HSPOL27 EPRR Policy.docx by Provide Community

Version: V4

Ratified by: Finance & Investment Committee

Date ratified: 03/01/2024

Job Title of author:

Reviewed by Committee or Expert Group

Equality Impact Assessed by:

1. Introduction

Provide is committed to developing and maintaining prepared and resilient services by taking a proactive approach to Emergency Preparedness, Resilience and Response (EPRR). This Policy along with the Business Continuity Policy is part of the organisation’s ongoing programme to increase our resilience so that it is able to respond to Major Incidents and business disruptions, regardless of source, whilst continuing to deliver the critical services that its stakeholders and community rely upon. As part of this programme, the organisation has worked hard to align itself to statutory duties of a Category 1 responder under the Civil Contingencies Act (2004).

The Civil Contingencies Act (2004) identifies a wide range of public sector organisations as ‘category one’ responders. The category includes all Acute and Ambulance NHS Trusts, Public Health England and NHS England. Community providers, mental health and other NHS organisations (NHS Blood and Transplant, NHS Supply Chain and NHS Protect) are not listedin the Civil Contingencies Act (CCA) 2004. However, Department of Health & Social Care and NHS England guidance expects the organisation as a healthcare provider to plan for and respond to incidents in the same way as category one responders.

Furthermore, the ‘NHS England Emergency Preparedness, Resilience and Response (EPRR) Framework’ states that providers of NHS funded care must;

• Support Integrated Care Boards (ICB) within our Integrated Care Systems (ICS) and NHS England in discharging their EPRR functions and duties, locally and regionally

• Have robust and effective structures in place to adequately plan, prepare and exercise the tactical and operational response arrangements both internally and with their local healthcare partners

• Ensure business continuity plans mitigate the impact of any emergency, so far as is reasonably practicable

• Ensure robust 24/7 communication ‘cascade and escalation’ policies and procedures are in place, to inform CCGs and healthcare partners, as appropriate, of any incident impacting on service delivery

• Ensure that recovery planning is an integral part of its EPRR function

• Provide assurance that organisations are delivering their contractual obligations with respect to EPRR

• Ensure organisational planning and preparedness is based on current risk registers

• Provide appropriate director level representation at Local Health Resilience Partnerships (LHRP) and appropriate tactical and/or operational representation at local health economy planning groups in support of EPRR requirements.

2. Purpose

This policy provides assurance that frameworks exist within the organisation that support a high level of preparedness to any business-disrupting event or Major/Critical/Business Continuity Incident, regardless of source. Full adherence to this policy will ensure there are arrangements in place that will enable the organisation

to respond to major incidents/business disruptions, continue its critical functions and essential services provide support to the local community and provide and receive mutual aid on a local, regional and national level. The policy supports a whole health economy approach to resilience where critical and interdependent healthcare systems are prioritised to ensure the ongoing delivery of the services stakeholders and community rely upon, regardless of circumstance

3. Definitions

Emergency Preparedness

The development and maintenance of agreed procedures to prevent, reduce, control, mitigate and take other actions in the event of an emergency.’

Resilience

The ability of an organisation to adapt, respond and recover to disruptions, whether internal or external, to deliver organisationally agreed critical activities.

Response

Decisions and actions taken in accordance with the strategic, tactical and operational objectives defined by emergency responders

Incident

For the NHS, EPRR incidents are classed as either, Business Continuity, Critical or Major Incident.

• Business Continuity Incident is an event or occurrence that disrupts, or might disrupt, an organisation’s normal service delivery, to below acceptable pre-defined levels. This would require special arrangements to be put in place until services can return to an acceptable level.

Examples include surge in demand requiring temporary re-deployment of resources within the organisation, breakdown of utilities, significant equipment failure or hospital acquired infections. There may also be impacts from wider issues such as supply chain disruption or provider failure.

• Critical Incident is any localised incident where the level of disruption results in an organisation temporarily or permanently losing its ability to deliver critical services; or where patients and staff may be at risk of harm. It could also be down to the environment potentially being unsafe, requiring special measures and support from other agencies, to restore normal operating functions.

