A Simulation-driven Approach in Risk-aware Business Process

Management: A Case Study in Healthcare

Ilaria Angela Amantea, Antonio Di Leva and Emilio Sulis

Computer Science Department, University of Torino, 185 Corso Svizzera, Torino, Italy

Keywords:

Business Process Analysis, Risk Management, Modeling and Simulation, Healthcare.

Abstract:

Risk management in business process is a key factor of success for organization as risks are part of every

business activity. Errors may bring to increased costs, loss of quality as well as time delays, which in healt-

hcare can bring to serious damages. This paper proposes a methodological framework to investigate risks in

organizations by adopting a Business Process Management perspective that includes modeling and simulation

of business processes. We applied our methodology to processes in the Blood Bank department of a large

hospital. Our results show that a simulation-driven approach is an effective way to intercept and estimate real

risks and to provide a decision support to guide the of department’s managers.

1 INTRODUCTION AND

RELATED WORK

One of the main issue of Business Process Manage-

ment (BPM) concerns the analysis of risks related to

a business process and the compliance of the process

to norms, regulations or laws (Dumas et al., 2013; Van

Der Aalst, 2013). Frequently, this forces organizati-

ons in redesign business processes, in the context of

change management (Hayes, 2014).

The most common approach to the issue focu-

ses on the detection of failures, mostly dealing with

bad performance departments, stressing enforcement

styles (Parker and Nielsen, 2011) as well as recon-

sidering project implementations (Hornstein, 2015).

Following a different strategy from common busi-

ness analysis (Chang, 2016), we applied an appro-

ach oriented towards the understanding of cases of

success, as a way to address other departments of the

same organization in process optimization.

Traditional BPM systems usually do not address

the problem of risks that organizations face in their

day-to-day operations. Risk is part of every busi-

ness activity and therefore part of every business pro-

cess. If a risk occurs it may cause loss of quality, in-

creased costs, time delays, complaints and legal pro-

blems (Betz et al., 2011) as well as, in healthcare, se-

rious and permanent damages up to death. So risks

need to be managed and the applications of princi-

ples, frameworks and activities to manage them (com-

monly known as Risk Management) will create soon

a whole range of new regulations. This will lead to

two sets of problems: on one side these regulations

have to be applied so we must pay attention to process

compliance, from the other side new reorganizations

must be implemented with the introduction of new

procedures, i.e. for privacy control. A simulation-

driven approach is a versatile tool to produce results

that are relatively easy to interpret by comparing dif-

ferent scenarios to evaluate process changes (What-if

analysis) (Vom Brocke et al., 2010; Di Leva and Su-

lis, 2017b).

This paper describes a methodology of risk-aware

business process modeling based on process simula-

tion. Our case study refers to Italian “City of Health

and Science” of Torino, one of the biggest hospital in

Europe

. In this context, we selected as a use case

a well-performing department (accordingly with the

Risk Manager ofﬁce of the hospital), the Blood Bank

(BB) department which collects blood or hemocom-

ponents from blood donors and supplies several dif-

ferent hospitals located in the surrounding with blood

products. The department’s laboratory performs tests

necessary for production of blood components (im-

munohematology, blood-borne infectious diseases) as

well as for diagnostic, pre-transfusion testing and pre-

vention of hemolytic disease of the newborn. This pa-

per mainly refers to process modeling techniques used

to analyze and support business processes which in-

volve humans, documents, organizations, or applica-

Cfr. Citt

a della Salute e della Scienza, http://

www.cittadellasalute.to.it

Amantea, I., Leva, A. and Sulis, E.

A Simulation-driven Approach in Risk-aware Business Process Management: A Case Study in Healthcare.

DOI: 10.5220/0006842100980105

In Proceedings of 8th International Conference on Simulation and Modeling Methodologies, Technologies and Applications (SIMULTECH 2018), pages 98-105

ISBN: 978-989-758-323-0

tions (Van der Aalst et al., 2010; Di Leva et al., 2017).

