Essex Clinical Commissioning Groups. Business Continuity Management System. Business Impact Analysis Datasheet

Transcription

1 Item 013.2b Essex Clinical Commissioning Groups Business Continuity Management System Business Impact Analysis Datasheet BIA Author: BIA Owner: Version: Daniel Hale - Head of Emergency Planning Draft Date ratified: Ratifying By: Essex CCG Integrated Emergency Preparedness Committee Annual Review Date: EP Review Date:

2 1.0 Service/Departmental Information CCG Service/ Department Director Service/ Department Manager Business Continuity Lead Department Contact Details ( , work & mobile number) Contact Details ( , work & mobile number) Contact Details ( , work & mobile number) E: T: M: E: T: M: E: T: M: Services / Products Activities Page 2 of 11

3 2.0 Business As Usual Operations The aim of this section is to document the routine business as usual working arrangements for the following: 2.1 Staffing The information should outline staffing information for each service / activity including the number of whole time equivalents, current work rota broken down by day, time and quantity of staff by pay band and any operational differences which may occur, such as work only undertaken by a morning shift/role. Service / Activity Total Number of Staff (WTE) 2.2 Location of Activity The information provided should list the physical areas used to undertake prioritised activities, and should be broken down by area/floor where appropriate. Location of Services / Activities (inc Building Name & Address) Building owned by (CCG/Trust/Community Site/3 rd Party) Services / Activities 2.3 Information Technology Systems The information provided should list the IT hardware, software and telephony equipment including quantities used within the location to undertake prioritised activities listed alphabetically. Service / Activity IT Hardware IT Application / Software (inc version) Telephony

4 2.4 Equipment The information provided should create a matrix of equipment including quantities for supplies, consumables and large/specialist pieces of equipment used to undertake the prioritised activities and listed alphabetically. This should also include any vital paper records. Service / Activity Equipment: 2.5 Key Dependencies The aim of this section is to define what key dependencies the department have during routine working: Departmental The information provided should list any internal individuals within the department on whom there is a key dependency, such as specific skills, expertise or access not shared with others in the department, e.g user access to specific system. Name of individual/title of Role Nominated Deputy: Skills / expertise not shared with colleagues Suppliers The information provided should list any internal departments and external organisations which provide a service, product or goods listed alphabetically. Service / Activity Internal Supplier Service/product or goods provided External Supplier Service/product or goods provided Page 4 of 11

5 2.5.3 Customers The information provided should list any internal departments and external organisations which receive a service, product or goods listed alphabetically. Service / Activity Internal Customer Service/product or goods received External Customer Service/product or goods received Page 5 of 11

6 3.0 Time Critical Periods / Service Priority The aim of this section is to agree what impact a disruption to the delivery of a service/product would have over time, so that the priority for service restoration can be established. A rating for each of the impact priorities over time should be given for each of the services, products and activities, using the following definitions: Impact Level Description Patient Experience / Outcome and Quality No impact to patient 0 None experience, outcome or quality 1 Insignificant Unsatisfactory patient experience not directly related to patient care 2 Minor Unsatisfactory patient experience - readily resolved Financial Cost/Loss No financial impact Adverse Publicity/ Reputation No adverse Publicity or reputational impact Business Objectives / Performance No impact to delivery of business objectives Small loss Rumours Minor delay in delivering some non-core business objectives Loss > 0.1% of budget Local Media - short term. Minor effect on staff morale. Inability to operate some non-core business objectives 3 Moderate Mismanagement of patient care, short term effects (less than a week) 4 Major Serious mismanagement of patient care, long term effects (more than a week) 5 Catastrophic Totally unsatisfactory Patient outcome or experience Loss > 0.25% of budget Loss > 0.5% of budget Loss > 1% of budget Local media - long Term. Significant effect on staff morale. National Media <3 days National Media >3 days. MP concern (questions in the House) Ability to only operate/provide core business objectives only Inability to operate/provide some core business objectives Inability to operate/provide any core business objectives Service/Product/Activity Impact Priorities Patient Safety / Outcome Financial Cost/Loss Reputation Business Objectives Priorities 0 Hour 4 Hours 1 Day 3 Days 1 Week 2 Weeks 3 Weeks 1 Month 1+ Months Page 6 of 11

7 3.1 Minimum Business Continuity Objectives This section will establish the Minimum Business Continuity Objectives for each service, based upon the Critical Time Periods and Service Priorities. Service Minimum Business Continuity Objective Page 7 of 11

8 4.0 Minimum Business Continuity Objectives The aim of this section is to agree what resources would be required to fulfil the Minimum Business Continuity Objectives to be achieved for prioritised activities, during the recovery phase from a business continuity incident to ensure the safe and effective continuation of healthcare commissioning and management. The information gathered under business as usual operations (Section 7.1) should be reviewed to state the MBCO for each category. 4.1 Staffing The information provided staffing information for each service / activity including the number of whole time equivalents, current work rota broken down by day, time and quantity of staff by pay band and any operational differences which may occur, such as work only undertaken by a morning shift. Service / Activity Total Number of Staff (WTE) 4.2 Location of Activity The information provided should list the physical areas used to undertake prioritised activities and should be broken down by area/floor where appropriate. Location of Services / Activities (inc Building Name & Address) Building owned by (CCG/Trust/Community Site/3 rd Party) Services / Activities 4.3 Information Technology Systems The information provided should list the IT hardware, software and telephony equipment including quantities used within the location to undertake prioritised activities listed alphabetically. Service / Activity IT Hardware IT Application / Software (inc version) Telephony Page 8 of 11

9 4.4 Equipment The information provided should create a matrix of equipment including quantities for supplies, consumables and large/specialist pieces of equipment used to undertake the prioritised activities and listed alphabetically. This should also include any vital paper records. Service / Activity Equipment: 4.5 Key Dependencies The aim of this section is to define what key dependencies the department have during routine working; Departmental The information provided should list any internal individuals within the department on whom there is a key dependency, such as specific skills, expertise or access not shared with others in the department, e.g user access to specific system. Name of individual/ Title of Role Nominated Deputy: Skills / expertise not shared with colleagues Suppliers The information provided should list any internal departments and external organisations which provide a service, product or goods listed alphabetically. Service / Activity Internal Supplier Service/product or goods provided External Supplier Service/product or goods provided Page 9 of 11

10 4.5.3 Customers The information provided should list any internal departments and external organisations which receive a service, product or goods listed alphabetically. Service / Activity Internal Customer Service/product or goods received External Customer Service/product or goods received Page 10 of 11

11 5.0 Risk Assessment This section lists the disruptive events to prioritised activities using the likelihood descriptors of the Corporate Risk Register. Risk I L R Mitigation I L R Outcomes, evidence and residual risk