Serious Incident Policy

Accessibility

If you require this policy in a different format, an alternative language, or you need any help reading this document, please get in touch with the Governance department; governance@vhg.co.uk.

Confidentiality

This document and its contents are the property of Vita Health Group. Information contained therein is confidential and privileged. It must not be used by, copied, disclosed or reproduced without written consent from Vita Health Group Directors or the Governance department.

Equality Statement

Vita Health Group aims to develop and implement policies and procedures that equitably meet the diverse needs of our service users, colleagues, and the wider population. We acknowledge and value difference and are committed to anti-discriminatory practices taking into account the Equality Act 2010, and Public Sector Equality Duty.  

Vita Health Group conducts equality impact assessments on all organisational policies and services, ensuring consideration of protected groups’ differing needs. Vita Health Group aims to create a safe and inclusive environment for all and therefore this document has been assessed to ensure that it does not discriminate. 

Document control

Owner:	Head of Governance & Quality	Next Review:	March 23	Classification:	1 (Proprietary)
Author:	Head of Governance & Quality	Version:	3.0	Status:	Published
Date Published:	09/08/2018	Last Review	01/03/22	Code:	QA9100B
Review Consultation:	Core Clinical Governance inc. National MSK Lead, National IAPT Lead, Compliance Managers Corporate & NHS, Data Protection Officer, H&S Officer EMT	Date:	January 2021 08/03/2021

Version history

Version:	Date:	Summary of Changes
0.1	09/08/18	Draft
1.0	09/08/18	Published
2.0	10/12/18	Full review and amalgamation of RHW and CPPG policies
2.1	14/12/18	Updated risk framework and appendices
2.2	10/4/19	Reviewed by QASSG
2.3	27/11/20	Updated to VHG template and minor amendments
3.0	08/03/21	Reviewed, updated and republished
3.0	01/03/22	Reviewed, no changes
3.0	08/12/22	Extended next review to March 2023 to embedded PSIRF within this policy

Contents	Page

1. Introduction 

All healthcare providers, whether the National Health Service (NHS) or independent organisations, provide services, treatment, and interventions for millions of people every year. Although most of these people receive safe and effective care, there are times when things go wrong, leading to some people being harmed no matter how professional and dedicated the healthcare workers are, or how safe and robust organisational support systems and processes are. 

An essential foundation to improving the safety of services is through identifying and responding to service user safety incidents. It is good practice for all colleagues to recognise and report all incidents, to ensure that learning and improvement takes place as a continuous ongoing cycle. This is inclusive of all incidents that occur as well as near misses and never events. This requires healthcare organisations to recognise the needs of those affected, examine what happened to understand the causes and respond to the findings with action to mitigate the risks identified.

The NHS Serious Incident Framework outlines the importance of taking a whole-system approach to quality, where cooperation, partnership working, thorough investigation and analytical thinking are used to understand where weaknesses or problems in services or care delivery exist, and to draw upon learning that minimises the risk of future harm. 

To support the NHS in ensuring there are robust systems in place for reporting, investigating, and responding to Serious Incidents, there are two national frameworks that this policy aligns with:

 

• NHS England Serious Incident Framework: Supporting Learning to prevent recurrence https://www.england.nhs.uk/wp-content/uploads/2015/04/serious-incidnt-framwrk-upd.pdf  
• NHS England Never Events Policy and Framework. Revised January 2018 https://www.england.nhs.uk/wp-content/uploads/2020/11/Revised-Never-Events-policy-and-framework-FINAL.pdf 

Vita Health Group (VHG) recognises that these frameworks are due to be replaced by the ‘Service user Safety Incident Response Framework’ https://www.england.nhs.uk/service user-safety/incident-response-framework/ in 2021 although the existing frameworks should continue to be followed on the advice of NHS England and NHS Improvement.

