Trust Board in Public
March 2010 Agenda Item 10.3
Item:
Risk Management Policy
Synopsis:
The Trust Board is requested to approve the move to APPROVE this Risk Management Policy as its strategy for managing risk within the Trust. This Risk Management Policy formally moves Trust to the new ISO31000:2009 standard for Risk Management which has replaced the AS/NZ 4360 standard.
Author: Head of Integrated Governance and Quality
Presented by: Mary Sexton, Director of Nursing, Quality and Governance
Action Required:
Surrey & Sussex Healthcare NHS Trust
Risk Management Policy
Version DRAFT 03
Status DRAFT – 15 March 2010
Date ratified DD/MM/YYYY
Name of Owner Integrated Risk Lead
Name of Sponsor Group Risk Management Group
Name of Ratifying Group Quality and Risk Management Board Type of Procedural document Policy
Policy Reference To be completed by Policy Coordinator
Date issued MMM/YYYY
Review date April 2011
Target audience All staff
Related Documents SaSH Risk Management Plan
SaSH Risk Register Guidelines
Policy for the Reporting, Management and Investigation of Incidents
CNST Maternity Risk Management Strategy
References: Registration Regulations 2009
ISO 31000:2009 Risk management – Principles and guidelines
NHSLA risk management standards Monitor Code of Governance for NHS foundation trusts (2010)
Human Rights Statement The Trust incorporates and supports the human rights of the individual, as set out by the European Convention on Human Rights and the Human Rights Act 1988 EIA Status
This policy is available on request in different formats and languages from the Policy Coordinator / PALS.
The latest approved version of this document supersedes all other versions. Upon receipt of the latest approved versions all other versions should be destroyed, unless specifically stated that the previous version(s) are to remain extant. If in any doubt please contact the document owner or Policy Coordinator.
Contents 1. Introduction 2. Purpose 3. Definitions
4. Accountability and Responsibilities for Managing Risk 4.1. Introduction
4.2. Board of Directors
4.3. CEO and Management / Quality and Risk Management Board
4.4. Specialist groups, individuals and functions concerned with aspects of risk management
4.5. Corporate Directorates 4.6. Clinical Directorates 4.7. Specialties
4.8. Staff
5. Identifying, Assessing, Managing and Governing Risk 5.1. Introduction
5.2. ISO 31000:2009 Risk management – Principles and guidelines 5.3. SaSH Risk Register Guidelines
5.4. Governing Risk
5.5. The Board Assurance Framework (BAF) 5.6. The Statement on Internal Control (SIC)
6. Communication and Consultation with Stakeholders 7. Approval and Ratification
8. Review and Revision Arrangements
9. Dissemination and Implementation, including staff training 10. Archiving Arrangements
11. Monitoring Compliance 12. References
13. Associated Documents Appendices
Appendix A – Core risk management responsibilities for specialist groups, individuals and functions
1. Introduction
Surrey and Sussex Healthcare NHS Trust (SaSH) is committed to “putting people first” and delivering “excellent accessible care.” The vision is to “exceed patient and carers expectations for easy access to the delivery of safe, high quality care” and to “come together as one team, respecting the choices of individuals and provide ever improving clinical excellence, levels of comfort and care.” In pursuit of these goals, the Trust has identified six key corporate objectives:
• Safe, high quality coordinated care • Easier access and shorter waiting times • Better information – more choice
• Revitalising our environment • Engaging with our community • An effective organisation
The Board of Directors recognises that a key factor in achieving these goals and objectives is to ensure that effective risk management arrangements are in place and embedded in the organisation’s practices and processes. According to the Monitor Code of Governance for NHS Foundation Trusts “The board of directors’ role is to provide effective and proactive leadership of the ...trust within a framework of processes, procedures and controls which enable risk to be assessed and managed.” Effective risk
management arrangements will, in addition to helping ensure goals and objectives are met, help ensure compliance with statutory, mandatory and ‘best practice’ requirements. Managing health and safety risks, for
example, has been a legal requirement in the NHS since full and final removal of Crown Immunity in April 1991. And the Health and Social Care
Act 2008 (Regulated Activities) Regulations place a statutory duty on all
NHS organisations to ” identify, assess and manage risks relating to the health, welfare and safety of service users and others who may be at risk from the carrying on of the regulated activity.”
