8th Edition Administration and Management Standards: Risk Prevention and Management Joe Frisino Standards Development and Performance Measurement April 2006 Hello, my name is Joe Frisino and I am Associate Director of Standards Development and Performance Measurement at COA. I have worked with COA's advisory panel members and other members of the Standards Development group on the Risk Prevention and Management standards for the 8th Edition.. I would like to welcome you to this self-paced presentation, designed to let you view each section of the standards at your convenience, and move as quickly or slowly through the material as you like. The presentation time is listed in the upper left hand corner of your screen. When you are finished viewing the slide presentation, you will receive instructions for how to print the slide show, if desired.

Administration and Management Standards COA offers Six Sections of Administration and Management Standards Previously termed “G” (generic) standards.. that term has been retired Set forth and promote essential good business practices Implemented by all accredited agencies regardless of type of services delivered In this session we will be discussing COA's Risk Prevention and Management standards, abbreviated R-P-M. Formerly the risk management standards were designated at G11, but as you can see, we've replaced that system with one that is more descriptive. RPM is one of six Administration and Management is Standards sections for Private Organizations. These six administrative and management sections focus on good business practices for organizations, and, when implemented along with the standards for services an organization provides, help organizations develop a solid infrastructure that can deliver quality services and achieve positive client outcomes. Major evidentiary support that was used in the development of this section came from the literature on non-profit risk management, capacity building, insurance and liability, non-profit law, contracting practices, and data management and security as well as the advise of COA's expert advisory panels. January 19 © Council on Accreditation 2005 All Rights Reserved

Risk Prevention and Management (RPM) “Comprehensive, systematic, and effective risk prevention and management practices reduce the organization’s risk, loss, and liability exposure.” The stated purpose of the Risk Prevention and Management standards is: "Comprehensive, systematic, and effective risk prevention and management practices reduce the organization’s risk, loss, and liability exposure. COA's Risk Prevention and Management standards outline a comprehensive approach to preventing, managing, and reducing risk, and protecting an organization's resources and assets, be they human, physical, or financial. The standards go beyond protecting against threats: risk prevention and management practices are an opportunity to strengthen the organization. In this, leadership must set a proactive tone by creating a culture that identifies risk and learns from challenges. Potential risks include risks related to: property, income, liability, human resources, which, if measured by the number of lawsuits brought against them, is the area of greatest risk for non-profits, clients, the organization's reputation, its mission, its governance, finances, vulnerable populations, and risks associated with inter-agency collaboration (Herman 2004). There are ten core concepts which support the purpose statement we just discussed. And these ten core concepts fall roughly into three groups: 1. General Risk Prevention and Management 2. Information Management and Security, and 3. Contracting January 19 © Council on Accreditation 2005 All Rights Reserved

Risk Prevention and Management (RPM) RPM 1 Legal and Regulatory Compliance RPM 2 Risk Prevention RPM 3 Medication Control and Administration RPM 4 Insurance Protection There are four concept standards under the general risk management category. They are: RPM 1 Legal and Regulatory Compliance RPM 2 Risk Prevention RPM 3 Medication Control and Administration RPM 4 Insurance Protection The titles tell you a lot about the content of these sections. One standard I'd like to go into more detail about is RPM 2.01. RPM 2.01 states: "Management, with the involvement of the governing body, conducts an internal assessment of overall risk, at least annually…” The standard then goes on to list thirteen areas that should be reviewed during the annual assessment of risk. These include: legal compliance, facility health and safety, staff training, finances, employment practices, contracting, and others. Each area is directly connected to other standards and sections of standards throughout the 8th Edition. These other standards provide guidance as to what the risk management assessment might include. For example, one of the areas is "health and safety, including use of facilities". There is a section of standards entitled Administrative and Service Environment, or A-S-E, which deals with, among other things, facilities issues. The annual assessment of risk should include review any potential risks associated with the implementation of related standards in ASE. January 19 © Council on Accreditation 2005 All Rights Reserved

Risk Prevention and Management (RPM) RPM 5 Information Management and Use RPM 6 Security of Information RPM 7 Case Records RPM 8 Access to Case Records There are four concept standards related to information management and security. They are: RPM 5 Information Management and Use RPM 6 Security of Information RPM 7 Case Records RPM 8 Access to Case Records These standards address issues such as, who has access to case records, how data is maintained, how data is capture, tracked, and reported, use of electronic backup, how records are stored, how records are maintained and disposed of, the contents of case records, frequency of progress notes, who can make entries into case records, and more. January 19 © Council on Accreditation 2005 All Rights Reserved

Risk Prevention and Management (RPM) RPM 9 Contracts and Service Agreements RPM 10 Quality Monitoring of Purchased Services There are two concept standards related to contracting. They are: RPM 9 Contracts and Service Agreements, and RPM 10 Quality Monitoring of Purchased Services It is important to note that COA's contracting standards apply to contracts for human services. They do not apply to contracts for maintenance services or similar contracts. They also do not apply to contracts for consultants, independent contractors or other individuals. Contracts with individual providers are addressed in the Human Resources standards. The contracting standards cover: standardized contracting practices; service agreements; and contract oversight; including establishing criteria for evaluating vendor performance, and outcomes expectations. January 19 © Council on Accreditation 2005 All Rights Reserved

© Council on Accreditation 2005 All Rights Reserved Implementation Interviews with the Board, Management, Staff, and Consumers Documentation, e.g., case records, MIS procedures, contracts, insurance policies Facility observation Prior to, and during the site visit, the review team will be evaluating the organization’s implementation of the standards by reviewing written documentation, including polices and procedures, and interviewing staff at all levels of the organization. Interviews will be conducted with the organization's senior management, members of its governing body, staff, and consumers. Written documentation may include: case records; insurance policies; contracts; MIS procedures; documentation of HIPAA compliance; and other documents listed in the Evidence of Implementation chart which follow the standards.. The team will also visually review case record and file rooms and observe the MIS system in action. January 19 © Council on Accreditation 2005 All Rights Reserved

© Council on Accreditation 2005 All Rights Reserved Thank you! Council on Accreditation 120 Wall Street, 11th Floor New York, NY 10005 866-262-8088 www.coanet.org Joe Frisino jfrisino@coanet.org Ann Morison amorison@coanet.org Thank you for viewing this self-paced presentation on COA’s 8th Edition Risk Prevention and Management standards. I would like to welcome you to email any questions you may have to me, Joe Frisino, at jfrisino@coanet.org, or to Ann Morison at amorsion@coanet.org. If you would like to print the slide show, click on the word attachments in the upper right hand corner and select the slide presentation.  Thank you again for your interest in the COA’s 8th Edition Risk Prevention and Management standards. January 19 © Council on Accreditation 2005 All Rights Reserved