2. Scope

4. This policy applies to all VHG colleagues to ensure they understand and are supported appropriately in the event of a Serious Incident. 
5. All colleagues have a responsibility for recognising and reporting incidents (clinical and non-clinical), being involved in investigations, and responding to serious incidents openly, transparently and in a timely manner. 
6. It is good practice for healthcare providers to align practice with the NHS Serious Incident Framework and the Never Events Policy Framework. This policy is therefore intended to complement these Frameworks.
7. VHG emphasise that this policy does not replace the duty of healthcare providers to inform the following interested bodies when the circumstances of a Serious Incident meet the descriptions set out below:

• The Police in incidents with criminal implications such as incidents where there is evidence or suspicion that the actions leading to harm (including of omission) were reckless, grossly negligent, wilfully neglectful or that harm/adverse consequences were intended 
• The Care Quality Commission in accordance with the Health and Social Care Act 
• The relevant Coroner in cases of unexpected deaths
• The Health and Safety Executive where cases relate to workplace death or over 7 days incapacitation in accordance with the Reporting of Injuries, Diseases and Dangerous Occurrences Regulations (RIDDOR) 1995 
• The Information Commissioners Office where incidents relate to serious Information Governance Issues 
• The Local Authority where incidents relate to public health services, they commission
• The Local Authority Safeguarding Team where an incident raises concerns of abuse or potential abuse or relates to adults, children, or young people in vulnerable circumstances
• The Medicines and Healthcare products Regulatory Agency (MHRA) through the Yellow Card Scheme where a Serious Incident raises suspected problems with a medicine or medical device
• NHS England and NHS Improvement where a Serious Incident may raise potential concerns over the Provider’s compliance with their NHS Provider Licence
• Professional Regulators such as the Nursing & Midwifery Council, Health and Care Professions Council and General Medical Council if the incident suggests Grounds for Professional Misconduct
• The relevant Public Health England Health Protection Team where the incident has the potential to have adversely affected the health of a wider population e.g., colleagues contact with transmissible infectious diseases, health care associated infection outbreaks, Health care workers with blood borne viruses

3. Purpose

This policy and the procedures which sit alongside it, support colleagues to navigate the system of serious incident reporting, investigation and associated lessons learned within the organisation.

It sets out how serious incidents should be reported, managed, and investigated within VHG as well as in collaboration with external agencies and key stakeholders outside VHG.

4. Key Definitions 

Serious Incident

Serious incident management is a critical component of corporate and clinical governance. Serious incidents are events where the potential for learning is so great, or the consequences to service users, families and carers, colleagues or organisations are so significant, that they warrant using additional resources to mount a comprehensive response. 

Serious incidents can extend beyond incidents which affect service users directly and include incidents which may indirectly impact service user safety or an organisation’s ability to deliver ongoing healthcare. The occurrence of a serious incident demonstrates weaknesses in a system or process that need to be addressed to prevent future incidents leading to avoidable death or serious harm to service users or colleagues, or future significant reputational damage to the organisations involved. 

Further detail on what constitutes a Serious Incident is located at Appendix A. 

Near Miss 

An incident which has the ability to cause harm, but was prevented ahead of any harm occurring, through early detection, intervention, or treatment. 

Never Event 

Never Events are service user safety incidents that are wholly preventable where guidance or safety recommendations that provide strong systemic protective barriers are available at a national level and have been implemented by healthcare providers. The NHS England Never Events policy is available here: https://www.england.nhs.uk/wp-content/uploads/2020/11/Revised-Never-Events-policy-and-framework-FINAL.pdf 

5. Duties and Responsibilities 

5.1 Governance, Quality and Risk Committee

• Will advise and facilitate colleagues throughout the serious incident process as required and ensure that actions in section 6.8 (Learning from Serious Incidents) are completed and implemented. 
• Support Managers in conducting investigations where required 
• Ensure dissemination and implement process changes and lessons learnt where possible 
• Encourage an open culture for incident reporting 
• Escalate high risk concerns to Executive Management Team 

5.2 Senior Managers / Team Leads / Service Leads

Senior managers, team leads, and service leads are responsible for:

• Completing investigations where required in line with this policy 
• Supporting colleagues involved in investigation processes 
• Encouraging an open and transparent culture for incident reporting 
• Escalating concerns and seeking guidance where required

5.3 Local Managers

The local manager is the line manager or another immediate manager who is best suited to initially managing a Serious Incident. They are responsible for:

• Taking immediate actions or supporting the reporting person to do so
• Escalating the incident appropriately as stated in ‘Reporting a Serious Incident’ (section 6.5)

5.4 All Colleagues (clinical and non-clinical)

All colleagues may have a variety of responsibilities in the event of a Serious Incident; however, the reporting person has a specific role or tasks to complete that include:

• Take immediate action which is proportionate to the situation
• Escalate any incident or complaint which meets the criteria of a Serious Incident, or which they feel may be a serious incident, immediately to their line manager or a senior manager 
• Report the incident/complaint through the incident or complaints reporting procedure via the intranet

6. Managing a Serious Incident

6.1 Principles of Serious Incident Management:

Open and Transparent

The needs of those affected should be the primary concern of those involved in the response to and the investigation of serious incidents. The principles of openness and honesty as outlined in the VHG Duty of Candour Policy must be applied in discussions with those involved. This includes colleagues and service users, victims and perpetrators, and their families and carers. 

