PSQH Quick Poll 2023: Taking the Pulse of Healthcare Risk Management

By Jay Kumar

As part of Health Risk Management Week, PSQH reached out to our readers with a few questions about how healthcare organizations are dealing with managing risks.

The Quick Poll had a total of 127 respondents.

Biggest risks facing healthcare organizations

Asked about the top risks facing their organizations, 83.5% of respondents said their biggest concern was workforce retention, up from 54% a year ago. Other top concerns were caregiver burnout (59%), regulatory compliance (38.6%), medical errors (37.8%), cybersecurity and ransomware (36.2%), and infectious disease outbreaks (28.4%). Others wrote in lack of accountability, violence towards staff, supply shortages, falls related to tangled tubing and medical line entanglement, workplace violence, lack of leadership and cohesiveness, low census, handwashing, quality staffing, and influx of new RN staff trained during pandemic without expected skill level.

Frequency of risk assessments

Asked how often their organization conducts a risk assessment, 60.8% of respondents said annually, compared to 55% a year ago. Another 14.4% said they conducted assessments twice a year and 13.6% said they conducted assessments only when needed. Others wrote in quarterly, ongoing, monthly, and every three years.

Risk management technology

When asked what types of technology they use to monitor risks, 59.2% of respondents said they use data analytics, up from 44% last year. Another 50.4% use spreadsheets, 44% use risk management software, and 14.4% said they use AI.

Concern over organizational risk management

When asked about the level of concern regarding their organization’s ability to assess and manage risks, 63.5% of respondents said they were somewhat concerned, up from 56.8% a year ago. Another 20.6% indicated they were very concerned, while 15.9% were not concerned.


Asked if their organization has had to deal with a cyberattack or ransomware, 69.1% said they haven’t experienced an attack yet, while 31% indicated that they have.

When it comes to preparedness for a cyber or ransomware attack, 56% of respondents said they were somewhat prepared, 33.6% said they were very prepared, and 10.4% said they were not prepared.

Who responded

The job titles of the survey respondents were varied: nurses (29.6%), VP/director/officer of Quality (13.6%), VP/director/officer of Patient Safety (10.4%), risk managers (8.8%), C-suite level (CEO, COO, hospital administrator, etc., 6.4%), and physician (4%). Write-in titles include compliance officer, chief quality officer, technical manager, system nursing director, RN/surgical services leader, nursing supervisor, director of quality/risk/regulatory affairs, emergency management/ED operations/EMS manager, patient safety project coordinator, QA/RM coordinator, RN/infection control professional, CSR manager, infection control preventionist, accreditation.

The vast majority (66.7%) of respondents indicated they work in a hospital, followed by post acute/home health (6.4%), ambulatory/physician organization (5.6%), and ancillary health facility (0.8%). Other write-ins included: ambulatory surgery center, professional association, healthcare system, cord blood bank, insurance, EMS, quality assurance, SNF, government, behavioral healthcare provider, rehabilitation facility, consulting, forensic long-term care center, biotechnology R&D, healthcare coalition, and state psychiatric center.

Thanks to our sponsors Origami Risk and Riskonnect.