Risk Assessments - Definition and Requirement For Conducting
When would The Joint Commission expect a risk assessment be performed ?
Any examples are for illustrative purposes only.
A proactive risk assessment^ is required when explicitly noted in the language of the element of performance. A risk assessment would be highly encouraged when a process is problematic or there is no prescriptive guidance in the language of the EP or law and regulation. Additionally, organizations are to assess for risk whenever there is a process vulnerability or high risk procedure that could result in a poor outcome. For example, environmental ligature points, infection prevention/control, elopement, etc. While failing to complete a risk assessment may not result in a recommendation for improvement (RFI), conducting a risk assessment cannot be used to supersede requirements listed in the accreditation requirements or what is required by law and regulation.
Some Hospital manual examples:
EC.02.06.01 EP 2 states "When planning for demolition, construction, or renovation, the hospital conducts a preconstruction risk assessment for air quality requirements, infection control, utility requirements, noise, vibration, and other hazards that affect care, treatment, and services."
LD.03.09.01 EP 7 states "At least every 18 months, the hospital selects one high-risk process and conducts a proactive risk assessment."
Some Behavioral Health Care manual examples:
EC.02.01.01 EP 1. The organization implements its process to identify safety and security risks associated with the environment of care that could affect individuals served, staff, and other people coming to the organization'
s facilities.
Note: Risks are identified from internal sources such as ongoing monitoring of the environment, results of root cause analyses, results of proactive risk assessments of high-risk processes, and from credible external sources such as Sentinel Event Alerts.
To improve safety, the organization analyzes and uses information about system or process failures and, when conducted, the results of proactive risk assessments. (See also LD.03.08.01)
The introductory section of the Leadership (LD) chapter provides an example of a pro-active risk assessment model that an organization may use. However, this specific approach is not mandated as there are other risk assessment tools available that may better meet the needs of the organization. Other examples may include a root cause analysis, failure mode and effect analysis, plan/do/check/act process, etc., or combinations and variations of such tools.
^A risk assessment is defined as "An assessment that examines a process in detail including sequencing of events, actual and potential risks, and failure or points of vulnerability and that prioritizes, through a logical process, areas for improvement based on the actual or potential impact (that is, criticality) of care, treatment, or services provided."
A proactive risk assessment^ is required when explicitly noted in the language of the element of performance. A risk assessment would be highly encouraged when a process is problematic or there is no prescriptive guidance in the language of the EP or law and regulation. Additionally, organizations are to assess for risk whenever there is a process vulnerability or high risk procedure that could result in a poor outcome. For example, environmental ligature points, infection prevention/control, elopement, etc. While failing to complete a risk assessment may not result in a recommendation for improvement (RFI), conducting a risk assessment cannot be used to supersede requirements listed in the accreditation requirements or what is required by law and regulation.
Some Hospital manual examples:
EC.02.06.01 EP 2 states "When planning for demolition, construction, or renovation, the hospital conducts a preconstruction risk assessment for air quality requirements, infection control, utility requirements, noise, vibration, and other hazards that affect care, treatment, and services."
LD.03.09.01 EP 7 states "At least every 18 months, the hospital selects one high-risk process and conducts a proactive risk assessment."
Some Behavioral Health Care manual examples:
EC.02.01.01 EP 1. The organization implements its process to identify safety and security risks associated with the environment of care that could affect individuals served, staff, and other people coming to the organization'
s facilities.
Note: Risks are identified from internal sources such as ongoing monitoring of the environment, results of root cause analyses, results of proactive risk assessments of high-risk processes, and from credible external sources such as Sentinel Event Alerts.
To improve safety, the organization analyzes and uses information about system or process failures and, when conducted, the results of proactive risk assessments. (See also LD.03.08.01)
The introductory section of the Leadership (LD) chapter provides an example of a pro-active risk assessment model that an organization may use. However, this specific approach is not mandated as there are other risk assessment tools available that may better meet the needs of the organization. Other examples may include a root cause analysis, failure mode and effect analysis, plan/do/check/act process, etc., or combinations and variations of such tools.
^A risk assessment is defined as "An assessment that examines a process in detail including sequencing of events, actual and potential risks, and failure or points of vulnerability and that prioritizes, through a logical process, areas for improvement based on the actual or potential impact (that is, criticality) of care, treatment, or services provided."
Manual:
Hospital and Hospital Clinics
Chapter:
Leadership LD
First published date: November 08, 2018
This Standards FAQ was first published on this date.
This page was last updated on October 21, 2021