A Critical Incident is principally an internal escalation response to increased system pressures/disruption to services

• Major Incident is any occurrence that presents serious threat to the health of the community or causes (or is likely to cause) such numbers or types of casualties as to require special arrangements to be implemented. For the NHS, this will include any event defined as an emergency, detailed below

Emergencies

In Section 1 of the Civil Contingencies Act (CCA) 2004 it defines an emergency as:

“(a) an event or situation which threatens serious damage to human welfare in a place in the United Kingdom;

(b) an event or situation which threatens serious damage to the environment of a place in the United Kingdom; or

4. Duties

The following specific responsibilities apply within Provide:

Chief Executive

The Chief Executive has overall responsibility for the strategic and operational management of Provide, including ensuring that Organisation has in place robust arrangements for emergency preparedness resilience and response (EPRR).

The Board

The Board is responsible for setting the strategic context in which EPRR procedures are developed, and for the formal review and approval of the EPRR Policy.

Executive and Assistant Directors

All Executives and Assistant Directors are responsible for ensuring that business continuity plans to support their core business functions are completed and updated as necessary and for contributing to the development of relevant service continuity information sheets.

Accountable Emergency Officer (AEO)

Responsible for:

• Ensuring that the organisation is compliant with the Emergency Preparedness Resilience and Response (EPRR) requirements as set out in the Civil Contingencies Act (2004), the 2005 Regulations, the NHS Act 2006, the Health and Care Act 2022 the NHS EPRR framework and the NHS standard contract as applicable;

• Ensuring that the organisation is properly prepared and resourced for dealing with a major incident or civil contingency event;

• Ensuring that the organisation and any sub-contractors have robust business continuity planning arrangements in place that align to ISO22301 or subsequent guidance that may supersede this

• Implementing the Emergency Preparedness Resilience and Response Policy with the Emergency Preparedness Resilience and Response Manager;

• Ensuring all relevant EPRR Local Health Resilience Partnerships (LHRP’s) information is cascaded throughout the organisation as appropriate;

• Prepare and submit, with the assistance of the Emergency Preparedness and Resilience Manager, an annual report to the Board summarising the current state of organisation-wide resilience.

•

Emergency Preparedness Resilience and Response (EPRR) Manager

Responsible for

• Supporting the EPRR AEO in implementing the Organisation Emergency Preparedness Resilience and Response Policy.

• Providing EPRR advice to the organisation.

• Developing, disseminating and maintaining the organisation’s EPRR arrangements.

• Arranging and delivering EPRR training as required.

• Coordinating tests and exercises of the organisation’s emergency arrangements and ensuring appropriate attendance at multiagency exercises

• Ensuring lessons identified within exercises and incidents are embedded throughout the organisation

Provide Staff

All staff are responsible for cooperating with the implementation of this policy as part of their normal duties and responsibilities.

5. Consultation and Communication

This policy has been reviewed by the Property Health and Safety Steering Group and ratified by the Finance and Investment Committee (FIC).

6. Monitoring

The effectiveness of this document is monitored and reported through;

NHS England EPRR Annual Assurance Process

All NHS organisations and providers of NHS funded care are held to account by NHS England or having effective EPRR processes and systems in place. An annual assurance process is used by NHS England to seek assurance that organisations are prepared to respond to an emergency and have the resilience in place to continue to provide safe patient care during a major incident or business continuity event. The indicators are set against the EPRR core standards and an action plan is agreed against any standard that is assessed as requiring improvement. Progress against the action plan is monitored through Senior Leadership Team (SLT).

Business continuity or major/critical incidents will be monitored by the EPRR manager through SLT and any lessons identified will be considered for changes to EPRR practice.

Internal Audit Programme

Provides internal auditors may also choose to audit the organisations EPRR arrangements on an annual basis. Any resulting recommendations from the audit will be monitored through the Finance and Investment Committee (FiC)

7. EPRR Arrangements

Risk Management

The NHS England Core Standards for EPRR places a duty upon all NHS

organisations and providers of NHS care to maintain a risk register which links back to the National Risk Register (NRR) and Community Risk Register(s). Provide will ensure that the development of emergency plans is based on preparing the organisation for risks identified on the National, Local (where applicable] Community, LHRP Risk Registers and the organisation’s risk register and will take account of other relevant documents and information. It will cover planning for response to known and emerging threats and take an all hazards approach, which will aim to cover unknown or unanticipated threats.

All identified emergency preparedness risks will be recorded on the risk register on Datix and will be reviewed in line with the organisation’s Risk Management Policy.

Business Continuity

Provide will ensure that it has a business continuity policy which will provide assurance that a framework exists within the organisation, to enable it to identify and assess the risk of a business disruption or incident, and should that risk be realised, to respond in an appropriate manner. The policy will detail processes for recording, assessing and managing risk; business impact assessment (BIA) process; identifying and prioritising critical services; responding to business disruptions or incidents, regardless of cause; maintaining critical services and restoring services to normal levels.

