Risk
Management
Process
and
Enterprise
Risk
Management
(ERM)
Dr
Arjaty
Daud
MARS
Disampaikan
pada
Kuliah
Program
Magister
Administrasi
RS
Tujuan
1.
Mahasiswa dapat menyebutkan tujuan
mata ajar risk management process and
enterprise risk management
2.
Mahasiswa dapat menguraikan topik- topik
dan jadwal mata ajar risk management
process and enterprise risk management
3.
Mahasiswa dapat menggambarkan sistem
evaluasi pembelajaran dan buku wajib
The
Five
Steps
In
The
Risk
Management
Process
(ARM)
1.
Identify
loss
exposures
2.Examine
potential
risk
management
technique(s)
3.Select
risk
management
technique(s)
4.Implement
technique(s)
5.Monitor
results
The
Risk
Management
Process
Loss
Prevention
(frequency)
Net
Incom
e
Liab
ility
Pers
onnel
Contractua
l
Transfer
(nonins
urance)
Prop
erty
Active
Non-insuran
ce
&
Self-insuran
ce
Lo
ss
Risk
Analysis
+
Loss
Frequenc
y:
Howlikely
is
it
that
a
loss
will
happen?
+
Loss
Severity:
Howseriou
s
will
the
loss
be?
Ins
urer
A
carri
er
Pass
ive
Not
reco
gnize
Non-Insure
r
Hold
harmle
ss
agree
ments
Risk
Identific
ation
+
Identify
the
loss
Segre
gation
Loss
Reduction
(severity)
Tran
sfer
Risk
Financin
g
Rete
ntion
Treat
the
Exposure
Through
RM
Techniques
Identify/
Analyze
Exposure
Risk
Avoidan
ce
Risk
Contro
l
Risk
Management
Process
Arjaty
Daud/2017
5
1. Risk
Identification
–
Mengkategorikan
dan
mencatat
sumber2
kemungkinan
kerugian
1. Risk
Analysis
• Menetapkan
Frequency
of
Occurrence
/
Loss
Risk
Treatment
3.Risk
control
techniques
:
3. Risk
Avoidance
4. Loss
Prevention
5. Loss
Reduction
6. Segregation
of
Exposure
Units
7. Non-Insurance
Transfer
4.Risk
financing
•Risk
Transfer
•Risk
retention
RISK
CONTROL
Arjaty
Daud/2017
8
1. Risk
Avoidance
•Menghindari
/
tidak
terlibat
dalam Kegiatan
risiko
terkait
2.
Loss
Prevention
Arjaty
Daud/2017
9
Reduksi
/
Eliminasi
kemungkinan
Loss
Contoh
:
Surgical
Instrument
Counts
Infection
Control
Procedures
Safety
Programs
Credentialing
3.
Loss
Reduction
Arjaty
Daud/2017
10
• Reduksi
potensial
dampak
Loss
/
Reduksi
potensial
Severity
Loss
• Examples
– Team
to
Respond
to
Cardiac
or
Respiratory
Distressed
Patients
/
Code
Blue)
– Sprinkler
System
4.
Segregation
of
Exposure
Units
Arjaty
Daud/2017
11
• Pemisahan
(Separation):
–
Membagi
Aset
/
kegiatan
menjadi
dua
atau
lebih
di
lokasi
yang
terpisah
(Mengurangi
Risiko
Rugi
dalam
satu
kejadian)
•
Contractual
Transfer
(Non-Insurance)
• Membuat
Kontrak
dan
Pergeseran
Saat
ini perkembangan
RM
menjadi
lebih
sentralisasi
(ERM)
karena
:
•
Globalisasi
keuangan
&
bisnis
•
Integrasi
industri
asuransi
•
Meningkatnya
regulasi
•
Lebih
fokus
pada
tata
kelola
korporasi
•
Clinical
governance
&
keselamatan
pasien
The
traditional
six-step
RM
process
:
1.
