BUSINESS CONTINUITY MANAGEMENT POLICY

Similar documents
Meeting of Governing Body

BUSINESS CONTINUITY PLAN

NHS HARINGEY CLINICAL COMMISSIONING GROUP EMERGENCY PREPAREDNESS, RESILIENCE AND RESPONSE (EPRR) POLICY

Kingston CCG Emergency Preparedness, Resilience and Response (EPRR) Policy

REPORT TO MERTON CLINICAL COMMISSIONING GROUP GOVERNING BODY

Business Continuity Management Policy and Plan Contacts removed

Discussion Assurance Approval Regulatory requirement Mark relevant box with X

BUSINESS CONTINUITY MANAGEMENT POLICY

Information Governance Management Framework

BOARD PAPER - NHS ENGLAND

NHS Waltham Forest Clinical Commissioning Group. Emergency Preparedness, Resilience and Response (EPRR) Policy

Business Continuity Management Framework

Business Continuity Plan

NHS ST HELENS CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY PLAN AND INCIDENT RESPONSE PLAN VERSION 6

The Board is asked to note the survey outcome as Substantial (green rag rating). Progress with action planning and delivery has commenced

Nottinghamshire Local Health Resilience Partnership (LHRP) - Memorandum of Understanding (MOU)

The Royal Wolverhampton NHS Trust

NHS LANCASHIRE NORTH CCG MAJOR INCIDENT PLAN

Greenwich CCG Business Continuity Plan. Interim Governance Consultant

Agenda Item. NHS Cumbria CCG Governing Body. 4 February Business Continuity Plan. Purpose of Report:

Agenda item 8.5. Meeting date: Meeting / committee: Board of Directors. 24 th June Title: Emergency Preparedness Annual Report 2013/14.

MAJOR INCIDENT PLAN 2017

BUSINESS CONTINUITY PLANNING

CAMBRIDGESHIRE COMMUNITY SERVICES NHS TRUST BUSINESS CONTINUITY PLAN VERSION 7.0

Incident Management Plan

AGENDA ITEM NO: 046/17

Governing Body. Enclosure: N Agenda item: 17

NHS Commissioning Board. Emergency Preparedness. Framework Framework

NHS Commissioning Board Core Standards for Emergency Preparedness, Resilience and Response (EPRR)

41 EC Emergency Planning Toolkit Action Cards

Bristol, North Somerset and South Gloucestershire Clinical Commissioning Group Governing Body Meeting In- Common

Health and Safety Policy

Major Incident & Business Continuity Management System

EMERGENCY PREPAREDNESS INCIDENTS POLICY AND RESPONSE PLAN

Children Education & Families Health and Safety Arrangements Part 3

Business Continuity and Emergency Management. Policy Statement

EMERGENCY PREPAREDNESS, RESILIENCE & RESPONSE POLICY

Corporate Business Continuity Plan. Alison Whitehead, Head of Resilience. Fiona Noden, Director of Operations and Performance

NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP INCIDENT RESPONSE PLAN

NHS Rotherham Clinical Commissioning Governing Body. Audit & Quality Assurance Committee 26 March 2014 Governing body 2 nd April 2014

Road Fuel Supply Disruption: Strategic Guidance for NHS Boards in Scotland. NHSScotland Resilience. Scottish Government

Business Continuity Plan

NHS Lewisham CCG Health & Safety Policy

NHS England (South) Surge Management Framework

Head of Security and Business Continuity. Incident Response and Crisis Management Ser-Sec /11/2017

QUALITY COMMITTEE. Terms of Reference

Business Continuity Plan

NHS Hartlepool and Stocktonon-Tees. Commissioning Group Business Continuity Plan

Critical Incident Plan

Incident Reporting and Management Policy

Business Continuity Policy and Plan

Business Continuity Management System. Business Continuity Procedure

HEALTH & SAFETY ORGANISATION AND ARRANGEMENTS

Emergency Preparedness, Resilience & Response (EPRR) 2014/15 Annual Report Public Board 24 September 2015

AMBULANCE S ERVICE NHS AMBULANCE SERVICE NATIONAL RESILIENCE

Continuing Healthcare Policy

Health & Safety Policy

BUSINESS CONTINUITY MANAGEMENT PLAN

Emergency Preparedness, Resilience and Response Annual Report 2015

BUSINESS CONTINUITY PLAN

NHS HARINGEY CLINICAL COMMISSIONING GROUP

Level 4 Award in Health Emergency Preparedness, Resilience and Response

BUSINESS CONTINUITY PLAN

HEALTH AND SAFETY POLICY

EMERGENCY PREPAREDNESS, RESILIENCE & RESPONSE POLICY

Emergency Preparedness, Resilience and Response (EPRR) Soili Larkin & Joshna Mavji

