Key concepts & theory

Estimated 7 min read

The Royal Australian College of General Practitioners (RACGP) serves as the cornerstone for guiding clinical practice within General Practitioner (GP) practices. While Hola Health operates as a platform and market creator rather than a physical practice, it is important to recognize that its service delivery ecosystem functions similarly to a practice. Therefore, adopting comparable standards and a culture of safety and performance measurement, including clinical indicators, is essential to ensure the provision of safe, quality, and timely services.

Hola Health is subject to the same laws, clinical governance, and compliance expectations as any GP practice or business, albeit with a limited scope of service tailored to a specific risk profile. However, there is a direct correlation between these indicators and reputational exposures. Therefore, Healthylife may consider expanding its performance and service delivery policies to encompass other qualitative measures to manage brand reputation and service guarantees for its customer base, particularly as it expands its scope of services in the future

Throughout our report, we have used the RACGP governance guidelines for General Practices.

According to RACGP, practices should consider the following in establishing its clinical and practice governance:

• Organisational culture
• Human behaviour and determinant of safety
• Skilful identification and investigation of safety issues
• Prevention and safeguards
• Patient safety monitoring

Clinical indicators suggested by the RACGP include:

• Quality and safety infrastructure
• Clinical policy
• Organisation of service
• Preventative health and screening
• Clinical documentation
• Clinical assessment
• Clinical management
• Prescribing safety
• Clinical practice review
• Population for intervention

With this in mind, our report covers:

• Role and Responsibilities
• Cascade of roles & responsibility to policy, contracts, performance measurement
• Use of data-driven insights to measure safety, compliance and performance (clinical indicators)
• Clinical governance and investigation / peer review
• Monitoring and performance regimes
• Culture and workforce
• Information security and access

With a view to:

Embed a strong culture of safety and compliance, with clear service definition and scope of practice that is measurable.

Framework for clinical and practice governance

A structured framework to implementing clinical and practice governance (as part of a clinical and practice management strategy) is critical. There needs to be an overall framework and strategy for how this works together, and this needs to be assessed against the corporate risk register to ensure that is address and mitigates this appropriately.

A strong clinical and practice governance framework must include three types of measures:

1. Preventative measures: aims to prevent events from occurring or making people aware of their obligation and responsibilities. Players in the system understand the consequence of breach and aim to meet their obligations to prevent events from happening.
2. Managed measures: aims to have the right management processes and check in place to reduce or eliminate risk. This reflect in IT system controls, policy and processes e.g. access and permission, but links to the use of clinical indicators and reporting to provide a view on compliance and performance. This is every day management practices and oversight of operations
3. Reactive measures: reacts when an incident occurs and how the organisations deals with the situations, undertakes reviews and the impact this may have on the patient, business and providers in the system. It also addresses areas where external assessment may occur in extreme cases such as malpractice or death. It links into the preventative and managed aspects of the framework as continuous improvement, but also support branding exposure and notification from the providers, to Hola Health and Healthylife of critical incidents.

Approach to assessing transfer of risk

It’s important we first discuss the key theory and concepts that inform how we assess who bares and manages risk within these frameworks.

Hola Health operates its own ecosystem to deliver its services but exists within a broader sphere of influence—we will call this the “universe”. While we’re focussing on the former in this review, the latter provides crucial context in defining how Hola Health operates, and most importantly, how it is (or should be) treating risk. Therefore, we feel it’s useful to develop a conceptual model of this universe.

This model helps us to comprehensively work through:

• Whether all actors in the ecosystem and their roles/responsibilities are well understood and defined.

• The various systems and processes—Hola Health-controlled or otherwise—that contribute to the interactions between these actors within the universe.

• How the regulatory and competitive environment overlay across the universe.

Importantly, by modelling this, we can clearly the paths that Healthylife can influence—and the paths where risk exposure could exist.

Figure 1: Concept of the Hola Health Universe and Ecosystem.

---

---

Close

Hola Health cannot control all actors in the universe—it cannot control regulatory bodies, for example. But Hola Health’s role in running its marketplace means it can exert reasonably broad control over the key actors in its ecosystem (namely, Patient, Doctor, Pharmacy, Delivery Partner)—Hola Health plays a crucial role in reducing risk within its ecosystem, to the best of its ability, given outside influences. The question at hand becomes, what should Hola Health be controlling and how?

Best practice dictates there should be a clear continuity and line of sight between the decisions at the highest level of management (position setting) through to the lowest level (monitoring and contractual enforcement). This is true from any angle—commercial, strategic, or in this case, risk. While shown as a linear process here feedback mechanisms should exist to inform the management approach and address the question of “what should Hola Health be controlling?”

Figure 2: Concept of clear line of sight downstream of the policy; essential for effective risk transfer.

---

---

Close

Our review sees us focus on this continuity—where this continuity is broken, risk arises, and transfer of risk is contentious.

A break in this continuity can take many forms as outlined in the hypothetical examples below:

• Software access control: Despite having adopted a position (policy) that a pharmacist shouldn’t be able to access the Hola Health platform after termination, if there is no ongoing monitoring and contractual enforcement, then the adopted policy is likely ineffective and risk untreated.

• Conflicting policy: If two policies conflict within the Hola Health system, then it’s almost certain the downstream processes and monitoring cannot be effectively implemented to manage risk.

• Clinical oversight: While doctors are considered independent contractors making independent decisions, it’s been recognised that Hola Health still caries reputational risks on the decisions those doctors make, but there is no clear definition on how to define or manage poor decision making; reputational risk is recognised but untreated.

• Commercials (pricing, terms, performance): With each actor in the system realising some sort of commercial benefit for the performance of their duties to a certain standard, these benefits should reflect the fair exchange of value. If contracts see doctors remunerated on another basis, then there is clearly a disconnect and so perverse behaviours may be incentivised.

• Unclear implementation of policy: A well-defined policy can be adopted, but if this isn’t translated into effective processes to implement the policy, then the policy is ineffective and leaves the original risk effectively untreated.

• Ineffective transfer of risk: In all the above examples, if a policy is adopted that intends to transfer risk but continuity is broken, there is a very high likelihood that this transfer of risk is ineffective, and Hola Health remains exposed (and by extension, Healthylife is exposed via mostly reputational risk).

It’s also critical to understand where in the chain this continuity is broken. A break at the top introduces strategic risk and typically requires much more effort to resolve, while a break at the bottom (tactical risks) can typically be resolved with smaller tactical efforts. Our risk register classifies risks in this manner.

Whilst we’re focussed on risk for this discussion, many elements inform or make up this continuity: outside investment, business plan and strategic, commercial approach, risk appetite—and of course, outside influence from elsewhere in the universe (e.g. regulations).

For this discussion, Healthylife is one such key outside influence; while we are not reviewing the relationship between Healthylife and Hola Health directly, we do make efforts to see if Healthylife’s exposure to risk forms part of the considerations of management when setting policy etc. Indeed, these theories would apply to Healthylife’s own structure, and therefore it would be prudent to repeat this risk review exercise with Healthylife directly to highlight any breaks in continuity—and exposure to undue risk.

Focussing on the review at hand, we will use this model to inform how we assess Hola Health’s governance of themselves and the ecosystem they operate to form a view it’s risk exposure and the potential transfer of risk to Healthylife.