Skip to content

Blog Posts

Staying aware 365 days a year: Clinical risk recording, reporting and monitoring

The main driver behind clinical risk recording, reporting and monitoring is best represented by the Peter Drucker quote, “If you can’t measure it, you can’t improve it.” More simply put: to measure something, one must first actively capture data and that data needs to be “the right data” to provide the insights you are looking for. Accordingly, ensuring the continuous improvement of a robust and meaningful clinical risk management process starts with a robust data collection strategy.

As noted in the figure below, clinical risk recording, reporting and monitoring spans the entire clinical risk management process.

Figure 1: Allscripts Clinical Risk Management Process Flow

Robust recording

Any healthcare IT (HIT) organization likely has many sources of data that can be mined for insights into its products and services. One of the more critical sources is information from user support cases reporting difficulties with function (HIT Safety) or the proper use of an HIT product or service (Safe Use of HIT). A key requirement is to gather the appropriate data needed to facilitate the proper handling of the clinical risks referenced by user support cases. However, when recording this data, it is important to consider what information is needed to support meaningful reporting and monitoring of the clinical risk management process.

Reporting and monitoring

Reporting and monitoring can be viewed from two key contexts: specific identified clinical risks and the overall clinical risk management process.

Reporting for identified clinical risks

In this context, reporting should communicate to internal or external stakeholders the potential clinical risks, including information regarding the current state of an identified risk and its management plan.

Minimum key reporting factors are:
  • Ensure awareness of the possible hazards by all potentially impacted parties (especially users), including how to identify if the hazard is occurring or has already occurred.
  • Ensure awareness of all possible mitigation strategies (or workarounds) that users should consider prior to any more permanent control being available.
  • Provide information (including pertinent status updates) on plans to provide more permanent controls.
Reporting and monitoring for a robust clinical risk management process

Monitoring is checking, supervising, critically observing or determining the status of something to identify changes from the performance level required or expected. While monitoring is clearly needed for identified risks, monitoring is also critical for the success of the overall clinical risk management process. If done properly, monitoring of the overall clinical risk management process enables safety administrators to identify and address anomalies in two ways:


  • as trends across multiple items
  • as anomalies for an individual item managed within the process

Audits are also powerful monitoring tools. The traditional process audit (akin to ISO process audits), which are driven by skilled and independent quality auditors, is typically what most people think of when they consider audits. Process audits use the stated process requirements, interviews and validating records as their data collection to confirm compliance and identify gaps. The key classified as non-compliances, observations or recommendations for improvement.

The second type of audit is what I call an “Analytics Audit.” This important audit uses the data captured over an aggregated set (typically a time-based interval such as quarterly) to identify any anomalies across a wide sample of items (e.g., clinical risk items associated with client support cases). Analytics audits can identify trends and the relative impact of issues. The issues identified might be gaps with system processing (tool issues), user-handling issues or a combination of both. Analytics audits can also be used to help identify specific items that might benefit from a more thorough per-item assessment. The key output of any audit is the identification and management of Corrective Action Plans based on the findings.

Keeping the focus year-round—every year

During Patient Safety Awareness Week in March 2021, we published a series of blogs highlighting the key components of the Allscripts Patient Safety Program. The first blog in this series discussed clinical risk identification and analysis, which is the initial stage of the clinical risk assessment process. The series’ second blog discussed clinical risk evaluation, which is where clinical risks are evaluated (or scored) in a comprehensive structured manner—not only for the current risk, but also for any residual risk after proposed mitigations or controls.

Referring to the overall model in Figure 1, we can see how viewing clinical risk management as a system with highly interconnected parts is key to proper clinical risk management. As this series concludes, I hope you can walk away with a broader understanding of some of the more complex components in the overall approach Allscripts takes to manage clinical risk and improve the safety and safe use of our healthcare IT products and services.

Add a Comment

Scroll To Top