Emergency Preparedness, Resilience & Response (EPRR) 2016/17 Annual Report Public Board 28th September 2017

UCL MAJOR INCIDENT TEAM MAJOR INCIDENT PLAN. Managing and Recovering from Major Incidents

CONTINUING HEALTHCARE POLICY

Slips Trips and Falls Policy (Staff and Others)

Emergency and Critical Incident Policy

Health and Safety Policy

Plan For VIPs and Protected Persons

NHS Emergency Planning Guidance

Oxfordshire Primary Care Commissioning Committee

Cleaning of the Environment: Standard Operating Procedure

SUMMARY REPORT (11) TRUST BOARD 26 November 2015

OFFICIAL SENSITIVE. 10 July 2017 NHS England LHRP Co-chairs

CEMP Criteria for Ambulatory Surgery Centers Emergency Management

Waltham Forest CCG Business Continuity Plan August 2017

BUSINESS CONTINUITY PLAN

specialising in maths and computing Health, Safety and Environmental Policy Date March 2012 Review Date March 2014 Governor Committee Health & Safety

BUSINESS CONTINUITY PLANNING POLICY

Date 4 th September 2015 Dr Ruth Charlton, Joint Medical Director / Jill Down, Associate Director of Quality Laura Rowe, Compliance Manager

Incident Management Plan

Major Incident Plan. Version: 6 Bodies consulted: - Approved by: Date Approved: Name of originator/ author: Health and Safety Manager

NWL CCGS BUSINESS CONTINUITY PROCEDURES

Health and Safety Code of Practice Code of Practice Safe Lone Working

LSE HEALTH AND SAFETY POLICY

NHS Commissioning Board Command and Control Framework For the NHS during significant incidents and emergencies

Procedure for the Management of Incidents and Serious Incidents

The Royal Wolverhampton NHS Trust

NUMBER: UNIV University Administration. Emergency Management Team. DATE: October 31, REVISION February 16, I.

Brandon Trust Supported Living - Bristol and North Somerset

SPONSORSHIP AND JOINT WORKING WITH THE PHARMACEUTICAL INDUSTRY

GUIDANCE DOCUMENT FOR COMPLETION OF RESIDENTIAL CARE ESTABLISHMENTS BUSINESS CONTINUITY PLAN TEMPLATE WEST MIDLANDS

Incident Management Plan

Health and Safety Strategy

Version 1.0. Quality, Performance & Finance. Date Ratified 31 st March 2015 Iain Stewart, Head of Direct Commissioning

Commissioner Guidelines for Responding to Requests from Practices to Temporarily Suspend Patient Registration

Transcription:

BUSINESS CONTINUITY MANAGEMENT POLICY A GUIDE TO BUSINESS CONTINUITY AND SERVICE RECOVERY PLANNING Version 1.2 Ratified by BHR CCGs Governing Bodies Date ratified September 2016 Name of Director Lead Marie Price Name of author Lisa Wood Date issued September 2016 Review date October 2017 Target audience BHR CCGs Staff Version 1.2 Page 1 of 7

Contents Page 1. Introduction 3 2. Purpose 3 3. Causes of Service Interruption 3 4. Business Continuity and Recovery Planning 4 5. Process 5 Version 1.2 Page 2 of 7

