Learning from our past experience of
system downtime, plans were laid out
for risk assessment and business impact
analysis on the areas of information
technology problems causing sudden
downtime, were well structured based
on previous documentation of such
incidences and available knowledge in
the system at department of IT.
Solutions are in place in getting a fast
and satisfactory recovery followed by
proper command and control system of
the business and a good and favorable
outcome. These type of occurrences
build a strong belief in the Business
Continuity Management team. A Follow
through on these plans are well
documented with the emphasis on
coordination, execution and right
outcome with idea of minimum business
impacts and assurance on the reliability.
Follow through on these plans are well
do c umen t ed w i t h emph a s i s on
coordination, execution and right
outcome with idea of minimum business
impacts and assurance on the reliability
of the system at large and process of
business continuity in short. A system
of accountability is an integral part of
the overall business continuity capability.
A focused approach in building a team
effort with a structured approach is a
hallmark of the whole effort. The focus
areas range from clinical issues affecting
operations and potentially impactful on
business are always taken up with care
and a thorough approach is developed
to handle these issues, like HINI
readiness or issues around sudden
eruption of endemic caused by a
resistant strain in a localized area of
hospitals, like ICU or operations theater.
Or a BCM plan for an issue arising from
an operational challenge due to system
unavailability due to major hardware
failure in business critical server. The
BCM plan will revolve around the clinical
aspects of management this impactful
incident or workout with KPJ IT Services
to reduce the impact to minimal possible
and ensure fastest recovery and follow
through on the incidence.
The regular review of the incidences is
one of the core activity of the committee
under business operations and these
are discussed every fortnightly meeting
at business operations. Every two
months risk register meetings are held
to vet through impacts and challenges
and input is recorded on improvements
and fine tuning of the issues as per
planned executions. All initiatives and
any of the BCM related activity is always
updated in the top management
meetings regularly to ensure organisation
wide continuity on reliance of the fall
back mechanisms under BCM.
CONTINUITY AND
PROGRESS OF THE BCM
PLAN
Risk register maintenance at KPJ
Healthcare is an important part of
con t i nuum o f bus i nes s p r oces s
development. Also area of impacts to
business under each business units are
a regular feature of development at
respective business units. The input
from all the business units are gathered
under business development, Risk
Office, to structure the risk register and
create best possible approaches to
handle the probability built around the
scenarios. For IT related risks we
conduct, once yearly regular DR Drill
and for last 3 years our gradual transfer
f r om v i r t u a l i s e d / c l i e n t b a s e d
implementation to cloud has enabled us
to build more robust DR a more of
active-active sync. We are planning to
bring more hospitals on to the cloud
model due to better through put and a
more robust centralised command and
control for business critical applications
and processes in the cloud. KPJ IT
Services are currently working on even
208
business continuity
management