pharmacy audit. The patient's family is told of the error, and
the patient dies· in the ICU two weeks following the last dose of the anticoagulant. Autopsy
reveals metastatic disease to her brain contributed to her bleeding.
In the above case, the most applicable fegal term that the plaintiff might use to establish a claim
against the nurses and pharmacists would be:
A. Res ipsa loquitor
B. Ostensible agency
C. Respondeat superior
.
D. All of the above
Answer: C
An employer is responsible for the acts ofemployees ifthe acts are within the course and scope oftheir employment
9. Once reported to the insurance carrier, reserving will take place. True statements concerning
setting an indemnity reserve are:
1. Only the risk management professional should set reserves within their retention
2. The reserve, once set, can be adjusted;
3. Reserving is an art more than a science
A. Only 3
B. All of the above
C. 2 and 3
Answer: C
Reserving ofclaims may be done by the risk management professional insurer or TPA.
10. There are several ways for the above claim to come to resolution. An optimal approach would
be:
A. Settlement prior to litigation
B. Litigation prior to any settlement
C. Deny the claim
Answer: A
11. A medical malpractice case has been filed in the above-described situation. You are the risk
management professional. The insurance company has assigned the case to a law :6.rin and -
the initial discovery has commenced. Interrogatories have been requested of the defense. The
best person to answer these would be:
A. The nurse who gave the wrong medication. \',
\
B. The hospital administrator
C. The risk management professional
Answer: C
A. 2 and4
B. 1, 2 and 4
C.'All of the above
Answer: A
Communication should be done in the presence ofcounsel to preserve the attorney-client privilege.
:-.···-···-.·. -·-------;-~
.. ,......
-------
__:,. _,_·_ ~·· -:...:...~ ~
Acronym 211
--. ···~
'-.:·.1
CE Covered Entity
CEO Chief Executive Officer
CERCLA Comprehensive Environmental Response, Compensation and Liability Act
CFQ Chief Financial Officer
I
I
12. The risk management professional will assist in the investigation of the lawsuit in
conjunction wit:J:t defense counsel. Some of the tasks include:
1. Interviewing_ staff and physicians without counsel present
2. Gathering pertinent medical records, bills, etc.
3. Interviewing the plaintiffs expert witness
, I
4. Beihg p7;esent with counsel for deposition preparation of witnesses
A 2and4
B. 1, 2 and 4
C. All of the above
Answer: A
Communication should be done in the presence ofcounsel to preserve the attorney-client privilege.
PL Professional Liability
PPE Personal Protective Equipment
PSDA Patient Self-Determination Act
PRO Professional Review Organization
PSO Patient Safety Officer
. PT Proficiency Testing
PTO Paid Time Off
RCA Root Cause Analysis
RCRA Resource Conservation and Recovery Act
RN Registered Nurse.
RPLU Registered Professional Liability Underwriter
SIR Self-Insured Retention ,\.,
SMDA Safe Medical Device Act
SNF Skilled Nursing Facility
SUD Single Use Device
TPA Third-party Administrator
TPO Treatment, Payment & Health Care Operations
UID\C Utilization Review Accreditation Commission
-~---~.~--
Key Terms
A
Actuary- A person who uses statistics to compute l~ss probabilities to establish premiums for
insurance companies and self-insurance trusts.
Advance directive- Lawful written instruction that describes an individual's preferences for
healthcare should he or she become unable to express them later. Examples: living wills, power of
attorney for health care, advance healthcare directive.
Adverse event- Negative or bad result stemming from a diagnostic test, medical treatment or
surgical intervention; an injury resulting from a medical intervention.
Adverse outcome -A clinical outcome that, while neither desirable nor necessarily anticipated, may
still have been a, known possibility associated with the trealln:ex:tt or procedure.
Age Discrimination in Employment Act- 29 U.S.C. Section 621 et seq. Federal statutes
prohibiting certain types of employment discrimination on the basis of age
Alternative Dispute Resolution - Proceises used to resolve dispbte by other means than litigation.
Arbitration: The hearing and determination of a case in controversy by a person either chosen by the
parties in the opposition or by a person appointed under statutory authority.
Mediation: Informal process in which a neutral 3rd party helps the parties reach an agreement
Binding: Final and not appealable
Non-binding: Agreement is not final until entered by the court into the record allowing the party
to continue the civil litigation process.
Americans with Disabilities Act- (42 USC§§ 12101 et seq). 1990 federal statute aimed at
prohibiting discrimination against individuals with certain mental and physical disabilities in the
areas of employment and public accommodation.
Answer -A document filed with the court in response to a complaint or petition. The answer must
generally admit or deny the allegations are true in whole or in part or state the defendant does not
have information to admit or deny. ·
Anti-kickback statutes- Medicare-Medicaid Anti-Kickback Statute (42 USC §1320a-7b)
knowingly and willfully seeking or receiving a bribe, rebate or kickback for a referral for a program,
reimbursable item or service
Appeal- An action that is taken after the trial of a matter or after a dispositive motion has,been
entered in a matter. An appeal may be taken for the purpose of correcting an error made by,'the trial
court or to obtain a new trial a resort to a higher court for the purpose of obtaining a review of a
lower court decision and a reversal of the lower court's judgment or granting of a new trial.
Assault- An intentional act that is designed to make the victim fearful and that produces reasonable
1
apprehension of harm. '
Assignment- Act of transferring to another all or part of one's property, interest or rights.
''At will" employment- Can be terminated at any time by either party (employee or employer), fof
any reason or no reason.
Attorney-client privilege -A legal doctrine recognized by both common and statutory law
protecting certain confidential communications between an attorney and his or her client from
discovery in a legal proceeding unless the privilege is waived by the client.
Attorney work-product privilege - A legal doctrine recognized by both COffi1110n and statutory law
protecting the documents generated, theories devised, legal strategies formulated, etc., by an attorney
on behalf of a client from discovery in a legal proceeding unless the privilege is waived by the client.
B
Battery-:- In 1tort law, the intentional causation of harmful or offensive contact with an individual's
person ~ithotlt that individual's consent.
Becomes aware -A facility becomes aware of an event when the clinical personnel employed or
affiliated with a user's facility learn of a potentially reportable event.
Belmont Report- Statement of basic ethical principles and guidelines for addressing and resolving
ethical problems ·that surround the conduct of research with human subjects
Benchmarking- Comparative process used by organizations to collect and measure internal or
external data that may ultimately be used for the purpose of developing, implementing arid sustaining
quality improvements.
Boiler and machinery coverage - Provides protection for explosion of boilers and other pressure
vessels and accidental damage to equipment.
Breach of contract- Failure, without legal excuse, to perform any promise that forms the whole or
part of a contract Hindrance by a party regarding the required performance of the rights and duties
identified in the contract.
Business interruption insurance coverage - Insurance typically provided as a part of a property
policy covering lost revenues and extra operating expenses associated with a covered loss such as a fire;
attempts to replace revenues lost due to covered loss.
c
Capabilities - CMS refers to two requirements: physical capabilities and personal capabilities.
Medical-facility Ca.pabilities: Physical space, equipment, supplies and services the hospital
provides (e.g., surgery, psychiatry, obstetrics, pediatrics).
\
Staff capabilities: Level of care hospital personnel can provide within the training and scope of
their professional licenses.
Capacity- Ability of the hospital to accommodate the individual requesting examination or
treatment of the transferred individual; encompasses such things as numbers and availability of
qualified staff, beds and equipment and the hospital's past practices of accommodating additional
patients in excess of its occupancy limits.