1.0 Introduction 1.1 The NHS needs to be able to plan for and respond to a wide range of incidents and emergencies that could affect health or patient care. Under the Civil Contingencies Act (2004) NHS organisations must show that they can deal with such incidents while maintaining services to patients. This work is referred to as emergency preparedness resilience and response (EPRR). Emergency response organisations are classified by two types, Category One, primary responders and Category Two, supporting agencies. 1.2 While NHS England (NHSE), as a Category One responder, bears the majority of responsibilities in preparing and responding to incidents and emergencies, the CCG, as a Category Two responder, has a duty to participate in preparations and provide a cooperative and supportive role to NHSE should an incident occur. As a Category Two responder there are also a number of core standards that CCGs must meet and a business continuity management policy and business continuity plan are included. Specific obligations under EPRR are assigned to each category. Each CCG s Chief Operating Officer has been appointed as Accountable Emergency Officer (AEO) for EPRR and is responsible for ensuring that the CCG s roles and responsibilities around EPRR are adhered to. 1.3 As Category 2 responders under the Civil Contingencies Act 2004, Clinical Commissioning Groups (CCGs) are required to have a business continuity plan in place to manage the effects of any incident that might disrupt its normal business. It has always been a sensible precaution to have contingency plans in place to manage interruptions to normal business functions. These range from (for example) managing a power cut to arranging service provision during a major incident or epidemic. The BHR CCGs business continuity management strategy is based on our legal requirements, internal and external issues that could affect service delivery and the needs and expectation of interested parties. 1.4 Business Continuity plans may be required to support NHS England London s Major Incident Plan. National Risk Management requirements (Standards for Better Health, NHS Litigation Authority) necessitate that business recovery and service continuity plans are in place. 1.5 It is the policy of NHS Barking and Dagenham, NHS Havering and NHS Redbridge Clinical Commissioning Groups (BHR CCGs) to take all reasonable steps to ensure that in the event of a service interruption, the organisation will be able to respond appropriately. A service interruption is defined as: Any incident which threatens personnel, buildings or the operational procedures of an organisation and which requires special measures to be taken to restore normal functions. 1.4 An appropriate response would aim to maintain critical activities and restore normal services as soon as possible in the circumstances prevailing at the time. Version 1.2 Page 3 of 7

2.0 Purpose 2.1 This Policy sets out the general principles and process for the creation and revision of the Business Continuity plans. This document aims to ensure that all Business Continuity processes carried out by the CCGs are done so in an agreed manner. 3.0 Causes of Service Interruption 3.1 There are many and varied possible causes of service disruption. As a general guide, service continuity planning should be carried out to minimise the effects of a number of potentially disruptive events: Major accident or incident, national disaster, epidemic, terrorist attack Fire, flood, extreme weather conditions Loss of utilities, including IT and telephone systems Major disruption to staffing; epidemic, transport disruption, industrial action, inability to recruit; mass resignations (e.g. lottery syndicate). 3.2 It should be borne in mind that these events may not be mutually exclusive, e.g. extreme weather leads to loss of electricity, disruption to transport, staff unable to get to work. 4.0 Business Continuity & Service Recovery Planning 4.1 Business Continuity: Core Business Functions 4.1.1 Identifying core business functions of the BHR CCGs that must be supported in any emergency situation. Core business planning is the responsibility of each Directorate or function within a Directorate (if necessary). 4.2 Service Recovery: 4.2.1 Planning for the restoration and support of utilities and services without which the core business functions would not be able to continue. Examples of these are: Gas, Water, Electricity Fire alarms, Security system IT system, Telephone / Communications Post services Estate services 4.2.2 Support planning is the responsibility of the Director responsible for each function. 4.3 Premises Recovery 4.3.1 Loss of individual premises (or parts of) may cause a significant disruption to the functioning of the BHR CCGs. Therefore, individual premises recovery plans need Version 1.2 Page 4 of 7

to be prepared for all premises operated (owned or leased) by the BHR CCGs. This will be the responsibility of the building landlords with co-operation of staff based in those facilities. These recovery plans will be incorporated into the BHR CCGs Business Continuity Plan. 4.4 IT Services 4.4.1 Loss of IT Services will again cause a significant level of disruption to the functioning of the BHR CCGs services. The Director who has responsibility for the IT provision needs to ensure that robust IT recovery plans of are incorporated into the BHR CCGs Business Continuity Plans. As of June 2016, the CCGs brought our IT service in house. 4.5 Staffing 4.5.1 The BHR CCGs will identify minimum staff levels for each key function to ensure that in the event of major disruption to staffing (such as illness, transport disruption, industrial action, severe weather) we can continue to maintain critical activities. 4.6 Surge Management 4.6.1 North East London Commissioning Support Unit (NEL CSU) provides this service on behalf of the BHR CCGs. NEL CSU have their own plan and systems in place for surge management and processes for escalation. Details of this will be included in the BHR CCGs Business Continuity Plan. 4.7 Contractor Services 4.7.1 Loss of Contractor Services in respect of NHS England s obligation to provide Primary Care Services e.g. response to unplanned loss of a Primary Care Contractor or Contractor Service is the responsibility of NHS England. 4.8 External Events 4.8.1 The BHR CCGs involvement in external events may have some Business Continuity implications, and these must be considered. 4.8.2 For example, a major terrorist strike in Central London may result in a mass evacuation to the outlying boroughs/counties. The BHR CCGs may find itself having to provide staff to Local Authority reception centres etc whilst having to maintain its own service provision as well as helping to provide support to NHSE to manage any surge pressures. 5.0 Process 5.1 A phased approach to producing the Business Continuity and Service Recovery Plan has been adopted. Version 1.2 Page 5 of 7

