BUSINESS CONTINUITY MANAGEMENT POLICY

Similar documents
Meeting of Governing Body

NHS Waltham Forest Clinical Commissioning Group. Emergency Preparedness, Resilience and Response (EPRR) Policy

REPORT TO MERTON CLINICAL COMMISSIONING GROUP GOVERNING BODY

Business Continuity and Emergency Management. Policy Statement

Kingston CCG Emergency Preparedness, Resilience and Response (EPRR) Policy

BUSINESS CONTINUITY MANAGEMENT POLICY

BUSINESS CONTINUITY MANAGEMENT PLAN

NHS HARINGEY CLINICAL COMMISSIONING GROUP EMERGENCY PREPAREDNESS, RESILIENCE AND RESPONSE (EPRR) POLICY

Quality and Governance Committee. Terms of Reference

Business Continuity Plan

NHS ST HELENS CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY PLAN AND INCIDENT RESPONSE PLAN VERSION 6

Greenwich CCG Business Continuity Plan. Interim Governance Consultant

Agenda item 8.5. Meeting date: Meeting / committee: Board of Directors. 24 th June Title: Emergency Preparedness Annual Report 2013/14.

AGENDA ITEM NO: 046/17

BOARD PAPER - NHS ENGLAND

Specialised Commissioning Oversight Group. Terms of Reference

A meeting of NHS Bromley CCG Governing Body 25 May 2017

Direct Commissioning Assurance Framework. England

BOARD PAPER - NHS ENGLAND. Internal Delegation arrangements for Greater Manchester Devolution

Governing Body. Enclosure: N Agenda item: 17

CAMBRIDGESHIRE COMMUNITY SERVICES NHS TRUST BUSINESS CONTINUITY PLAN VERSION 7.0

Update on co-commissioning of primary care: guidance for CCG member practices and LMCs

Business Continuity Plan

Reservation of Powers to the Board & Delegation of Powers

BUSINESS CONTINUITY PLANNING POLICY

Road Fuel Supply Disruption: Strategic Guidance for NHS Boards in Scotland. NHSScotland Resilience. Scottish Government

Bristol, North Somerset and South Gloucestershire Clinical Commissioning Group Governing Body Meeting In- Common

GOVERNING BODY REPORT

Health & Safety Policy

Clinical Commissioning Group Governing Body Paper Summary Sheet For: PUBLIC session PRIVATE session. Date of Meeting: 24 March 2015

Continuing Healthcare Policy

The Royal Wolverhampton NHS Trust

NHS HARINGEY CLINICAL COMMISSIONING GROUP

BUSINESS CONTINUITY PLAN

Appendix 1: Public Health Business Plan: Priority One - Effective public health commissioning

EXECUTIVE MEDICAL DIRECTOR JOB DESCRIPTION. Medical Education Leads Clinical Directors (professional leadership) Director of Clinical Audit

Vision 3. The Strategy 6. Contracts 12. Governance and Reporting 12. Conclusion 14. BCCG 2020 Strategy 15

Agenda Item. NHS Cumbria CCG Governing Body. 4 February Business Continuity Plan. Purpose of Report:

MEMORANDUM OF UNDERSTANDING

4 Year Patient and Public Involvement Strategy

JOB DESCRIPTION. Joint Commissioning Manager for Older People s Residential Care and Nursing Homes

Delegated Commissioning Updated following latest NHS England Guidance

NHS England (London) Assurance of the BEH Clinical Strategy

Mental Health Social Work: Community Support. Summary

Nottinghamshire Local Health Resilience Partnership (LHRP) - Memorandum of Understanding (MOU)

Long Term Plan Service Plan for Civil Defence & Emergency Management. As at February 2018

Health & Safety Policy

Safeguarding Vulnerable People in the Reformed NHS - Accountability and Assurance Framework