Such techniques include speciﬁc languages. One of

the most used is the “de facto” standard for process

modeling, the Business Process Modeling and Nota-

tion (BPMN) language (Allweyer, 2016; Smith and

Fingar, 2003). In addition, several tools improve

process analysis allowing the simulation of the pro-

cess itself (Abo-Hamad and Arisha, 2013; Sulis and

Di Leva, 2017). In our case, the iGrafxProcess tool

(iGrafx, 2015) was used to implement the main pha-

ses of the BPM methodology, as well as process simu-

lation and risk analysis. In the context of risk manage-

ment (Sadgrove, 2016; McNeil et al., 2015; Haimes,

2015), most studies investigate speciﬁc use cases to

describe beneﬁts of new practices or tools (Tomiyama

et al., 2009; DeRosier et al., 2002; Blake and McTag-

gart, 2016). In healthcare studies this kind of ana-

lysis is particularly important for the direct and indi-

rect consequence of errors (Rose et al., 1992; Vincent

et al., 2000; Fishman, 2013; Chartier, 2014). Some

works focused on evidence based medicine (Vincent

et al., 1998), while others treat favorable cases in pu-

blic health (Braithwaite et al., 2017). In the broad

spectrum of work related to the monitoring of busi-

ness processes, it is possible to ﬁnd several studies

on compliance with laws, rules or regulations. This

aspect is of particular importance in the case of pro-

cesses related to patient health (Buddle et al., 2005;

Racz et al., 2010; Adams, 2003; Vincent, 2017). In

the following of the paper, we introduce the methodo-

logical framework that has been developed to analyze

and improve business processes (section 2). The ex-

tended process model allows the simulation of actual

(As-is) processes and the execution of What-if analy-

sis of several scenarios which describe possible evo-

lutions (To-be) of these processes. The methodology

also takes into account aspects related to risk analysis

and compliance of processes with current laws and

regulations. Section 3 largely describes the explora-

tion of the case study adopted in this paper: the whole

process that describes the functioning of the hospital

department is reconstructed and its compliance with

current Italian laws and regulations is analyzed. This

analysis is therefore proposed in order to introduce a

new bank management system and analyze the chan-

ges that this hypothesis could have on the existing

process. Finally, some concluding remarks will be

discussed in section 4.

2 THE METHODOLOGICAL

FRAMEWORK

This section introduces our methodological frame-

work that is based on a Risk-aware Business Process

Management (RBPM) methodology (Suriadi et al.,

2014; Jakoubi et al., 2010), including some consi-

derations will be presented on the application of the

methodology in the medical ﬁeld.

2.1 Risk-aware Business Process

Management methodology

Our methodology consists of three phases:

• Context Analysis: this phase aims to ﬁx the over-

all strategic scenario of the enterprise and to de-

termine the organizational components which will

be investigated.

• Functional Analysis and Process Engineering:

the initial purpose of this phase is the determina-

tion of the activities that are carried out in the cor-

porate functions involved in the process and the

causal relationships existing among them. The

process is then reconstructed starting from exter-

nal input/output events and/or objects: this provi-

des the Process Diagram (sometimes referred to

as a process map or ﬂowchart) that uses the Bu-

siness Process Model and Notation (BPMN) (Al-

lweyer, 2016) speciﬁcation language to describe

the process. The process model must therefore be

validated with stakeholders involved in the pro-

cess, using animation and simulation of its spe-

ciﬁc, obtaining the so called As-is model. This

phase includes the analysis of each cause of er-

rors, such as failures, “near-miss” and behavior

that does not comply with the regulations.

• Risk Analysis and Compliance Veriﬁcation: the

purpose of this phase is to trace back from the

problems highlighted in the previous phase and to

introduce corrective actions to reduce risks to an

acceptable level or to make activities compliant

with laws and regulations. In this way it is pos-

sible to generate a new version of the As-is mo-

del (the To-be model) which must be veriﬁed by

comparing it with the previous version.

2.2 Risk and Compliance Management

in the Medical Field

The Clinical Risk Management (CRM) in hospitals

includes processes, methods, tools and activities used

in handling risks in patient care to increase the safety

of patients and those involved in their care.

A CRM process has to describe the procedure for

handling risk and consists of:

• Risk identiﬁcation: to perform risk identiﬁcation

the hospital can take into account notiﬁcations

A Simulation-driven Approach in Risk-aware Business Process Management: A Case Study in Healthcare

from reporting errors (usually stored into an inci-

dent reporting data base), such as events that cau-

sed problems to patients and complaints. Even re-

sults of inspections and audits can provide useful

indications.

• Risk analysis: the goal of this step is to determine

the causes of risks and factors that favor errors as

well as their effects on the safety of patients.

• Risk assessment: decision-makers must determine

what kind of risks should be treated with priority.

• Risk treatment: a risk can be treated by intro-

ducing preventive measures and/or accepting risk

with or without supervision.