Captive - An insurance company established to provide coverage to a sponsoring entity as opposed
to marketing and selling policies commercially to insureds; sponsoring entity may be a parent
corporation and its related subsidiaries, a professional association or other group.
Certificate of insurance -A standardized form, usually produced by the insurance agent or broker
who arranges the coverage, which evidences the specific type of insurance in place, the insurance
carrier, policy period, policy number, etc.
Civil false claims- Enables lawsuits by government or any individual (qui tam relator) against one
who submits a false claim to the government
Claim - Formal notification that monetary damages ·are being sought for an alleged injury.
- - - - . - - . - ; ...-,..
-- - - -
Claims-made Coverage -An insurance policy covering claims that are made during the policy
period and that occurred since the policy retroactive date. Although policy definitions vary somewhat,
most claims-made insurance policies consider a claim to be made when it is first reported to the
insurance company, subject to certain terms and conditions.
Claims management - A systemized approach to reducing the financial loss and negative community
image of a healthcare organization in situations where prevention fails and injury occurs.
Collective bargaining- Collective bargaining consists of negotiations between an employer and
a group of employees so as to determine the conditions of employment. The result of collective
bargaining procedures is a collective agreement. Employees are often represented in bargaining by a
union or other labor organization.
Common Rule (45 CFR 46) - Basic Department of Health and Human Services policy for
protection of human subjects that encompasses the human subject protections followed by all federal
agencies that sp?nsor research.
Complaint- One of the initial filings with a court to begin a lawsuit; normally recites all of the
allegations against the defendant and theories upon which the plaintiff seeks to recover damages (may
be called a petition in some jurisdictions):~
Conditions of Participation (CoPs)- Requirements hospitals must meet to participate in Medicare
and Medicaid programs.
Consideration - In contract law, something of value exchanged for the promised performance of the
other contracting party. Contracts frequently call for monetary consideration to be exchanged for the
promise to provide specified goods or services.
Contract- Agreement, either written or oral, involving an offer, the acceptance of the offer and
an exchange of consideration. Also, an agreement betwee~ two or more persons that creates an
obligation to do or not to do a particular thing; a promise or set of promises for the breach· of which
the law gives a remedy or the performance of whkh the law in some way recognizes as a duty.
Corporate compliance -As relates to healthcare fraud and abuse, any of number of programs and
initiatives undertaken by providers to avoid civil and criminal investigations and charges related to
improper billing procedures, inappropriate referrals, kickbacks and other prohibited activities under
federal statutes such as the Anti-Kickb~ckAcf and the Stark I and Stark IT amendments to the
Medicare Act. Many healthcare providers have taken corporate compliance program beyond these
specific legislative and regulatory requirements to encompass broader corporate business ethics concerns.
COSO (Committee of Sponsoring Organizations)- Independent private sector initiative which
studied ERM and has made recommendations on ERM structure and implementation.
. .
Cost of Risk- Value of all risks, internal and external, fac.ed by an organization in fulfilling itS mission.
Covered Entities (CEs)- Any healthcare provider who transmits health information in electronic
form in connection with a "standard transaction" Among covered entities are healthcare providers
(hospital, physicians, insurance company, etc.) and health plans (pay for cost of health care),
healthcare clearinghouses (furnish bills or pays for healthcare services). \\
Credentialing - Process of verifying and reviewing the education, training, experience, work history
and other qualifications of an applicant for clinical privileges conducted by a healthcare facility or
managed care organization; typically performed for independent contractors such as physicians and
allied health practitione_rs who are frequently iJ,ot employed by the credentialing entity but who are
granted specific clinical privileges to practice.
D
Darling v. Charleston Community Memorial Hospital- Landmark case that determined a hospital
has the iridependent duty to ensure high-quality care is rendered at its facility and is responsible to
screen the comp~tency of its medical staff.
Data mining- Data mining provides the methodology and technology to transform data into useful
inform~tion for decision making. ·
Source: l(oh,. H.C. &Tan, G. (2005}. Data ininirig applications in healthcare. Journal of
Healthcare ~nformation Management, 19(2), p. 64-72) . .
Damages- Monetary compensation for an ~njury.
Dedic~ted emergency department (OED) .:_Must meet one of the following criteria:
• Licensed as an emergency department
• Advertises itself as providing emergency care
• One-third or more of walk-in patients seen for conditions .that are considered "emergency .
medical condition'' as defined within the statute.
Deductible -Amount required to be paid by the insured before ~e insurer will make payment for the
eligible loss as stipulated under the insurance contract; typically erodes the maximum benefit provided.
Depositions- Testimony (under oath) of a witness taken upon interrogatories reduced to writing
and used to support· or substantiate testimony offered at trial.
Defamation - Intentional false communi~ation that injuries another's reputation
~-
Slander: Oral false and defamatory statements
'· . .
Libel: Written false and defamatory writing, pictures or signs
Direct insurance -A contractual arrangement involving the purchase of insurance by an insured
from an insurer
Directors' and Officers' Liability- D.&O policies contain a two-part wrongful-act definition: 1.
· Any actual or alleged error or misstatement or misleading statement or act or omission or breach of
dutj by directors and officers while acting in their individual or collective capacities. 2. Any matter
claimed against them solely by reason of their being directors or officers of the company.
Disclosure- Communication of information regarding results of a diagnostic test, medical treatment
or surgical intervention
Discovery- The process in litigation by which each party to the action seeks to learn all the facts that
either 1) Support the plaintiff's cause(s) or action, or 2) Supp9rt the defendant's asserted defenses or denials.
Drive-through deliveries - Childbirth resulting in short postpartum stay as determined by the
managed care organization or other health plan.
----:-~-
---------~ __ ___,_;,:___~~;._,~~-,-~---._ .- '---.
Due diligence- Review of an entity targeted for acquisition by the acquiring party to ascertain
pertinent information about its financial and operating history and current status Corporate staff are
generally held to the legal standard of having performed the review with due diligence before making
a recommendation to the board of directors as to whether to proceed with the acquisition.
Duty to defend - Insurer will defend any claim or suit alleging injury or damage and seeking
damages covered under the policy.
Duty to pay damages- Insurer will pay damages covered under the policy retroactive_ date.
E
Elder abuse __: Single or repeated act or lack of appropriate action, occurring within any relationship
where there is an expectation of trust, which causes harm or distress to an elderly person.
Elements of informed consent for research - Include full disclosure of the nature of the research
and the subject~ participation, adequate comprehension on the part of the potential subject and the
. subject's voluntary choice to participate.
Emergency Medical Condition (EMC) 7 Medical condition manifesting itself by acute symptoms of
sufficient severity (including severe p:tin) duch that the absence otimmediate medical attention could
reasonably be expected to' result in:
• Placing the health of the individual in serious jeopardy
• Serious impairment to bodily functions
• Serious dysfunction ofany bodily organ or part
Or with respect to a pregnant woman who is having contractions:
• There is inadequate time tp effect a safe transfer to another hospital before delivery, or
• Transfer may pose a threat to the health or safety of the woman or the unborn child
Note: Regulations define "emergency medical condition'' to include psychiatric illness including
alcohol and drug intoxication.
Emergency Medical Services (EMS) - Provision of services to patients needing immediate care
Emergency Medical Treatment and Active Labor Act (EMTALA)- (42 U.S.C. §§ 1395 et seq.)
1986 federal statute prohibiting the "dumping" of patients presenting to the hospital with ari.
emergent medical condition or in active labor and limiting a hospital's ability to transfer them to
other facilities. EMTALA specifies when and how a patient may be:
• Refused treatment, or
• Transferred from one hospital to another when in an unstable medical condition
Employee Polygraph Protection Act- (29 U.S.C. §§ 2001 et seq.) Federal statutes limiting most
employers' ability to use polygraph testing in applicant screening processes.
