Summary
Hazard identification is undertaken using a Structured ‘What If’ (SWIFT) method which assesses the potential failure modes of each core component. The Initial Risk Rating (IRR) associated with each identified hazard is assessed considering any existing controls, followed by a Residual Risk Rating (RRR) with any additional risk controls.
Document information and downloads
- Document Contents
- Download Link
- File Details
- Hazard summary/ Index
- Hazard assessment criteria
- H1 - ADVERSE NETWORK PERFORMANCE
- H2 - NHSMAIL O365 SHARED TENANT DOWNTIME
- H3 - AUDIO & VIDEO CONSULTATION SERVICE/TEAMS PHONE SYSTEM IS UNAVAILABLE
- H4 - UNABLE TO SEND OR RECEIVE EMAILS/ATTACHMENTS
- H5 - PATIENT CONFIDENTIAL DATA IS INADEQUATELY PROTECTED
- H6 - UNABLE TO ACCESS ENCRYPTED/PROTECTED EMAILS/FILES
- H7 - UNABLE TO LOGIN TO ACCOUNT
- H8 - UNABLE TO ACCESS SHARED MAILBOX
- H9 - GUESTS/EXTERNAL USERS UNABLE TO ACCESS SHARED CONTENT/RESOURCES
- H10 - ADMINISTRATOR IS UNABLE TO ACCESS THE NHSMAIL PORTAL
- H11 - USER/SHARED MAILBOX IS NOT ROUTINELY MONITORED
- H12 - PATIENT HEALTH RECORD IS NOT UPDATED FOLLOWING RECEIPT OF CLINICAL INFORMATION
- H13 - EMAIL HYGIENE PROCESSES QUARANTINES AND/OR DELETES EMAIL
- H14 - NHSMAIL DIRECTORY DETAILS ARE INCORRECT OR MISSING
- H15 - CALENDAR SCHEDULE IS NOT MAINTAINED
- H16 - MIGRATION FAILURE
- H17 - UNABLE TO ACCESS FEDERATED APPLICATION(S)
- H18 - APPOINTMENT SCHEDULER IS UNAVAILABLE
- H19 - APPOINTMENT NOT RECEIVED OR CONFIRMED
- H20 - UNABLE TO ACCESS MICROSOFT O365/AZURE APPLICATION(S)
File type | Adobe Acrobat Portable Document Format (.pdf) |
File size | 986.1 KB |
Last Reviewed Date | 28/02/2023 |