Appendix 3
附錄
3
In 2013-14, the Committee met four times to discuss various issues relating to
the strategic development of IT/information systems in HA. During this period,
the Committee considered and deliberated on the key risks identified in the
IT Operational Risk Assessment and various risk mitigation actions in quality
assurance, system performance and availability, data security and privacy, and
project governance; the review of human resources related risks in ITD and the
mitigating measures to address challenges in operations, implementation of
its development work and technology innovation; the action plan of Quality
Assurance Consultancy Review associated with HAIT systems development;
update on the consultancy review of the HA information security and privacy
programme; as well as the preparations for developing a holistic HA Strategy
on IT to cope with business priorities and IT capability. To meet the growing
demand for IT systems to support the operation of the organization, the
Committee also considered and deliberated on the IT Block Vote Submission for
2014-15 and the ITD Annual Work Plan 2014-15 for responding to challenges
in continuing existing service delivery and delivering the major strategic IT-
enabled projects.
To fulfill its overseeing functions, the Committee monitored the
implementation of the work stipulated in the ITD Annual Plan by considering,
amongst others, the performance and status reports of respective IT functions
at each of its meeting, the comments of which would be conveyed to the
relevant working teams under HAITD for follow-up actions. Progress Update
on Clinical Management System Phase III, Business Supporting IT Systems,
eHealth Record Projects and IT Services Performance were among the standing
agenda items of the Committee’s meetings. The Committee also monitored
the ongoing efforts of HAITD on development of the Government’s electronic
Health Record (eHR) with HA as the technical agent and endorsed the related
draft audited financial statements annually. The Committee also considered
and supported the proposed role of HAITD in supporting the eHR Stage 1
recurrent programme and Stage 2 activities for continuity of delivery of service
and integrity of the system.
To support HA’s service needs with the latest trend of IT technical development,
the Committee received advice from the Information Technology Technical
Advisory Subcommittee on the IT technical architectures and technology
selections proposed by ITD which included open source development tools
adoption in eHR CMS On-ramp application, data governance of the Reporting
and Business Analysis Project, secured network interface to medical device, wifi
versus 3G/4G for mobile computing, and social computing in HA, etc.
As a good corporate governance practice, the Committee conducted a self-
assessment exercise in reviewing its activities in the past year according to its
Terms of Reference.
在
2013-14
年度,委員會共召開四次會議,討論醫管局資訊
科技╱資訊系統策略發展的各個事項。年內,委員會討論及
審議資訊科技運作風險評估發現的主要風險及在質素保證、
系統表現與備用、數據安全與私隱、項目管治等方面的各項
風險緩減措施;檢討資訊科技部的人力資源相關風險,以及
緩減業務運作和執行開發及科技創新方面挑戰的措施;配合
醫管局資訊科技系統發展的質素保證顧問檢討的行動計劃;
醫管局資訊保安及私隱顧問檢討計劃的進展報告;以及因應
業務重點項目及資訊科技能力而發展醫管局全盤資訊科技策
略的籌備工作。為應付資訊科技系統方面因應支援機構運作
而不斷增加的需求,委員會亦討論及審議
2014-15
年度資訊
科技整體撥款申請及資訊科技部
2014-15
年度工作計劃,以
應付維持現行服務並推行各項重大策略性資訊科技項目的挑
戰。
為履行其監督職能,委員會監察資訊科技部年度工作計劃,
其中考慮各次會議上不同資訊科技職能所作的表現及狀況報
告,會上所作評語將傳達予資訊科技部的相關工作小組跟
進。委員會會議的常規討論項目包括臨床資訊管理系統第三
階段、業務支援資訊科技系統、電子健康紀錄系統計劃及資
訊科技服務表現等進展報告。委員會亦監察醫管局作為技術
代理為政府開發電子健康紀錄互通系統的持續進度,並每年
審閱有關的經審核財務報表擬本。此外,委員會亦考慮並決
定支持醫管局資訊科技部為第一階段電子健康紀錄互通系統
的常設計劃及第二階段項目提供支援的建議,以確保服務持
續性和系統完整性。
為利用最新資訊科技發展支援醫管局的業務需要,委員會收
閱信息技術諮詢小組委員會就資訊科技部建議的資訊科技架
構及選擇方案所提供的意見,包括電子健康紀錄互通系統
與臨床資訊管理系統連接程式之開源開發工具、匯報及業務
分析計劃數據管控、醫療設備的安全網絡介面、使用
wifi
或
3G/4G
作流動運算,以及醫管局的社交網絡技術等。
為體現良好機構管治,委員會進行了自我評核,根據其職權
範圍檢討過去一年的工作。
162
Hospital Authority Annual Report 2013-2014