Employee Retirement Income Security Act (ERISA) -A comprehensive regulatory system fo.t::
resolving employee benefit disputes. \
Employers' liability- Any of a number of causes of action related to the employment relationship
but falling outside of workers' compensation and employment practices liability insurance coverage, i.
including dual capacity claims, spousal claims and third-party over claims.
;Employment-at-will- Legal doctrine in most jurisdictions that an employer may discharge an
employee for any reason, unless specifically prohibited by law.
F . .
Failure Mode Effects Analysis or Criticality Analysis {FMEA or FMECA) - A proactive, systematic .
assessment used to identify the steps of a process that may be subject to failure in order to design
measures to either prevent or control such failures. If a criticality phase is used in this process, the
perceived level of criticality of each type of potential failure is identified, to .aid in setting priorities for
. establishing control mechanisms. \
Family Medical Leave Act-- (29 U.S.C. §§ 2611 et seq.) Federal statute requiring certain employers
to provide a period of unpaid leave to employees meeting specified criteria in order for them to
receive medical treatment or to provide care to designated family members ..
Federal Emergency Management Agenq (FEMA) - Independent response organization that was
folded into the Department of Homeland Security (DHS) in 2003. The FEMA administrator reports
to the President of the United· States ..
Fiduciary liability- Insurance coverage policy that can be purchased to cover the alleged breach of
the fiduciary responsibility under common law or ERISA for individuals who exercise management or
administrative responsibilities for employee benefit plans.
First party insurance coverage- Provides coverage for the insured's own property or person so that
the insured will be restored to the same financial position that he or she had.prior to the loss.
Food and Drug Administration (FDA) -Federal agency responsible for protecting the public health·
by regulating commerceinvolving food, drugs, medical devices and the like; is authorized to gather
information regarding the safety of medical devices, including adverse incidents attributed to use
undei: the Safe Medical Device Act.
Fraud and abuse- Informal term for the various federal statutes and regulations regarding inappropriate
billing, kickbacks, referrals, etc., related to the federal or state Medicare/Medicaid programs.
Fronting- The use of a licensed, admitted insurer to issue an insurance policy on behalf of a self-
insured organization or captive insurer without .the intention of transferring any of the risk. The risk
of loss is retained by the self-insured or captive insurer with an indemnity or reinsurance agreement.
However, the fronting company (insurer) assumes a credit risk since it would be required to honor
the obligations imposed by the policy if the self-insurer or captive failed to indemnify it. Fronting
arrangements allow captives and self-insurers to comply with financial responsibility laws imposed by
many states that require evidence of coverage written by an admitted insurer, such as for automobile
liability and workers compensation insurance. Fronting arrangements may also be used in business
contracts with other organizations, such as leases and construction contracts, where evidence of
coverage through an admitted insurer is also required.
G
Guardian Ad Litem -Appointed by the court in a particular litigation to represent the interests of a
minor or disabled person. ~
General liability insurance - Coverage for liability arising out of the hazards of the premises and operations
Guaranteed cost- Also known as "fixed cost" or "first dollar" programs, which means insurance
coverage, is provided from the first dollar of loss incurred.
H
Hard market - Insurance industry characterized by escalating premiums, strict underwriting
procedures and limited availability of coverage.
Hazard- A condition that creates or increases the possibility of loss
Hazard analysis - Process of collecting and evaluating information on hazards associated with the
selected process; purpose is to develop a list of hazards that are of such significance that they are
reasonably likely to cause injury or illness if not effectively controlled.
Health Insurance Portability and Accountability Act o£1996 (HIPAA)...:. (42 U.S. C.§§ 201 et seq.)
Amendments to ERISA addressing a variety ofhealthcare-related issues including fraud and abliSe and the
portability of group health insurance benefits as well as mandating specific patient privacy protections. A
federal law that resulted in the promulgation of several regulations including the HIPAA Privacy Rule.
Heuristic - Experience-based techniques for problem-solving, learning and discovery that find a
solution not guaranteed to be optimal, but good enough for a given set of goals. Where th~·-exhaustive
search is impractical, heuristic methods are used to speed up the process of finding a satisfactory
solution via mental shortcut~ to ease the cognitive_load of making a decision. Examples of this
method include using "rule of thumb" or "educated guess".
High reliability organizations - Organizations with systems in place that are exceptionally ':
consistent in accomplishing their goals and avoiding potentially catastrophic errors. \
Source: McKeon LM, Oswaks JD, Cunningham PD. Safeguarding patients: complexity science,
high-reliability organizations, and implications for team training in healthcare. Clin Nurse Spec
2006 Nov-Dec; 20(6):298-304; quiz 305-6)
Hold harmless provision - Contractual clause providing that one party agrees not to pursue a tort
claim for vicarious liability against the other; usually found with indemnification provisions and are
usually mutual.
- Key Terms
"I 221
Hospital acquired conditions (HAC)- Section 5001(c) of Deficit Reduction Act of2005 requires
the Secretary to identify conditions that are: (a) High cost or high volume or both, (b) Result in the
assignment of a case to a DRG that has a higher payment when present as a secondary diagnosis, and
(c) Could reasonably have been prevented through the application of evidence-based guidelines.
~ - -
Source: CMS.gov
Human factors - The interrelationship between humans, the tools they use and the environment in
which liliey 'work.
:I
Source: Risk management handbook
Human subject- A living individual about whom an investigator (professional or student)
conducting research obtains data through intervention or interaction with the individual or
identifiable private information.
I
Incident- Any happening not consistent with the routine operations of the facility or routine care of
a particular patient. Examples: a union strike, a criminal act such as a homicide, or a physical disaster
including hurricanes, bioterrorism threats, etc.
Incurred but not reported (IBNR) -Two components:
• An estimate to cover further development of paid losses or known claimants
• An estimate for the discovery of unknown claimants
Indemnification provision -A contractual clause in which one party agrees to accept the tort liability
and legal defense of another; usually found with hold harmless provisions and are usually mutual.
Indemnity- Amount that the insured person is paid for the covered expense.
Institutional review board (IRB) - Required for any healthcare institution that receives federal
funding for human research from a department or agency covered by the common rule or that
conducts research that is regulated by the FDA.
Insurance -A syst~m by which a risk is transferred to an insurance company that reimburses the
insured for covered losses and provides f<;~r sharing of costs or losses among all insureds.
'·
Insured parties - Organi;zation and employees; other organization has agreed to provide coverage.
Integrated delivery system -A consolidation of a variety of technical, professional and laboratory
services for the purpose of controlling costs
J
Joint and several liability- Liability in which each liable party is individually responsible for the
entire obligation. Under joint and several liability, a plaintiff may choose to seek full damages from
all, some, or any one of the parties alleged to have committed the injury. In most cases, a defendant
who pays damages may seek reimbursement form nonpaying parties.
Joint Commission- Voluntary nonprofit accreditation body that sets standards for hospitals and
other types of healthcare organizations and conducts education programs and a survey process to
assess organizational compliance.
Joint v~nture- An undertaking by two or more entities to pursue business or other ventures. In
many jurisdictions, entities cannot form partnerships; hence they are deemed to be joint ventures;
each joint venture may be liable for the debts and obligations of the joint venture.
M .
Maximum medical improvement (MMI) -In workers' compensation, the point in which the injured
employee has recovered to the maximum e~tent medically expecte~(also called permanent and stationary;
or P&S). When an employee reaches MMI, any residual disability, pain, etc., is expected to be permanent.