Business Continuity Management Policy and Plan Contacts removed

CHILDREN S & YOUNG PEOPLE S CONTINUING CARE POLICY

The Board is asked to note the survey outcome as Substantial (green rag rating). Progress with action planning and delivery has commenced

COMMISSIONING FOR QUALITY FRAMEWORK

Clinical Commissioning Group Governing Body Paper Summary Sheet For: PUBLIC session PRIVATE session

Methods: Commissioning through Evaluation

CLINICAL AND CARE GOVERNANCE STRATEGY

DRAFT CONTINUING HEALTHCARE (CHC) CHOICE & EQUITY POLICY. Version 2

Surrey Downs Clinical Commissioning Group Governing Body Part 1 Paper Acute Sustainability at Epsom & St Helier University Hospitals NHS Trust

Agreement between: Care Quality Commission and NHS Commissioning Board

CONTINUING HEALTHCARE (CHC) CHOICE & EQUITY POLICY

GOVERNING BODY REPORT

Primary Care Commissioning Committee. Terms of Reference. FINAL March 2015

Title of meeting: Primary Care Joint Commissioning Committee (JCC) Committees in Common (CIC). Date of Meeting 12 th April 2016 Paper Number 7

Leeds West CCG Governing Body Meeting

BUSINESS CONTINUITY PLAN

UCL MAJOR INCIDENT TEAM MAJOR INCIDENT PLAN. Managing and Recovering from Major Incidents

Health & Safety Policy

NHS England (South) Surge Management Framework

Children Education & Families Health and Safety Arrangements Part 3

SOUTHPORT & ORMSKIRK HOSPITAL NHS TRUST MARKETING & COMMUNICATIONS ACTION PLAN

TERMS OF REFERENCE. Transformation and Sustainability Committee. One per month (Second Thursday) GP Board Member (Quality) Director of Commissioning

Review of Terms of Reference of Quality Assurance Committee

ALLOCATION OF RESOURCES POLICY FOR CONTINUING HEALTHCARE FUNDED INDIVIDUALS

BUSINESS CONTINUITY PLANNING

Chief Accountable Officer Director Transformation and Quality. Director Transformation and Quality Chief Accountable Officer

Chapter 3: Business Continuity Management

Integrated Performance Committee Assurance Reports, January 2016 and December 2015 Crishni Waring, Chair, IPC Committee

Emergency Preparedness, Resilience and Response Annual Report 2015

Birmingham Solihull and the Black Country Area Team

NHS Bradford Districts CCG Commissioning Intentions 2016/17

MERTON CLINICAL COMMISSIONING GROUP GOVERNING BODY

NHS 111 Clinical Governance Information Pack

Level 4 Award in Health Emergency Preparedness, Resilience and Response

Incident Management Plan

NHS England - Birmingham, Solihull and the Black Country Area Team. Presentation to Health and Wellbeing Boards

Primary Care Commissioning Next Steps to Delegated Commissioning September Board Paper. 2.0 Delegated Opportunities, Benefits and Risks

Framework for managing performer concerns NHS (Performers Lists) (England) Regulations 2013

NHS Commissioning Board Core Standards for Emergency Preparedness, Resilience and Response (EPRR)

2017/ /19. Summary Operational Plan

England. Questions and Answers. Draft Integrated Care Provider (ICP) Contract - consultation package

Safeguarding Adults Framework

Milton Keynes CCG Strategic Plan

NHS Lewisham CCG Health & Safety Policy

Developing Plans for the Better Care Fund

NHS DORSET CLINICAL COMMISSIONING GROUP GOVERNING BODY MEETING CASE FOR CHANGE - CLINICAL SERVICES REVIEW

Appendix 1 MORTALITY GOVERNANCE POLICY

CONTINUING HEALTHCARE POLICY

Healthy London Partnership. Transforming London s health and care together

DOH Policy on Healthcare Emergency & Disaster Management for the Emirate of Abu Dhabi

Job Title: Head of Patient &Public Engagement and Patient Services Directorate: Corporate Affairs Department: Patient and Public Engagement