In addition, there are a range of mandatory and voluntary risk management schemes applicable to SaSH, including the Auditor’s Local Evaluation (ALE) operated by the Audit Commission and the NHS Litigations Authority’s risk management standards..
In pursuit of the objective of implementing effective risk management arrangements the Trust is committed to adhering as far as possible to the new international best practice Standard ISO 31000:2009 Risk
management – Principles and guidelines. The new Standard sets
risk. The Standard replaces the Australian/New Zealand Standard 4360, which NHS organisations across the UK have been using since 1999. This risk management policy is owned by Trust senior management, who support its implementation by ensuring a progressive, honest, open and ‘just’ environment where all types of risks can be identified and managed in a timely, positive and constructive way. Senior management will ensure that all staff are provided with education, training and support, appropriate to their role. to enable them to meet their responsibilities under this Risk Management Policy.
This policy is supported by an organisation-wide Risk Management Plan, which is a dynamic document designed to ensure that the Risk
Management Policy is implemented and risk management is embedded in all of the organisation's practices and processes.
2. Purpose
The purpose of this policy is to describe the arrangements for effective risk management in support of the organisation’s vision and objectives and to meet relevant standards imposed by legislation, the Care Quality
Commission, the Audit Commission and the NHS Litigation Authority1.
The policy is designed in accordance with the new international best practice standard ISO 31000:2009 Risk management – Principles and
guidelines, which requires organisations to clarify their objectives for and
commitment to risk management, and to specify the following:
• the links between the risk management policy and the organisation’s objectives and other policies;
• the organisation's rationale for managing risk;
• accountabilities and responsibilities for managing risk; • the way in which conflicting interests are dealt with; • the organisation’s risk appetite or risk aversion;
• processes, methods and tools to be used for managing risk; • resources available to assist those accountable or responsible for
managing risk;
• the way in which risk management performance will be measured and reported;
• commitment to the periodic review and verification of the risk
• the way in which the risk management policy will be communicated to all staff.
3. Definitions
ISO 31000:2009 defines risk as the “effect of uncertainty on objectives” and states that “Risk is often expressed in terms of a combination of the consequences of an event and the associated likelihood of occurrence.” Risk management is defined in ISO 31000:2009 as “coordinated activities to direct and control an organization with regard to risk.” This risk
management policy sets out the activities and coordination mechanisms specific to SaSH.
Further definitions are contained within the risk management and related documents referenced at section 12. The principal definitions for risk management are provided in ISO 31000:2009 Risk management –
Principles and guidelines.
4. Accountability and Responsibilities for Managing Risk 4.1 Introduction
Figure 1 sets out the framework of accountability for managing risk across SaSH, which is operationalised within the overall context of ‘quality and risk management’ and which is operationally led by the Chief Executive Officer (CEO) and governed by the Board of Directors (the board). There are 7 ‘levels’ of accountability for risk management as described in Figure 1.
Sections 4.2 – 4.8 provide additional detail on risk management
accountabilities. Appendix A sets out key risk management responsibilities for specialist groups, individuals and functions listed in section 4.6.
Board of Directors Healthcare Governance Corporate governance Management Quality and Risk Management Board Corporate Directorates Clinical Directorates Board committees INFORMATION POLICIES Performance Management Board
Misc. quality/risk groups, individuals and functions Integrated governance and quality department
Audit & Assurance Remuneration 7 Staff Accountability level Specialties/service lines 6 5 4 3 2 1 7 CEO
Figure 1 – SaSH accountability framework for managing risk 4.2 Board of Directors – Level 1
The Board of Directors is responsible for governing the management of risk within SASH. The Board exercises oversight of risk management through its Healthcare Governance Committee to ensure, through holding management to account for quality and risk management matters, that Key Performance Indicators set out in section 11 of this policy are being met. In addition, the Board of Directors annually reviews and signs off the commitment to Health and Safety Statement of Intent.
