Incident response
← Back to trust centreA plain-language outline of how service incidents, security issues, or data-handling concerns should be handled and communicated.
Operational expectations
Incidents should be triaged quickly, with enough information preserved to understand what happened and what the likely impact is.
Containment should be prioritised where a service issue, security concern, or data-handling issue could affect clinics or patients.
Affected clinics should be communicated with clearly when an incident materially affects service or data handling.
After the incident is resolved, the cause and follow-up actions should be reviewed so the same issue is less likely to recur.
Reasonable next steps to define formally
Who gets notified internally when an incident is suspected
How service-impacting incidents are tracked and updated
When clinics should be informed and through which channel
How lessons learned are recorded after the incident is closed