Preventative 

Investigations of serious incidents are undertaken to ensure that weaknesses in a system and/or processes are identified and analysed to understand what went wrong, how it went wrong and what can be done to prevent similar incidents occurring again. 

Objective

Those involved in the investigation process must not be involved in the direct care of those service users affected nor should they work directly with those involved in the delivery of that care. Those working within the same team may have a shared perception of appropriate/safe care that is influenced by the culture and environment in which they work. As a result, they may fail to challenge the ‘status quo’ which is critical for identifying system weaknesses and opportunities for learning. 

Timely and Responsive

Every case is unique, including: the people/organisations that need to be involved, how they should be informed, the requirements/needs to support/facilitate their involvement and the actions that are required in the immediate, intermediate, and long-term management of the case. Those managing serious incidents must be able to recognise and respond appropriately to the needs of each individual case. 

Systems Based

The investigation must be conducted using a recognised systems-based Root Cause Analysis (RCA) investigation methodology that identifies what happened, how it happened, and why it happened, considering the following causes:

• Physical (e.g., equipment failure)
• Human factors (e.g., human error or omission)
• Organisational (e.g., system, process, or policy failure)

Proportionate

The scale and scope of the investigation should be proportionate to the incident to ensure resources are effectively used. Incidents which indicate the most significant need for learning to prevent serious harm should be prioritised. Determining incidents which require a full investigation is an important part of the process and ensures that organisations are focusing resources in the most appropriate way. 

Collaborative

Serious incidents often involve several organisations. Organisations must work in partnership to ensure incidents are effectively managed.

2.  Aims of Serious Incident Management

The aims of serious incident management are to ensure that every serious incident has a detailed and thorough investigation which includes:

• Identifying the causes of each incident
• Ensuring that the lessons from each incident are learnt and disseminated throughout the organisation at all levels as well as with service users, their carer’s and other stakeholders as required
• To follow the principles of Serious Incident Management

6.3 Identifying and Defining a Serious Incident

The following incidents or near misses are categorised as Serious Incidents: 

• Any incident which falls into the classification of a Serious Incident in Appendix A
• Any incident which causes major or catastrophic harm (severity 4 or 5 on the incident management tool). 
• Any near miss which could have caused major or catastrophic harm
• Any near miss where the potential harm (consequence) and likelihood of occurrence multiplied together indicate that significant or immediate action would need to be taken had it occurred

6.4 Immediate Action Following a Serious Incident

The following actions should take place as soon as the incident is discovered.

The colleague who discovers or is informed about the serious incident (the “reporter”) is responsible for:

• Informing the most senior manager in their department, or any other senior manager immediately available (the “local manager”)
• taking immediate necessary action to ensure the safety of those involved, including, if required, calling emergency services by phone on 999

The Local Manager is responsible for assessing the situation and taking appropriate immediate action to: 

• Ensure the wellbeing of all those involved and ensure the area is safe
• Support the reporter as required, including any welfare needs
• Minimise potential adverse effects of the incident
• Minimise the risk of the incident occurring again in the future
• Inform the service user and / or their family about the incident and possible requirement to investigate in clinical situations 
• Delegate responsibility to a deputy in the event of their absence

In some extreme cases, a Serious Incident may require criminal investigation. For example, if there has been a death, or if criminal activity is suspected.

In this instance all colleagues should preserve evidence. Where a SI involves a death or serious injury the location should not be disturbed except to deliver first aid or resuscitation attempts. 

In the event of serious incidents where significant harm is caused then it is likely external organisations will require involvement/notification, this will depend on the situation/pathways outside the organisation, at local, regional, and national levels. 