4.3 CEO and Management/Quality and Risk Management Boards – Level 2
As ‘Accountable Officer’ the CEO is accountable to Parliament as well as to the Board of Directors. The CEO is responsible for maintaining a sound
system of internal control, which includes effective arrangements for risk
management. Each year, the CEO has to sign, on behalf of the Trust Board, a Statement on Internal Control that provides an assurance that risk management, control and review processes are in place and their effectiveness has been reviewed.
The CEO is supported by the Management Board. The purpose of the Management Board (MB) is to ensure that the organization is safely and effectively managed on a day to day basis. The MB sets appropriate frameworks and policies and procedures to support delivery of the organisational objectives, including risk management. The Quality and Risk Management Board (QRMB) works in partnership with the
Management Board. It is responsible for ensuring, through appropriate frameworks and policies and procedures, the quality of services delivered through effective risk management.
The QRMB is the most senior body concerned with the day to day management of risk across the trust. The QRMB is responsible for ratifying the risk management policy and related policies; for allocating resources at corporate management level to ensure effective management of risk; for dealing with conflicts; for holding directorates to account for monitoring the management of risk across the Trust; and for providing assurances to the board’s Healthcare Governance Committee relating to risk management performance.
In addition to the CEO’s ultimate accountability for managing risk across the trust, all other individual executive directors have responsibility for managing risks within their own span of responsibility.
4.4 Specialist groups, individuals and functions concerned with aspects of risk management – Level 3
Sitting between the QRMB and the Directorates, and working within what is essentially a ‘matrix’ structure for risk management, are several
specialist groups, individuals or functions with a Terms of Reference (ToR) or job description that sets out their role, responsibilities, accountability and reporting arrangements. These groups, individuals or functions are, in no particular order:
• Integrated Governance and Quality Department • Occupational Health Department
• Head of Integrated Governance and Quality • Integrated Risk Lead
• Director of Infection Prevention and Control • Infection Prevention and Control Team • Director of Business Intelligence
• Health and Safety Manager • Fire Safety Officer
• Nominated Fire Officers • Estates and Facilities
• Safeguarding Children Group • Safeguarding Adults Group • Medicines Safety Group • Medical Devices Group • Decontamination Group • Health and Safety • Laser Group • Waste Group • Security Group
• Radiation Protection Group • Caldicott Guardian
4.5 Corporate Directorates – Level 4
The corporate directorates are led by an executive director who is responsible and accountable to the CEO/Quality and Risk Management Board for ensuring that their directorate properly manages their risks in line with this policy and with related policies, procedures and guidelines. Within individual directorates a Quality and Risk Management Forum exists, which provides a focus for staff on risk management matters 4.6 Clinical Directorates – Level 5
The clinical directorates are each led by an directorate team who is responsible and accountable to the Quality and Risk Management Board for ensuring that their Directorate properly manages their risks in line with this policy and with related policies, procedures and guidelines. Within individual directorates a Quality and Risk Management Forum exists, which provides a focus for staff on risk management matters.
4.7 Specialties – Level 6
Individual Specialities, or ‘service lines’, are accountable to the Clinical
Directorates for properly managing their risks in line with this policy and
with related policies, procedures and guidelines. Within individual specialties a Quality and Risk Management Forum exists, which provides a focus for staff on risk management matters.
4.8 Staff – Level 7
It is the responsibility of all staff, including contractors, temporary staff and volunteers, to ensure they are aware of, and comply with this risk
management policy and all related policies, procedures and guidelines, to the extent that is necessary to undertake their role. Some staff, such as General Managers, Matrons, Specialist Nurses, Lead Clinicians and Ward/Department Managers have particular responsibility to demonstrate leadership in relation to ‘front line’ implementation and monitoring of effective risk management.
5. Identifying, Assessing, Managing and Governing Risk 5.1 Introduction
Risk is identified, assessed, managed and governed in line with the following standards, guidance and recommendations:
• BS 31000:2009 Risk management – Principles and guidelines on
implementation
• The Health and Social Care Act 2008 (Regulated Activities) Regulations 2009 (currently before Parliament)
• The Care Quality Commission’s guidance Guidance about compliance:
summary of regulations, outcomes and judgement framework.