5.2 Phase 1 Identification of Functions and Category of each one 5.2.1 The BHR CCGs Joint Management Team have reviewed all functions and agreed which category each function is classed as from the following; Category A Activities which must be continued Category B Activities which can be scaled down Category C Activities which can be suspended if necessary 5.2.2 The next stage is for each team to identify specifically what is required for each function to be able to continue to operate. This will form the Directorate plan and become part of the organisation Business Continuity Plan. 5.2.3 A risk assessment of business continuity incidents occurring which may affect the ability of the CCGs to continue to function will be undertaken and included within the Plan. 5.3 Phase 2 Completion of Function Business Continuity Plans 5.3.1 Directors have identified what is required for each function to be able to continue to operate and have completed a template for each function they are responsible for and these will form part of the overall plan 5.3.2 Review and updating of templates is to be carried out at least annually, or where there is a significant change of circumstances. 5.4 Phase 3 Information gathering 5.4.1 Key contacts, documents and relevant information for each team have been identified within the templates and gathered together by team. 5.4.2 A list of identified critical Information Assets by team has been included in each Plan with specific detail around business continuity plans for each asset. 5.4.3 A separate process has been undertaken by the Senior Information Risk Owner (SIRO) and the Information Governance lead to identify and record each team s Information Assets as part of the Information Governance Toolkit requirements. The SIRO is responsible for ensuring the organisational information risk is properly identified and managed and that appropriate assurance mechanisms exist. The SIRO is supported by Information Asset Owners (IAOs) and Information Asset Administrators (IAAs). The IAOs provide assurance that information risk is managed effectively for the information assets that they own and understanding and addressing risks to those assets. The IAAs are delegated the responsibility for day to day management of information risk of an asset on behalf of the IAOs and provide administrative support as is required to ensure compliance. 5.2.4 All of the above has formed a Business Continuity Plan which has been approved by the each CCG governing body. Version 1.2 Page 6 of 7

5.5 The Plan 5.5.1 All of the above information has formed a Business Continuity Plan which was approved by each CCG Governing Body in December 2013. 5.5.2 The Plan has been issued in electronic format and hard copy to each team, along with all accompanying documentation. In addition each Directorate has been issued with an encrypted USB for emergency planning purposes where the Plan and relevant documentation has been saved. Each Directorate will be responsible for updating this as and when necessary and ensure a full review of the critical information on a quarterly basis. 5.5.3 Each Director has signed to confirm ownership of the plan and agreement that they will make their staff aware that they are responsible for cooperating with the implementation of this policy and relevant plans as part of their normal duties and responsibilities. 5.5.4 A hard copy of the full organisation Plan is kept at each of the 3 BHR CCGs sites. 5.5.5 The BCM policy and business continuity plans are available on the CCGs website and staff intranet. 5.5.6 A formal desktop review of the plans will be carried out annually and regular exercises, including a communications exercise every 6 months, undertaken to test the robustness of the plans, which may result in this policy or the plans being updated. Service-specific procedures and controls will be subject to regular reviews by the Information Asset Owners. 5.5.7 Following review of the plans,if necessary, training will be undertaken by the Directors to ensure that they are fully equipped to carry out their responsibilities around business continuity. 5.5.8 Should the Plan be invoked any lessons learnt will be reviewed and where necessary the plan will be updated by the Business Continuity Lead. 5.5.9 If changes are made to this policy or business continuity plans following a formal review these will go each CCG Governing Body for approval, or a delegated sub committee, and the process for distribution outlined above will be followed. 5.5.10 NHS England has published core standards for Emergency Preparedness, Resilience and Response (EPRR) and those standards specific to Business Continuity Management will be used to ensure the BHR CCGs Business Continuity Plan is fit for purpose. If requested by NHS England we will submit evidence of our conformity to these standards. Version 1.2 Page 7 of 7

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback