How to Perform an Infection Prevention and Control Risk Assessment
Posted on October 2, 2014
An annual infection prevention and control (IPC) risk assessment is required by The Joint Commission to define programmatic goals and objectives and to provide a framework for tracking progress in meeting those goals. The IPC risk assessment should identify the risks for acquiring and transmitting infections based on the patient population served, the types of services provided, and the analysis of surveillance data. Risk can be associated with people: patients and healthcare workers; technology: equipment used for direct or indirect care of patients; and the environment: construction activities.
The identified risks should be prioritized collaboratively by the IPC team and the IPC committee members. Action plans for mitigation of risks should be defined in the assessment.
While the specifics of an IPC risk assessment vary between facilities, they should contain five key elements:
- Create a specific, tailored and detailed listing of the challenges relevant to the organization.These are the challenges an infection preventionist faces daily and to which the organization is vulnerable. Factors to consider include the facility’s geographic location, the surrounding community, and the population served. For example, a public city hospital is more likely to serve a larger homeless community and see more tuberculosis than a private suburban healthcare campus.
- Review information from ongoing surveillance and other infection prevention data. If surveillance reveals that the facility has seen an increase in a particular multi-drug resistant organism or an increasing surgical site infection rate, this information should be reflected in the risk assessment. If the facility’s antibiogram reveals increased resistance patterns for commonly seen organisms, the assessment should address this data.
- Prioritize risks based on impact and likelihood to occur. Most infection preventionists operate with limited resources, making mitigation of all risks difficult. In developing a risk assessment, an IP should ask, “How high is the risk associated with each of the identified items?” For instance, while most hospitals would be ill-prepared to quickly identify, isolate and treat Ebola, they must temper the severity of the impact with the very small chance that such a scenario would occur. On the other hand, the likelihood that there may be patients with undetected carbapenemase-resistant Klebsiella in a facility that is accepting patient transfers from long-term care is relatively high. A sound analysis would focus energies on identifying the highest risks.
- Receive Input from staff. While The Joint Commission does not detail how organizations should solicit input, it does require hospitals to include staff input in the risk assessment. Input may take the form of surveys, participation on committees and interviews with members of the infection prevention team, nursing, medical staff and organizational leadership. The format and the input received should be preserved to demonstrate compliance.
- At minimum, perform annual updates. A risk assessment must be done annually. To ensure unexpected scheduling difficulties or other challenges, do not push the date past its deadline. A good practice is to begin the assessment earlier than the deadline to avoid being cited for a tardy assessment. Keep in mind that the occurrence of events during the year that significantly affect infection prevention and control should trigger a revision of the IPC risk assessment.