ASHRM CPHRM Exam Questions

Boards are ultimately accountable for oversight of organizational risk, including patient safety, quality, compliance, and financial sustainability. While executives and risk leaders manage day-to-day operations, board governance sets expectations, ensures resources, monitors performance, and holds leadership accountable for corrective action. Risk management objectives at the governance level include approving risk appetite, reviewing top enterprise risks, ensuring systems exist for event reporting and learning, and verifying that mitigation plans are implemented and effective. In litigation and regulatory scrutiny, board oversight can be a critical factor: a board that demands transparency, tracks harm signals, and supports safety investment strengthens the organization's defensibility and reduces preventable harm.

SBAR is a standardized communication framework used to reduce preventable harm caused by incomplete, unclear, or delayed clinical communication---especially during handoffs, escalations, and urgent updates. The four elements are Situation (what is happening now), Background (clinical context and relevant history), Assessment (what you think the problem is based on data), and Recommendation (what you need/request as the next step). By forcing concise structure, SBAR improves shared situational awareness, supports early recognition of deterioration, and reduces ambiguity (''hinting and hoping''). From a risk management standpoint, SBAR strengthens frontline reliability, decreases communication-related sentinel events, and supports defensible care by demonstrating a consistent escalation process. It also aligns with patient safety objectives: clearer teamwork, faster response to clinical changes, and fewer omissions during transitions of care.

According to Health Care Risk Management standards supported by ASHRM, CMS Conditions of Participation, and The Joint Commission patient visitation standards, hospitals must have written visitation policies that respect patient rights. Patients generally have the right to designate visitors of their choosing, including individuals who are not immediate family members. Visitation cannot be restricted based on non-clinical factors such as relationship status or surrogate designation.

However, facilities may impose clinically reasonable or safety-based restrictions. If a visitor administers an unknown drug intravenously to a patient, this presents a clear and immediate threat to patient safety. Such conduct justifies restricting visitation to protect the patient from harm, maintain clinical control of treatment, and prevent unsafe interference with care.

Being known as a drug seeker in the community, without evidence of disruptive or harmful behavior during the visit, does not alone justify restriction under patient rights standards. Similarly, visitation cannot be denied solely because the individual is not the designated healthcare surrogate.

Legal and regulatory objectives emphasize balancing patient rights with safety and security. Therefore, a hospital may restrict visitation when a visitor's actions pose a direct threat to patient safety.

In Lean terms, extra processing is work that does not add value from the patient's perspective and often introduces defect risk. Cutting and reformatting labels is a classic extra-processing waste: it consumes time, creates variability, and increases the likelihood of mislabeling---one of the most serious medication safety hazards. Risk management objectives prioritize eliminating rework and standardizing the labeling process through right-sized labels, standardized print templates by container type, barcode integration, and human factors design (font size, tall-man lettering where appropriate). Removing extra processing improves efficiency and reduces cognitive load and workaround culture---both strongly associated with error. Operationally, this is a system design failure: staff are compensating for poor equipment/process fit. Fixing the system reduces the chance of a high-severity adverse event and strengthens defensibility by demonstrating proactive hazard elimination.

EMTALA applies when an individual comes to the ED and requires a medical screening exam to determine whether an emergency medical condition (EMC) exists. Conditions like myocardial infarction, ruptured appendix, and unstable labor can constitute EMCs because absence of immediate medical attention could reasonably be expected to place health in serious jeopardy. By contrast, stable chronic kidney failure without acute destabilization may not meet the EMC threshold---though the screening exam must be performed before that determination is made. Risk management objectives emphasize: never ''triage out'' without an appropriate screening exam, document findings and decision-making, and apply consistent policies to avoid discriminatory practice. EMTALA failures often stem from process breakdowns (delays, refusal, inadequate screening, improper transfer), so standardized ED workflows and training are critical.