Every small business should have a plan that prepares for the unexpected. Fires, floods, storms, cyber-attacks, pandemics and other disruptions present significant challenges for businesses and present tests to their resilience.
Business continuity planning is essential for growing and sustaining a good business. When thinking about your business continuity, consider that it won’t just be about the immediate damage but the flow-on impact of dealing with longer-term effects and repercussions.
A Business Continuity Plan should outline strategies for keeping your business operational despite emergencies such as extreme weather events, illness, power outages, pandemics, cyber-attacks, and other crimes.
To determine risks that could impact your pharmacy, it helps to perform a risk assessment. This can be as simple as creating a list of scenarios that are likely based on your local area, past disasters, and other common threats. To assist with the process, we have created a list of some critical risks we have identified for our customers:
Business Risk description
Actions that could be taken to manage the risk
Risk to building, e.g., fire, flooding
Compliance with fire & building regulations
Smoke alarms, sprinklers.
Ensure all systems have anti-virus, firewalls, strong passwords, whitelisting, and access control
Have an onsite and offsite backup
Network and data encryption
Document incident response procedure which will be triggered in the event of loss or a suspected attack
Machinery failure -Robot, Webster Pak
Follow recommended servicing and maintenance schedules
Keep stock of parts
Have a contract with emergency 24/7 repair services
Train employees on safe use, maintenance, and basic repair
Identify natural hazards
Measure vulnerability to natural hazards
Connect to early warning systems if required
Use forecasts to measure the proximity of risk, e.g., use weather forecast
Create plans for responding to natural disasters
Insure against losses where possible
Technology breakdown, e.g., dispense master/server failure
Build in redundancy and data backups
Implement Cloud backup
Have UPS, power, and hardware spares
Invest in monitoring and early warning systems
Theft – of pharmacy goods, restricted medications
Invest in security hardware and personnel
Invest in cyber security, encryption, VPN etc.
Retail style alarms on products
Strict access control, badges, scanners, search etc.
Flow on Effects
The other point to consider is that some disasters can impact more than a single risk area. For example, flooding in your pharmacy will destroy your pharmacy computers, and you will lose your patient data and their historical records. As highlighted at the beginning of this article, this will cause flow-on effects, requiring you to collect data from your customers again.
Templates for Your BCP
Once you have identified the key risks, you should use them to create a business continuity plan. We recommend leveraging the resources provided by the state or national government as they provide a good starting point in the form of a template such as this one from Business.gov.au or this one from the Small Business Commissioner.
The Criticality of IT Systems and Pharmacy Data
In most disaster scenarios, your pharmacy data and IT systems will be vital to getting back up and running. Corum recommends that you ensure a detailed plan for your IT systems:
• How to get new or replacement computers.
• Ensure you have a documented and tested the process for restoring from backup.
• Plan with your dispense vendor the process for getting your dispensing up and running, including printing and scanning.
• Your passwords, certificate passphrases and other key login information should be stored in a password manager that keeps the information securely in the cloud. Remember that your systems need to have NASH PKI certificates installed to access services such as PRODA and PBS online claiming. If you have lost them, or don’t know the passphrase, your recovery efforts will be further delayed while you wait for replacement certificates and passphrases from Services Australia.
If you are worried about the security of your pharmacy systems and want to know you implement strong backup in your pharmacy and protect yourself from ransomware, speak to your Corum Customer Success Manager or contact us on 1300 669 865.