Talking about risk and statutory compliance without scaring or boring your board
If you are a CEO or ED of a healthcare organization, you need to talk to your board about risk.
How do you do it without scaring them or boring them?
You make risk real. You explain real situations that have happened to similar organizations.
Here are a couple of pointers:
Give them a risk architecture: Most board members don’t know the categories of risk that you face. Give them a high level overview or architecture of risk that they can see the 20,000 ft view of risk. Risks like: (1) Clinical or Patient/Client Safety; (2) Human Resources; (3) Financial; (4) Technological. What other risks form your enterprise risk management program? Give them the high level summary so they know how to start to categorize risks. Give them an architecture to hang their risk questions and ideas on.
Give them a high level summary of the laws that apply to them: Did you know there are more than 40 laws that apply to health care organizations in Ontario? Show them the laws that apply in the categories of (1) Clinical; (2) Corporate; (3) Human Resources/Employment; and (4) Building/Facility.
If you have governing legislation specific to your type of facility or service – make sure you highlight that for them. For example, the Public Hospitals Act or the Long-Term Care Homes Act, 2007 or the Laboratory and Specimen Collection Centre Licensing Act. Heads up: Primary care teams like FHTs do not have an overarching law they need to point to.
Tell them about the 5 Duties: Prioritize risk for your board. Sure they need to know about ALL the risks – but make sure you tell them about the 5 duties that every health care organization needs to know about and manage:
- Duty to remit taxes
- Duty to abide by employment standards
- Duty to abide by occupational health and safety standards
- Duty to respect privacy
- Duty to protect the environment
If you do not manage these duties properly, the risks can be devastating to your organization and there can be personal liability for board members. Make sure you are crystal clear on those duties and the potential consequences and then demonstrate to the board that you are responding to those duties and managing those risks.
Give your board members practical tasks: Help your board members by giving them questions to ask you. In your board training, explain to them how they fulfill their duty to be vigilant. Explain how they need to come to meetings and read the materials and ask good questions.
Tell stories of other organizations: There is nothing like storytelling to make “fanciful” risks real. Telling your board members about what has happened to another similar type of health organization helps them understand what can happen. It also communicates to your board that you are up-to-date and knowledgeable about your risk context and then you can share how you are taking steps to avoid such risks on your team.
Tell your board about insurance and other coverage for them: Board members need to be reassured that there is insurance for them too. Once you have explained all the ways things could go horribly wrong, tell them about how you manage their risks so they don’t get too worried.
Let me know if you’d like onsite board risk and statutory compliance training. It’s one of my favourite topics!