Strategic Risk Report 12 September 2016

Transcription:

BUSINESS CONTINUITY MANAGEMENT POLICY UNIQUE REFERENCE NUMBER: AC/XX/068/V1.1 DOCUMENT STATUS: Approved by Audit & Gov Committee - 20 July 2017 DATE ISSUED: August 2017 DATE TO BE REVIEWED: August 2020 1 P age

AMENDMENT HISTORY VERSION DATE AMENDMENT HISTORY D1.0 02/03/2016 Initial Draft D2.0 10/03/2016 Revised after initial CCG review V1.0 17/03/2016 Final Version V1.1 20/07/2017 Slight amendment to contact details and formatting REVIEWERS This document has been reviewed by: NAME DATE TITLE/RESPONSIBILITY VERSION David Morris 02/03/2016 D1.0 Sue Johnson 10/03/2016 Deputy Chief Finance Officer D2.0 Sue Johnson 17/03/2016 Deputy Chief Finance Officer V1.0 Emma Smith 20/07/2017 Governance Support Manager V1.1 APPROVALS This document has been approved by: NAME DATE VERSION Audit Committee 17/03/2016 V1.0 Audit & Governance Committee 20 July 2017 V1.1 N.B: the version of this policy posted on the intranet must be a PDF copy of the approved version. DOCUMENT STATUS This is a controlled document. Whilst this document may be printed, the electronic version posted on the intranet is the controlled copy. Any printed copies of the document are not controlled. RELATED DOCUMENTS These documents will provide additional information. DOCUMENTS Business Continuity Plan ICT Disaster Recovery Plan Fire Evacuation plan Health & Safety Policy Information Governance Policy Risk Management Strategy Incident Response Plan Security Policy Crisis Management Plan Communications Plan Civil Contingencies Act LOCATION Dudley ICT Service, FMC NHS Property Services BHHSCC 2 P age

1.0 SUMMARY 1.1 Business Continuity Management (BCM) is part of a business resilience package that seeks to ensure that the Dudley Clinical Commissioning Group (CCG) is always best placed to deliver its objectives, its agreed levels of service and to do so consistently. Figure 1 below describes the role and context of BCM within a business resilience model. Figure 1 3 P age

2.0 CONTEXT 2.1 The Health and Social Care Act 2012 introduced reforms to the way that health care is commissioned in England. The clinically led commissioning system involved the formation of a number of organisations which took control from April 2013. Patient NHS E Provider CCG NHS PS Local Authority CSU 2.2 NHS England (NHS E) oversees the commissioning of health services in England. NHS E delegates responsibility for commissioning most hospital and community health services to a network of clinical commissioning groups (CCGs) although it commissions certain specialised services itself. CCGs are responsible for planning and developing local health services in England. They commission health and care services including: planned hospital care, urgent and emergency care, rehabilitation care, community health services and mental health and learning disability services. 2.3 Dudley CCG also has delegated responsibility for the commissioning of GP services. CCGs work with patients and health and social care partners to ensure services meet local needs. Commissioning Support Units (CSUs) support and advise NHS E and CCGs, allowing them to concentrate on improving clinical care pathways and improving efficiency. The NHS property portfolio of owned and leased buildings is managed by NHS Property Services (NHS PS). Community Health Partnerships (CHP) may administer buildings previously funded by Local Investment Finance Trusts (LIFT). Local Authorities (LA) have responsibility for the public health responsibilities previously held by the NHS. 3.0 INTRODUCTION 3.1 Dudley CCG was established in April 2013, in accordance with the Government White Paper, Equity and Excellence: Liberating the NHS, and the subsequent Health and Social Care Act 2012. These documents set out the Government s vision for transforming the way NHS services are commissioned. In 2016-17, the CCG s initial budget was 456,203 million. The CCG is a clinically led commissioning organisation that buys and monitors healthcare services for people in Dudley. 3.2 The CCG s registered population is 317,202. CCG staff are based at the Brierley Hill Health and Social Care Centre on Venture Way, Brierley Hill with the exception of the Continuing/Intermediate Care Team who are based at Tiled House, Brierley Hill. Under the Civil Contingencies Act 2004, NHS organisations must show that they can deal with major incidents whilst maintaining key services. This work is referred to as Emergency Preparedness, Resilience and Response or EPRR. These organisations must have business continuity plans in place to maintain continued levels of output in key areas when faced with local disruption. 3.3 The CCG defines business continuity as the activity performed to ensure that business critical 4 P age

