EPM5740 Project Risk Management: HealthSmart Victoria Analysis Report

Verified

Added on 2022/08/20

AI Summary

This report provides a comprehensive analysis of the HealthSmart Victoria modernization program, focusing on the failures in risk management that led to significant budget overruns and project delays. The project aimed to implement an electronic health records (EHR) system across 19 healthcare institutions in Victoria, Australia, with an initial budget of AUD $300 million. However, the project faced numerous challenges, including poor planning, inadequate risk assessment, and scope creep, resulting in only four institutions receiving the EHR system while depleting the entire budget. The report details the context establishment, risk identification, analysis, evaluation, treatment, and monitoring processes, highlighting the importance of stakeholder communication and proactive risk mitigation strategies. Key findings include deficiencies in project planning, poor project structure, and overconfidence, leading to the failure to meet project objectives. The report emphasizes the need for a detailed client needs analysis, accurate budget estimations, and a stepwise approach to project execution to prevent similar failures in future healthcare IT projects. The analysis includes an examination of both internal and external factors impacting the project, such as patient-centric systems and the complex healthcare environment.

A PLAN FOR THE MANAGEMENT OF RISKS IN THE MODERNISATION PROGRAM
FOR HEALTHSMART VICTORIA
Authors:
Project Supervisor:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

INTRODUCTION TO THE AUDIT
In 2003, the Victoria State Government, has decided upon improving the framework of the State’s
medical system through the implementation of a complete medical information system based on the
framework for medical records. The main objective of the project was the conversion of paper
based medical records systems into an electronic health system in line with modern developments
that include having such records accessible through the web. Initially, a software based ICT
(information communications technology) system had replaced the manual system as an
implementation of the EHR (electronic health records) system. The State Government sought to
implement an institution-wide ICT framework as the basis for establishing a General System for
health Administration.
OBJECTIVES OF THE AUDIT
The project had an AUD $ 300 million budget that should ensure all the 19 Victoria State healthcare
institutions are upgraded to a modern EHR system. However, as of 2012, just four of the 19
healthcare institutions that were targeted for the EHR system had used up all the allocated budget/
resources and had the modern EHR system. An investigation was ordered in order to understand the
factors and the causes of the massive budget overshooting in the project that accelerated resource
depletion before the project objectives could be met. The failure of the project resulted in a number
of staff involved with the project being relieved of their duties.
PROCESS OF MANAGING RISKS
Fig 1

Context Establishment: The external and internal project objectives should be clearly defined by
the organization. Characterization of the specific project mission, vision, as well as the scope of the
project to provide a clear and concise understanding of the project
Internal Context: All the people within the project team/ group are obligated to exhaustively
analyze the several tasks and have a complete project understanding. It embodies the project scope,
mission, and vision. Further, there is need to consider the project stakeholders and the available
project resources and assets; the internal context is described further in Fig 2 below;
Fig 2
The External Context
This needs to be cognizant of the necessary linkages in the projects, and consider the entire project
in the context of the organization’s external environment.
Fig 3: External context

Identification of Risk: Managing various types of interrelated risks within medical projects, it is
imperative to initially differentiate all risks that are connected in the project. Risks arise from
several causes by various forms and many approaches from tools and techniques utilized in getting
the desired outcomes from the project. Both formal and informal processes can be used in the
identification of the project outcomes.
Analysis of Risk: This is the process of establishing the impacts of risks that have been identified
using the risk matrix developed based on identified risks, and further, it impacts all other kinds of
risks. It is imperative that there is comprehensive understanding of the identified risks, for instance,
the sources and causes of the risks, whether these be negative of positive risk consequences,
likelihood, risk interdependencies, and this can be quantitative or qualitative or both.
Evaluation of Risk: The evaluation of risks should be done exhaustively and this should be
followed by thinking about the risks because the right actions ought to be taken in lieu of the
identified risks. This aids in making the right decisions premised on the risk analysis output.
Risk Treatment: This entails determining ways by which the risks can be identified through a
process that involves the selection and implementation of measures for modifying risks so as to get
the desirable output based on the input.
Risk Consultation and Communication: There is need for having a suitable technique for
communication and consultation with the stakeholders (both internal and external). Effective
communications by all people in the team involved with the project prepares the project to become
successful without any internal risks. Effective communication is an important factor in the
mitigation of risks and further, it must be done in a two-way method with information flows from
the higher ranking staff to the lower ranking staff.
Risk Review and Monitoring: Implementing strategies to mitigate or manage the risks requires
effective monitoring and reviewing the performance of all team members as they undertake their
tasks adequately in order to determine if the plan for managing the identified risks is being
successfully executed.
RETROSPECTIVES OF THIS RESEARCH
Initially, the project entailed uniquely presenting all four medical institutions instead of all the 19
emergency healthcare institutions in Victoria State, as earlier planned. However, all the project
resources were used up in only four of the 19 medical institutions; the project started off well, but
with only some of the targeted hospitals having benefited from the entire project budget. The main

