Management of Hola Health

Estimated 5 min read

How is Hola Health structured?

Hola has recently restructured (in the last 2 months) to include a CxO layer.

Figure 18: The organisational structure of Hola Health.

---

---

Close

The structure of the organisation is suitable for the task at hand; a clearer delineation between ‘operational’ and ‘medical’ roles/responsibilities in the structure could be considered, to ensure clinical governance isn’t ever compromised by operational decisions (profit over care etc.).

However, this isn’t to suggest this currently happens, but rather to ensure it doesn’t in the future. This is somewhat embedded currently, and will become easier to demonstrate once further clinical roles are recruited.

How does Hola Health manage itself on an ongoing basis?

Hola recognises their internal processes around how they manage themselves are still maturing, and they’re actively implementing processes as they grow.

We understand there are weekly management meetings, and further meetings within each vertical (e.g. pharmacy review) to ensure the business is on track. It’s in these meetings that the business reviews the key KPIs set out in SLAs (although this could be monitored in real-time given the data Hola has access to).

There isn’t yet an externally recognised system for QMS e.g. ISO9001, but Hola is actively pursuing ISO27001 (Information Management Security) accreditation. Accreditation to ISO27001 would be a significant step in demonstrating the business’ commitment to data security and management, and would well and truly position Hola to achieve ISO9001 accreditation in the future as well.

We still recommend the implementation of a QMS to ensure the business appropriately recognises the interests of it’s third parties (patients, doctors, pharmacies, Healthylife etc.) and works to ensure their needs are met through the business’ operations. It’d also bolster the clinical governance of the business, as it would ensure that the business is always operating in the best interests of the patient. ISO27001 will partially address this, but ISO9001 does have a more comprehensive focus on the needs of the customer rather than just the security of their data.

While Hola does have policies around management of risks, and risk registers that demonstrate their use of the policy, the breadth of risks identified in the register is limited. This is not unusual for a business of Hola’s size and stage of development, but it’s still a risk in itself. By assessing risk from the perspective of each interested party (patients, doctors, pharmacies, Healthylife etc.), Hola would be better placed to understand, treat and control the risks that could impact these parties.

How does Hola Health decide new business ventures?

We were advised that Hola isn’t intending on expanding into new business ventures at this time and is instead focussed on scaling the existing business model. This is a sensible approach.

Given this, Hola’s main “new risk exposures” will probably arise from new features introduced to the platform; without careful consideration of the risks associated with these new features, Hola could inadvertently expose itself to new risks despite being still within the existing business model.

As there is no intention to expand into new business ventures, we don’t view the lack of a framework to support this decision-making as a significant risk at this time. However, as the business grows and the platform evolves into these new verticals, it will be important to have a framework in place to ensure that new features are appropriately assessed for risk before being implemented.

Regarding the different “types” of consultations available on the website, we understand these are mainly driven by improving customer understanding of the types of consults available, rather than representing new ventures so little additional risk is introduced by these “new products”.

Still, we are of the view Healthylife should consider how they can influence and be kept across developments in the Hola platform and business. This review is a point in time, and it’s important that Healthylife is kept abreast of changes to the Hola platform. This could be achieved through regular meetings with Hola to discuss upcoming changes, or by having a representative from Healthylife on the Hola board.

How does Hola Health view their own risk exposure?

Similar to many players in this space, Hola adopts a view of “independent contractors making independent decisions”, and so believe their risk exposure by association is limited. This is a common view in the industry, but it’s not entirely accurate as we’ve seen with prior reviews.

There’s no denying that Hola Health has exceedingly close links to it’s doctors and to a lesser extent, the pharmacy. From a public perception perspective, Hola Health is the face of the service, and so any issues with the service will reflect on Hola Health even if the legal framework suggests otherwise. Hola ought to recognise the reputational risk associated with their service (and by extension, Healthylife) and work to address this regardless of the legal position. Hola must recognise this fact and manage its risk appropriately without falling into the trap of thinking “that’s their problem”.

In fairness, we do see steps in this regard—restriction of prescribing certain medications, SOPs for delivery partners etc.—but like in any organisation, the position of the company needs to be set at the top, and that position ought to be one of taking responsibility for the service provided in the best interests of the patient.

As with other providers in the space, we do see evidence of Hola adequately treating (or at least, recognising) most obvious risks. But without a structured program to recognise and treat risks, there is a risk that some risks are missed or not treated appropriately. If an adverse event were to happen, the question isn’t “how did this happen” but rather “how didn’t they see this coming?“.

For the avoidance of doubt, there is no problem with adopting a position that Hola legally offloads many of it’s risks. In fact, it’s a very typical approach (and we would query how effectively this has been done, which we understand is subject to the separate legal review of contracts etc). It’s just important that Hola recognises that the public doesn’t see it this way, and so the business must manage it’s risks accordingly particularly when engaging partners who are more reputational risk-sensitive.