functions are available and that the CCG is able to maintain acceptable levels of service and consistency in the event of a disruption. 3.4 BCM is, therefore, an activity that identifies the key processes that the CCG undertakes and the impact of a disruption on business operations. It provides a framework for building organisational resilience which results in an effective response in the event of a disruption, so safeguarding the CCG s key interests. 4.0 PURPOSE 4.1 The policy sets out the general principles and corporate framework for the creation and revision of a Business Continuity Management System relevant to the business activities of the CCG. The policy encourages the adoption of a proactive approach to BCM and sets out the terms and conditions with which staff should comply. The policy defines the activities for establishing and maintaining an on-going BCM capability. 5.0 OWNERSHIP 5.1 The following specific duties and responsibilities apply within the CCG: 5.1 Chief Accountable Officer: The Chief Accountable Officer has overall statutory responsibility for the strategic and operational management of the CCG, including ensuring that the CCG has robust arrangements in place for business continuity management and service recovery. 5.2 CCG Governing Body: The CCG Governing Body is responsible for setting the strategic context in which business continuity and service recovery procedures are developed and for the formal approval of this Policy. The Governing Body is also responsible for determining the acceptable levels of product/service delivery through monitoring service delivery and approving any proposed developments. The Governing Body will gain assurance through the CCG s commissioning and contract monitoring processes that providers commissioned by the CCG have sufficient BCM systems and processes in place to ensure service continuity. The CCG Governing Body comprises voting members as follows: - Chair - Chief Accountable Officer - Chief Operating and Finance Officer Chief Quality and Nursing Officer - Clinical Executives - up to 5 to the extent these have not been filled by the elected GP representatives - Elected GP representatives - up to 9 excluding the Chair Lay Members x 3 - Secondary Care Clinician - Local Authority Strategic Director for People 5.3 Audit & Governance Committee: The Audit & Governance Committee will provide assurance to the CCG Governing Body through the scrutiny and oversight of the CCG s BCMS and the associated activities and documentation. 5.4 Chief Operating and Finance Officer: The Chief Operating and Finance Officer is responsible for ensuring that business continuity management plans are sufficiently robust to support the delivery of core business functions and to ensure that these remain up to date. The Chief Operating and Finance Officer will champion business continuity systems at a senior management level. 5.5 Deputy Chief Finance Officer: The Deputy Chief Finance Officer is responsible for coordinating the production of the Business Continuity Plan and the associated documentation. The Deputy Chief Finance Officer will be the Subject Matter Expert for business continuity and 5 P age