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

reason for the failure of the entire project was because of usage of all the project resources to just a
few of the organizations targeted in the project as a result of poor planning by the Department of
Health (DH). Because of this, all the various facets and requirements needed to complete the entire
project successfully were not considered as these would have enabled accurate breakdown of tasks
and requirements. The causes of this is deficiencies in project planning and a poor project structure
which was equally poorly managed. At commencement, the budget for the project was $ 145
million but these were only used in four medical facilities, which would normally cost just $ 36
million to implement an EHR system. There were many alterations to project scope and project
baseline that resulted in the budget being significantly exceeded while implementing an EHR in
only four of the 19 institutions. Consequently, it was impossible to fulfill the initial project
requirements and objectives and getting all institutions upgraded and so there is need for an
exhaustive audit of how the project was managed.
STEP 1: Context Establishment
The external and internal context of project objectives are defined by the organization, with a clear
definition of the specific mission, vision, and the scope of the project to ensure a clear
understanding of the project.
Internal Context: Everyone involved in the group is obligated to perform a comprehensive
evaluation on the variety of tasks and get a project-wide view of the tasks to be undertaken. It
includes the project mission, vision, as well as scope. In addition, there is need to consider the
stakeholders and resources and assets in the project. A suitable approach is to place focus on
patient-centric systems, for instance, enabling them to obtain health data management devices and
give empowerment for preventive measures against health conditions. The main objective is to have
an electronic way of storing, managing, and accessing patient data for people within the State so
patients can, for instance, make bookings online to attend health facilities. The scope of the
HealthSMART project was not well managed, and underestimated during planning; further, there
was poor budgeting resulting in under budgeting for the project, hence the reason only four out of
19 facilities got the EHR implemented.
External Context
There has to be consideration the inherent interconnections in all the various projects, considering
the project within the organization’s external environment.
A significant portion of the audit, to date, was ignored by experts, and the project bottlenecks were
identified through the executing organizations’ breaking points. A good understanding of the

requirements of the project greatly aids in successful project delivery, including cost estimations
and this also aids in project execution. External factors can especially be of great importance in a
project of such magnitude considering that the provision of healthcare services is usually stretched
and complex even for persons involved in its management .
Fig 4
STEP 2 : Assessment of Risk
The project plan and justification presented to the Government of the State of Victoria at the early
stage was a projection report that lacked the required level of information as would be due in a
business sort of case. The project plan never included a detailed client needs analysis and how these
would be met. These were not done to give a basis for a better project plan. The whole value of the
project and its estimated budget were not clearly defined. The Victoria DH perceived a prelude
associated with the Government of Victoria by 2011. The main business issue was over confidence
by all entities involved in executing the project and they failed to take into consideration of the risks
inherent in the electronic medical records project. Further, the organization needed to know the
critical aspect of expense management as this is the main cause for the failure of the project as the
budget was poorly managed.
STEP 3: Identification and Evaluation of Risk
When handling the myriad types of risks inherent to medical systems computerization projects, it is
important to first recognize all risks inherent to the project. There are several risks that are
accumulated due to the complexity of the project, from both external and internal causes and both
formal and informal processes can be used in identifying these risks. The Victorian DH in charge of
health in the State reported, as of 2012, that the project was not completed as had been planned with
just four out of the 19 targeted facilities having had an electronic medical system/ EHR

implemented. The fist use degree of the system was implemented in the year 2003 and this was not
done by ten organizations. The electronic health system has not been implemented completely even
in the four health institutions where implementation was done and it is unlikely the remaining work
will ever be done to completion, showing the project was failing.
STEP 4: Risk Evaluation
This entails assessing all the identified risks and determine the right and most suitable interventions
to manage these risks as this aids in making decisions based on the risk analysis output.
Reviewing the risks related to the use of a single risk identifiers for medical services of the State’s
healthcare department have taken steps that include conducting seminars to discuss and get to the
root cause for the failure of the project. All delegates and persons that are involved in the health
department have been invited and strategies have been put forth to recognize the inherent risks
within the structure of the project. The evaluation showed that the failure of the project was due to
under budgeting and poor project planning as well as a lack of a step wise approach to project
execution. The recognized hazard is related with the Singular Medical services and has been due to
mis identification of patients.
Failure to correctly recognize patients
Inability to access some parts of the entire system
Compromise of patient privacy
Risk Evaluation Using Either the Qualitative of Quantitative Evaluation
The project had envisaged using $ 100 million as of October 2013, despite the generous budget
variation by another $ 37 million in the project, the agreed sum is $ 50 million. This comes to an
expense per medial institution of $ 36.3 million for the four institutions. The setting up of the
medical system infrastructure has been more costly so only four medical institutions would have
their systems upgraded to an EHR as there are no adequate funds to get the requisite equipment and
infrastructure for the successful implementation of the project. The usual set up costs is a million
dollars for every website, in spite of the fact that project execution structures was at crossroads with
the healthSMART ICT model. Despite there being clinical risks for all emergency healthcare
facilities, especially with operationalization of the EHR system as it exposes patient records and
privacy when using the EHR, it is important that focus is placed on assessing the use of threats and
risks associated with the project in the provided time frame.
STEP 5: Risk Monitoring
TECHNIQUES AND TOOLS FOR MONITORING RISKS
Expert judgment

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Collection of data
Brainstorming
Interviews
Checklists
Analysis of data
Assumption and constraint analysis
SWOT analysis
Analyses of documentation
Root cause analyses
Team interpersonal skills
Providing an enabling environment
Meetings
Risk identification Lists
Assessment of Risks
Extent and repetition details is dependent on the progress of the project relative to the objectives of
the project and the risk types that were manifested.
Review of project risks during all team meetings.
Reviewing of the main milestones during project progress reviews.
Rating of risks and their prioritization can change during the projects’ life cycle and additional
quantitative or qualitative risk analyses changes may be required.
Risk Auditing
These should form part of the entire risk management plan and entails analyzing, assessment of the
risk action plan viability, as well as constant monitoring of risks. There must be specific SMART
goals in place upfront such as through regular meetings to review project progress or independent
progress reports on risks and project execution. The destinations must be determined upfront and
the auditing of the project be part of the comprehensive project communication plan and can be
done independently as well.
Technical Measurement of Risk Performance
This evaluates the specific accomplishments to the schedule of specific project deliverables. It
differentiates between the actual project outcomes from the targets and the expected goals and
outcomes and execution can include exchange ratios, weights, limits to stocks, among others.

Variance and trend Analysis of Risk
A deviation from the projects baseline is usually an indicator of the possible outcomes of
opportunities or threats to the project.
Risk Reserve Analysis
Few instances of risks in projects is normal and expected and the effects can be bad or good; an
evaluation determines if project resources are sufficient, measures the risk at a particular point, and
contrasts accessible reserves.
Staff Meetings
This entails having meetings with project team members to discuss a project
Fig 5
These are some of the tools and techniques used in risk management through the use of inputs and
that generate specific outputs
Fig
6

PLAN AND SCHEDULE FOR RISK TREATMENT
Fig 7

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

RISKS ACTION PLAN
Fig 8
Based on an analysis of the risk degree, an activity plan for mitigating/ managing risks is set in
motion. Extraordinary risks to the risk level responses are distinguished, and the risk effects to the
structures and association schedule is doe so as to decrease the risk. It also helps in determining the
possibility of the risk occurring again and this process helps in determining the best approach to use
in managing the risk according to the risk management plan. This ensures there will be an effective
response in the event that a risk is realized. The plan for managing risks entails systems for effective
risk management, distinguishes and oversees the effects of the risks (risk impact). The risk activity
plan has two approaches;
Avoidance of risk and
Reduction of risk
Development of an Action Plan for Risks

the following processes should all be followed in developing a suitable action plan for the
management of risks.
Fig 9
When to have a plan of action for risks
This is put in place when the plan for managing risks is implemented but it entails risk assessment,
and verification of procedures is done to develop a suitable action plan for risks.
Effective Action Plan for Risks
A plan for managing risks entails having a risk register or various risk registers to track all activities
of inputs and outputs with regard to the project to get a desired result. An effective plan for
managing risks should have specifics that include upfront identification or risks, risk analysis on
their effects on a project, risk plan, and the monitoring of risks. The next tables are proposed to be
used for the risk action plan.