Presentation is loading. Please wait.

Presentation is loading. Please wait.

I.T. C ONTINGENCY Mark Gilmour Laboratory Quality Manager NHS Forth Valley.

Published byGeraldine Boone Modified over 8 years ago

Similar presentations

Presentation on theme: "I.T. C ONTINGENCY Mark Gilmour Laboratory Quality Manager NHS Forth Valley."— Presentation transcript:

1 I.T. C ONTINGENCY Mark Gilmour Laboratory Quality Manager NHS Forth Valley

2

3 ISO15189:2012 R EQUIREMENT 5.10.3 Information system management “The laboratory shall have documented contingency plans to maintain services in the event of failure or downtime in information systems that affects the laboratory’s ability to provide service.”

4 E UDRALEX VOL 4 GMP A NNEX 11 C OMPUTERISED S YSTEMS 16. Business Continuity For the availability of computerised systems supporting critical processes, provisions should be made to ensure continuity of support for those processes in the event of a system breakdown (e.g. a manual or alternative system). The time required to bring the alternative arrangements into use should be based on risk and appropriate for a particular system and the business process it supports. These arrangements should be adequately documented and tested.

5 B USINESS C ONTINUITY M ANAGEMENT BS25999 “Requirement for Business Continuity Management” Defines BCM as... “the capability of the organisation to plan for and respond to incidents and business interruptions in order to continue business operations at acceptable pre-defined levels within agreed time frames”

6 B USINESS C ONTINUITY M ANAGEMENT The Civil Contingencies Act(CCA) 2004 The Civil Contingencies Act (Contingency Planning) (Scotland) Regulations 2005 NHS Scotland/Scottish Government “Business Continuity – A framework for NHS Scotland” Strategic Guidance for Organisations in Scotland

7 B USINESS C ONTINUITY M ANAGEMENT

8 B USINESS C ONTINUITY P LAN Scottish Government reviews arrangements of NHS Boards......... THE PLAN Section 2 (1)(c) of CCA makes this a statutory duty on each NHS Board

9 B USINESS I MPACT ANALYSIS 5 Key Elements Defining activities & their supporting processes and resources Mapping distinct stages of each activity & process Determining impacts of disruption over time Defining recovery time objectives Minimum resources required to meet these objectives

10 D EFINING ACTIVITIES & THEIR SUPPORTING PROCESSES AND RESOURCES Specimen In Examination Result Processes – Defined in QMS includes IT Resources Hardware Software Staff Server Rooms Terminals Barcode Scanners Have you documented this?

11 POPULAR MISCONCEPTIONS SPECIMEN INLAB RESULT OUT DATA ENTRYLIMS RESULT OUT

12 LIMS S ECURE OPERATING PROCEDURES Introduction The Application System Description Accountability Application Scope Application Software Application Users Hardware Location Hardware Environment System Configuration Software Data flow, Support and Responsibilities Technical Interfaces Application Availability Confidentiality Data Processed

13 LIMS S ECURE OPERATING PROCEDURES Risk Analysis & Security Principles Risk Assessment System Unavailability Disclosure Unauthorised Modification Threats Confidentiality/Legitimate Use Vulnerabilities Physical Security Administrative Security Audit Risk Analysis Recording

14 Administration of Security Document Control and Review Statutory Requirements Security Documentation Technical Documentation Contingency Planning Glossary Appendix Server Hardware Configuration

15 M APPING DISTINCT STAGES OF EACH ACTIVITY & PROCESS

16 LIMS D ISASTER RECOVERY SOP Identification of Failure Reporting Procedures Mon – Fri 9am to 5pm Out of Hours Notifications Pre prepared all user e-mail sent Requesting urgent samples only Restrict phone calls All urgent results will be telephoned Logging Fault with I-Soft Shut down and restart ilab & UNIX Hardware Failure Updates – includes projected time for resolution System Restore from Back up Resolution System Checks

17 D EPARTMENTAL C ONTINGENCY SOP Objective is to keep to hospital open Includes IT failure, Power Failure, Water etc Prioritise based on Urgency Emergency Dept ICU Maternity Theatres Making non urgent specimens safe Requirement for extra staff Sending samples elsewhere Record keeping Matching patients to results Records of phoned results Records of specimen disposal (too old for testing) Recovery Ensuring requests are entered into LIMS and matched to correct results Reports are run to ensure users/systems get the results

18 D OES IT WORK ?...... PROVE IT !! Have you validated a restore from back up? When you switch back on will the data transfer across the interface? How long can you run before everything else falls over? Can you get compatible replacement hardware? Can you get compatible replacement software? Do your staff know what to do? Is there enough expert knowledge available?

19 S UMMARY – W HAT YOU NEED Business Continuity Plan Board will have one which will show dependencies IT will have their own Data Flow Chart Data in and data out Secure System Operating Procedure Full system description Responsibilities Defined Risks Identified Equipment/Software Details IT Disaster Recovery SOP What to do if..... Departmental Contingency Plans How to function without an IT system

Download ppt "I.T. C ONTINGENCY Mark Gilmour Laboratory Quality Manager NHS Forth Valley."

Similar presentations

Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.

Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.
Business Plug-In B4 MIS Infrastructures.

Business Plug-In B4 MIS Infrastructures.
SERVICE LEVEL AGREEMENTS The Technical Contract Within the Master Agreement.

SERVICE LEVEL AGREEMENTS The Technical Contract Within the Master Agreement.
ISO in Histopathology Louise O’Callaghan MSc FAMLS

ISO in Histopathology Louise O’Callaghan MSc FAMLS
Software Quality Assurance Plan

Software Quality Assurance Plan
Service Design – Section 4.5 Service Continuity Management.

Service Design – Section 4.5 Service Continuity Management.
Business Continuity Disaster Recovery Risk Management How do these fit into a Framework?

Business Continuity Disaster Recovery Risk Management How do these fit into a Framework?
ITIL: Service Transition

ITIL: Service Transition
GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.

GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.
9 - 1 Computer-Based Information Systems Control.

9 - 1 Computer-Based Information Systems Control.
Security Controls – What Works

Security Controls – What Works
Laboratory Personnel Dr/Ehsan Moahmen Rizk.

Laboratory Personnel Dr/Ehsan Moahmen Rizk.
Pertemuan 16 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 16 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Information Systems Security Officer

Information Systems Security Officer
Pertemuan 20 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 20 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
TEL382 Greene Chapter 11. 10/27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.

TEL382 Greene Chapter /27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
THE SYSTEMS LIFE CYCLE ANALYSE DESIGN IMPLEMENT MAINTENANCE IDENTIFY/INVESTIGATE.

THE SYSTEMS LIFE CYCLE ANALYSE DESIGN IMPLEMENT MAINTENANCE IDENTIFY/INVESTIGATE.

Similar presentations

Ads by Google