Within a framework of continuous development

the hospital management has to asses the risk mana-

gement system regularly to ascertain whether the risk

handling process achieved the desired goals.

Risk management methods and tools can be pro-

active or reactive. Proactive methods are used in ab-

sence of adverse events while reactive methods are

always preceded by an event. Proactive methods

include Failure Mode and Effect Analysis (FMEA)

(Chiozza and Ponzetti, 2009), Cause and Effect ana-

lysis (“ﬁshbone” diagram) (Nicolini et al., 2011), Sce-

nario analysis (Dumas et al., 2013) and are based on a

systematic data collection. Reactive methods apply a

systematic investigative technique to analyze adverse

events that aims to achieve a comprehensive identiﬁ-

cation of both systemic aspects as well as individual

causes, e.g. London protocol (Vincent et al., 2016).

Compliance refers to the ability of an organization

to comply with the obligations laid down by laws and

regulations. It must become part of the organization

culture and integrate into its processes. Compliance

risk can be characterized by the likelihood of occur-

rence and the consequences of non-compliance with

the organizations obligations.

A compliance framework has to provide the or-

ganizational processes for implementing, monitoring

and continually improving compliance management

throughout the organization. Obviously this kind of

framework is based on detailed knowledge of the data

about errors that occur in the process. For the purpose

of transparency and safety of care, which includes

prevention and management of risk related to the pro-

vision of health services, one of the techniques used

to date and encouraged by most States in the world is

the reporting of adverse events and sentinel events

https://www.jointcommission.org/

sentinel event policy and procedures/

3 THE BLOOD BANK (BB) CASE

STUDY

Blood banking is the process that takes place in the

hospital to make sure that donated blood, or blood

products, are safe before they are used in blood trans-

fusions and other medical procedures. Blood banking

includes typing the blood for transfusion and testing

of infectious diseases. The process begins with the

arrival of a Blood request by using a special form

(we refer to “request” in the rest of the article). In

our case, the BB department consists of three functi-

onal units: Acceptance, Laboratory and Distribution.

In Acceptance requests coming from the other hospi-

tal departments (for example, the Emergency Depart-

ment) are veriﬁed: staff should conﬁrm if the infor-

mation on the tube label and on the transfusion re-

quest form are identical. In case of any discrepancy

or doubt, a new sample should be obtained. The re-

quest and the test tube with the patient’s blood is then

sent to the Laboratory. When a patient’s blood sam-

ple arrives at the Laboratory, a certain set of standard

tests are performed, including, but not limited to, the

following:

• Typing: AB0 group (blood type),

• Rh typing (positive or negative antigen),

• Screening for any unexpected red blood cell anti-

bodies that may cause problems in the recipient.

In Distribution, if a unit of blood (or a compo-

nent) is required, it is taken from the blood deposit

and sent to the requesting department through the ap-

propriate staff. In this paper we decided to show only

the Acceptance subprocess for reasons of space, but

the same analysis was carried out for all three (Accep-

tance, Laboratory and Distribution) subprocesses and

full results are provided. We started by reconstructing

the actual Acceptance subprocess as illustrated in Fi-

gure 1. The BPMN language has been used and our

tool allows to insert, after the control gateways, moni-

tors - blocks M1, M2, M3, M4 and M5 - that count all

the transactions that correspond to errors. As shown

in the process diagram, requests are received (Receive

Request), the staff adds requests in the local ma-

nagement system and applies an identifying barcode

(Manage Request). Then checks are carried out on

the correctness of data on the request and the patient’s

blood tube (Check). If errors are detected (moni-

tor M1) the correct data is re-entered. The gateway

Blood components? checks if only blood tests are

necessary or blood components are also required. In

the latter case the doctor of the Blood Bank (BB doc-

tor) veriﬁes the correctness of the request (Evaluate

Request) and, if he has any doubts, calls the doctor

SIMULTECH 2018 - 8th International Conference on Simulation and Modeling Methodologies, Technologies and Applications

100

Figure 1: Subprocess of Acceptance of requests with coun-

ters of errors.

