“Advancing care for patients with neuro-musculoskeletal disease and disability through research, teaching and excellence in clinical practice. And to be endorsed by others as a world class leader in this field.”

RISK MANAGEMENT STRATEGY

The following information is made available to all stakeholders in the Royal National Orthopaedic Hospital N.H.S. Trust and accurately reflects the Trust’s commitment to properly managing and minimising risks to all those involved in the receipt, provision and delivery of it’s services.

Signed ………………………………………Chief Executive

Date………………………………………….Review Date…………………………

Approved: April 2009

1

DOCUMENT CONTROL SUMMARY

Title / Risk Management Strategy
Purpose Of Document / To provide guidance as to how risks are managed throughout the Trust in line with statutory, mandatory and best / good practice requirements. The aim of the strategy is to make the effective management of risk an integral part of everyday management practice.
Reference / K: Corporate / Policies / Health And Safety
Version / 6.0
Date / March 2009
Author / Michelle Nolan – Risk Manager
Approved By / Risk Management Committee
21st April 2009
Trust Board
April 2009
Review Date / April 2010

1

CONTENTS

PAGE

  1. Introduction9
  1. Background9
  1. Distribution Of The Policy11
  1. Policy Statement12
  1. Definitions13

5.1Risk Management13

5.2Hazard13

5.3Risk13

5.4Danger13

5.5Strategic Risk13

5.6Clinical Risk13

5.7Non-Clinical Risk14

5.8Financial Risk14

5.9Principal Risks14

5.10Acceptable Risk14

5.11Tolerable Risk14

5.12Significant Risk15

5.13Residual Risk15

6. Strategic Objectives15

6.1Internal Audit Strategy and Periodic Plan15

6.2External Audit Strategy and Periodic Plan 16

6.2.1Auditors Local Evaluations (ALE)17

6.3Audit Plan – Miscellaneous Agencies (HSE, LFEPA, 17

MHRA, NHSLA etc)

6.4Risk Management Plan17

PAGE

6.5Local Risk Management Plans18

6.6Assurance Framework19

6.7Risk Register19

6.7.1Role of Risk Manager19

6.7.2Information Sources20

6.7.3Reporting Arrangements21

6.7.3.1Trust Board21

6.7.3.2Risk Management Committee21

6.7.3.3Audit Committee21

6.7.3.4Executive Team21

7. Responsibilities of Chief Executive21

8. Responsibilities of Executive Directors22

8.1Director of Human Resources & Corporate Affairs22

8.2Director of Nursing22

8.3Director of Finance22

8.4Communication Links Between The Executive

Directors with Delegated Responsibility22

8.5Objective Setting Process23

  1. Responsibilities Of All Levels Of Management 23

And Their Authority

9.1 Responsibilities of All Executive Directors23

9.1.1Authority24

9.2Responsibilities Of General Managers 25

9.2.1 Authority 25

9.3Role Of Risk Officer (Link Person Within Each 25

Ward / Department)

PAGE

9.3.1 Authority 26

9.4 Ward / Departmental Managers26

9.4.1 Authority 27

9.5Responsibilities Of All Staff27

9.6 Responsibilities Of Contractors And Agency Staff27

9.7 Responsibilities Of The Risk Manager / 27

Clinical Risk Manager

9.7.1 Authority 28

9.8Key Individuals28

9.9Responsibility For Identifying New Legislation And 29 Guidance

10. Risk Management Organisational Structure30

10.1Risk Management Committee – Purpose30

10.1.1Risk Management Committee - Terms of Reference30

10.1.1.1Establishment of Risk Management Committee30

10.1.1.2Authority and Accountability30

10.1.1.3Duties31

10.1.1.4Frequency of Meetings32

10.1.1.5Quorum32

10.1.1.6Reporting Arrangements into the Board From 32

Sub-Committees

10.1.1.7Required Frequency of Attendance by Members32

10.1.1.8Process For Monitoring The Effectiveness Of All Of 33

The Above

10.1.1.9Review33

10.1.2Reporting To the Board33

PAGE

10.2 Clinical Governance Committee – Terms Of

Reference 33

10.2.1Purpose33

10.2.2Establishment of the Clinical Governance Committee34

10.2.3Authority and Accountability34

10.2.4Duties34

10.2.5Frequency of Meetings36

10.2.6Quorum36

10.2.7Reporting Arrangements into the Board From36

Sub-Committees

10.2.8Required Frequency of Attendance by Members37

10.2.9Process for Monitoring the Effectiveness of All 37

Of The Above

10.2.10Review37

10.3Performance Committee – Purpose 37

10.4Audit Committee – Purpose38

10.4.1Establishment and Constitution of the Committee38

10.4.2Membership39

10.4.3Attendance39

10.4.4Frequency39

10.4.5Authority39

10.4.6Duties39

10.4.6.1Governance, Risk Management and Internal Control39

10.4.6.2Internal Audit40

10.4.6.3External Audit41

10.4.6.4Other Assurance Functions41

PAGE

10.4.7Management42

10.4.8Financial Reporting42

10.4.9Reporting42

10.4.10Compliance With Standing Orders, Standing

Financial Instructions and Schemes of Delegation42

10.4.11Annual Review Of Self Assessment43

10.4.12Administration43

10.4.13Review43

10.5Health And Safety Committee43

10.5.1Purpose43

10.5.2Establishment of Health and Safety Committee43

10.5.3Authority and Accountability43

10.5.4Duties44

10.5.5Frequency Of Meetings44

10.5.6Quorum44

10.5.7Reporting Arrangements Into The Committee From 44

Sub-Committees

10.5.8Required Frequency Of Attendance By Members44

10.5.9Process For Monitoring The Effectiveness Of The 44

Above

10.6Employee Involvement in Risk Management45

10.7Partnerships46

11. Reporting Arrangements and Communication 46

12. Risk Identification Process – Tools and Techniques46

12.1Stage One – Risk Identification51

12.2Stage Two – Risk Evaluation51

12.3Stage Three – Risk Control51

PAGE

  1. Resources For Managing Risk52

14.Performance Monitoring and Key Performance Indicators 53

In Relation To Risk

15. Training Arrangements 54

16. Strategy Review Arrangements54

17. Appendices55

TABLES

Table OneReports Sent By The Risk Management Committee31 To Trust Board

Table TwoReports Sent From Clinical Governance Committee34

Table ThreeReports Sent To Clinical Governance Committee36

From Sub-Committees

Table FourRisk Classification Matrix52

1

RISK MANAGEMENT STRATEGY AND INFORMATION STATEMENT

1.INTRODUCTION

The Royal National Orthopaedic Hospital NHS Trust (RNOH), is a world renowned specialist hospital for the diagnosis and treatment of neuro-musculoskeletal conditions. This ranges from the most acute spinal injury, bone tumour and complex joint reconstruction to orthopaedic medicine and specialist rehabilitation for chronic back pain suffers. This broad range of neuro-musculoskeletal services is unique within the NHS.

The overall aim of the RNOH is to be:

‘The specialist orthopaedic hospital of choice by providing outstanding patient care, research and education through our staff’

The Trust’s patients benefit from a team of highly specialist consultants, many of whom are nationally and internationally recognised for their expertise and experience. Consultants are supported in their work by nurses, allied health professionals and other specialist clinical staff who are trained and expert in neuro-musculoskeletal care.

Today the RNOH currently remains on two sites which are:

  • the main hospital campus at Stanmore in North London, which is situated within the London Borough of Harrow. It includes diagnostic and outpatient facilities and 217 in-patient beds.
  • an outpatient facility at Bolsover Street in Central London.

The RNOH is now one of five specialist orthopaedic centres in the United Kingdom. It provides a range of local, regional, national, and international services to both adults and children for a variety of neuro-musculoskeletal conditions.

The hospital continues to play a major role in teaching with one in five orthopaedic surgeons in the UK training at the hospital, and continues the tradition of leading edge research and development through the Institute Of Orthopaedics and Musculo-skeletal Science.

2.BACKGROUND

This strategy is issued in accordance with the requirements of the Health And Safety At Work etc Act 1974, Management Of Health And Safety At Work Regulations (1999), the N.H.S. Controls Assurance Standards (1999), Standards For Better Health (2004) and the NSHLA risk management standards. The statement describes how the Royal National Orthopaedic Hospital N.H.S. Trust discharges its duties under the Act. The Trust Board will monitor the effectiveness of the policy at regular intervals and will revise and amend it whenever appropriate.

The Act places a duty on every employer, to promote health, safety and welfare at work and provide the necessary information, training and supervision of staff. It also places a duty on every employee to take reasonable care of the health and safety of themselves and other persons who may be affected by their actions.

The Trust Board has a duty to ensure that all persons using its premises are protected from all foreseeable hazards/risks in so far as they may be affected by the activities of the Royal National Orthopaedic Hospital N.H.S Trust.

The Trust Board is committed to ensuring that risks are managed appropriately in line with statutory, mandatory and best or good practice requirements. The aim of the risk management programme is to make the effective management of risk an integral part of everyday management practice. This can be achieved if there is a comprehensive and cohesive risk management system in place, underpinned by clear accountability

arrangements throughout the management organisational structure. The Trust takes a holistic approach to risk management incorporating both clinical and non-clinical risk.

