Department of Health

Legal Responsibilities and Risk - Director Induction Session 2 – August 2020

  • 16 September 2020
  • Duration: 1:13:49
  • Hello and welcome everybody. This is the second in our series of board director induction training sessions. My name is Jo Flynn and I'm the chair of the Board Ministerial Advisory Committee that advises the Minister for Health on appointments to health service and hospital boards. This is part of a series of three orientation induction sessions that are being held as a webinar using Microsoft teams. The first one last month that was about Clinical governance and about the role at the health department in the structure of health care public health care in Victoria or now presenters were Terry Symonds and Euan Wallace from safer care Victoria today we're focusing on legal responsibilities of directors in the Victorian public health care system, and our two speakers are Jared Heath who's a partner at Corrs, an advisor to the senior counsel in DHHS and Michael Gorton, who’s a partner in Russell Kennedy. Michael’s a very experienced, board director. Currently chair of the Alfred and also on the board of Ambulance Victoria. I'm also currently a board member on Ambulance Victoria, Forensicare and was previously the chair of Eastern Health.

    So as we start this afternoon, I'd like to begin by acknowledging the first peoples of in traditional owners of the lands on which we each today that people of the Kulin nation and other Aboriginal nations from the areas where you are. And I would like to pay my respects to Elders past and present, and all Aboriginal people who have joined us today.

    The session today will consist of an overview at high level from me and then presentation from Jared on legal responsibilities and the enabling legislation governing health service boards and other related Acts that we need to be aware of. And then Michael Gordon will speak more about the roles of directors in general but in this context in particular and then we'll have each of them will speak for about 20 minutes. And then we'll have a question and answer session. I want to tell you at the beginning that all of the slides will be circulated after the meeting and there will be a link provided to the recording of this webinar and I want to let you know that there's an online question function and we'd encourage you to post your questions at any stage and you're welcome to vote for questions that you you're particularly interested, and there's a function to do that. And then as we look through the questions at the end of the session will be able to see the ones that have the most interest.

    The most important thing for first of all these sessions were really designed for people who are coming into their first role as a health service or public hospital director. We know though from the number of people who registered that we have many experienced directors coming in, so clearly the format works for people. It's convenient and will aim to make sure that the session is useful and relevant for all of you, but they are designed to make sure that people who are just starting off in their first role have access to the information that they need.

    There's also a lot of resource is available for people and in particular the Toolkit for directors in Victorian health system, which if you haven't already had a link to a link, will be posted in the resource material following this session and would also want to draw your attention to the VPSC Code of Conduct which governs all public sector appointments in Victoria and what sort of values should guide our behaviour. I think it's also important we focus on the legal responsibilities today.

    And clearly we need to very, very aware of what they are I would encourage you to focus on your own compass and sense of right and wrong. I don't think you always need to know exactly which subsection of a law covers what sort of behaviours are appropriate. You need to take your responsibility seriously, as well prepare for them as well as you can and exercise them to diligently so the directors of the health service have the ultimate responsibility for governance of the health service that includes all the fiduciary and other corporate duties.

    This particularly includes acting in good faith in the interest of the organisation being very aware of and disclosing any potential conflicts of interest and also particularly in the health care setting ultimately responsibility for clinical governance, it's a lot of responsibility to take on, but it's a very rewarding and stimulating role. And clearly at this time we are very mindful of that role Public health services play. Of the considerable risks in terms of people who work in healthcare systems, and I'm sure that people are very alive to ensuring a safe workplace, and I also want to acknowledge that this is a stressful time for everybody working in health, particularly in Victoria, so it's important that we reach out to one another and take care and often support each other and that you're aware that there are people that you can call on if you need some support or help or advice.

    So we're going to cross now to our first presenter, who as I said is Jared Heath, a partner at Corrs and a legal consultant to DHHS. Jared's going to talk about legal responsibilities and the enabling legislation. So I'll hand over to Jared now. And he has some slides that he will talk through as well. Thanks, Jared.

    Thanks Jo and good afternoon everybody. It's a pleasure to be with you as Jo has indicated, I will be providing you this afternoon with an overview of the legal framework that applies to directors of particular public health entities. It's primarily focused on those who might be new to the role so some of it will be well known to those of you who've been in that role for some time, I will cover the director’s duties that apply to public health entity directors. I'll look at what the other obligations might be in relation to boards of public health entities. I'll cover some of the protections that are available to you and then I'll turn to consider the range of legislation that might be relevant in this space and in particular to areas of recent legislative development, namely modern slavery obligations and workplace manslaughter.

    I think it's important at the outset to acknowledge that being the director of a public health entity indeed, being a director of any public entertain Victoria is similar to but different at the same time to being a director of a private company where the duties come from the Corporations Act, or indeed for being a director of an incorporated association in all cases the fundamental obligation is to act in good faith in the best interests of the organisation, but being the director of a public entity or a public health entity requires a different mindset because the accountability and the autonomy of those roles is different, so I'll start sharing my slides at this point for you. This first slide provides an overview of the relevant legislation that applies in a public health context. It's not exhaustive, but it is an update on the information that's contained within the DHHS Directors Toolkit.

    So the first source of obligations on directors of a public health entity is the enabling legislation that actually sets up the specific type of health entity. And as you can see, different legislation establishes, in all cases you need to be familiar with the legislation that applies to your entity at
    the same time, it's also important to understand that all of these health entities are considered to be public entities under the Public Administration Act and that there are separate obligations and duties that arise under the Public Administration Act, which I will come back to in terms of the enabling legislation for those health entities, there are some common duties that apply across all of them. These include the Duty to consider specified matters, the duty to inform the Minister and the Secretary of public concern or risk, and the duty for most entities to comply with Ministerial or Secretarial directions as reflects that there is different enabling legislation for different health entities. There are some duties that are only applicable to some health entities so for example, in the case of public hospitals. there's a duty on the board to inquire and to give opportunity to be heard before dismissing or suspending a registered medical practitioner. There are duties of confidentiality that are specifically included in relation to identifying information of patients for particular entities, there's duties to disclose interests and also duty not to exercise power if there's a conflict of interest.