6.5 Reporting a Serious Incident

The following actions must be completed within the first 24 hours after a Serious Incident:

Concurrently to the immediate action being completed, the Local Manager should: 

• Inform appropriate members of the Leadership Team by telephone
• Inform relevant Directors (following the EMT Escalation Process where applicable – see Appendix B)
• Report as an incident through the incident management reporting system on the intranet 

The Directors and Leadership Team will nominate an:

• “Incident Manager”
• “Investigating Manager”

The Incident Manager is responsible for coordinating further communications, including to: 

• Service user or customer, taking account of our Duty of Candour procedure
• CCG, NHS Trust, Customer 
• Relevant external agencies, e.g., CQC, Department of Health, RIDDOR, ICO, Coroner’s Office (these are often statutory requirements)
• Relevant bodies or stakeholders

Serious Incidents involving Safeguarding must be investigated by the Local Safeguarding Children Board (LSCB) or Local Safeguarding Adult Board (LSAB), and the Local Authority may also have a statutory duty in this regard. 

These bodies should be informed in this event. In some circumstances a Serious Case Review or Safeguarding Adult Review will be commissioned and led by these boards. 

The Incident Manager will ensure communication links following both VHG’s serious incident process and local safeguarding procedures as articulated in the local multi-agency safeguarding policies and protocols. VHG’s Incident Manager will liaise regularly with the commissioners and the Local Authority Safeguarding Lead to ensure that there is a coherent multi-agency approach to investigating and responding to safeguarding concerns, which is agreed by relevant partners.

See the Adult Safeguarding Policy and Child Safeguarding Policy for further details.

6.6 Managing a Serious Incident

Managing a Serious Incident starts immediately following an incident and continues until the risk of further incidents has been sufficiently mitigated. Each Serious Incident is likely to be unique and the Incident Manager should focus on the following: 

Prevent

Prevent recurrence of the same or similar issue. The following principles of issue management should be considered; Engagement – including the right people in decisions as early as possible; Speed – Quick action ensures that issues are dealt with, and processes or procedures can be altered or implemented to prevent recurrences; Decisiveness – Decisive action may be required to prevent further incidents, especially in conditions of uncertainty. Operational impacts of decisions must be weighed against the possible severity of outcomes. 

• Contain – Minimise the severity of ongoing issues as far as possible. Identify and manage consequent risks of the incident (these may be Information Governance (IG)-related or involve risks to service user safety, continuity of treatment etc.) 
• Preserve – Preserve evidence and gather facts, maintain a timeline of events. When gathering evidence, the following principles should be considered:

3. accuracy – gather facts and evidence, not rumour or opinion
4. Independence – independent oversight or review of incidents prevents conflicts of interest
5. standardisation – where possible, data collected should be standardised to ensure that trends or information can be identified

• Recover – Begin planning for how the business, service or department will return to business as usual after the Serious Incident. 
• Communicate – Formulate a wider communications plan which should include all relevant stakeholders, consider including service users, customers, family members, local media etc.

Statements should be obtained from all relevant colleagues as soon as possible after an incident ideally within the first 48 hours and from service users and members of the public if required. The Investigating Manager may call an immediate response meeting where the competency or fitness to practice of any VHG colleague is called into question involving clinical, operational and HR representation to agree a fair and proportionate way forward. A written statement template is available on the intranet.

6.7 Investigating a Serious Incident

The Investigating Manager should work closely with the Incident Manager and ensure that audit trails and timelines are collated quickly and accurately. The Investigating Manager, in liaison with relevant senior managers/directors will decide on the type of investigation to be undertaken:

Level	Application	Product / Outcome	Owner	Timescale for Completion
Level 1 Concise internal investigation	Suited to less complex incidents which can be managed by individuals or a small group at a local level	Concise/ compact investigation report which includes the essentials of a credible investigation	Provider organisation in which the incident occurred, providing principle of objectivity is upheld	Internal investigations of Serious Incidents, whether concise or comprehensive must be completed within 60 working days of the incident being reported to the relevant commissioner. All internal investigation should be supported by a clear investigation and management plan
Level 2 Comprehensive internal investigation	Suited to complex issues which should be managed by a multidisciplinary team involving experts. RASCI (responsible, accountable, supportive, consulted, and informed) roles and responsibilities are agreed and allocated). Report template available on the intranet.	Comprehensive investigation report including all elements of a credible investigation	Provider organisation in which the incident occurred, providing principles for objectivity are upheld.  Providers may wish to commission an independent investigation or involve independent members as part of the investigation team to add a  level of external scrutiny/objectivity
Level 3 Independent investigation (usually external)	Required where the integrity of the investigation is likely to be challenged or where it will be difficult for an organisation to conduct an objective investigation internally due to the size of organisation or the capacity / capability of the available individuals and / or number of organisations involved	Comprehensive investigation report including all elements of a credible investigation	The investigator and all members of the investigation team must be independent of the provider. To fulfil independency the investigation must be commissioned and undertaken entirely independently of the organisation whose actions and processes are being investigated.	6 months from the date the investigation is commissioned