Incident Response Plans

Provide will ensure that it prepares and maintains plans to respond to emergencies. All plans will be developed in line with the Provide ‘Policy for the Development and Management of Procedural Documents’ and as a minimum plans will have the following to be considered appropriate for use:

• Version control and issue date

• A responsible person to manage the plan

• Purpose, definition and scoping statements (including risk factors and non-health impacts).

• Set out roles and responsibilities

• Activation, monitoring and assessment procedures

• Information relating to command and control measures

• Options for response that are scalable, with alternatives

• Alerting procedures and reporting methods

• Stand-down and recovery procedures

• Strategic in nature allowing local managers flexibility to implement operationally

• Contain general guidance for managers and staff.

• Considered the impact on and from health inequalities in local populations

• Revised annually by the responsible person

• Consulted on with partner responding agencies, especially those responding as part of the threat the plan is written for

• Approved by the appropriate group/committee

• Suitable supporting guidance and procedures at operational levels separate from the plan

• Suitable consideration ofvulnerable groupsrequiring additional support or changes to systems to allow fair access to services in an emergency

Debriefing

Provide will undertake a debrief after each EPRR incident or exercise to identify lessons from any incident or exercise. The EPRR Manager will support the facilitation

of the debrief which should capture as much detail about the incident and the experiences of those involved as soon as is reasonably practicable.

Debriefs should be held as follows:

• Hot debrief – immediately after the incident or period of duty, but within 48 hours of stand down

• Cold/structured/organisational debrief – within 28 days post incident

• Multi-agency debrief – within eight weeks of the close of the incident (actual timing will be set by the lead organisation for the response)

• Post-incident/exercise reports – within four weeks of the debrief.

The post-incident reports will include action plans, with timescales and accountable owners, and recommendations to update any relevant plans or procedures and identify any required training or exercises. The reports and learning will be shared with our partners including the local ICB, through the LHRP, the wider NHS and with partner organisations.

Financial Management

During the response to or recovery from an incident additional costs may be incurred either through the procurement of additional supplies and services or through the alteration of existing contracts. Provide will ensure that all additional costs are appropriately authorised and recorded.

8. Training Requirements

Training

Appropriate and relevant training ensures that all staff are prepared to respond appropriately in the event of a major incident. The EPRR manager will ensure that all training delivered is based upon the National Occupational Skills for Civil Contingencies.

The EPRR Manager will advise staff of all training available internally, externally and via multi-agency partners and exercises scheduled.

Training will contain a mix of formal and informal training sessions to ensure it remains flexible and able to adapt to the changing risks, priorities and needs of the organisation. Competent persons will carry out all EPRR training and will be aligned to the NHS England Minimum Occupational Standards for EPRR.

The EPRR Manager will also provide bespoke training and exercises upon request and advertise all relevant training available to appropriate teams.

9. Exercises

Provide will undertake and participate in exercises. Roles within the organisations EPRR plans, not individuals, will be exercised to ensure they are fit for purpose and capture all necessary functions and actions to be carried out in an incident. Through the exercising process individuals can practise their skills and increase their confidence, knowledge and skill base in preparation for responding to an incident.

Provide will undertake or participate in the following exercises

• Communication exercise – every 6 months

• Tabletop exercise – every 12 months

• Live exercise – every 3 years

• (if the organisation activates its plan for response to a live incident, this replaces the need to run an exercise, providing lessons are identified, logged and an action plan is developed.

• Command post exercise – every 3 years

• ICC equipment test – every 3 months

The EPRR manager will ensure that all exercises are recorded with any lessons identified logged and actioned where appropriate.

EQUALITY IMPACT ASSESSMENT TEMPLATE: Stage 1: ‘Screening’

Name of project/policy/strategy (hereafter referred to as “initiative”):

Emergency Preparedness Resilience and Response (EPRR) Policy

Provide a brief summary (bullet points) of the aims of the initiative and main activities:

To provide assurance that frameworks exist within the organisation that support a high level of preparedness to any business-disrupting event or Major/Critical/Business Continuity Incident, regardless of source.

Project/Policy Manager:

Nicky Mclean

Date:22/11/23

This stage establishes whether a proposed initiative will have an impact from an equality perspective on any particular group of people or community – i.e. on the grounds of race (incl. religion/faith), gender (incl. sexual orientation), age, disability, or whether it is “equality neutral” (i.e. have no effect either positive or negative). In the case of gender, consider whether men and women are affected differently.