    Importantly, just because there might be those duties in the enabling legislation, or there might be some that are missing from your particular enabling legislation doesn't mean that those duties don't exist from another source. Other sources include, primarily the Public Administration Act. The Public Administration Act in fact, encompasses the obligation that Jo referenced, which is the duty to comply with the Victorian Public Service Commission’s ‘Code of Conduct’, for directors of public entities, and it's important to be familiar with that document. It also sets out that there are the duties to act in good faith and with care and diligence. The duty not to provide information that comes to you as a director except as expressly authorized or for the function of being a director and the duty not to misuse the position or the information that you acquire in it.

    There are also duties given that it is a public role to provide notification if you are going to be candidate for election to Parliament or Council, there are specific duties on chairpersons of public entities and then a list of general duties that apply to the board and those duties include informing the minister in the secretary of known major risks and providing the minister with information that might be requested. It's also important to ensure that there are adequate procedures for dealing with code of conduct issues, conflicts of interest and gift benefits in hospitality and the Victorian Public Service Commissioner has guidance and template material that will assist in those sorts of policy developments. Other relevant provisions that exist under the public administration act include that there aren't sabino loans to directors, their spouses or relatives, the boards can have subcommittees that public entities conform subsidiaries.

    And critically, that the board is accountable to the Minister for the performance of its functions. Indeed, the minister has the power to Injuncted director of public entity from contravening the Public Administration Act, and can bring proceedings if required. In addition, a direct cannot be in office if they are insolvent or if they convicted of an indictable offence. So that's an overview of some of the key directors duties that are either sourced from the enabling legislation or from the Public Administration Act.

    On the other hand, there are protections available for directors of public entities under the enabling legislation for all of the public health entities on discussing today, a directory is not personable personally liable for anything that might be done in good faith in the exercise of their function, it's important. That public health entities ensure that the directors have access to appropriate insurance directors and officers insurance, either from the Victorian managed insurance or authority, or that they have access to that from an appropriate insurance company in certain circumstances, and Indemnity might also apply.

    There are also important obligations that apply to Directors under the Financial Management Act and under the standing directions and the instructions that support the Financial Management Act, the Financial Management Act says that the board of a public entity is ultimately responsible for the financial management performance and sustainability of that entity and under the standing directions there are specific obligations that apply to the board.

    As the responsible body, it would be important to be familiar with those obligations. Understanding directions of those obligations, for example, an important one is make sure that there is an audit committee. And so directors must in the public bodies annual report attest to compliance with those requirements and must also disclose any material compliance deficiencies. I also thought it might be useful to acknowledge that health entities can have bylaws but that those bylaws can only be made or amended with the approval of the secretary.

    I'll now turn to talk about some of the broader legal obligations and responsibilities that apply in a public sector context. Often these obligations will be the responsibility of Management, to ensure that the organization complies, but as directors, I think it's useful to understand that operating environments, and also in some cases as our highlights there are specific obligations on directors so under the privacy and Data Protection Act and the Health Records Act.

    And there are provisions that manage the collection, use and disclosure of personal information and health information, respectively similarly there are obligations to comply with the information privacy principles and with the health privacy principles. As many will know, the Freedom of Information Act creates an obligation on agencies to provide information that might be requested by members of the public and, importantly, both officers and employees of agencies subject to the FOI Act have to comply with the professional standards issued by the office of the Victorian Information Commissioner. The public records act establishes obligations for the maintenance of public records and to ensure that any public are maintained in accordance with the public record records office requirements and the Victorian data sharing act establish is a regime for sharing information which is ultimately for the purpose of informing government policy making and service planning and design.

    Other key legal responsibilities include as I've already said, the Financial Management Act, the Auditor establishes the Victorian Auditor General’s Office and the Victorian Auditor General will conduct an annual financial audit or public entities, but can also conduct from time to time performance audits of the way in which they discharged their public function.

    The independent, broad based Anti-Corruption Commission is responsible for investigating public sector Corruption and the CEO of a public body responsible for reporting any suspected corrupt conduct on reasonable grounds to buyback for investigation I back also broad powers to conduct investigations and examinations, including public hearings.

    The Public Interest Disclosures Act is effectively the public sector whistleblowers regime. It requires the public entities to establish procedures for the protection of people from detrimental action in reprisal for making a public interest disclosure.

    The Ombudsman Act provides for the role of the Victorian Ombudsman to conduct inquiries into administrative action taken by public bodies and importantly, the chair of a public statutory authority is responsible for engaging with the ombudsman in relation. to those matters.

    The Charter of Human Rights and Responsibilities Act makes it unlawful for a Public Authority, which includes both a director of a public entity as well as the public entity itself to act in a way that is incompatible with human rights namely, the rights that are set out in the charter or to.
    fail to give proper consideration to relevant human right in making a decision.

    The Occupational Health and safety act, as many will know, imposes duties on employers in respects of the safety of their employees. It includes providing a safe working environment, monitoring the health of employees, but also ensuring that persons other than employees and not exposed to health or safety risks arising from the conduct of the employer. They are significant obligations on all organisations and they have significant penalties both for the organisations and for individual directors so it's important to be aware of your OHNS Act.
    responsibilities. An I'll come back to that when I get to talk about workplace manslaughter.

