The Six Habits of Highly Effective Risk Management Programs

Part Two of a Two-Part Series

This month's installment discusses the final three habits of highly effective risk management programs.

Habit #4: They See Risk Management as a Process

One of the biggest myths around is that “risk management” is a job. It is and it isn't. A drug or device firm may not have a full-time risk manager. Often, a company must grow to a certain size and pay a certain amount in insurance premiums to justify the luxury of having a full-time risk manager. Risk management ' like other types of financial roles ' is largely staff, not line, positions within a device firm's hierarchy.

Larger drug and device firms may have full-time risk managers. Smaller firms, perhaps most, may combine this function with someone who is the CFO, Controller or Vice President of Finance. The role of risk management ' reducing the causes and financial impact of uncertainty ' should, however, be “job one” for everyone within the medical device firm.

The firm's management should encourage, incentivize and empower employees to seek ways to do things in a safer way. This is an ongoing challenge for any organization, but especially acute for drug and device manufacturers.

The good thing about having a risk manager is that it brings a new level of full-time attention toward and engagement with risk issues. The downside: It can unwittingly get other employees thinking that safety and risk reduction are someone else's job, not something with which they need to be concerned. This thinking leads to accidents and losses.

Moral: Risk management isn't a job; it's a mindset, a mindset that must permeate the drug and device firm's organization. Firms that don't solicit active employee participation in product safety programs leave tremendous risk management resources untapped.

Risk management is an ongoing, never-ending process. It's not something you do or implement, cross off a checklist, and then move on. It's never over. It is not like some corporate mission statements that are wordsmithed to death, and then put on a shelf to gather dust because, “Now we have a corporate mission statement.”

Risk management is both a process and a destination. It isn't something to implement only after there has been a recall, a big jury award or a class action lawsuit. It requires a sustained ongoing commitment, not a “flavor of the month” approach. Those who embrace this philosophy have highly effective risk management programs.

Habit #5: They Sidestep Common Risk Management Myths

Urban myths, such as those that claim alligators swim in New York City sewers or NASA faked the moon landing in a Hollywood studio, are fodder for tabloid fantasy. The more prosaic realm of medical device risk management has its own lore and myth too. Within this category comes a cluster of risk management bloopers. Some common risk management myths include:

1) The past is prologue when it comes to loss activity. It's tempting for drug and device firms to review past loss patterns in gauging the probability of future losses. It may not be a reliable indicator, though, of the odds of future losses or their severity. Maybe the firm has had a run of good fortune. Maybe its operations have grown so that it is more likely to have a mishap.

Perhaps the legal environment has changed (“Hey, let's sue for latex exposures!”) due to new laws or court decisions. The past isn't necessarily a prologue when it comes to future loss patterns, the need for insurance, or the amount of financial protection that is prudent.

2) Outsourcing solves all risk management problems. Some firms think that outsourcing relieves them of legal liability or the need for certain types of insurance. This can be a costly risk management error. Courts and juries can still find manufacturers liable for a contract manufacturer's failings. One example would be where the principal did not exercise reasonable care in picking the subcontractor.

3) Safety is an expense. View safety not as an expense, but as an investment. Safety represents upfront costs: upgraded software, process controls, legal review of proposed labels and warnings, etc. These represent either a direct or opportunity cost. Financial managers may view these items as expenses. In a way they are, obviously. Unfortunately, we can't point to the accident that didn't occur due to improved design, new quality software or legal counsel review of marketing materials.

The upfront costs of these measures are quantifiable to the penny. The savings in terms of pointing to accidents that didn't happen are real, but tougher to document. Over time, management should be able to point to reduced accident frequency and severity. The key phrase is over time. Over what period? It takes time ' maybe much time ' before favorable trends may surface.

Habit #6: They Investigate

The foundation of winning the product liability risk “game” lies in a good investigation. Follow three steps to turbocharge the product liability investigation:

1) Get the product in question. Assume a claim arises before litigation has started. Typically, a drug or device company first learns of a claim through a hospital or doctor complaint, either by phone or mail. The first step: Get the product involved in the accident or injury. This way, the investigator ' the manufacturer, insurer, claim adjuster or defense attorney ' can examine it early and assess whether an accident was due to a genuine defect or to some other factor, like failure to read or heed instructions, doctor technique or poor patient selection.

2) Observe common-sense do's and don'ts after getting the product. Once you get the product, tag it and keep records of when and where you store it for chain of custody purposes.

3) Identify the device. If you can't obtain the product in question, the next best option is to inspect it. A product inspection should aim to:

• record the model, lot and serial numbers;
• confirm or rule out the identity of the actual product manufacturer;
• get good color photographs;
• check for signs of product abuse, misuse or shoddy maintenance. For example, a worn, scuffed or jerry-rigged product condition may imply certain defenses that the manufacturer can employ.

Conclusion

Drug and device companies ' and those defending them ' can cultivate these six habits as ongoing disciplines. In so doing, they will build world-class risk management programs and convert them into effective “corporate immune systems” as one antidote to the current tort fever in product liability.