• Audit Commission (2009). Auditors' Local Evaluation (ALE) KLOE2 and
guidance 2009/10
• NHS Litigation Authority (2009). NHSLA Risk Management Standards 2009/10
• Monitor Code of Governance for NHS foundation trusts (2010) • SaSH Risk Register Guidelines, March 2010.
5.2 ISO 31000:2009 Risk management – Principles and guidelines The new international standard ISO 31000:2009 Risk management –
Principles and guidelines sets out internationally accepted generic best
practice in risk management. The Standard is based on the
Australian/New Zealand Standard 4360:2004, which is currently the NHS’s accepted generic standard for risk management. ISO 31000:2009 now replaces AS/NZS 4360:2004.
The ISO 31000 Standard sets out the fundamental principles of risk
management together with a framework and process for managing risk as shown in Figure 2.
The risk management process depicted in Figure 2 is identical to the process contained in AS/NZS 4360, which NHS organisations in England have been working with since the Department of Health issued the 1999 version of the AS/NZS 4360 Standard in 1999. In summary, the risk management process as it applies to SaSH is as follows:
1. the context within which risk is to be managed is properly identified and understood. In this instance, the context is the entire range of activities carried on within SASH, including all activities associated with patient care and treatment;
2. risks are identified;
3. risks are assessed in terms of their likelihood, or probability, and potential consequences or severity of impact, should they materialise; 4. risks that cannot be accepted are treated so that they are either
eliminated, transferred or properly controlled;
5. there is proper communication and consultation with relevant stakeholders about all aspects of risk management; and
6. all aspects of the risk management system are periodically monitored and reviewed to ensure the system is working effectively.
Figure 2 – Risk management principles, framework and process from ISO 31000:2009
5.3 SaSH Risk Register Guidelines
The key tool used by SaSH for practical implementation of the risk
management process outlined in section 5.2, above, is the Risk Register. A risk register is a repository for information on all aspects of risk and is used as a management tool both for managing risk and for communicating risk information. Risk registers need to be maintained by the various
specialties or ‘service lines’ and by each of the clinical and corporate directorates on an ongoing basis.
Where necessary, serious risks need to be ‘escalated’ up the managerial accountability line (see Figure 1), Periodically, these risk registers are ‘aggregated’ to produce a composite Trust risk register. The trust risk register informs and assists directorate management, the CEO and Quality and Risk Management Board, and the Healthcare Governance
Committee/Board of Directors. Further information on the role of the Board of Directors in governing risk is set out in section 5.7.
In SaSH, risk registers are implemented as an electronic repository using the Datix risk management software.
Further details on the SaSH risk register, together with a detailed
explanation of how risk is identified, assessed and managed is contained in the SaSH Risk Register Guidelines publication.
5.7 Governing Risk 5.7.1 The role of the board
According to the FTSE Company3, “The role of boards is to govern, not to
manage. It is about setting overall direction, establishing boundaries and controls, recruiting and motivating talented executives and overseeing their operation of the business.”
Figure 4 sets out how the management of risk is governed at SASH under the auspices of the board of directors and the board’s audit and healthcare governance committees. The Healthcare Governance Committee monitors and reviews the trust risk register and generally provides assurances to the board in relation to the organisation’s management of risk. The Audit and Assurance Committee is responsible for oversight of the entire system of internal control within SASH and, as part of this responsibility, will
provide independent assurance to the board on the effectiveness of the organisation’s system for risk management.
RISK REGISTER Page SIC
1of?