Managed care -Any of a number of organizations that arrange for the provision of, and payment for,
healthcare services with an eye toward reducing costs through managing access to specific providers.
Medical emergency- Sudden and/or unanticipated medical event that requires immediate assistance
Medical screening exam (MSE) - Process required to reach with reasonable clinical confidence, the
point at which it can be determined whether a medical emergency does or does not exist applied in a
nondiscriminatory manner (i.e., a different level of care must not exist based on payment starus, race,
national origin, etc.).
Med Watch form - Required form filed by facilities required to report events, injuries of patients
Minimum necessary- Least amount of PHI disclosed to meet the request and accomplish the
intended purpose.
Moonlighting- working at another job after hours of regular job
N
National Labor Relations Act - The main body of law governing collective bargaining explicitly
grants employees the right to collectively bargain and join trade unions; originally enacted by
Congress in 1935 under its power to regulate interstate commerce.
National Practitioner Data Bank (NPDB) -Maintained by the federal government containing reports
on certain individual practitioners. A report must be made by any entity that pays money on behalf of a
practitioner to settle a legal claim asserted against the practitioner. Reports must also be made by hospitals
that reStrict, suspend or terminate a practitioner's privileges to examine or treat patients at the hosp.t~al. ,
\ .
Nose - Under a claims-made form, this is the time between an insured's retroactive date and the
current policy period.
I
Notice of privacy practices {NPP) - Provided by covered entity which delineates how CE routinely'·
uses and discloses PHI, provides the rights and responsibilities of the patient, to whom the patient
may complain.
~.·
0
Occupational Safety and Health Act/Administration- 29 U.S.C. Section 65 i et seq. Federal
statute (and agency created by i~ charged with responsibility for promulgating standards and
enforce.Jillent mechanisms governing worker safety for most industries.
I
Occurrence coverage - Insurance providing coverage for a claim that arises during the policy period,
regardless of when the claim is reported.
. I
p
Patient Safety Organization (PSO) -The Patient Safety Act and the Patient Safety Rule authorize
the creation ofPSOs to improve quality and safety through the collection and analysis of aggregated,
conE.dential data .on patient safety events. This process enables PSOs to more quickly identify
patterns of failures and develop strategies to eliminate patient safety risks and hazards. The Act
extends confidentiality and privilege protections to eligible information developed by providers for
reporting to a PSO (but not to information developed for other purposes), deliberations and analyses
conducted by either a PSO or a provider in its respective patient safety evaluation system (PSES) and
information developed by a PSO for the conduct of patient safety activities.
Source: http:/ /www.pso.ahrq.gov/legislation
Peer review- Process whereby possible deviations from the standard of patient care are reviewed by an
individual or committee from the same professional discipline to determine whether the standard of
care was met and to make recommendations for improving patient care processes. Most jurisdictions
provide at least a limited protection from discovery in civil actions for peer review activities.
Petition - See entry for complaint
Potentially compensable event (PCE) - Encompasses any incident in which there is neither an active
claim nor institution of a formal legal action, including those cases in which an unexpected event has
caused injury, the potential for injury or some expression of dissatisfaction or perception of injury
Professional liability insurance - Coverage for liability arising from the rendering of or failure to
render professional services
Protected health information (PHI) - Includes information regarding a patient's condition and
provision of payment (past, present, future).
Prudent layperson standard- Request of the individual will be considered to exist if a prudent
layperson observer would believe, based on the individual's appearance or behavior, that the
individual needs examination or treatment for a medical condition.
,_
Q
Quality Improvement Organization (QIO) - Successor name for Pros the Centers for Medicare and
Medicaid Services (CMS). Administers the Peer Review Organization (PRO) program designed to
monitor and improve utilization and quality of care for Medicare beneficiaries. The program consists
of a national network of 53 PROs (also known as Quality improvement Organizations) responsible
for each U.S. state, territory and the District of Columbia.
R
Regulation - Legislative mandates such as federal and state law; there are others that reflect
regulatory requirements, such as government-sponsored programs (e.g., Medicare). ·
Reinsufan.ce - Contractual arrangement involving the purchase of insurance by :tn insurer from
~other insurer.
Research -Activity designed to test a hypothesis, permit conclusions to be drawn and thereby to develop
or contribute to general knowledge; also "a systematic investigation, including research development,
testing and evaluation, designed to develop or contribute to general knowledge" (45 CPR 46.102(d)).
Reserves - Estimates of the amount ultimately required to settle a claim or to pay a judgment
(indemnity reserve) and to provide for a defense and pay other allocated expenses related to'·managip.g
a claim (expense reserve).
Respondeat superior ,.... Law doctrine that says an employer is responsible for the acts of employees if
the acts ar~ within the course and scope of their employm~nt.
. - u
Restraint- Any manual method, physical or mechanical device, material, or equipment that \
immobilizes or reduces the ability of a p~tient to move his or her arms, legs, body, or head freely; or
a drug or medication when it is used as a restriction to manage the patient's behavior or restrict the 1
patient's freedom of moyement and is not .a standard treatment or dosage for the patient's condition!·
Source: http:/ /www.cms.gov/Medicare/Provider-Enrollment-and-Certification/
CertificationandComplianc/Downloads/PatientsRights.pdf
s
Safety culture --: Culture of safety emphasizes blameless reporting, successful systems, knowledge,
respect, confidentiality and trust; a culture that looks at the system, the environment, the knowledge,
the workflow, the to9ls and other stressors thai may have affected provider b~havi01: .
···---,---:-:-:_-.-.. ,·:-·--
"""·.21,:-...:...!.-.i._·
Sarbanes-Oxley Act (SOX) - Applies to public companies that are required to file periodic Securities
and Exchange Commission (SEC) Reports under Sections 12 or 15(d) of the Security Exchange Act
of 1934 or if the public company has .filed a registration statement that has not yet become effective
under the Securities Act of 1933.
Seclusion - Involuntary confinement of a patient alone in a room or area from which the patient
is physically prevented from leaving. Seclusion may only be used for the management of violent or
self-destructive behavior. If a patient is free to leave a time out area whenever the patient chooses, this
would not be considered seclusion based on this definition.
Source: http:/ /www.cms.gov/Medicare/Provider-Enrollment-and-Certification/
Certi.ficationandComplianc/Downloads/PatientsRights.pdf
Self-insured retention - The portion of a claim that the insured is required to pay before the insurer
begins to pay. This is similar to a deductible but is frequently funded through a mechanism such as a
self-insurance [Just fund and is larger than a deductible. The insured generally manages claims falling
entirely with the SIR (or contracts with a third party to do so) so that the insurer is involved only if
the amount of the claim exceeds or is anticipated to exceed the amount of the retention. Common in
hospital professional liability programs .
. ~
Sentinel event- Any unexpected occurrence involving death or serious physical or psychological
injury, or the risk thereo£
Single use devices (SUDs) - Devices reprocessed for reuse originally intended for single use.
Soft market - Insurance industry characterized by low premiums, flexible terms and generous capacity.
Stabilized- With respect to an EMC, that no material deterioration of the condition is likely, within
reasonable medical probability, to result from or occur during the transfer of the individual from a
facility, or, with respect to pregnancy, that the woman has delivered, including the placenta.
