Effective risk management enables providers and provider collaboratives to achieve their objectives and minimise the likelihood of harm to both patients and the organisations involved.
At its core, much of risk management at collaborative level will likely use processes identical to those already in operation in individual trusts. The management and leadership body or bodies of a collaborative are responsible for identifying and managing risk to any service(s) and activities that the collaborative provides and undertakes, and for seeking adequate assurance that risk is managed properly.
Depending on the scope of the activities of the collaboration, risk may be managed simply using project/programme risk registers and escalation. Strategic risks may also be identified to the collaborative itself or risks that have escalated beyond the scope of any delegated authority the collaborative holds. Partner organisations should agree and establish processes and procedures through which risk can be escalated to individual trusts or all of the trusts within the collaborative. The cut off point at which risk is escalated beyond the collaborative will vary according to what has been agreed through negotiation between participants and the risk appetite of those participants.
In collaborations where there is formal shared decision-making, accountabilities and therefore any liabilities arising from any risk that actualises may be joint and several, as described in the previous section, being clear about accountabilities, delegated authority, and oversight requirements of partners.
Some provider collaboratives have been discussing 'risk/gain' arrangements involving financial transfers, i.e., should a provider agree to carry more risk for the benefit of the collaboration, they would also stand to accrue any financial benefit in proportion to the risk. At the time of publication, NHSE are working on guidance to support providers to manage and defensibly document decisions about transference of risk within systems and so we do not consider it further here. However, the principle that risks should continue to be managed pertains, and any such decision carefully documented.
Collaboratives should not try to contain risk that should be escalated. Robust assurance information plays a crucial role both within the collaborative but also for individual organisation's boards where they remain answerable for the outcomes of the collaborative's activity.
Both collaborative leadership and trust boards should periodically review the effectiveness of risk management arrangements. Such reviews need to be more frequent at the outset, reducing in frequency as arrangements become established.