    Equal Opportunity Act is designed to address questions of discrimination, sexual harassment and Victimization and again the Victorian Public Service Commission is Code of Conduct for directors expressly requires directors of public entities should act in accordance with equal opportunity legislation. Finally, I mentioned the Crimes Act which deals with the criminal liability of the director of a body corporate in relation to particular offenses, such as obtaining property.
    Or financial advantage by deception publishing materials which are misleading, false or deceptive or in relation to the destruction of evidence. So it's merely to note that there might be an overlay between the legal exposure of a public entity are, but also the personal criminal liability of a director.

    I've set out in the slides who are some of the key regulatory bodies that are relevant to you in your role as Directors of public health entities, including the Victorian Public Sector Commission, the Victorian Managed Insurance Agency. Obviously, the Health and Mental Health Compliance Commissioners. IBAC ombudsman, the Office of the Victorian Information Commissioner and Australian Health Practitioner Regulation Agency.

    I’ll turn now to talk briefly of two recent legal developments that are relevant. One is the introduction of Commonwealth requirements in relation to reporting on modern slavery, the reporting requirements require relevant reporting entities to describe their operations to identify the risks of modern slavery in their operations and supply chains. Describe what is being done to address those risks and to evaluate the effectiveness of that action contemplation is that there is an annual reporting cycle as to those matters. Importantly, there's no financial penalty for failure to report but given the regime has been established, it is open to ministerial scrutiny and a failure to report will be subject likely to stakeholder and public criticism. Healthcare is one of those sectors that's been identified as having higher risk, so the Modern Slavery Act applies to reporting entities that have consolidated revenue of at least 100 million. If you're below that, it doesn't apply. If you are above that then it will apply to you even if you're a state entity such as a public hospital or public health service. So that is relevant to your relevant public health entity. You need to use this as an opportunity to ensure management understands the framework identifies assesses, and addresses the risks in the operation and supply chain, and to develop relevant policies systems and processes. And obviously, in a health context to consider the interface with Health Purchasing Victoria.

    The other area I wanted to touch on his workplace manslaughter from the 1st of July 2020. New offenses have been introduced into the OHNS Act which create offences both in relation to organisations but also relevant officers of relevant entities which includes directors of public entities and new offences do not fundamentally change the existing duties under the Occupational Health and Safety Act. What they do is they provide for criminal penalties.
    in relation to a breach of some of those duties, and as you can see, there are significant.
    terms of imprisonment for officers. Those offenses are set out in the slides and the elements of the offense, but the key point is that it is a breach of an applicable duty under the OHNS Act, which triggers liability for the offense.

    The offenses will apply, just the OHNS duties, not just to employees but also where they are applicable to general members of the public and if those members of the public ended up being the victims of manslaughter. The offenses will apply to conduct that causes in injury or illness that might later cause death. And I think it's important to think in that context to mental health injuries or illness. There's no particular limitation period for the prosecution of the offense and it's been identified that they likely to apply most commonly in high risk industries, which could include health services.

    Work safe is the relevant regulator has indicated that every workplace death will be considered in this context and that COVID-19 deaths linked to the workplace will be relevant as well.
    So for your organisations and your management it's an opportunity to ensure that you're already complying with your OHNS duties that you review your systems and risks and that you also develop a critical incident response plan to engage not only with the consequences of the.
    fatality, but also are able to address exposure to the coroner's court. Work safe and the potential application of the workplace manslaughter offences.

    And that concludes all of the materials that I was proposing to cover. I'll hand back to you, Jo.

    Thank you very much Jared. That was a very comprehensive overview, and for those who joined just after the beginning I want to reassure you that all of the slides that Jared's shared, and in fact a recording of this whole session will be available on the DHHS website under the board governance area following the webinar within a few days. They're already quite a number of questions coming through and so I'd like to just remind you that there's a q&a function that you should easily be able to access on your screen.

    Please vote for questions that are there which you are particularly keen to see answered. Then feel free to put in additional questions.
    We're going to proceed directly to the next presentation, which is Michael Gordon and then come back and deal with the questions with each of the speakers, or for some of the questions, both of the speakers depending on the nature of the question.

    So if I could now reintroduce Michael Gorton. Michael as a partner in Russell Kennedy, he's currently the chair of Alfred Health and on the board of Ambulance Victoria and a number of other entities. A very experienced director. And he's going to talk about the responsibilities of directors..

    I need to let know that Michael, we're not able to show his face so you'll only see his slides, but you'll hear his voice over the top. So over to Michael please, thank you.

    Thanks Jo, and it's purely technical difficulties. The reason why I'm not showing my face is not because I'm in quarantine or any other witness protection program. The title of this presentation is director’s legal responsibilities and since Jared has adequately covered, those in great detail and presumably has scared the life out of you. And now I'm even wondering myself why we're going to become a director of Health Services agency, but it's really not that bad. This presentation is intended to be reflecting those very strict legal obligations, but slightly more practical, talking about the expectations on us, I think as Directors of health service entities. What it means to act ethically and with integrity and to reflect what would otherwise be good governance in an organisation as well.

