In health care, the term “never event” refers to mistakes that should never occur. There are official lists of never events, and frankly looking at them is depressing: surgery on the wrong patient, for example.
I’d like to build a list of Information Technology never events. Will you help me?
My thinking is that these IT never events should have a significant impact and should be due to negligence. Here’s what I have so far:
1. IT data breach resulting in legal liability
2. IT failure of any kind that leads to death or injury
3. IT service disruptions that threaten to bankrupt the institution
Think Knight Capital Partners, which lost $440 million due to a high-frequency trading error.
4. IT loss of core business data
Think of the impact were a school to lose its list of degrees granted, or the grades issued for a semester.
5. IT service failure due to inadequate capacity
Think for example of the Health Care web site roll-out last fall.
6. Lack of actionable IT service continuity plan in the face of disaster
If a disaster strikes, IT should already have an actionable plan in place to mitigate the disaster’s impact on the institution.
This list is only a start, though. Leave a comment or contact us so we can make this list more thorough!