Effective Enterprise Risk Management in Healthcare

Risk management and identification is one of those tasks that makes many folks cringe and run for the hills. It’s a concept that is often time hard to explain to those not working in security, privacy, or compliance. Risk identification (through risk assessments or other avenues), risk scoring, risk tracking and remediation for many organizations can seem like an insurmountable task. Many organizations don’t even know where to begin, much less how to operationalize and communicate risks holistically. A successful risk management program requires a strong foundation with these five pillars: cohesive strategy, selection of framework(s), cross-department collaboration, effective communication, and ownership and accountability. Once these pillars are in place operationalization comes down to effective execution and project management skills. Once these pillars are built, you can continue to build more complex structures on top of your robust risk management program. This presentation outlines these pillars and how healthcare organizations can effectively build an enterprise risk management program.