Q1. Who will benefit from this initiative? Is there likely to be a positive impact on specific groups/communities (whether or not they are the intended beneficiaries), and if so, how? Or is it clear at this stage that it will be equality “neutral”? i.e. will have no particular effect on any group.

Neutral

Q2. Is there likely to be an adverse impact on one or more minority/under-represented or community groups as a result of this initiative? If so, who may be affected and why? Or is it clear at this stage that it will be equality “neutral”?

Neutral

Q3. Is the impact of the initiative – whether positive or negative - significant enough to warrant a more detailed assessment (Stage 2 – see guidance)? If not, will there be monitoring and review to assess the impact over a period time? Briefly (bullet points) give reasons for your answer and any steps you are taking to address particular issues, including any consultation with staff or external groups/agencies.

Neutral

Guidelines: Things to consider

Equality impact assessments at Provide take account of relevant equality legislation and include age, (i.e. young and old,); race and ethnicity, gender, disability, religion and faith, and sexual orientation.

The initiative may have a positive, negative or neutral impact, i.e. have no particular effect on the group/community.

Where a negative (i.e. adverse) impact is identified, it may be appropriate to make a more detailed EIA (see Stage 2), or, as important, take early action to redress this – e.g. by abandoning or modifying the initiative. NB: If the initiative contravenes equality legislation, it must be abandoned or modified.

Where an initiative has a positive impact on groups/community relations, the EIA should make this explicit, to enable the outcomes to be monitored over its lifespan.

Where there is a positive impact on particular groups does this mean there could be an adverse impact on others, and if so can this be justified? - e.g. are there other existing or planned initiatives which redress this?

It may not be possible to provide detailed answers to some of these questions at the start of the initiative. The EIA may identify a lack of relevant data, and that data-gathering is a specific action required to inform the initiative as it develops, and also to form part of a continuing evaluation and review process.

It is envisaged that it will be relatively rare for full impact assessments to be carried out at Provide. Usually, where there are particular problems identified in the screening stage, it is envisaged that the approach will be amended at this stage, and/or setting up a monitoring/evaluation system to review a policy’s impact over time.

EQUALITY IMPACT ASSESSMENT TEMPLATE: Stage 2:

(To be used where the ‘screening phase has identified a substantial problem/concern)

This stage examines the initiative in more detail in order to obtain further information where required about its potential adverse or positive impact from an equality perspective. It will help inform whether any action needs to be taken and may form part of a continuing assessment framework as the initiative develops.

Q1. What data/information is there on the target beneficiary groups/communities? Are any of these groups under- or over-represented? Do they have access to the same resources? What are your sources of data and are there any gaps?

n/a

Q2. Is there a potential for this initiative to have a positive impact, such as tackling discrimination, promoting equality of opportunity and good community relations? If yes, how? Which are the main groups it will have an impact on?

n/a

Q3. Will the initiative have an adverse impact on any particular group or community/community relations? If yes, in what way? Will the impact be different for different groups – e.g. men and women?

n/a

Q4. Has there been consultation/is consultation planned with stakeholders/ beneficiaries/ staff who will be affected by the initiative? Summarise (bullet points) any important issues arising from the consultation.

n/a

Q5. Given your answers to the previous questions, how will your plans be revised to reduce/eliminate negative impact or enhance positive impact? Are there specific factors which need to be taken into account?

n/a

Q6. How will the initiative continue to be monitored and evaluated, including its impact on particular groups/ improving community relations? Where appropriate, identify any additional data that will be required.

n/a

Guidelines: Things to consider

An initiative may have a positive impact on some sectors of the community but leave others excluded or feeling they are excluded. Consideration should be given to how this can be tackled or minimised.

It is important to ensure that relevant groups/communities are identified who should be consulted. This may require taking positive action to engage with those groups who are traditionally less likely to respond to consultations, and could form a specific part of the initiative.

The consultation process should form a meaningful part of the initiative as it develops, and help inform any future action.

If the EIA shows an adverse impact, is this because it contravenes any equality legislation? If so, the initiative must be modified or abandoned. There may be another way to meet the objective(s) of the initiative.

Further information:

Useful Websites www.equalityhumanrights.com Website for new Equality agency www.employers-forum.co.uk – Employers forum on disability www.efa.org.uk – Employers forum on age

EQUALITY IMPACT ASSESSMENT TEMPLATE: Stage One: ‘Screening’