Location/
Management unitDingley Dell AmbulanceTrust AssessorRiskBodmin Moore Date 14/10/99 Date ofReview1/12/99 ADEQUACY OF RISK ASSESSMENT Risk EXISTING CONTROLSConsequencesLikelihoodRISK RATING RISK Ref.DESCRIPTION OF RISK A I U (C) (l) (Cxl) RANKING 1 Back injuries to ambulance staff 9 3 4 12 3 2 Patient falling out the back of an
ambulance 9 4 1 4 6 3 Damage (and possible personal
injury) to new ambulances with power-assisted steering
9 3 5 15 2= 4 Dangerous exhaust fume build up
in main ambulance depot 9 5 2 10 4 5 Trust bankrupcy through policy of
not charging for providing cover at local fairs
9 3 5 15 2= 6 Public outrage at charging for
providing local fair cover 9 1 5 5 5 7 'Putting people at risk' at fair
through inadequate ambulance cover 9 5 4 20 1 Etc. A = Adequate I = Inadequate U = Uncertain Multiple fatalities 5 Single fatality 4 Major 3 Serious 2 Minor 1 Negligible 0 Certain 5 Likely 4 Possible 3 Unlikely 2Rare 1 Impossible 0
BOARD
Audit Committee Healthcare Governance Committee External Audit Internal AuditTRUST RISK REGISTER
‘Bottom-up’ population ‘Top-down’
population
CEO
BAF
Figure 5 – The trust risk register and the board
5.8 The Board Assurance Framework (BAF)
A key companion to the trust risk register is the Board Assurance
Framework (BAF). The BAF describes the principal risks that relate to the organisation’s key objectives and is intended to provide assurances to the board in relation to the management of risks that threaten the ability of the organisation to achieve these objectives. The BAF provides the board with information on managing principal risks that provides assurances on the management of risk in relation to key organisational objectives. Wider consideration of the Trust risk register, through suitable reporting on
significant risks to the board by the executive directors, provides the board with more comprehensive assurances on management of the totality of risk facing SASH.
5.9 The Statement on Internal Control (SIC)
A further feature of figure 5 is identification of the requirement on the CEO to sign off, on behalf of the board, an annual Statement on Internal Control (SIC). This statement is underpinned by the risk management process and, in particular, the trust risk register and BAF.
6. Communication and Consultation with Stakeholders
The key internal stakeholders for the purposes of this risk management policy are the staff, specialities, directorates, Quality and Risk
Management Board and the Trust Board and its Healthcare Governance Committee. It is the responsibility of the Integrated Risk Lead to ensure proper consultation and communication processes are in place between key internal stakeholders.
The key external stakeholders for the purposes of this risk management policy are the Care Quality Commission, District Audit and the NHS Litigation Authority (NHSLA). It is the responsibility of the Head of Integrated Governance and Quality to ensure proper consultation and communication processes are in place with key external stakeholders. 7. Approval and Ratification
This Policy has been developed with the involvement of internal
stakeholders together with an external healthcare governance and risk management specialist. It has been ratified as suitable for implementation across the Trust by the Quality and Risk Management Board.
8. Review and Revision
This policy will be reviewed and, where necessary, revised at least annually in line with requirement 4.1.10 of the Audit Commission’s Auditors' Local Evaluation (ALE) KLOE and guidance 2009/10. 9. Dissemination and Implementation, including staff training
Specifically, in relation to this policy, the key actions will be delivered through the Risk Management Plan.
Staff training on risk management is key to implementation. The strategy for staff training, based on training needs analysis in relation to the responsibilities outlined in section 4, together with other specific risk management implementation requirements are as set out in the Risk Management Plan at Appendix A.
10. Archiving
The risk management policy will be held in the Trust database and
archived in line with the arrangements in the Organisation wide Policy for
the Management of Procedural Documents.
11. Monitoring compliance
This policy is monitored using a combination of:
• audit of the standards contained within and underpinning the policy, i.e. – in no particular order - ISO 31000:2009; ALE 2009/10; Care Quality Commission published requirements and NHSLA risk
management standards4, will be reported by the Integrated Risk
Lead to the Quality and Risk Management Board annually; and • key performance indicators (KPIs - see table below)
The principal management group reviewing compliance in relation to both audit results and indicator data is the Quality and Risk Management Board (QRMB). At a governance level, the principal board committee reviewing compliance is the Healthcare Governance Committee (HGC).
All audit activity in relation to this policy will be carried out by the Integrated Governance and Quality section. The Quality and Risk Management Board will receive the audit results and be responsible for overseeing the action plan to address any issues of non compliance/poor practice.