Appendix One outlines the operational structure for managing risk within the Trust.

The Risk Management Strategy has been developed having consulted and considered the organisations strategic context, its goals, its objectives and the nature of its business. To ensure that these areas are always reflected within the strategy, this document will be reviewed by the Board on an annual basis. The risk management strategy will be integrated into the achievement of the Trust’s business objectives and will in turn support the organisations strategic plan. The aims and objectives are developed with consideration of the assurance framework and the corporate risk register which reflect all risks, as well as those identified through the requirements of internal and external agendas such as those listed below; -

  • National Plan
  • HR Strategy
  • Modernisation Agenda
  • Health Improvement Programmes
  • Health Action Zones
  • Capital Programme
  • NHSLA Risk Management Standards
  • Standards For Better Health / Annual Health Check

The Risk Management Strategy should be used in conjunction with other corporate policies and procedures such as those listed below. It should be noted that this list is not exhaustive so reference should be made to the corporate policy folders (a copy of which is held in each ward / department as well as on the K drive)

DocumentLocation

Local Risk Management Handbook.In each ward / department.

A Guide to Conducting a Risk Assessment.Red health and safety policy

Information / Resource Packfolder and K drive.

Incident Reporting Policy.Blue clinical policy folder

And K drives.

Root Cause Analysis.Red health and safety policy

Folder and K drive.

Safer Moving and Handling Policy.Red health and safety policy

Folder and K drive.

Major Incident Policy.Clinical policy folder and

K drive.

Infection Control Policy.Infection control policy folder and K drive

C.O.S.H.H. Control of SubstancesRed health and safety policy

Hazardous To Health.Folder and K drive.

DSE – Display Screen Equipment Policy.Red health and safety policy

Folder and K drive.

Security Management Policy.Red health and safety policy

Folder and K drive.

Fire Safety Policy.Red health and safety policy folder and K drive.

3.DISTRIBUTION OF POLICY

The Risk Management Policy and strategy is available to all staff and to the public.

Staff have access to the policy through the following means; -

  • each member of staff receives a brief summary of the policy, with specific referral to the full document, during their week long corporate induction. These sessions are run once a month. (The corporate induction programme is one day)
  • each ward/department has their own copy of the complete policy. This will be found in the red health and safety policy folder
  • all policies are accessible through the K drive. The Risk Management Strategy can be located through, K:Corporate/Policies/Health And Safety/Risk Management Strategy
  • additional copies are available from the Risk Management Department
  • members of the public have access to the Risk Management Strategy through the Community Health Council
  • reference is made to the policy within the Trust’s Annual Report
  • the Trust’s website

4.POLICY STATEMENT

The Trust Board accepts its responsibilities imposed under the Health and Safety At Work Act 1974 and the standards set within the Standards For Better Health (2004), as well as recommendations made by external agencies such as the NHS Litigation Authority, Health And Safety Executive (HSE) and London Fire And Emergency Planning Authority (LFEPA). The Trust will ensure, so far as is reasonably practicable, the health, safety and welfare at work of its employees, and the health and safety of other persons using health service premises within the Royal National Orthopaedic Hospital N.H.S. Trust.

The Trust Board believes their obligations under the Act include the following;

  • ensuring that management at all levels fulfils its obligation for health and safety in the area under its control
  • providing managers with support and resources where practicable to fulfil their respective duties
  • establishing a safe and healthy workplace in accordance with relevant legislation, codes of practice, manufacturers instructions or any other approved standards of knowledge
  • providing and maintaining safe plant and equipment for use at work
  • establishing and maintaining procedures for safe systems of work and making available all necessary safety devices, including adequate and suitable protective clothing
  • making arrangements to monitor the health of all its employees
  • providing suitable information and training to persons at all levels in the organisation, including youth training scheme trainees, and staff from agencies, contractors and other organisations
  • providing for safe use, handling, storage and transport of equipment, substances and persons
  • ensuring safe access to and egress from the workplace and formulating effective procedures and plans for the evacuation of buildings in the event of emergencies

5.DEFINITIONS

5.1Risk Management

Aims to reduce the adverse effects of risk that may result in loss to the Trust. The risk management process involves; -

  • identifying hazards (What are they? How many?)
  • evaluating risk (How much danger? How soon? How often? Who is exposed?)
  • controlling risk (What methods? To what benefit?)
  • monitoring controls (How do they stand up? What changes are required?)

