Public Board of Directors papers 29.09.22

1. Safe

1.7 - Corporate Risks

There are 5 Trust-wide 15+ risks in August Description Score

Controls

No change to risk score - level of recurrent CIP identified at end of the July reporting period remains the same as the June figure which is £2.6m or 36% of the recurrent target.

Achieving 2022/23 Break Even Financial Plan including CIP (ID 3293)

16

Trust has achieved a break even financial position as at end month 4 but this is due to non recurrent delivery of efficiencies via vacancies, etc

Mitigating actions continue. Nurse Recruitment event scheduled for 24th September Good progress being made on International Recruitment Sickness absence improving Planning for potential industrial action has started

Risk of negative impact on engagement levels, staff health & wellbeing and delivery of services, due to Trust-wide staffing gaps. (ID 2438) Risk of patients being lost to follow up (ID 3218) Risk to delayed cancer referral and treatments due to not meeting 24 / 62 day target (ID 2407) Risk of prolonged disruption to services, due to a severe cyber security incident. (ID 3218)

15

Continue to monitor overbookings list which is being monitored daily. Band 7 manager for Referral & Bookings Team recruited to and Service manager now in post and working with Referral & Bookings Team. Digital list of all open referrals without a next appointment has now been provided and is currently being reviewed.

15

15 Existing mitigations remain in place. Clinical Oncology have worked to put ad hoc clinic capacity in place where possible to compensate for annual leave and bank holiday. Work underway within ODN to standardise bank holiday working, enabling treatment starts.

20 Focus on Multi-Factor Authentication (MFA) for NHS mail, to mitigate against our staff credentials (usernames and passwords) being handed over to criminals as a result of a phishing email. This is a main route of compromise. Roll out within Digital Services with feedback to assist in ironing out queries and challenges that will arise. Threat environment proven still to be acute, as a major NHS software provider is exploited by ransomware recently, causing disruption across large parts of the NHS. Supplier management and controls now being reviewed by NHS Digital.

43

12