Standard of care - In medical malpractice cases, a standard of care is applied to measure the
competence of the professional. The traditional standard for doctors is that they exercise the average
degree of skilled care and diligence exercised by members of the same profession, practicing in the
same or similar locality in light of the present state of medical and surgical science. With increasing
specialization, however, certain courts have disregarded geographical considerations holding that, in the
practice of a board-certified medical or surgical specialty, the standard should be that of a reasonable
specialist practicing medicine or surgery in the same specialty. In a legal proceeding, the standard
against which the defendant's conduct is measured. The defendant is expected to act as an ordinary,
prudent person with similar training and skill would have acted in a similar situation. If the defendant's
conduct falls below this standard, the defendant may be determined to have acted negligently.
Stop loss coverage - Provider excess coverage that is usually structured to insure excess clail;ns.
Summons - A notice to the defendants na.f!led in a complaint indicating an action has been filed
against them and that they are required to answer by a specific date and at a specific place.
T
Tail- An extended reporting period whereby a claims-made policy is essentially converted to an
occurrence policy by extending coverage to all claims that arise from the care rendered during the
policy period regardless of when the claim is reported. . .
Telemedicine/telehealth - The use of telecommunications to provide medical information and
services Also, the provision ofhealrhcare consultati<?n and education using telecommunications
networks to communicate information; medical practice across distance via telecommunications and
u
Uninsured parties - Actual or potential codefendants not covered by the organization.
U.S. Patriot Act o£2001- Federal legislation (H.R.3162) that enhances the ability oflaw
enforcement to deter and detect acts of terrorism, including cyber-intelligence gathering, wire tapping
and other means of gathering needed information from designated privacy records.
v
Value creation - In enterprise risk management, takes advantage of the opporrunity to add worth
and the potential for gain and is proaqive. It includes market share, competition, centers of
excellence, financial viability and growth, return on investment, etc.
Value protection - In enterprise risk management, includes preventing loss and harm to assets,
reputation, property and people and is reactive.
Vicarious liability- The imposition of liability on one person for the actionable conduct of another,
based solely on a relationship between the two.persons, such as the liability of an employer for the
acts of an employee.
Vulnerable subjects - Human subjects are considered vulnerable and require special considerations
· if there are legitimate concerns about competency to understand information presented to them and
make reasoned or informed choices; populations include children, pregnant women, prisoners, those
with psychiatric, cognitive and developmental disorders and substance abusers.
w
Whisde-blower - Individual, frequently an employee or former employee, who reports unlawful
activity, such as healthcare fraud and abuse or OSHA violations, to the government or an
administrative agency. Some statutes provide for the whiscleblower to receive a share of fines levied
against the organization for making the report. Most statutes prohibit retaliatory discharge or other
discriminatory actions against an employee who makes such a report.
Workers' compensation - Program that provides protection to workers who are injured while
engaged in the business of their employer. Statutory limits of cov~erage are set by each state.
'
j
228 ASHRM Preparation Guide for the CPHRM Examination l
l
- - - - - .-..
--~-.... . . ~
.~
CPHRM PREPARATION GUIDE
Additional Practice Questions_
The following practice questions are based on domains of the CPHRM exam. For your convenience,
we have provided a blank answer sheet on page 254. Complete these 100 CPHRM practice questions,
and then compare your responses with the correct answers on page 255. Review the topics that may
have been difficult for you. But, remember that success with review questions does not automatically •
predict success with the actual CPHRM exam.
The following questions were developed, in part, from ASHRM's Risk Management Handbook for
Healthcare Organizations.
1. Federal regq.lations governing the "Protection of Human Subjects" define the relationship
between researcher, the institution's research oversight committee (the Institutional Review
Board- IRB), the sponsoring organization and the research subject. Under these regulations,
in the event that a sponsoring institu~on desires to initiate~ research project but the IRB
disapproves, the sponsoring institution: '
A. May initiate the project on its own with the approval of the majority of the institution's board of
directors
B. May obtain the research subject's permission to pursue the project independent of the IRB.
C. May not pursue the research project independently
D. May request special permission to pursue the project from the National Patient Safety Foundation
2. The Healthcare Quality Improvement Act requires the reporting of medical professional
liability payments made on behalf of certain healthcare practitioners to the National
Practitioner Data Bank and the appropriate state licensing hoard within _ _ days.
A.15
B.30
C.45
D.60
3. If The Joint Commission becomes aware of a sentinel event that meets the definition Qf a
reviewable sentinel event, the organization is required to submit to the Joint Commission its ,
root cause analysis and action plan, or otherwise provide for Joint Commission evaluation
of its response to the sentinel event under an approved protocol, within calendar days of the
known occurrence of the event.
A 15
B.30
c. 45
D.60
5. A risk manager should review which of the following information when considering the
effectiveness of an organization's workers' compensation program?
1. Workers' compensation claims history
2. OSHA 300 Log
3. Listing of all employees and volunteers
4. Directors a.O.d officers of the organization
A. 1 and 2 only
B. 2 and 3 only
C. 1, 2 and 3 only
D. All of the above
6. Employee health programs can be used to manage certain risks. Which of the following is NOT
an integral part of an effective employee health program? .
A. Baseline examinations
B. Job descriptions with quantifiable physical-based criteria
C. Mandatory vaccination programs
D. Interaction with injured employees ,
'··
7. Which of the following should be included in an institution's contract with a vendor for
biomedical equipment?
1. The responsibilities of each party regarding preventative and ongoing maintenance of the
particular biomedical equipment
2. A guarantee of equipment "uptime" or prompt provision of a substitute acceptable to the facility
• for biomedical equipment critical to patient care
3. A procedure for the vendor to directly notify the institution regarding identified product hazards
or recalls
4. A contingency plan in the event of an internal disaster
A. 1 and 2 only
B. 2 and 3 only
C. 1, 2 and~ only
D. All of the above
--.-----,:-:·;:'~·.
8. Having performed an investigation of a patient's complaint, the patient grievance review
committee determined that the hospital faced a significant liability exposure, turned the results
of the investigation over to their attorney, and then told the risk manager that these results
would not be shared with the patient. The risk manager reminded them that the patient was,
nonetheless, still entided to the results of the investigation pursuant to:
A. The Healthcare Quality Improvement Act
B. Patient Self-Determination Act
C. Patient's Rights Conditions of Participation
D. Health Insurance Portability and Accountability Act
10. It is the risk manager's responsibility to report actual or potential claims to the healthcare
organization's insurance provider. Which of the following are generally considered reportable?
1. Lawsuits
2. Claims
3. Potentially compensable events
4. Patient complaints
A. 1 only
B. 1 and 4 only
C. 1, 2 and 3 only
D. All of the above
11. Which of the following statements regarding the use of restraints are TRUE?
1. Wrist or vest devices can be considered restraints
2. Locked seclusion is considered a form of physical restraint
3. Medication used to significandy alter a patient's behavior on an emergency basis is considei~d a'
form of chemical restraint
4. Voluntary use by a patient of an unlocked "quiet room" is NOT considered a form of physical restr$t
'·
A. 1 and 2 only
B. 1 and 3 only
C. 1, 2 and 3 only
D. All of the above
A 1 only
B. 1 and 2 only
C. 3' and 4 only
• D. 2, 3 and 4 only
13. One of the risk manager's responsibilities, in concert with the organization's legal counsel, is
to prepare a_witness for trial. In that regard, which of the following statements is FALSE?
A A witness should be prepared to give personal and professional information.
B. A witness should not pause before answering questions.
C. A witness should give brief answers.
D. A witness should tell the truth.
i '
14. The legal theory res ipsa loquitur would most likely apply to which of the following scenariosr
A. A unit of blood is given to the wrong patient
B. A hurricane damages visitors' vehicles on hospital property
C. A surgical instrument is rnisr::kenly left in a patient during a cesarean section
D. A visitor falls on the sidewalk and fractures her hip
16. Which of the following is NOT part of risk identification and analysisr
A Gen~ric occurrence screening
17. Which is NOT a role of the risk manager when it is determined that a medical record has
been altered?