Key Performance
Indicator (KPI) responsible for Person
collating information
Frequency of
reporting Group/Committee reviewing
compliance % training in risk
management carried out with risk leads identified in training needs assessment (TNA)
Integrated Risk
Lead Quarterly QRMB
% directorates having carried out an initial half-day facilitated risk identification workshop.
Integrated Risk
Lead Quarterly (time-limited KPI) QRMB
% directorates having established a fully functional risk register in accordance with the risk management policy and risk register guidelines
Integrated Risk Lead Quarterly QRMB % directorates having established a fully functioning incident reporting/RCA investigation system in accordance with SaSH policy.
Integrated Risk
Lead Quarterly QRMB
Incident reporting rate Integrated Risk
Lead Quarterly QRMB
Incident notification lag (days)
Integrated Risk Lead
Quarterly QRMB Adverse incident rate
(from incident reporting) Integrated Risk Lead Quarterly QRMB
Adverse incident rate (from Global Trigger Tool, i.e. retrospective case review) Integrated Risk Lead Quarterly QRMB % reported incidents assessed as high risk/impact Integrated Risk Lead Quarterly QRMB % directorate risk management actions completed, pending and late (including incident investigation actions)
Integrated Risk
Lead Monthly QRMB
% CAS compliance Integrated Risk
Lead Monthly QRMB Hospital standardised mortality ratio (HSMR) Integrated Risk Lead Monthly QRMB
12 References
• The Health and Social Care Act 2008 (Regulated Activities) Regulations 2009 (currently before Parliament)
• Care Quality Commission (2009). Guidance about compliance:
summary of regulations, outcomes and judgement framework.
• Audit Commission (2009). Auditors' Local Evaluation (ALE) KLOE and guidance 2009/10
• NHS Litigation Authority (2009). NHSLA Risk Management Standards 2009/10
• ISO 31000:2009. Risk management – Principles and guidelines on implementation.
• Monitor (2010). Code of Governance for NHS Foundation Trusts.
13 Associated Documents
Organisation Wide Policy for the Management of Procedural Documents Policy for the Reporting, Management and Investigation of Incidents (including Serious Incidents)
CNST Maternity Risk Management Strategy etc.
Appendix A – Core risk management responsibilities for specialist groups, individuals and functions
This can be progressed and finalised once the Quality and Risk Management Board TOR have been ratified.
Appendix B
Quality and Risk Management Board
Terms of Reference
Subject
Terms of Reference for the Quality and Risk Management Board
Written by
Sharon Gardner-Blatch, Head of Integrated Governance and Quality
Applicable to
Members of Surrey & Sussex Healthcare NHS Trust Executive Committee
Responsible Person
Director of Nursing, Quality and Governance
Date ratified March 2010
Contribution from
Stuart Emslie, Risk Management Consultant
Brenda Kelly, Integrated Risk Lead
Version 1 Ratification Committee
Trust Board Review date March 2012 Keywords Quality Safety Patient Experience Clinical Effectiveness Risk management Organisational Development
1 Purpose
1.1 The Quality and Risk Management Board (QRMB) is a senior
management group, chaired by the Chief Executive Officer (CEO), which is focused on:
1. matters relevant to maintaining and improving the quality (i.e. safety, effectiveness and experience) of patient care including the organisational development to underpin the improvements; and
2. matters relating to the management of all types of risk across Surrey and Sussex Healthcare NHS trust (SaSH)
3. providing assurance to the SASH Healthcare Governance Committee by ensuring robust arrangements for effective quality and risk management. The QRMB is the most senior executive authority in relation to resolving matters relating to quality and risk and supports the CEO in providing management assurances to the board in respect of quality and risk matters, including ‘Quality Accounts.’
2 Constitution
The QRMB provides through the CEO assurance to the Healthcare Governance Committee on the management of all aspects of quality and risk management.
It is constituted under the CEO following the formal adoption by the Trust Board of the Risk Management Strategy.