    So my first slide talked about individual accountability and these reflect the obligations of the legal obligations that Jared has just mentioned, but perhaps puts them in a wider framework of what is an ethical position. What is a good governance position. So long as we act in the interests of the health service that is all of our decisions. We generally believe that it's in the best interests of our hospitals are organisations, and fulfills their obligations. We act with integrity and in good faith. More broadly, we hold ourselves in each other to account and that.
    reflects that ethical framework that we need to read to be caught by becoming a member of a board with other people. We obviously attend meetings with read the materials in advance. We wanted our obligations as a board member. But it also requires us to be a bit more enthusiastic and active in pursuing our role. As we say, look beyond the obvious. Don't just accept the information presented, which doesn't mean we have to give our chief executive a grilling, but if we're not clear, we're entitled to ask questions if we want more information about something we’re entitled to get it. It's not because we don't trust our executive teams, but that we have an obligation to understand as best we can the operations available and its performance and so we also suggest that it's important to be curious and well informed and not just about the information that's presented before you, but about all aspects of our organisations. From what we can read about them in media, through to how our selves are feeling, how the organization is performing and what our patients think about us as well. These are all elements of the work that we have to do? And are all part of the job of being a director of a health service entity.

    So on the next slide we talk about those sort of integrity issues and conduct issues. So it is about leadership. We are the peak body. If you like about organisations people look to a board of a company to provide appropriate stewardship to provide appropriate communication and to set standards as well I think, having seen our banks and insurance companies in recent time, we can see the consequences where there is a breakdown in public trust and accountability. Obviously comply with legislation exercise that due care and diligence that Jared mentioned.
    acting in the best interests of our entities and obviously only use the information that we get appropriately. And with great confidentiality too. In our way, we personally operate the fair and impartial considering each issue its merits manage the risks be honest, manage conflicts which can arise, but also champion of productive and it equal culture and I think that issue of culture is certainly in the newspapers on a daily basis in so many different parts of our community. In our business world. And also in the government sector as well.

    So the next slide really just sent out that pyramid that's points out the fact that the board you're clearly is different from management of their while at the moment just about every day. But management is there to manage the organization to be aware, to give instructions to.
    follow the strategic plan and the business plan of the organization of the border set for them, but probably only made a number of times a year. Directors can't be checking on everything individually so clearly the Executive has the greatest role in the organization to make things happen. But we hold them to account, we measure their performance, we give instruction as required, particularly in relationship strategic direction and provide appropriate delegation of authority where that is necessary. So this tells us that we said at the top of the pyramid.

    In the next slide I've reflected the various elements of what is good governance. What is the what when we talk about corporate governance? What are we talking about? And it is about liability and responsibility. So about the organization and organisations doesn't have its own.
    arms or legs. It has the arms and legs at the paper with employees and engages. And how that liability is covered off in the management structure and in the corporate structure and the relationship between board and the executive team. It's about accountability.
    If you look at any companies constitution it would say that all of the powers of the organisation  vested in the board. But if you only meet 10 times a year, you can't exercise all of the powers.
    you delegate for powers to achieve executive and delegates the power through an executive payments and ultimately several layers down within an organisation. So when we delegate powers and we have a delegation document always remember to include how the reporting.
    comes back up to us.

    Because they are exercising the powers we have given them and therefore we are entitled to appropriate reporting on how they have used those powers, what they have achieved. What has gone right, and sometimes what has gone wrong. It's about risk management, so corporate responsibility and the difference wearing a board and management is about managing risks, not just legal risks, but finance risks business risks, the risks of the environment around us, political risks, media risks, reputational risks, all of those things need to be managed and that's part of what we call corporate governance. And at the end of the day it's also about compliance that is providing assurance to us is that the organization has met all of its myriad of legal statutory and regulatory requirements as we are required to do, and at this time of year we're about to sign off on a number of financial statements that will go now in your reports to confirm that we have complied with these multitude of things that are imposed on health service entities.

    So in very simple terms. The role of the board on the next slide says that we get to set the vision and the mission for the organisation, then to some extent that given to us, because we're a statutory body and a government body, and it's in our activity now terms of reference. But we have a choice of futures for our organization and we get to choose which of those futures or pathways we go along so that's going to be set out in our strategic plan feature.
    You will certainly have a business plan which a budget is attached. One of the most important things in Organisation and board in particular will ever do is appoint its CEO. And the person you choose therefore should lead the management of the organization is a very important.
    choice because it sets tone, culture, expectations, in so many ways. I say it's one of the most.
    important things we have to do as a board, we review and monitor the risks part of our function we have ordered from risk committees of the board to do some of and we delegate powers to.
    others in the organization. On the other side of the coin, you have management who clearly manage the business on a day to day basis they will implement the strategic plan that we approve. They'll implement the business plan and manage the budget that we approved. They will report to us so part of the deal of nominating a chief executive. The chief executive will provide full some reporting on the operations of the organization through the board and we get to set the tone and the terms of those reports. But the management will manage the risks again, risks occur on a day to day basis and they have to manage them everyday but part of the risk framework is that we get regular reporting on how the risks of being managed and changes in the risks over a period of time and certainly in these times we see things changing very rapidly, almost on a week to week basis. As to what becomes our highest priority in terms of risk management. And again in accepting the delegation except some index responsibly with those power but must ultimately report back to us on how the powers had been used.

    So the next slide up a good question what type of board are you?
    I’m saying are you internal or external board?.
    That is, you're constantly looking within the organisation you digging deep into the bowels of the organisation, seeing how things are going up, lots of questions measuring lots of things, but you're very much focused on the internal workings of the organization and not paying.
    enough attention to the external so bored that maybe external is looking at the circumstances, the environment in which we operate. What are the factors in the world out there?
    That factors either for good or for bad.
    What are the changes that are occurring what's happening in the media? What's happening with stakeholders but engaged with us on a regular basis and looking outwardly to all of those things? Now the truth is you don't want to be one or the other of the answer is, you need to have an app on the device, so we will sit somewhere between internal and external, making sure that we count both factors. Just as we don't want to be short term or too long term.
    Short term, in the sense that we're just looking at what's happening in our organization now. We get the reports we read the reports, but the reports are always telling us what has a curd.
    So in one sense we are always looking backwards rather than forwards, whereas view to what's happening on the horizon, what's happening over the next few months? That's happening over the next year. What are the changes in our community that may impact on us over the longer term period of time? And again, we don't want to be either of those two extremes. We want to be somewhere in the middle.