A. Call the police
B. Conduct an investigation
C. Report the occurrence to external licensing boards as appropriate
D. Preserve the medical record and deter alterations
18. According to HIPAA, which of the following disclosures are permitted without an individual's
authorization and without granting the individual an opportunity to agree or object to the •
disclosure?
1. A physician discloses an individual's medical record to a colleague, who is a cardiac surgeon, for
review pri?r to consultation on that individual's heart condition.
2. A hospital discloses individually identifiable health information to the company that provides its
billing services. ·
3. A hospital discloses a patient's name ~d general condition injts facility directory.
4. A nursing home discloses patient health information to an accreditation organization for the
purpose of obtaining accreditation.
A. 1 and 4 only
B. 1, 2 and 4 only
C. 1, 3 and 4 only
D. All of the above
20. The insurance industry is cyclical. It is characterized by periods of time noted as "hard" and
"soft" markets. Which of the following statements is TRUE?
A. During a hard market, coverage is available and affordable
B. A hard market is characterized by flexible coverage terms
C. During a hard market, coverage may not be available at any cost
\',
·,
D. Hard market cycles last longer than soft market cycles
A. 1 and 2 only
B. 3 only
C. 1, 2 and 3 only
D. All of the above
•
23. Which of the following is true regarding ownership of medical records?
A. All medical record.s are owned exclusively by the entity that creates them.
B. The patient owns the information, but the healthcare entity owns the record.
C. No one "owns" a medical record, legaOy speaking.
D. All medical records are owned exclusively by the patient.
24. Changes to the federal EMTALA regulations that became effective in November 2003 include
.:which of the following?
1. All hospitals must have physicians on call 24 hours a day, seven days a week
2. Physicians are not allowed to schedule elective procedures when they are on call for emergencies.
3. The EMTALA regulations no longer apply to inpatients.
4. The definition of "hospital property" was narrowed.
A. 1 and 2 only
B. 3 and 4 only
C. 1, 2 and 4 only
D. 2, 3 and4 only
27. Which of the following statement about reporting a sentinel event is FALSE?
A. Hospitals are required to investigate sentinel events that result in death or serious injury
B. Internal data is always protected under the state's peer review privilege
C. The outside agency that the event is reported to may use this data in generating its report
D. Hospitals are encouraged but not required to self-report these events
28~ Which of the following has the responsibility to determine initial emergency response level?
A. The emergency medical technicians responding to the scene
B. The emergency room physician scheduled to receive the patient
C. Dispatch personnel in accordance with policies and procedures appr~ved by the medical director
D. The medical expert at the scene
30. Which of the following is NOT ground for wrongful termination liability?
A. Violation of state wages and hours statutes
B. Hostile work environment
C. Quid pro quo sexual harassment
D. Discriminatory hiring/discipline based on sexual orientation
A. 2 and 3 only
B. 2 and 4 only
C. 2, 3 and 4 only
D. All of the above
32. Which of the following criteria are necessary to establish that a healthcare advertisement is
deceptive?
1. The advertisement contains a representation or omission that is likely to mislead a consumer
2. The advertisement is in poor taste.
3. Consumers likely to be misled by the advertisement are "reasonable people," representative of the
audience targeted by the advertisement.
4. The representation or omission has a real impact on the consumer's choices.
A. 2 and 4 only
B. 1, 3 and 4 only
C. 2, 3 and 4 only
D. All of the above
33. Which of the following should prompt a root cause analysis according to Joint Commission
standards? \
1. Surgery performed on the wrong body part
2.Infantabduction
3. Non-hemolytic transfusion reaction
4. Death from a community-acquired infection
A. 1 and 2 only
•
B. 1, 2 and 3 only
C. 1, 2 and4 only
D. All of the above
34. With regard to the alarm, which of the following is the most accurate statement?
A. The nurse should be disciplined for turning off the alarm before the patient was found.
B. The nurse should not have gone outside since other residents may have been placed in jeopardy.
C. The alarm switch should be relocated to the points of exit so the alarm can be deactivated only at
the locaii.on where the alarm was activated.
D. No action is warranted since the system worked the way it was designed.
~ '
35. With regard to the incident report, which of the following'is the most accurate statement?
A. No incident report was necessary since the resident was not harmed.
B. The nurse should not have copied the incident report and placed it in the medical record.
C. The nurse's note should not have mentioned the event.
D. No action is warranted since the personnel followed policy.
40. Issues surrounding the disposal of biomedical equipment generally fall into two categories:
1) the sale, donation or abandonment of ahealthcare facility's equipment to another entity,
group, or individual; and 2) the acquisition of a piece of biomedical equipment that is being
disposed of by another facility.
Based on the above, which of the following are key risk management considerations?
1. The selling/donating entity could find itself being considered part of the distribution chain, with a
potential for product liability exposure.
2. The capital outlay to acquire the piec~ofbiomedical equipment or the potential income to the
entity if they are the seller. ·
3. Compliance with FDA-mandated medical device tracking and documentation requirements that
may be associated with the disposal.
4. If the selling/donating entity is a tax exempt organization, it might jeopardize its tax exempt status.
A. 1 and 3 only
• B. 2 and 3 only
C. 1, 2 and 3 only
D. All of the above
A. 2 and 3 only
·'
B. 2 and 4 only
C. 1, 2 and 3 only
D. 1, 2 and 4 only
42. A 44-year-old man develops severe chest pain while mowing his lawn. His family calls
911, and he is rushed via ambulance to one of the local hospitals. The emergency room
physician performs a comprehensive workup and discharges the patient with a diagnosis of
costochondritis. He dies that night while asleep in his own bed. The patient's family files suit
against the hospital and the emergency physician, a contracted provider for the hospital. The
most likely legal theory that can be used against the hospital would be:
A. Medical malpractice
B. Res ipsa loquitur
C. Contract liability
D. Ostensible agency
43. Which of the following are advantages of using an alternative dispute resolution meehanism
as compared to going to trial?
1. Better outcome
2. More economical
3. Less hostile
4. Quicker
A. 1 and 2 only
B. 1, 2 and 3 only .
\',
C. 2, 3 arid 4 only
D. All of the above
A 1 only
B. 1 and 2 only
C.,1, 2 and 3 only
D. All of the above
•
45. Mature or emancipated minors generally can consent to treatment of which of the following?
1. Sexually qansmitted disease
2. Pregnancy
3. Alcohol abuse
4. Mental health
A 1 and2 only
B. 1, 2 and 3 only
C. 1, 2 and 4 only
D. All of the above
46. The risk manager should be vigilant in assessing the quality of medical record documentation,
looking for opportunities to enhance the yalue and quality of the medical record. This can be
done in which of the following ways?
1. Participate in general orientation foi'new employees.
2. Collaborate with Medical Records Department personnel.
3. Review incident patterns and trends for documentation issues and problems throughout th~ organization.
4. Contact defense counsel whenever there is a violation of a documentation guideline or standard of
practice.
A. 1 and 3 only
• B. 3 and 4 only
C. 1, 2 and 3 only
D. All of the above
50. Which of the following statements about occurrence and claims-made insurance policies is TRUE?
A. Invariably, an "occurrence" policy will cost less than a "clain'l.s-maqe" policy
B. Not all brokers and insurance carriers are able to offer "claims-made" coverage
C. Termination of "claims-made" coverage normally requires purchase of a "tail"
D. An "occurrence" policy always quotes higher deductibles than "claims-made"
51. The Patient Self-Determination Act obligates which of the following entities to provide their
clients with information regarding advance directives?