of the ordering department for an explanation (Ask

Explanations). At this point (Approved? gateway)

one of three things can happen: 1) the BB doctor is

convinced of the correctness of the request, 2) the re-

quest is changed in agreement between the two doc-

tors (Modify Request), and 3) the request is conside-

red unsuitable and disposed of (the subprocess is clo-

sed with an error report Disposal). For cases 2) and

3) the M2 and M3 monitors count the errors detected

in the request. If no blood components are reque-

sted or the request is deemed suitable or modiﬁed, an

identifying barcode is applied on the test tube (Apply

barcode) and a ﬁnal check is carried out by two pe-

ople together (Double Check), at least one must be a

graduate (doctor or biologist) who eventually puts a

signature of approval on the request. If no errors are

detected (Correct? gateway) the request and the test

tube are sent to the Laboratory, otherwise (Monitor

M4) a check is made with the requesting department

(Verify Validity). Once an agreement is reached, the

requesting department sends a modiﬁed request back

with the correct data that is re-entered into the system

(after a certain delay, timer Receive correct request),

otherwise the request is considered unsuitable and de-

leted (monitor M5).

3.1 Process Simulation

In our RBPM methodology the process diagram is in-

tegrated with a description of how each activity deals

with a transaction, how long does it take, and what are

the necessary resources to execute the activity. Furt-

hermore, it is necessary to specify how the transacti-

ons (in our case the requests) are introduced in the

model and for how long the simulation has to last.

Figure 2: The BB daily workload.

The simulation environment is based on the iGrafx

Process tool which is very suitable for process map-

ping and simulation modeling in business process ma-

nagement projects. We perform input data analysis

by considering data about the functioning of the BB

department in 2017. Moreover, we interviewed in-

terviewing physicians, nurses, administrative workers

and managers of he department. The model has been

reﬁned several times and ﬁnally validated by workers

and managers of the department.

In particular, for the Acceptance subprocess the

generator that corresponds to the initial event Start

introduces about 350 requests a day distributed accor-

ding to the time table of Figure 2 for a total amount of

about 85,000 requests received from the Blood Bank

during the initial 8 months of 2017. This scenario

has been simulated and, as shown in Table 2, the to-

tal number of errors detected in the subprocess after

8 months of simulation is 1,829 (sum of the M1 - M5

monitors). This number must be compared with the

number of errors reported by the BB staff during the

same period. These errors are stored (together with

the causes that generated them) in a self-reporting da-

tabase (managed by the local system) and shown in

Table 1. In this table the causes of error have been di-

vided according to the units of the Blood Bank where

they can occur, corresponding to Acceptance, Labo-

ratory and Distribution, and the columns TErr, Cau-

ses, Errors and C respectively represent the Type

of Errors, Causes, Errors and Complaints in these

three units. The number of self-reported errors for

the Acceptance is 701. This means that about 62% of

errors has not been self-reported.

For the Laboratory and Distribution units, simi-

lar results are obtained, as shown in Table 2 in which

the columns Rep, Det, DetButNotRep and Com re-

spectively represent the errors Reported, Detected,

Detected but not Reported and the Complaints in the

three units of the Blood Bank and for the whole pro-

cess. The table provides the starting point for two im-

portant conclusions:

A Simulation-driven Approach in Risk-aware Business Process Management: A Case Study in Healthcare

101

Table 1: Table of reported errors, detected errors and com-

plaints.

Dep TErr Causes Err Com

Acceptance

Internal Acceptance 511 10

Incomplete data 134

Switching Errors 20

Insert Error 349 10

Other 8

Internal Check in Acceptance 127

Cross check (request-test tube) missing 14

Signature check missing 31

Doctor check missing 82

Inappropriate Request 63

Data: inappropriate/reconsidered 16

Quantity: inappropriate/reconsidered 26

Urgency: inappropriate/reconsidered 21

Laboratory

Internal Test 18

Not performed 11

Insert missing 6

Other 1

Internal Assignment 93 4

Barcode check missing 9

Unsuitable reservation 79

Wrong labeling 3

Wrong assignment 1

Computer transmission problem 5

Distribution

Internal Distribution 78 8

Wrong document delivery 1 1

Wrong number of unit delivery 27 1

Late delivery 43

Wrong blood component delivery 1

Error on the medical report 3

No correspondence bag/data 2 5

Various 2

External Output 4

Wrong Department Delivery 2

Switching Errors 2

Table 2: Table of reported errors, detected errors and com-

plaints.

Rep Det DetButNotRep Com

Acceptance 701 1,829 62.0% 10

Laboratory 111 700 84.0% 4

Distribution 78 400 80.5% 12

BB Process 890 2,929 70.0% 26

• The BB staff has a poor attitude for reporting er-

rors as they are discovered in the process. This

is partly due to the workload that at certain times

of the day is particularly heavy. The consequence

of this fact is that the management of the bank has

little information about the actual causes of errors.