will be the point of contact for all issues of process. 5.6 Governance Support Manager: The Governance Support Manager will assist the Deputy Chief Finance Officer in coordinating the production of the Business Continuity Plan and working with the Business Continuity lead at Midlands & Lancashire CSU to ensure that the documentation is regularly reviewed. 5.7 CCG Senior Managers: All CCG senior managers will ensure that their teams co- operate with the establishment and maintenance of the BCP. They will notify any BCP revisions to the Chief Operating and Finance Officer. They will support business continuity awareness and acceptance amongst staff and ensure that all their staff are aware of their responsibilities within the BCP and encourage staff participation in training programmes or exercises. 5.8 All Staff: All staff, including temporary and contract staff, are responsible for co- operating with the implementation of this policy and any relevant plans as part of their normal duties and responsibilities. This will include maintaining access to any systems or processes that support business continuity strategies to be deployed in the event of a disruption. All staff must complete one of the CCG s training packages (see section 9). 6.0 OBJECTIVES 6.1 Dudley CCG s business continuity objectives are to: a) Provide a framework for the development of a robust and consistent BCMS. b) Identify and mitigate business continuity risks to which the CCG may be exposed. c) Protect the wellbeing of its employees and critical assets. d) Identify key business processes and list them in order of recovery. e) Ensure that the CCG can continue to meet the needs of its customers in the event of a disruption. f) Identify and implement suitable strategies to mitigate potential loss of premises, data and voice services, people and skills and supply chain. g) Continue to meet the needs of its stakeholders in the event of a disruption h) Ensure that the necessary training and awareness is available to ensure all CCG staff are aware of their roles and responsibilities. i) Provide necessary assurance to NHS England that EPRR standards relating to business continuity can be met. j) Promote and maintain the reputational integrity of the CCG. k) Align its BCMS activities to ISO 22301 business continuity requirements and supporting guidance. 7.0 GOVERNANCE 7.1 This policy applies to all CCG staff and embedded staff and should be observed by all staff from other organisations providing services on a contractual basis. 7.2 The CCG s Chief Accountable Officer has overall responsibility for the CCG s business continuity activities. The Accountable Officer has delegated day to day responsibility to the Chief Operating and Finance Officer. The Chief Operating and Finance Officer is responsible for the delivery and maintenance of the BCMS. The Audit & Governance Committee will provide oversight and scrutiny and provide assurance to the Governing Body. 7.3 The business continuity policy is owned and maintained by the Chief Operating and Finance Officer. Any changes to this policy should be reviewed and approved by the Audit & Governance Committee. 6 P age

7.4 The Deputy Chief Finance Officer is responsible to the Chief Operating and Finance Officer for the implementation, maintenance, exercising and auditing of the BCMS. 7.5 All Senior Managers are responsible for the execution of this policy within their teams. 7.6 The Chair of a Crisis Management Team is responsible for ensuring that an accurate record of all decisions and actions is taken. 7.7 The Chief Operating and Finance Officer is responsible for ensuring that there is an effective IT Disaster Recovery Plan in place and for the management of third parties responsible for the delivery of IT services. 7.8 The business continuity policy will be reviewed annually by the Deputy Chief Finance Officer and the Chief Operating and Finance Officer and be signed off by the Audit & Governance Committee on behalf of the CCG s Governing Body. 7.9 The business impact analysis will be reviewed at least annually or whenever significant changes to key internal processes, location or technology occur or whenever significant changes to the external operating environment occur, system or regulatory change occurs or in the event of the deployment of the business continuity plan. 7.10 The business continuity strategy will be reviewed annually by the Deputy Chief Finance Officer and the Chief Operating and Finance Officer and be signed off by the Audit & Governance Committee on behalf of the CCG s Governing Body. 7.11 The business continuity plan will be reviewed annually or sooner in the event of a major change to the CCG s objectives or a deployment of the plan. 7.12 The policy will be circulated to the relevant people holding responsibility for BCM/BCP through email, cascade and publication on the staff intranet. 8.0 CONSIDERATIONS 8.1 Alternative premises must support the connection to the Dudley IT domain where Dudley Group NHS Foundation Trust is the IT service provider. In practice, all premises previously owned or leased by the former Dudley PCT should have this functionality as should all Dudley GP Practices. The CCG should ensure that such a connection is possible. Additionally, Wi-Fi should be enabled locally to increase available capacity. All staff will be Citrix enabled and be capable of accessing data in this way in the event of a disruption. 8.2 Data access will be facilitated through the network or alternatively via Citrix and Wi-Fi direct to the Dudley Facilities Management Centre. The CCG will put in place an arrangement to replace hardware that is no longer accessible. 8.3 Should the necessary hardware and/or Citrix capability be unavailable, staff will remain at home and, where possible, will access emails through their personal IT equipment/connection. Work files will be inaccessible. 8.4 Wherever possible, the CCG will seek alternative premises through the use of void space that the CCG is already paying for. It will prioritise the use of premises operated by Community Health Partnerships (CHP) to leverage local relationships. The CCG will maintain a record of void space available. The CCG will put a firm agreement with CHP in place. 8.5 The void space at Stourbridge Health and Social Care Centre (Room 3.11 to 3.15 and 3.21 and 3.15) will accommodate 20 people (mainly the Crisis Management Team) and is expected to be 7 P age

