PSQH Quick Poll 2024: Taking the Pulse of Healthcare Risk Management

By Jay Kumar

As part of Health Care Risk Management Week, PSQH reached out to our readers with a few questions about how healthcare organizations are dealing with managing risks.

The Quick Poll had a total of 100 respondents. Thanks to our sponsors Collette Health, Origami Risk, and SAI360.

Biggest risks facing healthcare organizations

Asked about the leading risks facing their organizations, 72% of respondents said their biggest risk was workforce retention, down from 83.5% a year ago. Other top concerns were caregiver burnout (47%), cybersecurity and ransomware attacks (41%), workplace violence (39%), regulatory compliance (38%), medical errors (33%), and infectious disease outbreaks (29%). Other concerns listed included: Falls with injury; healthcare-associated infections/conditions; medication errors; finances; documentation deficiencies; staffing; lateral violence; safe staffing for frontline nurse and no ancillary support (i.e., transport, phlebotomy, EKG techs, no consistent unit secretary or UAP staff); reimbursement covering actual costs of care.


Frequency of risk assessments

Asked how often their organization conducts a risk assessment, 63% said annually, 12% said only when needed, and 10% said twice a year. Others wrote in: Each system has a scheduled risk assessment by our dedicated risk team; monthly quest rounds; multiple risk assessments during calendar year with various units/departments; quarterly; never; clipboard completion by Admin who is non-clinical, no input from managers, only when required or reminded to do so.

Risk management technology

When asked what types of technology they use to monitor risks, 61% of respondents said data analytics and the same number said spreadsheets. Another 41% said risk management and 16% said artificial intelligence (AI).

Concern over organizational risk management

When asked about the level of concern regarding their organization’s ability to assess and manage risks, 57% of respondents said they were somewhat concerned, 23% were not concerned, and 20% were very concerned.


Asked if their organization has had to deal with a cyberattack or ransomware attack, 69% said they haven’t experienced an attack yet, while 31% said they have.

Asked to rank their organization’s preparedness for a cyber or ransomware attack, 65% said they were somewhat prepared, 29% said they were very prepared, and 5% said they were not prepared.

Who responded

The job titles of the survey respondents were varied: Nurses (19%), risk managers (20%), VP/Director/Officer, Quality (12%), VP/Director/Officer, Patient Safety (9%), C-suite level (CEO, COO, hospital administrator) (4%), and Chief Nursing Officer (3%). Write-in titles include project coordinator, regional HR director, fire safety specialist, manager EVS, laboratory manager, safety officer, infection preventionist.

The majority (62%) of respondents work in a hospital, followed by post-acute/home health (7%), ambulatory/physician organization (5%), and ancillary health facility (2%). Write-in places of employment include specialty hospital, health system, patient safety organization, skilled nursing facility, long-term care facility, elder daycare center, and college health center.