As a result, improvement initiatives clearly suffer

from this deﬁciency.

• The Complaints column shows that the number of

errors not detected in the BB process is very low,

this indicates that the current process is very efﬁ-

cient. In any case, as the consequences of certain

errors can be very serious the need to improve the

process is always present and an FMEA analysis

is under way to address the most dangerous cases.

3.2 Compliance of the BB Process

The efﬁciency of the BB process is the result of con-

tinuous improvement initiatives. In particular, several

checks on the correctness of data have been introdu-

ced in order to detect the greatest possible number

Figure 3: Acceptance subprocess with only mandatory con-

trols and detected errors.

of errors. It may therefore be instructive to compare,

for example, the current Acceptance sub-process with

what would be if only the rules prescribed by law

were applied. In our case, in the Acceptance subpro-

cess the Italian law only imposes to check that the

surname, name and date of birth of the patient repor-

ted on the request are the same as reported on the test

tube. Figure 3 shows how the subprocess of Accep-

tance would be with only the mandatory controls by

Italian law.

Therefore, at the arrival of the request (Receive

Request) if a blood component is required, it is assig-

ned by the BB doctor (Assign Blood Component). In

both cases, a label identiﬁcation is applied on the test

tube (Apply Label on Test tube) and then the data on

the request and the test tube is checked (Cross Con-

trol Test tube/Request). If no errors are detected

(Correct? gateway) the request and the test tube are

sent to the Laboratory, otherwise (Monitor M4) the re-

quest is disposed. As shown in Figure 3, only a limi-

ted number (140) of errors would be detected in this

Compliant subprocess (the simulation of the two ver-

sions of the subprocess was performed under the same

conditions). This number must be compared with the

number of errors detected in the current subprocess

(1,829) and this means that about 92% of the errors

would not be detected (lost errors). Table 3 illustrates

the results obtained for the whole BB process if only

mandatory obligations are implemented. In this table

the columns Current, Compliant and Lost respecti-

vely represent the errors detected in the current and

the compliant processes, and the percentage of lost

errors. These results clearly indicate that the controls

required by law are absolutely insufﬁcient.

Table 3: Comparison of current and compliant processes.

Current Compliant Lost

Acceptance 1,829 140 92%

Laboratory 700 53 92%

Distribution 400 43 89%

BB Process 2,929 236 92%

SIMULTECH 2018 - 8th International Conference on Simulation and Modeling Methodologies, Technologies and Applications

102

3.3 Process Improvement

The need to introduce several controls into the Accep-

tance subprocess stems from the fact that the process

relies only on the (hand-ﬁlled) paper request which

may contain errors and therefore needs to be chec-

ked several times to ensure that patient and test tube

data are correctly uploaded to the local management

system.

The simulation-based approach in the RBPM met-

hodology is very useful for verifying the possible evo-

lution of the processes currently under investigation

(What-if analysis of possible future scenarios). A

scenario can be considered as a description of a pos-

sible future situation. Scenarios are not meant to be a

complete description of the future, but rather a tool to

consider the basic elements of a possible future and

to draw analysts’ attention to the key factors that can

help to effectively improve the process (Di Leva and

Sulis, 2017a). In the RBPM approach the speciﬁca-

tion of the scenarios to be analyzed is very simple if

they can be deﬁned as changes to be made to the As-is

model.

A new web-based version of the local manage-

ment system is currently under development. The new

system provides for integration with the hospital ma-

nagement system in which the patient and test tube

data will be uploaded by the requesting department.

A simpliﬁed paper request and the test tube will then

arrive at the Blood Bank, and both will already have

the correct control barcode inserted. At the same time,

these data will be automatically loaded on the local

system for which the problems related to the local in-

sertion of data are eliminated.

Figure 4 shows how the Acceptance subprocess

could be modiﬁed. At the arrival of the request

(Receive Request) the data will be acquired and chec-

ked (Acquire Request) for blood components. If a

blood component is required, as well as for the As-is

model (Figure 1), the BB doctor veriﬁes the correct-

ness of the request (Evaluate Request) and, if he has

any doubts, calls the doctor of the ordering depart-

ment for an explanation (Ask Explanations). At this

point the request could be 1) approved, 2) modiﬁed

(Modify Request) or 3) deleted. For cases 2) and 3)

the M2 and M3 monitors count the errors detected in

the request.

