Risk Ready Podcast Series: Navigating Risks for Australian Medical Centres
Snapshot
Welcome to “Risk Ready,” the podcast series dedicated to helping businesses across various industries understand and navigate the complexities of risk management. In this episode we catch up with Kenneth Corcoran, Aon’s Industry Practise Group Leader for Healthcare and Higher Education, to discuss risks facing Australian medical centres, how businesses can tackle these challenges, what the future potentially looks like and what good risks management could be, to learn more, read or listen below.
Scott Loder:
Hi, and welcome to the Risk Ready podcast series. Today’s topic is navigating risks for medical centres. I’m Scott Loder, Clinical Director, Northern Region of the Healthcare and Higher Education Industry Practice Group at Aon. I’m joined by Kenneth Corcoran, National Leader of the Industry Practice Group for Healthcare and Higher Education at Aon. Kenneth, thanks for joining us today.
Kenneth Corcoran:
Thanks, Scott. It’s great to be here. As you mentioned, I’ve been with Aon for nearly two decades, focusing on healthcare, aged care, not-for-profit, and community services. We have extensive experience supporting all types of medical institutions, including medical centres, so I’m glad to discuss the evolving and current risks facing this sector.
Significant Risks Facing Australian Medical Centres
Scott Loder:
Let’s start by exploring the most significant risks currently facing medical centres in Australia. How have these risks evolved over the past five years?
Kenneth Corcoran:
Great question, Scott. The risks facing medical centres can be grouped into two main categories: traditional risks and evolving risks.
On the traditional side, we’re talking about property risks—such as weather events, natural catastrophes, and liability issues. Medical centres see hundreds, if not thousands, of people passing through each week, which naturally leads to public liability exposures. There’s also the human capital aspect: attracting and retaining staff, as well as managing workforce burnout, have become increasingly important, especially post-COVID.
On the evolving side, cyber risk has become a major concern. Five to ten years ago, cyber insurance was virtually non-existent, but now it’s one of the first things we consider for healthcare organisations. The value of sensitive patient data makes medical centres a target for cyberattacks, and the regulatory obligations around data breaches have increased the importance of having robust cyber coverage.
Additionally, the rise of artificial intelligence (AI) in diagnostics and administration introduces new exposures—everything from data management to potential breaches and the responsibility of management to protect sensitive information. The pace of technological change means these risks are only going to increase.
The Role of Cyber Insurance
Scott Loder:
Cyber incidents in healthcare have been in the news lately, especially with the sensitivity of patient data. What role does cyber insurance play in protecting this data, and how should medical centres assess whether their coverage is adequate?
Kenneth Corcoran:
Cyber insurance is absolutely crucial for medical centres. Policies today are more bespoke and anticipate that organisations will hold significant amounts of personally identifiable information. Beyond covering privacy breaches, they can provide support for restoring lost or stolen records, notifying affected patients, and meeting regulatory requirements.
To assess adequacy, I recommend using tools like Aon’s Cyber Impact Analysis and Cyber Analyzer. These help organisations understand their specific exposure from both quantitative and qualitative perspectives. Given the increasing use of AI and digital tools, it’s vital for medical centres to regularly review and update their cyber risk management and insurance coverage.
Individual and Organisational Liability
Scott Loder:
We’ve seen an increase in penalties and scrutiny on executives and board members—not just for cyber breaches, but for a range of professional and operational risks. How can insurance help protect individuals in these roles, and what should medical centres consider?
Kenneth Corcoran:
You’re right, Scott. There’s a growing onus on management and boards to understand all types of risks—clinical, cyber, and beyond. Professional indemnity insurance is a must, covering both clinical and operational exposures. Management liability, also known as directors and officers (D&O) cover, is equally important. These policies protect both individuals and the entity from personal liability, ensuring the organisation is adequately covered for a broad range of scenarios.
Emerging Risks: AI, Workforce, Climate
Scott Loder:
We’re seeing rapid developments in AI, as well as emerging risks like workforce absenteeism and climate-related events. What should medical centres be considering now, and is insurance keeping pace with these changes?
Kenneth Corcoran:
Absolutely. Workforce burnout, especially post-pandemic, is a significant issue, and we have tools to help assess and manage these risks. Climate-related risks are also increasingly relevant, and we can help organisations assess their property exposures and resilience.
AI is perhaps the most rapidly evolving area. Medical centres should already be preparing for the implications of AI in diagnostics and administration. This includes understanding how data is stored and protected, and ensuring insurance programs reflect these new exposures. If organisations haven’t started preparing, they risk falling behind their competitors.
Managing Insurance and Risk Obligations
Scott Loder:
From a risk management perspective, what advice do you have for medical centres to stay on top of their insurance obligations and ensure smooth operations?
Kenneth Corcoran:
Proactivity is key. Good risk management means actively assessing and addressing risks, not just reacting when something happens. Engage with your broker, use tools to understand your exposures, and ensure you have the right suite of insurance products in place. This includes cyber, professional indemnity, management liability, property, and general liability. Being proactive will help your business run more smoothly and efficiently.
Ownership Structures and Non-Delegable Duty of Care
Scott Loder:
Medical centres often have varied ownership structures and a mix of contractors and employees. What risks does this present, particularly regarding the duty of care to patients?
Kenneth Corcoran:
Great point. Medical centres may have a mix of ownership models and staffing arrangements, including contracted doctors and administrative employees. Regardless of the structure, the centre itself has a non-delegable duty of care to its patients. Even if doctors hold their own insurance, the centre cannot transfer its responsibility. It’s important for the organisation to have comprehensive insurance that covers all staff and protects against risks associated with both clinical operations and administration.
Closing Thoughts
Scott Loder:
Kenneth, it’s always a pleasure to get your insights on healthcare risk. Thank you for taking the time to discuss the exposures facing medical clinics today. Any final thoughts?
Kenneth Corcoran:
Thank you, Scott. At Aon, we have deep expertise in this area and are always ready to help medical centres proactively manage their risks. I encourage anyone listening to reach out to us to discuss how we can support your organisation with the right tools and advice.
Thank you for tuning in to “Risk Ready.” We hope today’s episode provided valuable insights into managing risks and understanding the insurance solutions available to your industry. Remember, being risk-ready is key to sustaining and growing your business. Stay connected with us for more expert advice and discussions on the challenges and opportunities facing businesses today.
