In the healthcare industry, hospitals are facing a particular challenge every day, regardless of their size and sponsorship. The best possible treatment of patients must be guaranteed in the same way as the economic handling of various resources. Errors can still happen. A systematic procedure is necessary to identify the causes and sources of errors. An important factor is an Internal Audit department. We examine the relevance in the new white paper “Internal Audit in the Hospital and its Contribution to Good Corporate Governance”.
Many hospitals have already started to introduce good governance. This includes the implementation of structures, methods and instruments that support the management, supervision and control of the hospital. An Internal Audit department is a fundamental component of good governance.
Complex legal situation for hospitals
The responsibility for good governance lies with organisational management. In the hospital, the legal representatives, usually management and the board of management, must ensure that good governance is guaranteed. Employees in all areas, from clinical to administrative areas, must be able to act within a framework that prevent errors and detect them in a timely manner.
There is often no requirement to have an Internal Audit department in hospitals. With a targeted approach, however, it can improve risk management, controls and monitoring processes in hospitals in particular - because hospitals operate in a highly regulated environment shaped by national, regional and municipal players as well as by self-administration bodies. This leads to a complex set of legal requirements.
Analysis of the risk potential shows where fast action must be taken
As an independent body located directly under management, an Internal Audit department can review and promote the effectiveness of the required structural organisation and workflow. In addition, the focus is on industry-specific topics, ranging from guidelines for the personal provision of services by chief physicians to the control of health insurance bills and the guarantee of the use of grants for a specific purpose.
The basis of the audit should be risk-oriented audit planning. Risk analysis and prioritisation of the study areas follow after a listing of all hospital processes. Outsourcing and co-sourcing – i.e. division of labour between internal and external resources – help smaller hospitals in particular to manage their extensive tasks. Weaknesses in the system and potential sources of error are decisive in the final reporting: They are classified into categories according to their risk potential and must be rectified by the responsible persons with corresponding prioritisation.