Part of the Investigating Manager’s report will include an assessment of the risk associated with the incident both at the time and following remedial action. The below table is a guide as to how this is assigned a numerical value: 

Guidance for undertaking an internal investigation is available on the company Intranet and advice can be sought from the GQRC and the senior Governance Team. 

Following the internal investigation, a written Root Cause Analysis (RCA) report will be prepared using Root Cause Analysis methodology (template available on the intranet). If a serious incident is likely to give rise to a legal claim against the organisation, advice may be sought from the company or professional indemnity solicitors, and / or the relevant professional body (CSP/HCPC/NMC/BABCP/BACP). Professional indemnity insurers must be notified. 

An investigation into a serious incident is entirely separate from the organisations Disciplinary Procedures. However, if matters come to light during an internal investigation which necessitate disciplinary action in respect of a member(s) of colleague, then these matters will be dealt with separately under the organisation’s Disciplinary Procedures.

6.8 Learning from Serious Incidents

The primary goal of a SI investigation should be learning from our mistakes to improve our services and prevent future recurrences.

Learning from incidents should be widely shared with colleagues and within their team involved via a variety of different methods: 

• Circulation of the final approved anonymised investigation report for shared learning 
• Team meetings 
• Clinical supervision / one-to-ones / reflective practice 
• Learning from Incidents meetings.

Learning across the organisation is also important and should be undertaken through a variety of methods: 

• Internal publications 
• Governance, Quality and Risk Groups and Committee meetings 
• Internal alerts or learning notes
• Anonymised case studies / reviews

All Serious Incident investigations should be reviewed by the GQRC in a timely manner but no later than three months after the incident was initially reported. The GQRC will capture this as part of the RCA actions log for shared learning. 

7. Mental Capacity 

This policy will operate within VHG’s framework for mental capacity.

8. Training 

This policy will be covered as part of induction processes and available via the intranet for all VHG colleagues’ reference. 

Additional training may be required in conjunction with incident reporting, incident trigger lists and risk management.

9. Implementation 

There is no additional financial impact resultant from the review and update to this policy. All colleagues will be made aware of updates regarding the introduction and/or amendment to this policy through: 

• GQRC summary sent to all colleagues by email 
• Inclusion on Yammer in ‘all company’ area 
• Inclusion on the intranet which can be accessed by all colleagues 

10. Monitoring and Audit 

The Head of Governance has overall responsibility for ensuring the annual audit of this policy. Any gaps in compliance will be reported to the GQRC.

11. References 

• NHS Serious Incident Framework
• NHS Never Events Policy and Framework
• CQC – Learning from Serious Incidents in NHS Acute Hospitals
• DOH – An Organisation with a Memory

12. Appendices 

12.1 Appendix A 

A Serious Incident may include:

Acts and/or omissions

Acts and/or omissions occurring as part of healthcare (including in the community) that result in: 

• Unexpected or avoidable death of one or more people. This includes - suicide/self-inflicted death; and - homicide by a person in receipt of mental health care within the recent past.
• Unexpected or avoidable injury to one or more people that has resulted in serious harm
• Unexpected or avoidable injury to one or more people that requires further treatment by a healthcare professional to prevent the death of the service user or serious harm

Actual or alleged abuse

Actual or alleged abuse including

10.  Sexual abuse
11. Physical abuse
12. Psychological ill treatment
13. Acts of omission which constitute neglect
14. Exploitation
15. Financial or material abuse
16. Discriminative and organisational abuse
17. Self- neglect
18. Domestic abuse
19. Human trafficking and modern-day slavery 

Where: 

• Healthcare did not take appropriate action / intervention to safeguard against such abuse occurring 
• Where abuse occurred during the provision of healthcare 
• This includes abuse that resulted in (or was identified through) a Serious Case Review (SCR), Safeguarding Adult Review (SAR), Safeguarding Adult Enquiry or other externally led investigation, where delivery of healthcare caused / contributed towards the incident 

Never events

A Never Event - all Never Events are defined as serious incidents although not all Never Events necessarily result in serious harm or death. 

