VELINDRE NHS TRUST. INTERNAL AUDIT REVIEW Welsh Risk Pool - Welsh Risk Management Concerns and Compensation Claims Standard: Claims Reimbursement

Transcription

1 INTERNAL AUDIT REVIEW Welsh Risk Pool - Welsh Risk Management Concerns and Compensation Claims Standard: Claims Reimbursement

2 INDEX 1. Executive Summary 2. Main Report 2.1 Introduction and Background 2.2 Approach and Objectives 2.3 Conclusion and Opinion 2.4 Summary of Findings 2.5 Acknowledgements Appendix 1 Assurance and Priority Ratings description REVIEW REFERENCE: VT13.17 REPORT STATUS: FINAL DATE OF FIELDWORK: JANUARY 2013 AGREED DRAFT REPORT DATE: JANUARY 2013 FINAL REPORT DATE: JANUARY 2013 AUDITOR (s) : S BODMAN SHARED SERVICES PARTNERSHIP AUDIT AND ASSURANCE SERVICES Page 1

3 1. EXECUTIVE SUMMARY 1.1. INTRODUCTION AND SCOPE In accordance with the 2012/2013 Internal Audit Plan, testing of claims processed by the Legal Services & Governance Manager was undertaken in order to provide assurance relating to Assessment Area 10 of the Welsh Risk Management Concerns and Compensation Claims Standard. Velindre NHS Trust and Public Health Wales Trust Interim & full reimbursements claims submitted to the Welsh Risk Pool for reimbursement during 2012/13 were tested to ensure that the Velindre NHS Trust Claims Management Policy and Procedure was complied with Velindre NHS Trust also provides a claims management service to the Public Health Wales (PHW) NHS Trust as part of the Corporate Services SLA OPINION AND KEY FINDINGS The level of assurance given as to the effectiveness of the system of internal control in place to manage the risk associated with the objectives covered in this review is Substantial Assurance. Overall, controls are in place to manage the risk associated with the systems tested within the review, and these were found to be working effectively. The audit identified no weaknesses during the review in respect of compliance with Assessment Area 10 of the Welsh Risk Management Concerns and Compensation Claims Standard. and the Trust Claims Handling Policy and Procedures. There are no high priority issues that require action within the department. SHARED SERVICES PARTNERSHIP AUDIT AND ASSURANCE SERVICES Page 2

4 2. MAIN REPORT 2.1. INTRODUCTION In accordance with the 2012/2013 Internal Audit Plan, testing of claims processed by the Legal Services & Governance Manager was undertaken in order to provide assurance relating to Assessment Area 10 of the Welsh Risk Management Concerns and Compensation Claims Standard. The overall objective of the audit was to verify compliance of the systems and controls in place relating to claims submitted to the Welsh Risk Pool for reimbursement of costs incurred by each Trust for clinical negligence and personal injury claims, in order to provide reasonable assurance to each Trust Board and Trust Audit Committee that risks material to the achievement of system objectives are managed appropriately AUDIT APPROACH AND OBJECTIVES All assignments undertaken from 2011/12 are delivered under the umbrella of the NHS Wales Shared Services Partnership: Audit & Assurance Services. The approach to audit assignments is risk based, where the risks are identified with the lead manager. Controls would then be identified to manage those risks and the assignment scope designed to provide assurances on those issues. The audit assignment has been allocated an assurance rating, dependant on the level of assurance Internal Audit are able to provide. The assurance rating is described against the inherent risk and control effectiveness of the system reviewed. There are four potential levels of assurance available, along with three recommendation priorities and these are described In Appendix 1. The objective of the audit is to evaluate and determine the adequacy of the systems and controls in place for the management of claims reimbursement, in order to provide reasonable assurance to the Trust Audit Committee that risks material to the achievement of system objectives are managed appropriately. The areas reviewed were: Appropriate and accurate completion and authorisation of WRP Cost Schedules by the Legal Services & Governance Manager. WRP1: Annex B Case Summary Checklists are completed by the Legal Services & Governance Manager and signed by the Chief Executive and appropriate Service Director; and forwarded to the Welsh Risk Pool. All claims submitted are accurately entered onto the DATIX Risk Management Database. SHARED SERVICES PARTNERSHIP AUDIT AND ASSURANCE SERVICES Page 3

5 Risks to the achievement of objectives were considered with expected controls identified within the Risk and Control evaluation Proforma. Testing was undertaken to assess the adequacy of the system of controls and compliance. The risks considered in the review are as follows: Claims costs reimbursed from the Welsh Risk Pool are inaccurately recorded and are not appropriately authorised by Trust management and Officer Members CONCLUSION AND OPINION We are required to provide an opinion as to the adequacy and effectiveness of the system of internal control under review. The opinion is based on the work performed as set out in the scope and objectives within this report. An overall assurance rating is provided describing the effectiveness of the system of internal control in place to manage the identified risks associated with the objectives covered in this review. Substantial assurance Green The Board can take substantial assurance that arrangements to secure governance, risk management and internal control, within those areas under review, are suitably designed and applied effectively. Few matters require attention and are compliance or advisory in nature with low impact on residual risk exposure. Design of system / controls The findings from the review have highlighted no issues that are classified as a weakness in the system / control design for the management of claims reimbursement. Operation of system / controls The findings from the review have highlighted no issues that are classified as a weakness in the system / control design for the management of claims reimbursement. Recommendations H M L Total SHARED SERVICES PARTNERSHIP AUDIT AND ASSURANCE SERVICES Page 4

6 2.4. SUMMARY OF SIGNIFICANT FINDINGS Good Practice in the management of clinical/medical negligence and personal injury claims was noted in respect of: All claims are accurately entered onto the DATIX Risk Management Database. All claims are entered onto the Losses and Special Payments Register (LaSPaR). Claims costs schedules and Case Summary Checklists submitted to the Welsh Risk Pool have been accurately completed and appropriately authorised. File Closing Forms and Claims Handling Checklists have been accurately completed and signed off by the Legal Services & Governance Manager. There are no recommendations arising as a result of this review ACKNOWLEDGEMENT We would like to acknowledge the time and co-operation given by the Trust Legal Services & Governance Manager during the course of this review SHARED SERVICES PARTNERSHIP AUDIT AND ASSURANCE SERVICES Page 5

7 AUDIT ASSIGNMENT ASSURANCE RATINGS Appendix 1 An Assurance Rating is allocated to each audit assignment undertaken. There are four potential levels of assurance available and these are described below: RATING INDICATOR DEFINITION Substantial assurance Reasonable assurance Limited assurance No assurance Green Yellow Amber Red The Board can take substantial assurance that arrangements to secure governance, risk management and internal control, within those areas under review, are suitably designed and applied effectively. Few matters require attention and are compliance or advisory in nature with low impact on residual risk exposure. The Board can take reasonable assurance that arrangements to secure governance, risk management and internal control, within those areas under review, are suitably designed and applied effectively. Some matters require management attention in control design or compliance with low to moderate impact on residual risk exposure until resolved. The Board can take limited assurance that arrangements to secure governance, risk management and internal control, within those areas under review, are suitably designed and applied effectively. More significant matters require management attention with moderate impact on residual risk exposure until resolved. The Board has no assurance that arrangements to secure governance, risk management and internal control, within those areas under review, are suitably designed and applied effectively. Action is required to address the whole control framework in this area with high impact on residual risk exposure until resolved. SHARED SERVICES PARTNERSHIP AUDIT AND ASSURANCE SERVICES Page 6