available for the foreseeable future. This is sufficient capacity to accommodate all the staff needed to support processes that need to be recovered within 1 week of an incident. 8.6 All other staff will be expected to work from home using Citrix to access their data. Arrangements will be put into place with larger GP practices to accommodate the remaining staff working from home within 1 month of an incident. 8.7 The Continuing/Intermediate Healthcare Team is currently based at Tiled House. In the event of the need to relocate, they will move to Brierley Hill Health and Social Care Centre. Clinical staff will only require an alternative base for limited time period. 8.8 In summary, the expectation is that all staff based at BHH&SCC would have an identified work base within one month of an incident. BHH&SCC will become the base for staff currently based at Tiled House. 9.0 TRAINING 9.1 All staff will receive an brief introduction to business continuity as part of the induction programme. 9.2 The CCG will provide staff with the business continuity training necessary to ensure that they can undertake the duties and responsibilities set out in Section 5. 9.3 A training schedule is in place and refresher training will be provided annually and full table top exercise every three years. See Appendix 2 10.0 RECORDS 10.1 The following records must be retained and maintained to comply with this policy. Record Duration/Validity Location Responsibility Business Continuity Policy Annual review Business Impact Analysis Physical Risk Assessment Soft copies to be retained on CCG shared drive. Business Continuity Plan Crisis Management Plan Exercise Reports Training Materials Contact details Third Party Support Contracts Annual review or when business unit changes dictate or a major incident occurs Annual review Annual review 11.0 TESTING AND EXERCISING Annual review To be reviewed in line with BC plans and/or on contract renewal Hard copies to be distributed across the business functions. Version control should be maintained. Retained by Finance and Contracting. Deputy Chief Finance Officer/ Governance Support Officer Performance and Contracts 11.1 The CCG will ensure that its BCM arrangements are validated by exercise and review and that they are kept up to date. The CCG will consider four approaches to validation: testing, discussion, table-top and live exercise. The method chosen will be relevant, realistic and appropriate. BCM arrangements should be reviewed at least annually or after their deployment 8 P age

following an event. 12.0 DEFINITION OF TERMS Activity: Processes or sets of processes undertaken by the CCG, or on behalf of the CCG, that supports the delivery of services. Business as Usual (BAU): Predefined acceptable levels of service delivery. Business Continuity Management (BCM): A holistic management process that identifies potential threats to an organisation and the impacts to business operations these threats, if realised, might cause, and which provides a framework for building organisational resilience with the capability of an effective response that safeguards the interests of its key stakeholders, reputation, brand and value creating activities. Business Continuity Management System (BCMS): Part of the overall management system that establishes, implements, operates, monitors, reviews, maintains and improves business continuity. Business Continuity Plan (BCP): Documented collection of procedures and information that is developed, compiled and maintained in readiness for use in a disruption to enable an organisation to continue to deliver its key activities at an acceptable pre-defined level. Business Impact Analysis (BIA): The process of analysing business functions and the effect that a business disruption might have on them. Crisis: A time of instability in which the impacts of an event(s) threatens the CCG s operations, survival or reputation. Disruption: Any event which causes an interruption to the ability to deliver business as usual. Key Activities: Those activities carried out by the CCG which are most time sensitive and important for ensuring continued delivery of services. Recovery: The process through which business as usual is reached, following a disruption. 9 P age

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback