As a healthcare service provider, clinical risk forms the biggest
risk class the Group faces. Therefore, the Board has entrusted
the CRM committee which comprises of medical consultants
of various disciplines to review and deliberate on all reported
risk incidences. The minutes and decisions of this committee
are presented to the MAC, which is the apex-committee for all
clinical matters of the Group.
Both clinical and non-clinical risk matters are also reported to
the AC which has oversight authority on all risk management
and internal control issues of the Group.
CONTROL ACTIVITIES
Policies and Procedures
Policies and procedures are documented comprehensively,
which are reviewed regularly to ensure relevance and
compliance with the current and applicable laws and
regulations. These policies and procedures help to ensure that
appropriate authority limits are in place, business activities are
carried out according to set standards and necessary actions
are taken to address and minimise risks and ensure the
orderliness and continuity of business functions.
Segregation of Duties
The delegation of responsibilities by the Board to the
Management and Operating Units are clearly defined and
authority limits are strictly enforced and reviewed regularly.
Different authority limits are set for different categories of
managers for the procurement of capital expenditure, donations
and approval of general and operational expenses. Similarly,
cheque signatories and authority limits are clearly defined and
enforced.
INFORMATION AND COMMUNICATION
Information Technology
Information technology continues to be the backbone of the
hospital operations whereby the Group has a strong dedicated
team of IT professionals to deliver and manage its in-house
developed integrated systems comprising of Hospital
Information Technology System (“HITS”) and KPJ Clinical
Information System (“KCIS”).
HITS is an integrated hospital management system covering
the complete range of patient service processes from
registration to billing. HITS also has functionalities covering
financial and material management modules, making it a truly
reliable and robust system that has served the Group’s
information needs well since 1997.
KCIS on the other hand is a system that caters to the clinical
activity needs of the hospitals to facilitate seamless
communication amongst clinical professionals. KCIS key
functionalities include patient clinical information, e-pharmacy,
e-ordering and clinical reporting. KCIS was launched in 2011
and is being rolled-out in phases to all hospitals. Presently, 17
hospitals have started using KCIS with 3 more hospitals
identified for implementation in 2016.
Since 2014, the Group has implemented a nationwide cloud
infrastructure for its hospital network. The cloud-enabled
infrastructure has benefited the Group to optimise the IT
capital expenditure with greater efficiency, reliability and
flexibility. By moving the IT infrastructure to the cloud, the
Group is able to centrally deliver IT services to the hospitals
nationwide in an efficient, reliable and secure manner. At
present, 5 hospitals have migrated to the cloud infrastructure
with 5 more hospitals planned for 2016.
Communication and Information Sharing
The Group promotes the culture of effective communication
and information sharing amongst the hospitals and key
subsidiaries through the holding of functional group meetings
and conferences. The objective behind these meetings and
conferences is to share and reinforce key business strategies,
review performance, discuss current issues and communicate
new policies and procedures.
Such meetings and conferences are held either on monthly,
quarterly or annual basis, comprising of diverse functional
groups such as hospital management, chief nursing officers,
finance managers, pharmacists and risk coordinators.
The Group conducts the Pedoman annual staff gathering at the
beginning of every year, whereby achievements and challenges
faced during the previous financial year are shared with staff,
new strategic initiatives, corporate KPI and business targets
for the new financial year are also presented.
188
STATEMENT ON RISK MANAGEMENT AND
INTERNAL CONTROl