Identifkasi
risiko
2.Analisa
risiko
3.Mengembangkan
teknik
pengelolaan
risiko
(treat
risks)
4.Memilih
teknik
kelola
risiko
yang
terbaik
(selection
of
best
risk-treatment
techniques),
5.Implementasi
teknik
yang
dipilih
6.Monev
efektivitas
manajemen
risiko
Enterprise
Risk
Management
:
2.lebih
mengintegrasikan
manajemen
risiko
kedalam
struktur
organisasi
3.pendekatan
interaktif
untuk
identifkasi
risiko,
analisa
&
kelola
melalui
prinsip
manajemen
risiko
kedalam
operasional
korporasi
&
Renstra
Definisi
Enterprise
Risk
Management
(ERM):
Arjaty
Daud/Esa
Unggul
2016
14
•
Suatu
Proses
yg dilakukan
oleh
BOD dan manajemen
di
semua level unit
yang
dirancang
dalam suatu
strategi
Institusi
untuk
mengidentifikasi kejadian
potensial yang dapat mempengaruhi Institusi dan
mengelola risiko tersebut
untuk
pencapaian
tujuan
institusi
•
ERM
menggunakan
pendekatan
fungsi
silang
untuk
ases,
evaluasi,
dan
mengukur
semua
risiko
institusi,
tidak
hanya
yang
terkait
dengan
risiko
yang
bisa
The
ERM
Framework
4
KATEGORI
8
KOMPONENi
4
LEVEL
Tujuan
•Dalam
konteks
menetapkan
misi
atau
visi
korporasi,
manajemen
menetapkan
tujuan
strategi,
memilih
strategi,
dan
menentukan
tujuan
yang
sejalan
dengan
korporasi
Arjaty
Daud/Esa
Unggul
2016
16
•Framework
ERM
diarahkan
untuk
mencapai
tujuan
korporasi.
EMPAT
KATEGORI
:
•Strategic
–
tujuan
sesuai
dengan
misi
•Operations
–
effective
and
efficient
use
of
its
resources
•Reporting
–
reliability
of
reporting
Delapan
Komponen
ERM
Arjaty
Daud/Esa
Unggul
2016
17
ERM
terdiri
dari
DELAPAN
KOMPONEN
saling
terkait
yang
diperoleh
dari
cara
manajemen
mengelola
korporasi
dan
integrasikannya
dalam
proses
manajemen
•
Internal
Environment
Lingkungan
internal
meliputi
“Tone”
organisasi,
dan
menetapkan bagaimana
risiko
diidentifikasi
dan
ditangani
Manajemen
termasuk
filosofi
manajemen
risiko,
integritas
dan
nilai2
etika,
dan
lingkungan
di
mana
mereka
bekerja
•
Objective
Setting
Tujuan
harus
dibuat
sebelum
manajemen
mengidentifkasi
potensial
event.
ERM
memastikan
bahwa
organisasi
dijalankan
3. Event
Identification
Kejadian
internal
&
eksternal
yg
mempengaruhi
pencapaian
tujuan
korporasi
harus
diidentifikasi,
bedakan
antara
risiko
dan
peluang.
Peluang (lihat
kembali Renstra
dalam
menentukan
tujuan)
4.Risk
Assessment
Risiko
dianalisa,
dihitung
peluang
dan
dampak,
sebagai
dasar
mengelola
risiko
•
Risk
Response
Manajemen
memilih
respon
terhadap
risiko
:
17
a. tolak,
b. terima,
c. reduksi,
6. Control
Activities
Kebijakan
&
prosedur
ditetapkan
&
diimplementasi
untuk
memastikan
respon
riisko
dilaksanakan
dengan
efektif
•
Information
and
Communication
Informasi
yang
relevan
diidentifkasi,
dikomunikasikan
dalam
bentuk
&
jnagkawaktu
yang
membuat
individu
melaksanakan
tanggungjawabnya.
Komunikasi
efektif
juga
terjadi
sangat
luas
diseluruh
korporasi
(kebawah,
kesamping
dan
keatas)
•
Monitoring
ERM
dimonitor
&
dimodifkasi
jika
diperlukan.
Monitoring
dicapai
melalui
aktiiftas
manajemen.
ERM
dilakukan
disetiap
level
orgsnisasi
:
EMPAT
LEVEL
:
•Entity-level
•Division
•Business
unit
processes
•Subsidiary
Areas
to
Assess
Definitions of Risk. (ERM
)
1.Definisi
pertama
:
event
atau
aksi
yang
bisa
berdampak
pada
kinerja
keuangan
atau
operasional
RS.
—
Risiko
harus:
1.didefiniskan
secara
spesifik
2.terukur,
gunakan
standar
akunting
unit
seperti
revenue
atau
kunjungan
pasien
• bisa
diamati
sepanjang
waktu
2.Definisi
kedua:
risiko
tidak
terjadi
secara
terisolasi
namun
diidentiifkasi
secara
kelompok
Domain
risiko
1.
Operational
2.
Financial
3.
Human
Capital
4.
Strategic
DOMAIN
RISIKO
:
1.Risiko
operasional.
timbul
dari
praktik
bisnis
utama
organisasi.
Dalam
organisasi
kesehatan,
risiko
operasional
terkait
dengan
pelayanan
kesehatan.
•
Risiko
keuangan
.
berhubungan
dengan
kemampuan
organisasi
untuk
meningkatkan
dan
mempertahankan
akses
ke
modal,
masalah
kontrak,
biaya
risiko,
dan
evaluasi
dukungan
pemasok.
Domain
ini
termasuk
risiko
untuk
pembiayaan,
seperti
asuransi.
3. Risiko
modal
manusia.
kemampuan
organisasi
untuk
memperoleh,
mengelola,
dan
mempertahankan
pekerja.
Kompensasi
pekerja,
pekerjaan
dan
lingkungan
bahaya,
omset,
absensi,
kekerasan
di
tempat
kerja,
pelecehan,
dan
diskriminasi
masuk
dalam
domain
ini
4. Risiko
strategis.
Risiko yang
berdampak
pada
pertumbuhan
organisasi.
Risiko
strategis
termasuk
merger,
akuisisi,
usaha
patungan,
dan
kewajiban
iklan.
Juga
meliputi
risiko
reputasi
yang
terkait
dengan
hubungan
masyarakat
dan
ekspektasi
kinerja
bagi
organisasi
oleh
pasien
dan
pembayar.
5.
Hukum
dan
peraturan
risiko
. termasuk
risiko
yang
terkait
dengan
aturan
yang
diamanatkan,
peraturan,
UU
dan
standar.
Dalam
pelayanan
kesehatan,
peraturan
dan
standar2
ini
banyak
dan
rumit.
Contoh akreditasi
dan
privasi
dan
peraturan
keamanan.
6.
Risiko
teknologi
.
berhubungan
dengan
teknologi
baru.
Ini
adalah
domain
resiko
yang
tumbuh
dalam
pelayanan
kesehatan
dan
termasuk
perangkat
biomedis,
telemedicine,
obat
elektronik,
sistem
informasi
manajemen
risiko
dan
teknologi
informasi
lainnya,
usang
dan
peralatan
Domain Description/Example
1 Operational Thebusinessofhealthcareisthe deliveryofcarethatissafe,timely, effective,efficient,andpatient-centeredwithindiverse populations.Operationalrisksrelatetothoserisksresultingfrominadequate orfailedinternalprocesses, people,orsystemsthat affectbusinessoperations.Includedarerisksrelatedto:adverseeventmanagement,credentialingandstaffing,documentation, chainofcommand,anddeviationfrompractice.
Risksassociatedwiththedeliveryofcaretoresidents,patientsandotherhealthcarecustomers.Clinicalrisksinclude:failuretofollow evidencebasedpractice,mediationerrors,hospitalacquiredconditions(HAC),serioussafetyevents(SSE),andothers.
2 Strategic Risksassociatedwiththefocusanddirectionoftheorganization.Becausetherapidpaceofchangecancreateunpredictability,risks includedwithinthestrategicdomainareassociatedwithbrand,reputation,competition,failuretoadapttochangingtimes,health reformorcustomerpriorities.Managedcarerelationships/partnerships,conflictofinterest,marketingandsales,mediarelations, mergers,acquisitions,divestitures,jointventures,affiliationsandotherbusinessarrangements,contractadministration,and advertisingareotherareasgenerallyconsideredaspotentialstrategicrisks.
3 Financial Decisionsthataffectthefinancialsustainabilityoftheorganization,accesstocapitalorexternalfinancialratingsthroughbusiness relationshipsorthetimingandrecognitionofrevenueandexpensesmakeupthisdomain.Risksmightinclude:costsassociatedwith malpractice,litigation,andinsurance,capitalstructure,creditandinterestratefluctuations,foreignexchange,growthinprogramsand facilities,capitalequipment,corporatecompliance(fraud andabuse),accountsreceivable,daysofcashonhand,capitation
contracts,billingandcollection.
4 HumanCapital Thisdomainreferstotheorganization’sworkforce.Thisisanimportantissueintoday’stightlaborandeconomicmarkets.Included arerisksassociatedwithemployeeselection,retention,turnover,staffing,absenteeism,on-the-jobwork-relatedinjuries(workers’ compensation),workschedulesandfatigue,productivityandcompensation. Humancapitalassociatedrisksmaycoverrecruitment, retention,andterminationofmembersofthemedical-andallied-healthstaff.
6 Legal/Regulatory Riskwithinthisdomainincorporates thefailuretoidentify, manageandmonitorlegal,regulatory, andstatutorymandatesonalocal, stateandfederallevel.Suchrisksaregenerallyassociatedwithfraudandabuse,licensure,accreditation,productliability,
managementliability,CentersforMedicareandMedicaidServices(CMS)ConditionsofParticipation(CoPs)andConditionsfor Coverage(CfC),aswellasissuesrelatedtointellectualproperty.
6 Technology Thisdomaincoversmachines,hardware,equipment,devicesandtools,butcanalsoincludetechniques,systemsandmethodsof organization.Healthcarehasseenanexplosioninthe useoftechnologyforclinicaldiagnosisandtreatment,trainingandeducation, informationstorageandretrieval,andassetpreservation.ExamplesalsoincludeRiskManagementInformationSystems(RMIS), ElectronicHealthRecords(EHR)andMeaningful Use,socialnetworkingandcyberliability.
7 Hazard
SampleRiskList
Strategic / External Operational Human Capital Financial Legal & Compliance Technology Hazard • Competition
Afliation, Mergers& Acquisitions
Variabilityin Patient-Related Volume Research Grant /Funding Availability NewModels forCare Delivery Diminished Market Regulatory Change/ Healthcare Reform
Confictof Interest Decreased Capital Spending Hospital/ Physician Relationship
Availabilityof PublicData (HAI/HAC)
Business Management Discipline/Cost Management Equipment Maintenance Failureto Identify& FollowEBM Facility Maintenance
TimelyAccess toCare
FailuretoRefer
Failureto Diagnosis Clinical Continuity Insufcient Discharge Planning Inconsistent Clinical Competency Hiring& Retention Organizational Structure, Alignment& Direction Succession Planning Unionization Turnover Recruitment Aging Workforce Disruptive Behavior FlexStafng Workers’ Compensation Physician Shortage
Arjaty
Credit/ Collections Financial Performance Billing Accuracy /Compliance
PayerMix/ Reimburseme nts
Pension/ Retirement Obligations
Philanthropy/ Fundraising/ Capital
Campaign
FailuretoMeet Margin Uncompensat edCare Accessto Capital Contract Management Revenue Enhancement
Daud/Esa
Unggu
Confictsof Interest Fraud,Theft and Embezzlement Governance, Complianceand Oversight ACO HIPAAPrivacy &Security HealthReform Employment Practicesl
2016
Multiple Vendors Social Networking Information BreachBarCoding
HybridEMR
IT
Infrastructure &Security
PaucityofIT Professionals
FailuretoActin aTimely Manner Incompatible Programs Natural Disaster FailuretoPlan FailuretoAct Timely
Inabilityto ManageaCrisis
Enterprise
Risk
Management
Operational
Human
Capital
Financia
l
Legal/
Regulatory
ASHRM
Handbook
Technolog
y
Assessment
Model
Technology
28
Arjaty
Daud/Esa
Unggul
2016
Financial
PATIENT
/
ORGANIZATION
Operational
Human
Capital
Legal/Regulatory
Enterprise
Risk
Management
Assessment
Areas
To
Assess:
Operational
Arjaty
Daud/Esa
Unggul
2016
29
Quality
initiatives
(Data
Indikator)
Adverse
event
management
(Data
IKP)
Board
governance
Credentialing
and
staffing
–
Initial
appointment
Areas
To
Assess:
A
Board
’
s Legal
Risks
Arjaty
Daud/Esa
Unggul
2016
30
Duty
to
supervise/
manage
Select
competent
physicians
Conflict
of
interests
Provide
adequate
facilities
and
equipment
Provide
adequate
insurance
Provide
satisfactory