    Just as again, some boards can be very strategic they want to say above the carbon trust of the organization they would look at the broad strategies and make strategic decisions as you hear. Some people sometimes say.
    But never getting into the nitty gritty. Never looking at the performance, never looking at the trains and seeing how we're actually performing and how we're heading on the other end. Rather than being strategic, some boards can be very micromanaging in the sense that we're plowing into the detail when we get a good report, we go right down to the detail and ask questions about page 55, third paragraph. And what does that particular issue mean and? again, we don't want to be too micromanaging and we don't want to be exclusively strategic.
    We want to be operating somewhere in the middle between those.

    So good question to ask is to reflect occasionally on what type of board are you? Have you operated aboard to you cover up all of those factors and have a nice balance of inward and outward what's happening at the moment? But also what may be happening in the future that we need to plan for having time to strategy and we need to do. We certainly need to think about strategic issues and occasionally on some issues particularly things start to go wrong, we need to manage but they give it more emphasis in more oversight.

    So next slide talks about board processes and of course we all tend to do these in different ways and there's no one size fits all. But at some rules of thumb, the board has all of the powers vested in it by statute. We tend to work through a chair so I describe as the ‘first among equals’ so that the chair doesn't have an extra votes unless there's a tie, but the chairs vote is only one but if it came to that, all of the board members have exactly the same responsibilities, duties and obligations all of the board members.

    I'm making it equal contribution and have the right to make decision. Together, but we do it collectively but we tend to work through the chair, particularly in relation to how the board of the whole deals with the Chief Executive will have the border the whole deal. with its organisation. We don't go off on frolics of our own without engaging with actually executive and executive team. We don't manage the business with a hands on approach but we certainly have a role to play in decision making and Holding management to account and oversighting the performance of the organization so we act in a collegiate way. We act collectively together we reach decisions.

    We don't always have to agree. As I've said here, good people can disagree. And if we've got our skill mix right where we have a good range of people with different skills and perspectives and experience, it won't be surprising that occasionally we don't always agree on every issue.
    So the important thing is how we manage the disagreement to try and find common ground to see if we're going to address the major issues that everyone may have concerns about. But at the end of the day You can be able to back up and that's board is therefore, but we would try and boost collision as possible. That means we don't get angry with each other we respect.
    each others views. We respect the fact that good people can disagree and that we won't always be happy with every decision that the board makes. That's the nature of the beast our individual obligation is to bring our skills to the task so.

    One of the questions people always ask is organized it behind the lawyer on the board. Does that mean I deal with the legal questions? Or if someone is the accountant on board,
    do we instantly make them the chair of the Finance Committee and they are responsible for making finance decisions? The answer is no, that's not right, but we are all responsible.
    for all of these issues, and we're all responsible for the finances. We're all responsible for the legal risk. We're responsible for the reputation, risk, and we do it with the skills and experience that we bring to the table. And if you happen to be a lawyer or you happen to be an.
    account, you are expected to bring those skills and experience to the task. But then it in the way you make the contribution to the board. So the lawyer won’t determine the legal issues. The accountant won't determine financial issues. We all have a responsibility to understand at least the basics of the legal question that maybe portal the financial position that may be pushed. And if we're not sure, ask questions. And if we still not sure, ask for further material. And if you're not happy with the answers we’re getting, you can always seek an external expert to come and give advice or reflection as well. There are different ways of ensuring that you have access to the right information, but just because you have particular legal skills in one sense doesn't make any more important or any more liable than others, but you are expected to bring your skills, your particular skills to the table at the board.

    And in terms of risk, obviously the risk management framework, particularly in the middle of a pandemic, is a very important framework for us all to have. And as we know now after several months of the pandemic, it's a living document. The risks will change, the issues will change, and sometimes they change very quickly. The sort of risk management framework and the risks for an organization, the size of the offer and it's a document that that cascades through different layers of the organization as a different parts of the organization without all have their own risk plan to manage and it's how that all cascaded back up to the board. That is important.
    Then it's often said that we may have hundreds of risks management plans. But the board cut possibly have outside over on a regular basis, so we tend to manage the top 10 risks. Perhaps the highest risks and just because they've risk rated in the top 10 has to automatically move the top 10 rated risks because there are some risks that even if it has a slightly lower rating may still be a very important risk from a reputation. But we say around 10 to 15 risks in detail at board level is about the right way to manage it.

    But knowing that there was a whole system in place within an organization to manage risks and so the risk plan that you have would be regularly reviewed you would get regular reports and you would particularly want to see updated mitigation strategies and moving through
    in the middle of the pandemic. We have our risk plan at the Alfred and we have a separate live COVID risk plan specifically dealing with the myriad of issues that have been trained up to the organisation just through the pandemic itself. And that sort of moves on a very regular basis as we move through it, but they seem to be the best way to manage it and report on the risks by having it as a sort of separate living document to continually monitor and part of this one of the questions will be asked along the way. Of course, in any risk management framework is what's your risk appetite or what's the risk appetite of the organisation water, the points at which you would say we should never go beyond in terms of those sorts of risks.