5.2Hazard

The potential to cause harm.

5.3Risk

The likelihood of the potential being realised.

5.4Danger

The power to do harm.

5.5Strategic risk

Those risks, which have the ability to affect the development, implementation and control of agreed strategies.

5.6Clinical risk

Those risks, which have the ability to affect patient care and may cause harm to the patient. This covers anything related to the diagnosis, treatment and outcome of each patient. Psychological harm or distress is also included. The following are some examples of clinical risks; -

  • Is the drug given to the patient correct and administered via the correct route and at the correct time ?
  • Are medical notes and x-rays available when required?
  • Is the patient’s treatment appropriate and timely?
  • Is communication of clinical issues with colleagues effective?

5.7Non-clinical risk

Those risks, which do not have the ability to directly affect patient care or harm the patient, but have the ability to affect others on site such as visitors, contractors and staff. This includes fire, security, environmental and health and safety issues.

5.8Financial risk

Those risks which have the ability to affect the financial well-being of the Trust.

5.9Principal risks

Those risks that threaten the achievement of the organisations principal objectives.

5.10Acceptable risk

The Trust is committed to reducing risks, both clinical and non-clinical, but what is acceptable risk? The Health And Safety Executive (1988) has suggested the following definitions; -

“the risk although present, is generally regarded by those who are exposed to it as not worth worrying about.”

The Trust classifies risks according to a risk classification matrix, which allocates a colour to indicate the level of risk associated with a hazard (green = very low, yellow = low, orange = medium, red = high) – refer to Appendix Two. The level of risk is calculated by staff who have received formal training from the Risk Manager and who have been deemed “competent”.

The Trust considers a risk to be acceptable when there are adequate control measures in place and the risk has been managed as far as is considered reasonably practicable. Risks falling in the green “very low” risk category are considered “acceptable” although the Trust will still need to take action on these risks where the assessment has identified that risks can be easily minimised. Risks are considered in relation to all – staff, patients and public.

5.11Tolerable risk

“a risk, that society is prepared to live with in order to have certain benefits and in the confidence that the risk is being properly controlled.”

The RNOH regards tolerable risks as those falling within the yellow “low” risk category. (Refer to risk classification matrix – appendix two) Risks are considered in relation to all – staff, patients and public.

5.12Significant risk

“a risk, that requires action in the short to mid term to reduce the likelihood of harm.”

The Trust uses it’s risk classification matrix to categorise risk ratings. (Refer to appendix two)

The Trust regards risk which fall into the orange “medium” category as significant.

Risk that are categorised as red, “high” are unacceptable. Therefore, the activity must be stopped immediately until the risk is substantially lower.

Risks are considered in relation to all – staff, patients and public.

All significant risks must be notified to the Clinical / Risk Manager immediately.

5.13Residual risk

The risk remaining following treatment.

6. STRATEGIC OBJECTIVES

6.1 Internal Audit Strategy and Periodic Plan

The purpose of internal audit is to provide the Board, through the Audit Committee, with an independent and objective opinion on risk management, control and governance and their effectiveness in achieving the organisation’s agreed objectives. This opinion forms part of the framework of assurances that the Board receives and should be used to help inform the annual Statement on Internal Control. Internal Audit also has an independent and objective consultancy role to help line managers improve risk management, governance and control.

The plan has been updated following a review of the Board Assurance Framework and is to be discussed with the Executive Management team. This takes into account concerns identified by the Audit Committee as well as changes in the organisation’s risk profile.

In 2008/2009 internal audit undertook a review of the organisation’s risk maturity and concluded that Royal national Orthopaedic Hospital NHS Trust is a risk defined organisation. Following further work at the PCT, the Assurance Framework has been updated and further developed and internal audit have therefore used this as the basis to inform the update of the internal audit strategy (see the Risk Maturity Matrix at Appendix Three). To enhance this process internal audit also plan to meet with the Executive Team during 2009 to ensure management concerns are suitably considered and have also considered wider risks facing the Acute sector within the NHS in 2009/10 and beyond. If the Trust is successful with its application to become a Foundation Trust internal audit shall review the internal audit plan to take account of the additional requirements of Monitor.

In developing the plan for 2009/10 internal have considered the needs of the Trust and any changes to priorities over the previous twelve months. For this reason internal audit have proposed carrying out an audit of Performance Management and have therefore removed the proposed review on Absence Management.

Appendix Three details the risk maturity matrix and the strategy for internal audit 2009 / 10 – 2012 – 13.

6.2 External Audit Strategy and Periodic Plan

Appendix Four details the Audit and Inspection Plan to be undertaken during 2009/10 by external audit.