1. Hospitals
2. Physician's offices
I<
3. Health maintenance organizations (HMOs) \
A. 1 and 2 only
B. 1, 2 and 4 only
C. 1, 3 and 4 only
D. All of the above
' .:I
53. Reserving a claim - that is, identifying what amount of money will be paid out in indemnity
and loss adjustment costs by the time the case is settled or resolved- is more an art than a
science. Therefore:
1. Reserves should reflect only the insurance coverage available.
2. Reserves should be based on all the information available.
3. Reserves should not take into account immunity provisions in either contracts or statutes.
4. Reserves should be changed every 90 days.
A. 2 only
B. 1, 2 and 3 only
C. 2, 3 and 4 only
D. 1, 2 and4 only
54. Behavioral health patients must be assessed for the risk of suicidal ideation or homicidal acts
in order to protect the patient and community. Select the following statement that is NOT an
appropriate risk control practice when managing a patient who is at risk of suicidal ideation
or homicidal acts. ·
A. When an individual who is at risk of suicide or homicide is placed on close observation (1: 1),
the staff member.performing the 1: 1 duty must always have total visual contact with the patient
including bathroom and grooming activities
B. A staff member performing 1:1 duty s~uld not have other assigned duties.
C. When a body search is determined necessary; it should be conducted by a same-sex professional
staff member and does not require a witness to be present
D. The physical environment must be modified to protect the behavioral health patient from suicide
attempts including the use of "break away' shower rods and showerheads, shatterproof mirrors
and fully enclosed plumbing in the bathrooms.
55. U.rlder EMTALA regulations, the Emergency Department must maintain a roster of
physicians who are available on-call to provide consultation or care for EMTALA patients. If
the hospital cannot provide complete on-call coverage for a particular service represented by
the medical staff:
A. The hospital may be fined up to $50,000.
B. The hospital must make efforts to arrange for such coverage to the best of its ability.
C. The hospital will lose its Medicare certification.
D. The hospital must post information to this effect in each public area.
l__
--~~- -' '..:.
56. If a state has its own occupational safety and health agency:
A. The federal OSHA regulations pre-empt the state regulations
B. State regulations must conform to the federal regulations
C. State regulations can be less strict than the federal regulations
D. State regulations can be stricter than the federal regulations
58. A central log must be kept of everyone who comes to the Emergency Department seeking
emergent care. Such logs must also: be maintained by dep~ents that:
' '
A. Provide case management services to patients
B. Counsel patients as to the availability of alternative healthcare services within the community.
C. Offer non-scheduled primary care services
D. None of the above
· 59. Most healthcare risk managers gain access to the commercial insurance market by using an
insurance broker or agent. Which of the following statements is FALSE?
A. Agents are insurance professionals who represent the insured.
B. Brokers participate in the evaluation of risk potential.
C. Brokers are independent insurance professionals who represent the insurance buyer to the
insurance company.
D. Brokers are compensated on a commission and/or fee basis.
60. The insurance coverage a hospital purchases may be written on either an occurrence or claims-
made basis. Which of the following statements are TRUE?
1. An occurrence policy covers an insured for incidents that occur while the policy is in effect,
regardless of when the incident is reported to the insurer. .
2. A claims-made policy covers an insured for incidents that occur and are reported to the insurer
while the policy is in force.
3. Regardless of which type is purchased, supplemental tail coverage must be purchased, too. "
4. For coverage to apply under a claims-made policy, the incident or claim must have occurred' bef~re '
the retroactive date of the policy.
A. 1 only
B. 1 and 2 only
C. 1, 2 and 3 only
D. All of the above
61. The Patient's Rights Conditions of Participation mandates that a patient placed in a restraint
for behavioral reasons must be seen and assessed by a "licensed independent practitioner'':
A As soon as possible
B. lmm~diately
C. Within one hour of initiating the restraint
D. Wit4in rwo hours·ofinitiating the restraint
',I
62. A 12-year-old female is administered an excessive amount of a drug and develops transient
tachycardia that necessitates monitoring in the pediatric intensive care unit for eight hours. If
the preliminary information indicates there is clear liability on the part of the organization,
the most pmdent course of action for the risk manager would be to:
A Complete the investigation but take no further action since the tachycardia was only transient.
B. Review the patient's medical record to determine who, according to HIPAA regulations, is the
appropriate p:uent or guardian in case the risk manager is approached by the patient's family.
C. Inform the physician who ordered the medication so he can notifjr his malpractice insurance carrier.
D. Make direct contact with the claimant as soon as is practicable in accordance with the
organization's disclosure of unanticipated outcomes policy.
A 1 and2 only
B. 1 and 3 only
\._
C. 1, 2 and 3 only
D. All of the above
64. Disasters can strike at anytime, anywhere. Hospitals that are accredited by the Joint
Commission must ensure that they can document they are prepared for such disasters by
doing which of the following?
1. Pe,rforming at least four drills a year
2. Evaluating each drill formally
3. Performing no more than two tabletop drills annually
4. Ensuring that drills are conducted no closer than 4 months apart
A 1 and2 only
B. 2 and 3 only
C. 2 and 4 only
D. 1 and 3 only
67. Which of the following is NOT true regarding child abuse and neglect reporting?
A. Child abuse and neglect reporting laws have been enacted ih every state in the U.S.
B. Practitioners face possible litigation for failure to act when they have a suspicion of child abuse
C. Practitioners are generally given immunity from liability when reporting in good faith
D. Healthcare practitioners are voluntary reporters of child abuse
• 68. One of the most important considerations when purchasing property insurance is:
A. Finding a local broker or insurance carrier who knows the geographic area
B. Whether "actual cash value" or '"replacement cost" is covered in case ofloss
C. Choosing an insurance carrier that also offers other insurance products
D. Whether higher deductibles are available for specific categories of losses
69. Within the Safe Medical Device Act, the Food and Drug Administration {FDA) defined a
reportable event as "information [from any source] that reasonably suggests that a device has
or may have caused or contributed to a death or serious injury." Such events must be reported
to the FDA alone whenever:
1. They involve a serious patient injury
2. They involve a patient death
3. The identity of the manufacturer of the device is unknown
4. The distributor of the device is unknown
A. 1 and 2 only
B. 2 and 3 only
C. 1, 2 and 3 only
D. All of the above
D. Number ofFTEs and employers' loss experience relative to other industry employers
. I
71. Whic~ of the following statements about peer review records is NOT correct?
A. Peer review records are protected from discovery by state statutes.
B. By transferring peer review records to an attorney, they become privileged.
C. Peer review records often contain confidential data about uninvolved patients.
D. Members of peer review committees have statutory immunity from lawsuits.
72. When a potentially compensable event occurs and it is determined that the event might be a
significant one, the original medical records should be:
A. Stored in the risk manager's office
B. Secured in the Medical Records Department with only limited access
C. Sent to the defense attorney with a valid copy maintained securely in the Medical Records
Department ·
D. Microfiched, microfilmed or digitally recorded immediately
73. Congress, in its Patients' Bill of Rights, directed states to ensure that behavioral health
patients receive the protection and services they require. In order to preclude the possibility
of litigation and control risk, organizations must ensure that the provisions of these rights are
implemented. Select the following statement that does NOT correctly represent the protection
afforded to behavi~ral health patients.