Incident impacting quality of service

An incident (or series of incidents) that prevents, or threatens to prevent, an organisation’s ability to continue to deliver an acceptable quality of healthcare services, including (but not limited to) the following: 

• Failures in the security, integrity, accuracy, or availability of information often described as data loss and / or information governance related issues
• Property damage
• Security breach / concern
• Incidents in population-wide healthcare activities like screening and immunisation programmes where the potential for harm may extend to a large population
• Inappropriate enforcement / care under the Mental Health Act (1983) and the Mental Capacity Act (2005) including Mental Capacity Act, Deprivation of Liberty Safeguards (MCA DoLS)
• Systematic failure to provide an acceptable standard of safe care (this may include incidents, or series of incidents, which necessitate closure or suspension of services)
• Activation of Major Incident Plan (by customer, commissioner, or relevant agency) 
• Major loss of confidence in the service, including prolonged adverse media coverage or public concern about the quality of healthcare or our organisation 

Incident leading to harm / potential harm

An incident involving unexpected potential or actual harm or injury to service users, colleagues, or visitors (including contractors). This will include near misses and death following such an incident. The following examples should be considered when determining whether an incident is serious: 

• Where there is suspicion that a service user was potentially at risk of serious harm, safeguarding or otherwise as the result of possible negligence or error by a VHG colleague or service
• Where there is suspicion that a service user may have suffered injury as the result of a deliberate act by VHG colleagues, another service user or member of the public
• Where there is suspicion that a service user may have suffered serious harm as the result of inadequate procedures, policies or processes or human factors if these were not followed correctly
• Where there is suspicion of serious harm to a service user, VHG colleagues, or member of the public, resulting from faulty equipment, medicines, medical devices, or unsafe environment
• Where a service user or a VHG colleague attempts serious harm to themselves on organisation premises
• Where a member of the public is seriously injured by a service user or recent service user of the organisation 
• Where there have been violent attacks or serious injury or death of a VHG colleague or contractor 
• A fire, where damage has occurred and where service users and colleagues have been put at risk and / or the circumstances are suspicious 
• Where incidents involve infectious diseases, which cause profound difficulties for colleagues and / service users 
• Where an incident poses or may pose a significant threat to public health and / or safety including microbiological and chemical contamination incidents or releases into the environment
• Where an incident is likely to lead to public concern and / or significant media attention
• Theft of computers, laptops or palmtop computers that contain service user sensitive material
• Suspension of clinical or managerial colleagues in highly unusual circumstances 
• Any other serious incident which is not included in any of the above categories

This is not an exhaustive list; it highlights the key areas which would warrant the reporting of an incident within the organisation. 

12.2 Appendix B

EMT Escalation Process

Clinical or Safeguarding issues out of hours will be managed by the Duty Team. If an issue is Business Critical (or if a Clinical or Safeguarding issue includes a Business-Critical element the EMT Escalation process should be followed. An EMT Escalation Schedule is published on the intranet providing the name and contact details of the EMT member nominated to cover that month if the issue occurs Out of Hours. 

Business Critical Examples (this is not an exhaustive list):

1. Where a local or national BCP is invoked
2. Where there is suspicion that a service user or member of the public may have suffered injury as the result of a deliberate act by a VHG colleague or corporate customer
3. Where a service user or a VHG colleague attempts serious harm to themselves on organisation premises
4. Where a member of the public is seriously injured by a service user or recent service user of the organisation
5. Where there have been violent attacks or serious injury or death of a VHG colleague or contractor
6. A fire, where damage has occurred and where service users and VHG colleagues have been put at risk and/or the circumstances are suspicious
7. Where incidents involve communicable (infectious diseases), which could cause profound illness, difficulties, or long-term effects
8. Where an incident poses or may pose a significant threat to public health and / or safety including microbiological and chemical contamination incidents or releases into the environment (if unsure please notify)
9. Where an incident is likely to lead to public concern and / or significant media attention (if unsure please notify)
10. Thefts of computers, laptops or palmtop computers that contain service user sensitive material

Flow diagram for escalation of Potential Business Critical Issues both in Office Hours and Out of Hours can be found below:

13. End