Winona Health Wins 2016 GRC Value Award for Risk Management

When building a business case for risk management software, independent validations of customer success stories speak louder than marketing claims. Winona Health won the 2016 GRC Value Award, granted by industry analyst firm GRC 20/20. Winona’s rapid success with risk management software is just one example of just how powerful and versatile deployments are when they have: a true risk-based support, robust taxonomy technology, and flexible Software-as-a-Service deliveries.

As described in the case study written by Michael Rasmussen, GRC Pundit at GRC 20/20, Winona’s biggest advantages with the platform include:

1. Centralized enterprise risk management and incident management programs which identify the root-cause of risk events across locations.
2. Agile reporting to monitor the effectiveness of internal policies and procedures against identified root-cause concerns and strategic goals.
3. Streamlined incident processing, resulting in faster turnaround times.

The nonprofit healthcare provider has more than 1,000 employees responsible for managing at least 3,000 incidents per calendar year. Like all healthcare providers, Winona Health is particularly concerned with reporting incidents quickly and accurately. Any disruptions in employee ability to report and address incidents could cause serious liability issues due to patient safety concerns and corresponding regulatory requirements – like those from the Center for Medicare/Medicaid Services. Additionally, if end users find the new software challenging to use, the number of issues reported could decline and undermine the efforts of risk and compliance teams.

To avoid these compliance and operational concerns, LogicManager helped operationalize Winona’s healthcare risk and incident management program within the 45 days between their signed agreement and the end of their contract with a previous incident management solution. LogicManager’s Advisory Analyst team also provided risk management training to hundreds of users during live virtual sessions within this six-week period, without charging professional service fees.

As a result, Winona Health immediately began successfully reporting more incidents, indicating many end users were actually more comfortable using LogicManager. Winona Health also tied LogicManager’s root-cause risk library to the eight domains of healthcare for ERM, as published by the American Society for Healthcare Risk Management. Tying incidents to such root causes provides an accurate view of the performance of mitigation strategies over time (as they relate to key operational risks).

The result: streamlined incident management capabilities and an average processing time reduced from 90 days to 30 days.

LogicManager’s ability to 1) distill incidents into their root causes and 2) reduce the incident and complaint management process were both key to the success that earned us the 2016 GRC Value Award.

Why is Healthcare Risk and Incident Management so Important?

Effective incident management is important for organizations of all types. Healthcare companies, however, often have more to lose if incidents aren’t handled appropriately. The unpredictable nature of healthcare facilities can put both staff and patients at risk; events like on-site transmissions, slip-and-falls, and defective or infected equipment can crop up at any time and pose major liability concerns.

Additionally, healthcare organizations have been shown to be particularly vulnerable to cyberattacks. Millions of patient records contain an enormous amount of personally identifiable information (PII), making the industry an enticing target and predisposing companies to attack. In combination with the often urgent nature of healthcare work, many employees simply don’t have a lot of time to devote to incident documentation – unless they’re working with a standardized, streamlined solution.

This combination of volatile work environment, strict regulations and enforcement penalties, and sensitive information makes it vital to stay on top of healthcare risk and incident management.