A number of “new risks” have recently been considered as possible additions to the HSE corporate risk register (CRR), including vaccine roll-out, a “second pandemic”, data protection, and climate change. The updated risk register, approved by the HSE board at its December meeting, noted 26 risks. The majority were influenced by the Covid-19 pandemic.
The risk register was discussed by the HSE audit and risk committee at its meeting on 11 December. None of the ‘new risks’ discussed were subsequently added to the updated CRR approved by the HSE board later in the month.
According to minutes of the audit and risk committee meeting, seen by this newspaper following a Freedom of Information request, “new risks for consideration” for the risk register included “vaccine roll-out” and a “second pandemic risk”.
Regarding a “second pandemic”, it was noted that “this risk has been raised by the board and committees on a number of occasions. While there are a number of Covid risks on the CRR, this is a separate and independent risk in terms of probability (eg, emergence of a second pandemic of a different origin).”
The committee also discussed “data protection” as a potential addition, “including data retention risks with sensitive personal data, and risks related to contractual relationships with Genomics Ireland, for example.” According to minutes, “this class of risks are coming to the fore in recent times”.
The issues of “sustainability and climate change” were also referenced, with minutes noting that the HSE “should consider a plan to identify and address risks in this area”.