The simulation of the two models As-is and To-be

allows a comparison between the two scenarios in re-

lation to the detected errors. Table 4 shows the results

for the whole process. In this table the columns As-

is, To-be and Elim respectively represent the errors

detected by the current As-is subprocess, by the To-

be subprocess and the percentage of errors that would

Figure 4: To-be model of the Acceptance subprocess.

Table 4: Comparison between the As-is and the To-be mo-

del.

As-is To-be Elim

Acceptance 1,829 509 72%

Laboratory 700 494 29%

Distribution 400 335 16%

Process 2,929 1,337 54%

be eliminated from the restructuring. These results

in Table 4 clearly indicate that the introduction of the

new local system greatly reduces (54%) the number

of errors that would be detected in the Blood Bank.

This leads to a much more efﬁcient process in terms

of processing time of requests and costs for the orga-

nization.

4 CONCLUSIONS

In this paper, we described a model-based approach

(RBPM framework) to design and reason about an or-

ganization’s business environment. The framework

includes a methodology to model, validate and ana-

lyze business processes, and an extended process mo-

del that allows the simulation of actual (As-is) proces-

ses and the execution of What-if analysis of scenarios

which describes possible evolutions of these proces-

ses. In this way managers can get useful suggesti-

ons for deciding on the most appropriate restructuring

actions to improve the efﬁciency of the organization.

A Simulation-driven Approach in Risk-aware Business Process Management: A Case Study in Healthcare

103

The paper illustrates, through a complete case

study, the possibilities offered by the RBPM frame-

work to accurately analyze the effective functioning

of the organization under analysis and to model pos-

sible evolutions towards a more efﬁcient organization.

REFERENCES

Abo-Hamad, W. and Arisha, A. (2013). Simulation-based

framework to improve patient experience in an emer-

gency department. European Journal of Operational

Research, 224(1):154–166.

Adams, A. P. (2003). Clinical risk management. enhancing

patient safety, 2nd edition: Charles vincent (ed.). bmj

books: London, uk, 2001, 573 pp; hardback, indexed,

isbn: 0-7279-1392-1; price 47.50. European Journal

of Anaesthesiology, 20(7):589589.

Allweyer, T. (2016). BPMN 2.0: introduction to the stan-

dard for business process modeling. BoD–Books on

Demand.

Betz, S., Hickl, S., and Oberweis, A. (2011). Risk-aware

business process modeling and simulation using xml

nets. In Commerce and enterprise computing (cec),

2011 IEEE 13th conference on, pages 349–356. IEEE.

Blake, J. and McTaggart, K. (2016). Using simulation for

strategic blood supply chain design in the canadian

prairies. In Simulation and Modeling Methodologies,

Technologies and Applications (SIMULTECH), 2016

6th International Conference on, pages 1–8. IEEE.

Braithwaite, J., Westbrook, J., Coiera, E., Runciman, W.,

Day, R., Hillman, K., and Herkes, J. (2017). A sys-

tems science perspective on the capacity for change in

public hospitals. Israel journal of health policy rese-

arch, 6(1):16.

Buddle, J. J., Burke, B. S., Perkins, R. A., Roday, L. E.,

Tartaglia, R., and Vermiglio, I. A. (2005). System

and method for compliance management. US Patent

6,912,502.

Chang, J. F. (2016). Business process management systems:

strategy and implementation. CRC Press.

Chartier, Y. (2014). Safe management of wastes from

health-care activities. World Health Organization.

Chiozza, M. L. and Ponzetti, C. (2009). Fmea: a model

for reducing medical errors. Clinica Chimica Acta,

404(1):75–78.

DeRosier, J., Stalhandske, E., Bagian, J. P., and Nudell, T.

(2002). Using health care failure mode and effect ana-

lysis: the va national center for patient safetys pro-

spective risk analysis system. The Joint Commission

journal on quality improvement, 28(5):248–267.

Di Leva, A. and Sulis, E. (2017a). A business process met-

hodology to investigate organization management: a

hospital case study. WSEAS Transactions on business

and economics, (14):100–109.

Di Leva, A. and Sulis, E. (2017b). Process analysis for a

hospital emergency department. International Journal

of Economics and Management Systems, 2(1):34–41.

Di Leva, A., Sulis, E., and Vinai, M. (2017). Business pro-

cess analysis and simulation: The contact center of a

public health and social information ofﬁce. Intelligent

Information Management, 9(05):189.

Dumas, M., Rosa, M. L., Mendling, J., and Reijers, H. A.

(2013). Fundamentals of Business Process Manage-

ment. Springer.

Fishman, G. (2013). Discrete-event simulation: modeling,

programming, and analysis. Springer Science & Bu-

siness Media.

Haimes, Y. Y. (2015). Risk modeling, assessment, and ma-

nagement. John Wiley & Sons.

Hayes, J. (2014). The theory and practice of change mana-

gement. Palgrave Macmillan.

Hornstein, H. A. (2015). The integration of project manage-

ment and organizational change management is now a

necessity. International Journal of Project Manage-

ment, 33(2):291 – 298.

iGrafx (2015). iGrafxProcess 2015. http://www.igrafx.com.

Jakoubi, S., Tjoa, S., Goluch, S., and Kitzler, G.

(2010). Risk-Aware Business Process Management—

Establishing the Link Between Business and Security,

pages 109–135. Springer New York, New York, NY.

McNeil, A. J., Frey, R., and Embrechts, P. (2015). Quan-

titative risk management: Concepts, techniques and

tools. Princeton university press.

Nicolini, D., Waring1, J., and Mengis2, J. (2011). The

challenges of undertaking root cause analysis in he-

alth care: A qualitative study. Journal of Health Ser-

vices Research & Policy, 16(1 suppl):34–41. PMID:

21460348.

Parker, C. and Nielsen, V. L. (2011). Explaining compli-

ance: Business responses to regulation. Edward Elgar

Publishing.

Racz, N., Weippl, E., and Seufert, A. (2010). A process

model for integrated it governance, risk, and compli-

ance management. In Proceedings of the Ninth Bal-

tic Conference on Databases and Information Systems

(DB&IS 2010), pages 155–170. Citeseer.

Rose, G. et al. (1992). The strategy of preventive medicine.

The strategy of preventive medicine.

Sadgrove, K. (2016). The complete guide to business risk

management. Routledge.

Smith, H. and Fingar, P. (2003). Business process manage-

ment: the third wave, volume 1. Meghan-Kiffer Press

Tampa.

Sulis, E. and Di Leva, A. (2017). An agent-based model of

a business process: The use case of a hospital emer-

gency department. In International Conference on Bu-

siness Process Management, pages 124–132. Sprin-

ger.

Suriadi, S., Weiss, B., Winkelmann, A., ter Hofstede, A. H.,

Adams, M., Conforti, R., Fidge, C., Rosa, M. L.,

Ouyang, C., Rosemann, M., Pika, A., and Wynn, M.

(2014). Current research in risk-aware business pro-

cess management : overview, comparison, and gap

analysis. Communications of the Association for In-

formation Systems, 34(1):933–984.

SIMULTECH 2018 - 8th International Conference on Simulation and Modeling Methodologies, Technologies and Applications

104

Tomiyama, T., Gu, P., Jin, Y., Lutters, D., Kind, C., and

Kimura, F. (2009). Design methodologies: Indus-

trial and educational applications. CIRP Annals-

Manufacturing Technology, 58(2):543–565.

Van Der Aalst, W. M. (2013). Business process manage-

ment: a comprehensive survey. ISRN Software Engi-

neering, 2013.

Van der Aalst, W. M., Nakatumba, J., Rozinat, A., and Rus-

sell, N. (2010). Business process simulation. In Hand-

book on BPM 1, pages 313–338. Springer.

Vincent, C. (2017). Patient safety. Wiley-Blackwell.

Vincent, C., Amalberti, R., et al. (2016). Safer healthcare.

Cham: Springer International Publishing.

Vincent, C., Taylor-Adams, S., Chapman, E. J., Hewett, D.,

Prior, S., Strange, P., and Tizzard, A. (2000). How

to investigate and analyse clinical incidents: clinical

risk unit and association of litigation and risk ma-

nagement protocol. BMJ: British Medical Journal,

320(7237):777.

Vincent, C., Taylor-Adams, S., and Stanhope, N. (1998).

Framework for analysing risk and safety in cli-

nical medicine. BMJ: British Medical Journal,

316(7138):1154.

Vom Brocke, J., Rosemann, M., et al. (2010). Handbook on

business process management. Springer.

A Simulation-driven Approach in Risk-aware Business Process Management: A Case Study in Healthcare

105