Nick Hawkins, Managing Director EMEA at Everbridge, discusses the transformative role of a crisis communications platform in legal risk management – reducing the risk of prosecution, regulatory action and reputational damage.
Organisations must adhere to a number of strict compliance and legal regulations, such as ISO and FCA standards, the Data Protection Act 1998, an obligation to protect the mobile workforce and secure IT services. If these are not met, businesses risk prosecution and damage to their reputation. An efficient business continuity plan can improve crises communication and management – both of which are vital to ensure regulations do not falter.
Regardless of whether a crisis is an IToutage, infrastructure failure, fire or terror attack, a lapse in communication can threaten a business’s ability to remain compliant. A critical communications platform such as Everbridge can be used to limit damage and ensure the message is delivered to the right person at the right time – under any circumstances.
Critical communications platforms enable organisations to respond to crises quicker, deploy resources more effectively, and engage in two-way communication with key stakeholders. By having such a powerful tool at their disposal, organisations can satisfy regulators that the relevant risk management precautions have been taken.
Power ofcloud based, multi-modal crisis communication
No single delivery path is ever 100% reliable, 100% of the time.Compliance professionals should seek a crisis communications platform that facilitates multi-modal notifications – utilising every available contact path to communicate until delivery is acknowledged. The most advanced platforms can communicate via more than 100 different contact paths such as SMS messaging; emails; VOIP calls; voice-to-text alerts; app notifications and many more.
Cloud-based communications platforms operate independently of a company’s internal network and offer businesses an alternative communication solution in an emergency. This is extremely useful in the event of a cyber-attack that compromises an internal network. By implementing the latest communications technology, an organisation can minimise its IT downtime and ensure business operations and revenues face minimal disruption.
Getting the right response
The first hurdle is communicating with employees when a crisis takes hold, the second is receiving quantifiable responses. Businesses should seek a solution that offers a two-way polling feature to enable the relevant personnel to quickly respond and inform the company as to their current status and whether they are able to provide assistance. Being able to send company-wide notifications and receive responses in real time means businesses can rapidly gain visibility of an incident and react more efficiently to an unfolding emergency. This ensures compliance and regulations are maintained.
This is particularly helpful for NHS and private health care providers who, under legislation enforced by the Care Quality Commission (CQC), have a duty of care to patients. As the regulator for healthcare in England, the CQC requires all providers to have risk management measures in place to ensure high standards of patient care. If a hospital falls below these standards and patient care is affected, the NHS Trust faces possible fines and repercussions.
Technology in action: Healthcare
Many NHS services use critical communications platforms, including Guy’s & St Thomas’ NHS Trust in London and the South Western Ambulance Service NHS Trust which covers a fifth of England. In an emergency situation, the priority for emergency planning teams is to reduce additional chaos by mobilising resources as quickly and efficiently as possible.
For example,South Western Ambulance Service NHS Trust uses Everbridge – the critical communications platform -when the number of inbound casualties to A&E exceeds the normal amount. The emergency team releases a critical notification to locate its staff and instruct them on where assistance is needed. Junior doctors for example will be needed on wards rather than A&E, discharging patients wherever possible so beds are available to effectively deal with the incident.
The two-way polling functionality that crisis communications platforms can offer is crucial. Without it there is no way of telling who has received the notification, who is on-site, who is available, or who is out of the area. Recipients can quickly respond to identify themselves as ‘on-site and available’ or recall themselves to duty.
As a result hospital management has a clear overview of an incident, can deploy medical resources more effectively and ensure the level of patient care remains unaffected. In doing so, it is able to meet CQC regulatory requirements.
Technology in action: Financial
The UK’s financial industry is governed by the Financial Services Authority (FSA). Ever since the financial crisis of 2008, there has been a significant tightening of regulations. As a result, investing in technology to help adhere to these new rules is a priority. CLS, the largest multicurrency cash settlement system in the foreign exchange (FX) market, has recently implemented critical communications technology.
For financial institutions, there are two main areas of concern: disaster recovery in the event of IT downtime and the secure sharing of data and information.
In the event of an outage or cyber-attack, financial organisations need to make IT staff aware of the incident as quickly as possible. The faster they can identify and fix the problem, the lower the impact on company productivity and revenue. Similarly, customer support teams and marketing departments need to understand the extent of the issue and next steps. Customer service teams require direction with regards to messaging and managing an influx of customer complaints and marketing departments should proactively communicate the status of the crisis via the company’s website and social media pages.
By sending notifications en masse to staff, reputation can be maintained and customer hysteria can be stemmed. It also ensures that incidents can be escalated up the command chain depending on their severity. Take TalkTalk for example, its prolonged cyber-attack in October 2015 cost the company £60 million, resulted in the loss of 95,000 customers and did irreparable damage to its reputation.
Financial institutions are also under strict regulation when it comes to the protection of confidential data, such as: mortgage details, bank account numbers and credit card information. Regulation requires banks to retain all transaction data for seven years which means they need to have a secure and reliable method of sharing this information.The most effective communications platforms have in-built applications designed for secure messaging and meet the standards enforced by regulatory bodies.
As regulations change, organisations across all industries need to ensure they adhere to the new rules or risk legal consequences. Proactively investing in critical communications technology means organisations can safe-guard themselves against future regulation changes and ensures they have the most effective business continuity tools in place to handle disruptive incidents.