    What would be acceptable to happen in your organization or one of the things that you can accept so long as you've got appropriate mitigation strategies in place, but managing risk is obviously a key part of what we do in terms of integrity. Integrated in lots of things to different people and Jared is certainly given us enough information to understand the sort of the legal issues in relationship integrity, but we also have seen in a number of organizations and through recently or commissions, that integrity also comes from culture. Our way of working, the attitude we bring what we have regard to one of the most important issues for our organization beyond just the law beyond just the sort of form and substance. All these issues have what is the culture? What is the attitude we bring to dealing with issues which can set our perspective in relation to integrity? What's the phrase, the issue you walk past is the standard you accept. I think that's an important part of considering integrity through the lens of the culture of the organization clearly are hard suited to the organisation, not ourselves or anybody else within our organization.

    We manage our conflicts of interest, not just ours but everything else is as well. Obviously fraud and corruption policies are important and cyber security is an important part of what we're dealing with at the moment. What we review. What we report on what? We have internal audit checks on a regular basis. This is all part of an integrity framework and the biggest risk I think sometimes is the risk of complacency it all seems to be going along well, so we don't need to worry about it rather than just taking the temperature rather than occasionally dipping in and just checking that what we thought was happening is in fact happening and if you haven't heard of it, the Victorian Healthcare search actually has an integrity toolkit which is quite useful as a way of taking the temperature of your organization to do a bit of a gaps analysis to ensure that you've covered most of the major issues within an integrity framework and ticking boxes and making assessments may just give you some extra ideas of how you can improve that framework for your organization.

    Conflicts of interests are always interesting in that actual conflicts.of interests are usually fairly easy. That comes before the board and it affects you, your family, your employer, or some other organization that you're involved with. Then it's an actual conflict.
    But we also need to be careful about perceived conflict of interest. How do things look? What would people say? If you're worried about an issue and ask the question, how would it be if it appeared on the front page of the Herald Sun tomorrow? Then we’ve probably got a perceived conflict of interest, which can affect both your reputation and the reputation of your organization. So there are lots of issues involved in perceived conflicts of interest and even potential conflict of interest. It hasn't arisen yet, but it could arise always declare. Always be careful and say if it's worth considering, it's worth thinking about. Then I would obviously just clear it and not be in the room when it was being discussed, because I think it's just easier that if an accusation came up sometime later about this issue affected you and the board considered the simplest answer is yes, the board did consider it but I wasn't in the room at the time that that's the best answer. So from a very practical point of view, I would recommend that as a way of working. So there's an overview of some practical issues, but I'm sure there will be more I can add when answering the questions.
    Thanks very much, Michael. And just to reiterate for those who've asked the all the slides that will be made available and there is a recording of the this webinar which will be up on the website and you'll be sent a link to both the slides and the recording after the session.

    So we've got quite a lot of questions for those who would like to go and continue to add their votes to the questions please do that. Or if you want to publish any more questions we've got about 20 minutes for questions, so we'll get through as many of them as we can.
    So it's my job to sort of feel them and where I can merge them so I'm going to refer the first couple of questions to Jared. There are some questions there, Jared in relation to modern slavery and how that, in practical terms, might apply why health is considered to be at risk and where the risks might be? There’s also, understandably some questions about the workplace manslaughter laws and responsibilities in relation to that for board directors. Would you take on those questions please?

    Thanks Jo, Yes happy to answer those in relation to modern slavery and reasons why the health sector might have been identified as an area of higher risk. It's dependent I think primarily upon the nature of the imports into the health sector, and some of those inputs will.
    be in fact procured by Health Purchasing Victoria, but areas of high risk in the supply chain for Australia have been identified as including laptops computers and mobile phones. Apparel including Accessories and if we think about the sort of consumables that might be used within a health setting often it is those sorts of things like PPE and like particular products that might be mass produced in overseas markets where there are the concerns about the supply chain and the risk of Modern slavery in it. So it's about using the reporting requirements as an opportunity to think through from where you procure those sorts of consumables what choices you're able to make about which organisations you procure them even from I guess, which markets which might have higher levels of risk and I think it's for those sorts of reasons that it's been identified that health might be a high risk area. Obviously there are a range of other areas that are also of concern, and it's not simply the case that it's health by itself.

    In terms of the questions about workplace manslaughter. I think the key thing to remember here in terms of what scenarios might develop is that it's about systems of work and what efforts organisations and in particular and their directors need to undertake to ensure that there are appropriate systems in place so that's about ensuring that there are the right policies and rules and systems but also a culture of compliance, and it's a very important point that Michael made that culture is key too. So much of managing the risk, not just in a workplace health and safety context, but more broadly in terms of governance creating a culture of compliance with the OHNS duties. So work so far has given examples of the sorts of things that might constitute negligent conduct and breach of duties that might give rise to exposure to the offense. And that's where, for example there's not adequate management control or supervision of employees and through the conduct of those employees of fertility results all where there are circumstances that are known to the organization and action is not taken to fix a dangerous circumstance. And so there's a fatality that results or indeed there's a high risk that's known of serious injury or serious illness that's not addressed, so I think in terms of practical scenarios where that might arise in the health care setting, there's a number of scenarios that could be imagined given the nature of the work that's done in that space.
    The care that's required for those that consume services. The other point that I would make an I did touch on it earlier is that it includes impact on mental health and I think at the time of dealing with the code, dealing with occupational violence and aggression within healthcare settings, thinking about the mental load on staff all of those are also important factors to consider and the management of the psychological stress of stuff is an important part of thinking through workplace manslaughter legislation. I'll hand back to you, Jo.

    Sorry what I was saying was that we've obviously given people cause to focus on the personal risks involved in being a director in health service and the most popular question that's appeared on the Q&A is weather is directors we should have our own personal directors insurance, or whether we're sufficiently covered by the insurance that would be provided.
    by our the health service or public hospital for which we are working, obviously assuming that you've confirmed that they are adequately insured, so Jared, can you answer that question before I then take some questions to Michael?

    Thanks Jo. So the question of insurance is one, I think the starting points is to ensure that the organization has taken out appropriate insurance for Directors and that would be a policy that should provide minimum cover for all directors and in those circumstances there would also be cover provided by the Indemnity that's sorry, the immunity that's encompassed by the enabling legislation. I think the question of the extent of cover is a question to decide as a board and.
    to be informed in that decision around the level of risk for the organization and the cost of that particular cover, but I think it is in the first instance the question that the board should
    collectively make.

    Thanks, Jared.

    Just acknowledging for everyone there's a delay as we pass from presenter to presenter and I think we just have to live with that. Michael so a few questions for you. Firstly, you might want to comment on that question because I know where we've got two lawyers we don't always have 100% agreement. Answer the question about why is there a need for personal protection insurance? There are some questions coming up about what should a board member do if they're actually worried, how can they know what's going on in their health service in relation to the CEO performance in relation to clinical governance or anything else that's going on and there's a question about what protections you see the board having in relation to adverse events that might happen in the health service or in relation to financial overruns and budgetry concerns.

    Over to you, Michael.

    That covers a lot. In relation insurance, I agree with Jared and of course as public health services we are all covered by the VMIA and experience is being the VMIA has it's a single policy for the stated covers all of the public health services.

    I don't have separate private insurance for my director roles. I do rely on each of the organisations where I'm involved having a private insurances including directors and officers.
    liability insurance and it is a standard feature of the VMIA, a suite of insurance is that we all can access and again my experience is going. The VMIA is not a difficult insurer. If I can distinguish between commercial insurers on the one hand and the VMIA is a system wide public insurer, the VMIA has been a friendly insurance through the public sector for some time. So I don't think the risks for us as individuals is high in that regard but it's worth each director being told what insurance policy you have, and you should, on an annual basis review the outline of the insurance policy, whether it's public liability insurance, professional indemnity insurance. Insurance, serves assets and the directors, not as liability insurance. Just to see what the limits are, those are so that you see that on an annual basis.

    I suppose the other question is what keeps me up at night what do I worry about and what do I need to know because there are a million things you could know if you wanted to, but what are the important ones?

    And the answer to is to understand the suite of reporting that the board and its committees receive and there will be very detailed, reporting on clinical governance risks at your clinical.
    governance committee, there will be corporate risks reported through your audit committee. They'll be detailed. Report them through the finance Committee, but you won't see it on all of those committees. So it is important that those committees report up to the board in some form, and it may be an abbreviated form, but addressing anything of significance and the board of the whole and management should understand that if there is a significant change in risk or significant adverse event or a significant adverse change in the financial position that is something that must ultimately be recorded at the board level so that every director can see it in and hear it.

    So in terms of a clinical governance, your clinical governance committee will have a detailed report which it sees on a regular basis but at the Alfred the summary report that includes all of those critical risks will always come to every board meeting. That doesn't mean we have to discuss it at every board meeting, but it will form part of the pack of materials that we get similarly to the finances will be gone into in great detail through the Finance Committee. The simple financial whether it's monthly or every two months, report particularly with variations being disclosed and under budget over budget issues in major areas will also be tabled at the board meeting for everyone to see. It's worth noting that you are entitled to attend any other.
    committee meeting if you wanted to. We have an open door policy that whilst everyone is allocated to communities. And you won't be sitting on all of them. It's an open door policies. If you as a board member wanted to attend one of the other committees, that's just something. we can do and given the situation that we had in the early stages of Covid.

    Some other directors wanted to come to the clinical governance committee just because there would be a lot of change and issues happening in that committee, particularly in the early stages. And so we made allowances for that so it is a challenge trying to know everything so it's the systems we set up the reporting regime that we have that make sure at least there is a common understanding between management and the board that if it is a significant  risk a significant adverse issue or a reputational risk issue then that will come through reports and now organization as well if it's a reputation risk or a significant we don't wait for reports, we don't wait for formal board meetings, we would expect a phone call from the chief executive to the chair to be alerted to those risks and then the chair would determine to share that information immediately with board members or if there isn't enough information or things are developing ways and have a report sent out of session or it might be something that can wait till the next committee meeting or the next board meeting. So that's about the understanding as Jared said it goes to culture. But the understanding that the board is that we all operate on the basis of no surprises. I never like to be surprised by something and I expect my CEO to make sure that I'm not surprised and similarly I won't do anything or I won't say anything or I won't do something to surprise the executive.

    Thanks Michael. There are a couple of questions there that I'm just going to comment on quickly and this question about dismissing medical practitioners and the requirements that Jared spoke to in relation to the board needing to be aware or involved in dismissal of the medical practitioner. The question, Jared is about whether that only applies to medical practitioners or to other registered health practitioners and whether that power can be delegated to others. But there’s a couple of other questions, they’re really about board meeting process and who's present for the board meeting. If I could just comment briefly, it's generally good practice for the board to have a meeting of board only or an in camera session at some point. It often works well to do it at the beginning of the meeting to see if there are any issues that people are particularly sensitive to or want to discuss or want to clarify before anyone from management comes into the room unless there are formal decisions from that process there's no need to record that beyond it's good practice to record that an in camera session occurred.

