Skip to main content

About the author

Andrew Wright

Head of TRPM Product

Andrew Wright is Head of TPRM Product, and first joined Thomas Murray in 2002 as a Business Analyst. Andrew is responsible for working with our clients and developers to research the market for TPRM solutions, and to drive the roadmap for our leading Orbit Risk platform for monitoring third and fourth parties through due diligence, cyber security, and risk intelligence capabilities.

In a healthcare setting, securing patient safety begins with a comprehensive understanding of inherent risk – both the likelihood and the potential impact. Inherent risk questionnaires are an integral part of assessing and managing the risks associated with patient care, including data security and overall operational processes. 

Patient safety and care evaluation 

A well-structured inherent risk questionnaire will identify potential risks that could negatively affect patient safety and care quality. Make sure your questionnaires are flexible enough that they can be tailored to specific medical procedures, treatments, or departments.

Data security and privacy 

Are you evaluating the risks related to the storage, transmission, and handling of patient data? Healthcare organisations are prime targets for cyber criminals, so prioritise minimising the risk of data breaches (including those that result from human error). 

Compliance and regulatory requirements

Like the financial sector, healthcare is heavily regulated. An inherent risk questionnaire can help organisations to take a proactive approach to evaluating their regulatory compliance and highlight areas that need urgent attention. 

Operational efficiency 

By identifying potential bottlenecks, errors, or inefficiencies, healthcare organisations can put in place process improvements that optimise the use of resources and reduce the length of waiting lists.

Vendor and supplier risk evaluation 

Inherent risk questionnaires can aid in evaluating the risks associated with third-party vendors and suppliers who provide you with services or products. This is an essential element of maintaining quality standards and safeguarding patient safety.

Emergency preparedness

Identify inherent risks related to emergency situations and develop strategies to mitigate them. This could include risks associated with evacuations, medical supply shortages, or natural disasters – particularly with regard to your supply chain.

For example, Hurricane Maria devastated Puerto Rico and closed down its pharmaceutical manufacturing plants. The biotechnology company Biogen was able to move quickly to mitigate the impact of the idling plants, as well as address shortages of drugs and IV bags. 

Make sure you’re able to continuously monitor your third parties, and have a backup plan that can be implemented at speed.

Training and education 

As a training tool for staff, inherent risk questionnaires are invaluable for making teams more aware of potential dangers and encourage greater involvement in risk management efforts.

Continuous improvement

Regularly review and update the questionnaires to reflect changing regulatory requirements, emerging risks, and shifting circumstances.

Work collaboratively

Involve various stakeholders, including the procurement and finance teams, doctors, nurses, administrators, IT personnel, and legal experts, in the development and completion of inherent risk questionnaires. This approach ensures a comprehensive assessment of risks across different dimensions.

Prioritisation and mitigation planning 

Develop risk mitigation plans that outline specific actions to reduce or eliminate the most serious of your likely risks, and assign responsibilities for their implementation.

Orbit Intelligence

Orbit Intelligence

Centralise your monitoring and reporting, access Thomas Murray risk assessments and third party data feeds.

Learn more

Contact an expert

Robert Smith

Robert Smith

Head of SaaS Sales and Customer Success 

Phoebe Jordan , Managing Director | TPRM

Phoebe Jordan

Managing Director | TPRM