3 Membership Chief Executive (Chair)
Director of Nursing, Quality and Governance Medical Director
Director of Business Intelligence & Technology Director of Human Resources
Director of Clinical Services
Director of Finance and Contracting Director of Environment and Facilities Clinical Director for Medical Directorate Clinical Director for Surgical Directorate
General Manager for Medical Directorate General Manager for Surgical Directorate
General Manager for Clinical Support Services Directorate General Manager for Women &Child Health Directorate Head of Nursing and Governance for Medicine
Head of Nursing and Governance for Surgery Head of Midwifery & Governance
Head of Integrated Governance and Quality Head of Education and Training
4 Attendance
4.1 A quorum shall be a 50 % of the membership, of which 50% must be
clinical. All members must attend/be represented at each meeting.
4.2 Any manager may be invited to attend, particularly when the MB is
discussing areas of risk or operation that are the responsibility of that manager.
5 Administration
5.1 The P/A to the Head of Integrated Governance and Quality shall ensure
that the Quality and Risk Management Board meeting in the second week of the month is provided with appropriate administrative support, take minutes of the meeting, collate and circulate papers, and ensure follow up actions are monitored for delivery.
6 Frequency
6.1 The QRMB will meet monthly, the Chair may request additional meetings if
they consider it necessary.
6.2 The MB will meet the second Wednesday of the month from 11:30 to
13:30.
7 Reporting Groups:
• Specialist groups, individuals and functions concerned with aspects of risk management, quality and organisational development (these are identified in the respective strategies)
• Clinical and Corporate Directorate on their quality, risk and organisational development management
8 Duties
The core duties of the QRMB are delivered under the key programmes below 8.1 Corporate Governance
• Provide such additional assurances to the Board of Directors, through the Board Healthcare Governance Committee and the Audit and Assurance Committee, as may be required.
• Prepare ‘Quality Accounts’ in accordance with external guidance for review and acceptance by the Board of Directors through the Board’s Healthcare Governance Committee
• Manage the embedding of all aspects of Governance including research within the corporate and clinical directorate structure for the NHS Trust. • Manage full compliance with the Care Quality Commission Registration
Regulations including any action plans for external regulatory standards contributing to the assurance framework for the remit of this Board.
8.2 Risk Management
• Approve the Risk Management Policy and Risk Management Plan (i.e. ‘risk management strategy’) for the organisation.
• Periodically monitor and review the organisational (i.e. trust-wide) Risk Register.
• Provide direction for the allocation of resources to improve care quality, including patient safety, and risk management.
8.3 Reporting and Inspections
• Manage the delivery of all action plans arising from inspections, visits and accreditations to ensure compliance with standards contributing to the assurance framework.
• Periodically monitor and review feedback from internal quality and risk personnel, committees, groups and functions.
8.4 Quality of patient care
Patient safety/ Effectiveness and outcomes/ Patient Experience Oversee and ensure delivery of the policies and action plans which combine to provide Trust Quality Strategy.
• Patient Safety Policy and Action Plan
• Clinical Effectiveness Policy and Action Plan • Patient Experience Policy and Action Plan • Risk Management Policy and Action Plan
• Organisational Development Policy and Action Plan.
8.5 Information Governance
• Monitor compliance with information governance standards and oversee the delivery of robust systems for maintaining confidentiality in line with Caldicott requirements.
8.6 Education and Professional Development
• Oversee and ensure delivery of continuing professional development and appraisal for all health care staff.
• Ensure compliance with appropriate levels of induction and mandatory training are in place for the appropriate health care staff (including agency, bank and locum).
• Receive and approve the annual training needs analysis ensuring it supports delivery of organisational development and delivery of high quality and improving services.
8.7 Research and Development
• Oversee the delivery of research within the Government Research Governance Framework.
8.8 Safeguarding
• Monitor compliance with all relevant statutory requirements relating to Safeguarding are met.
• Monitor and advise on compliance with key standards on the welfare of children and vulnerable adults across the Trust.
• Promote effective working across all partner agencies involved in Child Protection, including all statutory partnership arrangements.
8.9 Policies
• Approve relevant policies/strategies related to the management of care quality.
9 Single Equality
• Ensure that the single equality scheme action plans are regularly reviewed.
