1 minute read
XXIII CONGRESSO NAZIONALE SIEUN Abstracts
FIRST EXPERIENCE TO CERTIFY THE PDTA PROCESSES WITH THE REQUIREMENTS DEFINED BY ISO 22301:2019 IN EMERGENCY DIAGNOSTIC IMAGING
4
Introduction. The Business Continuity Plan (BCP) is an alternative security plan that a company must have to continue its operations in the event of catastrophic events due to natural or man-made events that can undermine integrity (1).These unexpected events of external or internal origin must be prevented by creating a plan for operational continuity of care. Suppose risk management has been done in a reasoned manner through a Business Impact Analysis (BIA) according to ISO 22301:2019 certification (2). This study describes our experience promoting a healthcare company model structured according to Diagnostic-Therapeutic-Assistance Pathways (PDTA) processes and business continuity ISO 22301 in medical emergency services and emergency diagnostic imaging. Materials and Methods. This project was formulated by the Unit of Quality and Risk Management. The Business Continuity Team features all the professional figures responsible for the various hospital sectors of interest. The methodology adopted in this study for analyzing the impact on operations and risk assessment provides for the execution of a RISK Assessment through software. This software is planned to formulate a BIA relating to the failure modes (disruptions) correlated to the PDTA considered "critical" for an interruption of business continuity. The mentioned team identifies the Crisis scenarios and, for each of them, the sub-scenarios (failure modes) that can create problems for the operational continuity of the PDTAs involved in the analysis. The team identifies 4 scenarios and 32 sub-scenarios (Table 1). The Team, through a brainstorming activity and previous experiences, evaluates the VULNERABILITY of each PDTA concerning each single failure mode defined in Table 1. Having calculated the vulnerability indicator for each of the PDTAs, the work team calculated the Impact index: IMPACT INDEX = force of law + reputation + service disruption. once the level of vulnerability and the impact of each PDTA have been defined, the level of risk was defined, intended as a
Scenario 1 - Hospital Disaster Management of IT Services:
GDPR
Storage device failures
Loss of paper archives
Backup failure
Health data stolen
Health data lost or unavailable
Failure/damage of external telephone network
Faults/damage to the internal telephone network
Corporate hardware failures
Switchboard faults
WIRED NETWORK faults
Mobile phone network failures
Errors in Software Applications
Scenario 2 - Lack of infrastructure: Contamination
Electricity outage
Medical gas interruption
Water outage
Electromedical failure
Heating/cooling fault
Fire
Earthquake
Flooding
Scenario 3 - HR shortage:
Shortage due to a sudden increase in demand
Shortage due to pandemic and epidemic
Unavailability on the reference market
Organizational unavailability
Unavailability due to competence
Public transport disruption
Scenario 4 – Supplies:
Defects in the quality of supplies
Failure to supply
Contractual breach
Supply chain disruption