patient
care
Select
competent
administrator
Require
competitive
bidding
Provide
safe
environment
Regulatory
and
Areas
To
Assess:
Operational
Arjaty
Daud/Esa
Unggul
2016
31
General
Liability
Assessment
Topics
–
Safety
program
–
Security
program
–
Facility
management
Parking
(lighting,
location,
security)
Areas
To
Assess:
Operational
Arjaty
Daud/Esa
Unggul
2016
32
●
Clinical
–
Patient
communication
–
Patient
care
records
–
Confidentiality
–
Informed
decision
making
–
Telephone
protocols
–
Tracking
diagnostic
information
–
Primary
care
screening
and
monitoring
–
Supervision
–
Patient
satisfaction/complaints
–
Coverage
issues
–
Infection
control
–
Medication
safety
–
Emergency
response
Areas
To
Assess:
Financial
Arjaty
Daud/Esa
Unggul
2016
33
Risk
Financing
Treatments
–
Insurance
–
Self-insurance
Ability
to
raise
capital
Reimbursement
Areas
To
Assess:
Financial
Arjaty
Daud/Esa
Unggul
2016
34
Contract Administration
–
Scope of service and method of payment /
ruanglingkup
layanan
dan
metode
pembayaran
–
Professional services provided
/
layanan
profesional
–
Quality expectations
/
ekspektasi
mutu
–
Contractual terms
–
Termination provisions
–
Risk-sharing agreements
–
Apparent agency liability
–
Hold harmless and indemnity agreements
Areas
To
Assess:
Human
Capital
Arjaty
Daud/Esa
Unggul
2016
35
Employment
Practices/
Human
Resources
Topics
–
Workers
’
compensation
–
Harassment
–
Negligent
firing
–
Discrimination
–
Testing
–
Background
checks
–
Grievance
procedures
Areas
To
Assess:
Human
Capital
Arjaty
Daud/Esa
Unggul
2016
36
Employment
Practices/Human
Resources
Topics
–
Education
orientation
continuing
education
CPR
–
Employee
health
exposures
–
Employee
assistance
programs
(EAPs)
–
Benefits
Areas
To
Assess:
Human
Capital
Arjaty
Daud/Esa
Unggul
2016
36
Environmental
issues
related
to
employees
–
Safety
–
Security
–
Occupational
hazards
Areas
To
Assess:
Strategic
Arjaty
Daud/Esa
Unggul
2016
Strategic
plan
and
mission
–
Immediate
goals
vs.
long
range
goals
Business
ventures
–
Mergers
–
Acquisitions
and
divestitures
–
Joint
ventures
Competition
’
s
status
Advertising
liability
Reputational
risks
–
Patient
and
community
relations
–
Media
relations
Areas
To
Assess:
Strategic
Arjaty
Daud/Esa
Unggul
2016
39
New
Projects
and
Services
Topics
–
䇾
Fit
䇾
with
existing
organization
structure
–
Identification
of
insurance
needs
–
Staff
requirements
–
Contract
needs
–
Competitive
impacts
–
Process
development
Policies/procedures
Areas
To
Assess:
Strategic
Arjaty
Daud/Esa
Unggul
2016
40
Construction/Renovation
–
Licenses/permits
–
Contracts
–
Disruption
of
services
–
Hazards
Air
quality
Interim
and
design
safety
–
Communication
issues
Areas
To
Assess:
Legal
and
Regulatory
Arjaty
Daud/Esa
Unggul
2016
40
Statutes,
standards
and
regulations
–
Federal,
state
and
local
impacts
Licensure
Areas
To
Assess:
Legal
and
Regulatory
Corporate
Compliance
Program/Interface
–
Identification
of
related
compliance
factors
/
identifikasi
faktor
terkait
kepatuhan
–
Compliance
assessment
results
/
hasil
asesmen
kepatuhan
–
Program
components
-
education,
reporting,
data
maintenance,
review,
monitoring
–
Relatio
A
n
rjat
s
y
D
h
au
i
d
p
/E
s
sa
Unggul
2016
Areas
To
Assess:
Technology
Arjaty
Daud/Esa
Unggul
2016
43
Information
systems
Telemedicine
Equipment
Areas
To
Assess
Arjaty
Daud/Esa
Unggul
2016
44
Setting
priorities
for
program
development
/
Buat
prioritas
untuk
pengembangan
program
–
Utilize
information
from
external
and
internal
assessment
sources
/
gunakan
informasi
dari
sumber
ekstrenal
&
internal
–
Goals
should
be:
Flexible
Short
and
long
term
–
Priorities
should
be: