IP Stakeholders Series: Risk Management


The relationship between the infection prevention and risk management departments at a hospital is a crucial one, and it provides the foundation upon which patient safety and quality improvement efforts can be built.

By Kelly M. Pyrek

The relationship between the infection prevention and risk management departments at a hospital is a crucial one, and it provides the foundation upon which patient safety and quality improvement efforts can be built.

James Davis IV, MSN, RN, CCRN, CIC, HEM, infection prevention analyst for patient safety at ECRI Institute, acknowledges the ongoing threat that healthcare-associated infections (HAIs) pose to patients. "We all know the impact infections cause, the numbers published by the Centers for Disease Control and Prevention (CDC) are real, and I would bet the majority of readers know of a friend or family member that has had an HAI. The prevention of HAIs are a main indicator of safe and quality performance. HAI prevention receives attention from all accrediting and a majority of regulatory bodies."

With numerous compelling and competing interests in front of them, HAIs may or may not be top of mind for healthcare risk managers as part of their risk-management strategies. "In my acute-care experience it would depend on the reporting structure of the institution," Davis explains. "Some infection prevention and control departments have directors and function as their own department, some report to risk management departments. If you report to a risk management department then HAIs are a top priority for risk management. If your department is a stand-alone, then you are responsible and of course HAIs be at the top. Infection preventionists are risk managers, we are just managing a very specific type of risk."

Technology, an intrinsic part of healthcare devices and the delivery of patient care, poses a particular challenge from a risk management perspective, according to experts who convened at a recent AAMI/FDA Risk Management Summit. The Association for the Advancement of Medical Instrumentation (AAMI), offered a number of clarion themes coming out of the summit, including:
- Recognize that everyone in healthcare is a risk manager. Risk management specialists are necessary, but not sufficient, for identifying and mitigating risks associated with healthcare technology. Everyone who designs, develops, produces, markets, implements, uses, monitors, and services healthcare technology has a role to play in risk management. “If you see something, say something” should be the guiding mantra.
- Develop shared understandings of the risks-and benefits-of healthcare technology. Different stakeholders, including regulators, manufacturers, healthcare delivery organizations (HDOs), clinicians, safety experts, quality and risk managers, healthcare technology managers, information technology professionals and patients, have decidedly different understandings of even the most basic risks of healthcare technology. Given their shared stake in the safety and effectiveness of this technology, it is time to gain consensus on the meaning of fundamental principles and terminology of risk. At the same time, factoring in the benefits of healthcare technology in risk equations is important.
- Adapt systems engineering principles, practices, and tools for risk management. Other high-risk industries, such as the aerospace and nuclear power industries, are far ahead of healthcare in managing risk. Although these industries differ substantively from healthcare-and have had some colossal failures-their tried-and-true use of systems engineering to manage risk should be adapted to strengthen both the mindset of risk management and the multidisciplinary collaboration required to identify and mitigate the risks associated with healthcare technology.
- Engage in a total life cycle approach to risk management of healthcare technology, which is required for effectively managing risk. Too often, risk management is practiced as a discrete activity that occurs at a fixed point in the life cycle of healthcare technology, typically for manufacturers to meet regulatory approval or clearance processes or for HDOs to configure implementations. Instead, a more progressive approach is actively managing risk throughout the full life cycle of healthcare technology. Leading practitioners are already doing that- and realizing value in terms of patient safety, innovation, and cost.
- Create new practical tools to continue advancing the field of risk management for healthcare technology. For the medical device industry, risk management is a discipline that has a harmonized consensus process in ANSI/AAMI/ISO 14971. Industry lacks a universal understanding of this process at all necessary levels and sufficient guidance to make efficient use of this standard. Industry and other stakeholders lack a set of robust tools designed specifically for healthcare technology practitioners. Embedding effective risk management into the everyday practices of diverse stakeholders requires practical tools crafted as “risk management for newbies.”

ECRI Institute continues to document the continuing and emerging threats to patient safety, and in its 2016 list of Top 10 Patient Safety Concerns for Healthcare Organizations, it cited inadequate cleaning and disinfection of flexible endoscopes as its No. 4 threat, noting, "A series of deaths due to carbapenem-resistant Enterobacteriaceae (CRE) infections has highlighted the importance of effectively cleaning and disinfecting flexible endoscopes-a problem that has been on ECRI Institute’s radar for years. To be clinically effective, endoscopes-particularly duodenoscopes-have become complex and intricate. But that intricacy can hinder cleaning.

“These scopes have been designed to do a special job in the hands of the physician, but they haven’t necessarily been designed to be easily cleaned and disinfected,” says Davis. He adds that organizations should follow recommended steps to address risks related to duodenoscopes, remain alert for recalls, and review reprocessing procedures for all endoscopes.

Inadequate cleaning of complex reusable instruments came in at No. 2 on ECRI's Top 10 Health Technology Hazards for 2017. As the report states, "The use of contaminated medical instruments can lead to disabling or deadly patient infections or instrument malfunctions. Outbreaks associated with the use of contaminated duodenoscopes-such as those that caused headlines in recent years-illustrate the severity of this issue. But duodenoscopes are not the only devices that warrant attention. ECRI Institute has received reports involving a variety of contaminated medical instruments that have been used, or almost used, on patients. Complex, reusable instruments-such as endoscopes, cannulated drills, and arthroscopic shavers-are of particular concern. They can be difficult to clean and then disinfect or sterilize (i.e., reprocess) between uses, and the presence of any lingering contamination on, or in, the instrument can be difficult to detect. Often, we find that inattention to the cleaning steps within the reprocessing protocol is a contributing factor. Healthcare facilities should verify that comprehensive reprocessing instructions are available to staff and that all steps are consistently followed, including pre-cleaning of the device at the point of use."

As Davis comments, "I think some emerging trends are a continuance, as we know once potential harm is identified, risk must be continually assessed and mitigated. Some of the emerging threats are a product of system and device complexity as highlighted in ECRI documents."

At No. 10 on ECRI's 2017 list is failure to embrace a culture of safety. “Embracing a culture of safety is the foundation for mitigating any of the concerns on the Top 10 list,” says Mary Beth Mitchell, MSN, RN, CPHQ, CCM, SSBB, a patient safety analyst and consultant at ECRI Institute. In fact, she says, “if the organization does not embrace a culture of safety, it will be difficult to address any of the issues that the organization may face.”

As the ECRI report notes, "Healthcare organizations must have a culture of safety that both spans the entire organization and permeates each department. Additionally, leaders’ commitment to a culture of safety has to be sincere, visible, and backed with resources. “No matter how much an employee wants to embrace this, if leadership doesn’t embrace this, it’s not going to happen,” says Mitchell.

When hospitals craft their risk-management strategies, these be used to strengthen a safety of culture "by putting a face to the unfortunate event," Davis says. "Tell the story of the fall, the infection, the medication error. But very importantly these are not to be stories of blame or excuses, the stories should engage, not alienate. This activity should be conducted in a just culture environment. Also. make risk management efforts/goals part of individual performance goals from the bedside to the C-suite."

Davis offers some suggestions for how infection preventionists can partner with their hospital’s risk managers to boost the culture of safety overall:  "There are lessons both disciplines need to share," he says. "For example. Initiatives like Team Stepps (https://www.ahrq.gov/teamstepps/index.html) can have a risk management flavor, and still incorporate infection control lessons and examples into the program. Whether it be a fall or an infection, risk managers and infection preventionists have many of the same professional attributes, the category of the event is different. Overall the culture of safety can be boosted by sharing approaches and techniques between both professions."


Association for the Advancement of Medical Instrumentation (AAMI). Making Risk Management Everybody’s Business: Priority Issues from the 2015 AAMI/FDA Risk Management Summit. 2015.

ECRI Institute. Top 10 Patient Safety Concerns for Healthcare Organizations. April 2016.

ECRI Institute. Top 10 Health Technology Hazards for 2017. November 2016.

The IP Stakeholders Series: 

To access  the first installment of this series on the partnership between IPs and the C-suite, CLICK HERE.

To access  the second installment of this series on the partnership between IPs and biomedical/healthcare technology, CLICK HERE.

To access  the third installment of this series on the partnership between IPs and patient safety managers, CLICK HERE.

Related Videos
Infection Control Today and Contagion are collaborating for Rare Disease Month.
Rare Disease Month: An Infection Control Today® and Contagion® collaboration.
Vaccine conspiracy theory vector illustration word cloud  (Adobe Stock 460719898 by Colored Lights)
Rare Disease Month: An Infection Control Today® and Contagion® collaboration.
Infection Control Today Topic of the Month: Mental Health
Infection Control Today's topic of the month: Mental Health
Infection Control Today Topic of the Month: Mental Health
Lucy S. Witt, MD, investigates hospital bed's role in C difficile transmission, emphasizing room interactions and infection prevention
Infection Control Today Topic of the Month: Mental Health
Related Content