A. Patients have a right to receive treatment in an environment free from restraint and seclusion.
B. Behavioral health patients must receive ihitial medical, psychosocial and behavioral health
assessments that are used in the development of specific plans of care with measurable goals and
achievable treatment objectives.
C. A general consent for the release of medical information typically used by other healthcare
services is sufficient when a patient has received treatment for a behavioral health diagnosis and! or
treatment for drug or alcohol abuse.
D. Behavioral health patients have the right to review and/or obtain copies of clinical records; however,
access to behavioral health records by other individuals and organizations is specifically restricted.
7 4. Protecting outdoor air intakes can mitigate the risk of terrorist acts of introducing airborne
agents into a facility. Steps to accomplish this include:
1. Relocate intakes to a rooftop or higher up on the building
2. Establish a security zone around the ii:uakes
3. Add lighting and surveillance cameras to monitor the intakes
4. Implement negative ventilation throughout the building
A. 1 and 2 only
B. 2 and 3 only
C. 1, 2 and 3 only
D. All of the above
75. Workers' ~ompensation injuries often can be substantial not only from a medical cost
perspective but also from a productivity standpoint. One of the best ways to reduce workers'
compensation claims related to rep~titive motion injuries is to:
' \
A. Perform an ergonomic evaluation
B. Have an appropriate wellness program
C. Enhance on the job training
D. Offer annual physicals
76. A federal law that serves to limit the liability of hospital trustees is the:
A. Healthcare Quality Improvement Act
B. Limited Liability Act
C. Healthcare Not For Profit Corporation Act
D. Volunteer Protection Act
77. The best content and format for a risk manager's report to the board is:
A. A single, comprehensive report that provides as much information as possible on all available data
B. Several separate, comprehensive reports containing all available data
C. A short, easy to read report tracking the organization's risk management trends over time in a
graphic format ·
D. A short report that contains only the information deemed relevant by the risk manager and the CEO
78. As provided for within the Patient's Rights Conditions of Participation, all patient dea~
associated with the use of restraints must be reported to the: ;
.
A. Centers for Medicare and Medicaid Services
B. Office of Civil Rights
C. Food and Drug Administration
D. Office of the Inspector General
81. On a steamy summer afternoon, an 86-year-old female is walking toward the entrance of a
physician's private-practice office. There was a light rainfall two hours before. As she steps
from the parking lot to the sidewalk, she slips on the curb. She tears her dress and stockings.
The woman now seeks reimbursement for her damages after hearing that a portion of the
sidewalk near the .door was to be replaced the day after she fell. Which of the following
defenses could reasonably be employed to deny this claim?
1. The fall was an act of God since it raineclearlier.
2. The sidewalk that was replaced the day after her fall was not the proximate cause of her fall.
3. The damages were minimal so no compensation was warranted.
4. There was no breach of duty.
A. 1 only
B~ 1 and 4 only
C. 2 and 4 only
D. All of the above
83. Freestanding behavioral health organizations are considered to be those that are not hospital
based and!or not considered to be part of the services offered by an acute care general hospital'
or behavioral health inpatient hospital. Which of the following statements regarding risk
control practices in a freestanding behavioral health organization are TRUE?
1. The or~zation must require formal, written contracts with all independent contractors.
2. The orgacization must require all independent practitioners to maintain professional liability I
insurance in amounts deemed appropriate by the organization and in accordance with any state !
A. 1 and 2 only
B. 2 and 3 only
C. 2, 3 and 4 only
D. All of the above
84. A contract involving professional services should always include minimum amounts of which
of the following coverages?
1. Professional liability
2. Workers' compensation
3. Directors and officer's
4. General liability
A. 1 only
B. 1 and 2 only
C. 1 and 4 only
D. All of the above
\',
85. The report "To Err Is Human'' concluded that approximately 44,000 to 98,000 inpatiehts J.ie
annually as a result of medical errors. 'Ibis report was originated by:
A. The Institute of Medicine
B. The Joint Commission
C. The Office of the Inspector General
D. The Centers for Medicare and Medicaid Services
87. To encourage $e participation of physicians in the peer review process, federal law provides
protection from civil liability for those who participate in good faith in this endeavor. The
specific federal law that provides such protection is:
A. Health Insurance Portability and Accountability Act
B. Healthcare Quality Improvement Act
C. Medical Staff Conditions of Participation
D. Quality Standards Act
88. If the above organization has not had a claim paid during the year, what amount would be
available for the first claim?
A. $2,000,000
B. $6~000,000
c. $10,000,000
D. $12,000,000
90. If the above organization loses three consecutive $2,000,000 cases then loses a case for
$3,000,000, how much money &om the SIR will be used to pay the fourth claim?
A. $0
B. $1,000,000
c. $2,000,000
D. $3,000,000
91. A 72-year-old Alzheimer's patient develops acute congesti~ heart failure. Several invasive
procedures are performed, but the patient dies within 12 hours of admission. His family files
a wrongful death lawsuit naming all the physicians and the hospital as defendants. At trial,
the standard of care in the above case must be determined by:
A. Case law
B. Expen opinion
C. State and federal law
D. Professional standards
92. According to the Healthcare Quality Improvement Act, which of the following require(s)
reporting of the medical professional liability payments to the National Practitioner Data Bank?
1. A verdict against a dentist
2. A verdict against a physician
3. A verdict against a solo physician's practice corporation
4. A verdict against physician group practice corporation
A. 2 only
B. 1, 2 and 3 only
C. 2, 3 and 4 only
D. All of the above
. 93. A physician has a $2-million policy limit with a $100,000 per claim deductible. How much
\',
·~ '
total insurance does the insured have?
A. $2,100,000
B. $1,900,000
c. $1,800,000
D. Less than $1,800,000
95. The Joint Commission has developed numerous patient safety goals. Which of the following
is NOT one of the goals?
A Improve the accuracy of patient identification
B. Improve the effectiveness of clinical alarm systems
C. Improve safety in the Emergency Department
D. Improve the effectiveness of communication among caregivers
96. The Joint Commission is concerned about workforce shortage and is requiring hospitals to
develop screening criteria for monitoring the problem. Which criteria are acceptable to the
Joint Commission?
1. Number of skin breakdowns
2. Number of adverse drug events
3. Number of patient-related lawsuits
4. Number of nursing care hours per patient day
A 1 and2 only
B. 1, 2 and 3 only
C. 1, 2 and 4 only
D. All of the above
97. An employer may decline to hire a disabled applicant otherwise qualified for the job:
A If the applicant refuses to describe or explain her disability
B. If the applicant might present a safety risk to herself or her co-workers
C. Ifthe applicant cal:mot explain or demonstrate how she would actually perform her job when asked to do so
D . .t)ll of the above
99. Managing a request for insurance proposals is a complicated yet necessary task. With regard
to market proposals and conceptual proposals, which of the following is FALSE?
A The market method selection process is simpler and more straightforward
B. Pricing all lines of coverage by market assignments is difficult for a program that has multiple
renewal dates
C. The conceptual approach is more objective
D. The conceptual approach allows factors other than cost to be considered
100. IDPAA requires a written agreement for covered entities and business associates in which of
the following situations?
1. A skilled-nursing facility transferring patients to a hospital pursuant to a transfer agreement
2. A transcdption service providing medical record transcription for a physician's office
3. A hospital contracting for exterior maintenance services
4. A software maintenance company PFoviding services to a hospital's finance functions
, .,
A 1 and2 only
B. 2 and 4 only
C. 1, 2 and 4 only
D. All of the above
5. . 30 . 55. 80.
' ..
------'------'--'------'----'"'- --- -----~--- -' ·----·