Part Two of a Two-Part Series

This month's installment discusses the final three habits of highly effective risk management programs.

Habit #4: They See Risk Management as a Process

One of the biggest myths around is that “risk management” is a job. It is and it isn't. A drug or device firm may not have a full-time risk manager. Often, a company must grow to a certain size and pay a certain amount in insurance premiums to justify the luxury of having a full-time risk manager. Risk management ' like other types of financial roles ' is largely staff, not line, positions within a device firm's hierarchy.

Larger drug and device firms may have full-time risk managers. Smaller firms, perhaps most, may combine this function with someone who is the CFO, Controller or Vice President of Finance. The role of risk management ' reducing the causes and financial impact of uncertainty ' should, however, be “job one” for everyone within the medical device firm.

The firm's management should encourage, incentivize and empower employees to seek ways to do things in a safer way. This is an ongoing challenge for any organization, but especially acute for drug and device manufacturers.

The good thing about having a risk manager is that it brings a new level of full-time attention toward and engagement with risk issues. The downside: It can unwittingly get other employees thinking that safety and risk reduction are someone else's job, not something with which they need to be concerned. This thinking leads to accidents and losses.

Moral: Risk management isn't a job; it's a mindset, a mindset that must permeate the drug and device firm's organization. Firms that don't solicit active employee participation in product safety programs leave tremendous risk management resources untapped.

Risk management is an ongoing, never-ending process. It's not something you do or implement, cross off a checklist, and then move on. It's never over. It is not like some corporate mission statements that are wordsmithed to death, and then put on a shelf to gather dust because, “Now we have a corporate mission statement.”

Risk management is both a process and a destination. It isn't something to implement only after there has been a recall, a big jury award or a class action lawsuit. It requires a sustained ongoing commitment, not a “flavor of the month” approach. Those who embrace this philosophy have highly effective risk management programs.

Habit #5: They Sidestep Common Risk Management Myths

Urban myths, such as those that claim alligators swim in New York City sewers or NASA faked the moon landing in a Hollywood studio, are fodder for tabloid fantasy. The more prosaic realm of medical device risk management has its own lore and myth too. Within this category comes a cluster of risk management bloopers. Some common risk management myths include:

1) The past is prologue when it comes to loss activity. It's tempting for drug and device firms to review past loss patterns in gauging the probability of future losses. It may not be a reliable indicator, though, of the odds of future losses or their severity. Maybe the firm has had a run of good fortune. Maybe its operations have grown so that it is more likely to have a mishap.

Perhaps the legal environment has changed (“Hey, let's sue for latex exposures!”) due to new laws or court decisions. The past isn't necessarily a prologue when it comes to future loss patterns, the need for insurance, or the amount of financial protection that is prudent.

2) Outsourcing solves all risk management problems. Some firms think that outsourcing relieves them of legal liability or the need for certain types of insurance. This can be a costly risk management error. Courts and juries can still find manufacturers liable for a contract manufacturer's failings. One example would be where the principal did not exercise reasonable care in picking the subcontractor.

3) Safety is an expense. View safety not as an expense, but as an investment. Safety represents upfront costs: upgraded software, process controls, legal review of proposed labels and warnings, etc. These represent either a direct or opportunity cost. Financial managers may view these items as expenses. In a way they are, obviously. Unfortunately, we can't point to the accident that didn't occur due to improved design, new quality software or legal counsel review of marketing materials.

The upfront costs of these measures are quantifiable to the penny. The savings in terms of pointing to accidents that didn't happen are real, but tougher to document. Over time, management should be able to point to reduced accident frequency and severity. The key phrase is over time. Over what period? It takes time ' maybe much time ' before favorable trends may surface.

Habit #6: They Investigate

The foundation of winning the product liability risk “game” lies in a good investigation. Follow three steps to turbocharge the product liability investigation:

1) Get the product in question. Assume a claim arises before litigation has started. Typically, a drug or device company first learns of a claim through a hospital or doctor complaint, either by phone or mail. The first step: Get the product involved in the accident or injury. This way, the investigator ' the manufacturer, insurer, claim adjuster or defense attorney ' can examine it early and assess whether an accident was due to a genuine defect or to some other factor, like failure to read or heed instructions, doctor technique or poor patient selection.

2) Observe common-sense do's and don'ts after getting the product. Once you get the product, tag it and keep records of when and where you store it for chain of custody purposes.

3) Identify the device. If you can't obtain the product in question, the next best option is to inspect it. A product inspection should aim to:

• record the model, lot and serial numbers;
• confirm or rule out the identity of the actual product manufacturer;
• get good color photographs;
• check for signs of product abuse, misuse or shoddy maintenance. For example, a worn, scuffed or jerry-rigged product condition may imply certain defenses that the manufacturer can employ.

Conclusion

Drug and device companies ' and those defending them ' can cultivate these six habits as ongoing disciplines. In so doing, they will build world-class risk management programs and convert them into effective “corporate immune systems” as one antidote to the current tort fever in product liability.