PHIAC has commenced a second round of consultation in relation to effecting improvements in the risk management practices across the private health insurance industry.

It has issued a Discussion Paper “Risk Management for Private Health Insurers” which contains a draft proposed Risk Management Prudential Standard for comment.

The draft risk management standard seeks to establish minimum requirements for effective risk management through four key elements:

1. Risk Management Policy – insurers’ risk management practices, objectives, roles, and responsibilities should be established and clearly articulated.

2. Board responsibility – insurers’ boards should play a critical role in setting the organisation’s approach to risk, and should be able to bring its expertise and skills to managing strategic risk and ensuring that risk management is operating effectively in the organisation.

3. Risk management skills and knowledge – access to risk management support, advice and training should be available to insurers, via an in-house capacity or externally.

4. Reporting requirements – breach notification provisions to ensure PHIAC is notified as soon as practicable of any breach of the standard, as well as an annual reporting requirement by the board of the insurer to the Council.

It is expected the standard will become law in March 2014 with a 6 month transition period before it commences in September 2014.