    We won't get to all the detail of all of these questions but some of the questions called of speak to what do if I'm worried where do I seek help and in most circumstances I think the really important thing for any board director to do if they have a concern is to discuss it with the board chair. If the concern is about the board chair, then it's good practice generally to speak to another director on the board and sort of test out whether you think your concerns are shared or what's at the bottom of them and then to figure out how to approach the board chair. The Governance Unit in the department has people who you can talk to who can help support and advise you, and for those who are in rural hospitals that regional branch of the department. But there's also a great network of people who are already involved in Health service boards, and the big downside of holding this event virtually is that there is no networking opportunity, you don't get a chance to see who's there and make connections. I would encourage you to explore who in your networks is also involved in health service boards and have some informal conversation because lots of things. Once you've shared with people, you can get a sense of whether it's a serious concern or whether you may be overly worried about something. So Jared, if I could come to you about the questions about the specific responsibilities in relation to dismissal of a medical practitioner.

    Thanks Joanne, at the risk of giving a lawyers acknowledging, as you've already said, that you might ask two lawyers and get three different views and noting that in the questions some of the people have indicated there might be different legal opinions. I haven't.
    specifically looked at that question an I think I preferred to look at the data of a particular health service before answering it, but the first principles response would be that there are powers that can be delegated by the board, the question is ultimately one of process, and while there might be a basis to discharge certain functions through the actions of management, ultimately board remain responsible for acquitting that process and discharging their duties, so I think subject to the technical specificity of whether you can delegate that particular power, management can certainly help and discharge many of the things that the organization must be seen to do, but provided that there are systems in place that allowed the board to also be comfortable with management's execution of any such delegation so I'm reserving Jo on that specific question, but happy to hear any thoughts Michael might have about it as well.

    I judge you want me to answer that.

    Yes, that'd be great. Thank you, Michael.

    Look it's probably rare I think in the last 10 years, that's probably I've had to deal with it three times involved by the board needs to give an approval. It can be subject to delegation and the delegation that I prefer is that it is delegated to the chief executive to dismiss, but only after notifications are provided to the board so we don't specifically have to sit in judgment or make a decision as to whether it's the right thing to do or not, but we would expect a report from the chief executive. And knowledge of the circumstances before it is actually done.
    So that's it's sort of having a clear picture of why its necessary.

    Thanks Michael and a couple of final questions to you. I think there is a question about what the board should do if it wants legal advice, should it seek legal advice from the Victorian government? Or where else should the board seek legal advice and there are some.
    questions about whether there's any legislation that’s been used in court cases against board members, I've just done a quick offline chat to Jared and he's not aware of any legislative or any legal action against board directors in particular other than legal action against the health service entity, so you might like to comment on that.

    Yeah, only in relation the last question first. I'm not aware of any circumstances where board directors have been individually sued or sued successfully. I suppose in recent times there's been a couple of failures of hospitals and it's always an issue of where, for example, of a board has been removed by government. And I suppose, Jo, You and I would have joined the board after that was secured, and I'm thinking of Djerriwarrh the board was removed. With Djerriwarrh, there was always the possibility I suppose of individual directors being sued, but it would need to be shown that individually and, and / or collectively that there was a significant failure and immunities contained in our legislation is pretty significant so despite the potential for litigation. In those circumstances it didn't seem to eventuate, so now I'm not aware of any circumstances where that's occurred.

    In relation to the board getting legal advice normal course of events you would ask the chief executive to procure legal advice for you. If it was so sensitive or it was about the chief executive, then the board incamera could resolve to through the chair, or another director to procure legal advice on behalf of the organization, but specifically in relation to the board so that it had the authority to do so, you could do that without the executive team knowing and of course, because you are completely indemnified by the organization that would be a cost to the organization, not to the individual, not on the board in any personal sense, but again, you would do that sparingly, and it would be rare circumstance that you might think that was necessary but obviously they have been times in the past where boards have determined that only chief executives time's up over if there has been some disaster or there's some ongoing issue that has arisen and we were saying more of those sorts of issues in the private sector.
    They decided that maybe the appropriate time for the board to seek independence advice separate from the event in circumstances where the executive is not even aware that you're doing it now again, that maybe something with a chair would normally talk to the Department to either seek assistance in procuring the legal advice or just sort of testing, the issues and making sure that that's the only alternative. Again, working on devices, not surprises. But yes, the board can collectively resolved to seek independent legal advice.

    Thank you Michael.

    Well we've come to the end of our session. I'm sorry if we've left your question unanswered but I would reiterate that I think if you have questions, talk to your board chair, talk to peers on the board. Talk to other people, reach out to the department. There are plenty of people who are likely to face the same question or had the experience before you. The resource is will be up on the website and you will get a link to where you will find the slides and the video recording of this session and you're very free to share them with any directors from your health service who haven't been able to attend, they’re very free to go and look at the recording of the first session and the associated resources there.

    If you missed it, there will be a follow up session in about a month’s time which will be about health service funding and accountability in Victoria and we will let you know the date of that as soon as we can. So in concluding, I'd like to thank you all for being here and again say I'm sorry that we haven't been able to see you and interact with one another on a personal level. I'd like to thank Jared Heath and Michael Gordon for their very informative presentations and their openness to the questions. I would like to thank the team in the DHHS back office that have been keeping the technology going and the questions flowing. So thank you all for joining us and wish you all to take care. Thank you.
The second webinar on Legal Responsibilities and Risks was held on 27 August and was again facilitated by Dr Joanna Flynn, Chair of the Boards Ministerial Advisory Committee. Presentations were made by Mr Jared Heath of Corrs Chambers Westgarth, legal consultant to the DHHS General Counsel, and Mr Michael Gorton AM, Chairperson of Alfred Health and principal of Russell Kennedy Lawyers.

Reviewed 16 September 2020


Was this page helpful?